BR092 - Nostr Wallet Connect, DeepSeek, AI Coding, Sparrow, Bitcoin Keeper, Maple AI, Calculating Tx Sizes + MORE ft. Future Paul
I’m joined by guest Future Paul to go through the list.
Housekeeping
New Coldcard Q tutorial by Loïc Morel on Plan B Network: Getting Started with COLDCARD Q
We are still looking for bitcoin builders to come on the show!
Unleashed.Chat Update - Deepseek R1 32B
Users can now access the DeepSeek R1 32B model on Unleashed.chat, all data remaining stored locally in the user’s browser.
Future updates aim to integrate it as a DVM, API, and enhance its ability to search Nostr and the web while improving speed.
Talk about NWC and Olas/Primal
Urgent Vulnerability Disclosures
Replacement Cycling Attacks on Bitcoin Miners Block Templates [Antoine Riard’s Disclosure]
A variant of replacement cycling attacks allows adversarial miners to censor transactions in block templates, manipulating the Bitcoin fee distribution. This attack, tested on Bitcoin Core 26.0 and 29.0, exploits mempool mechanisms to gain an economic advantage over honest miners.
The attack leverages non-UTXO transaction traffic and mempool policies like replace-by-fee to reorder transactions in block templates.
Bitcoin
Software Releases & Project Updates
Sparrow Wallet
Indicate historical rates support in Exchange Source drop-down on General Settings
Prefill the derivation to the default path for the chosen script type on watch only keystores
Add local network usage description in Info.plist for macOS 15
Support Coldcard P2TR address display over USB (Edge firmware only)
Set the script type selection import button as the default button after BIP39 wallet discovery returns empty
Use Lark for USB hardware wallet communication (replaces HWI)
Store and send multisig wallet registrations on Ledger devices to avoid re-registration
Perform native pairing with the BitBox02 to avoid reliance on a previous external pairing configuration
Support Jade Plus over USB
Restore any adjusted table column widths and sort preferences on wallet load
Support loading PSBTv2 files
Skip labelled addresses when retrieving an unused address from the Receive tab, and the Send tab pay to wallet selection
Always select a new address when sending multiple payments to the same open wallet
Allow camera image mirroring to be changed from scanned image context menu and the application View menu
Only show CPFP rate if child fee increases effective fee rate
Add option to Bitcoin Core and Private Electrum server selection to scan a URL from a QR code
Allow server URLs to be pasted into the server settings Host fields
Enable Electrum RPC batching on mempool-electrs servers
Add blackie.c3-soft.com testnet4 Public Electrum servers
Add mempool.space exchange rate source
Retrieve fee rates from configured source on non-mainnet networks where available
Switch from paynym.is to paynym.rs and Tor equivalents
Update child wallet labels to available paynyms on displaying the Paynym dialog
Set transaction tab label to transaction label on opening transaction if available
Show input label in the input tooltip on the transaction diagram if present
Truncate labels in table columns to max persistable label length and notify the user via a tooltip
Disable broadcast progress bar if disconnected, and re-enable if connected again
Remove payjoin v1 verification step to check there is no previous UTXO information in the PSBT as per BIP78 change
Exclude Taproot wallets and Jade, Tapsigner and Satochip HWWs from requiring the non witness tx field in PSBTs
Improve socket address resolution handling when using a proxy
Improve keystore import panel spacing in Linux
Add Specter DIY multisig option to wallet import menu
Replace forward slash with underscore in file names when saving PSBTs
Improve Jade QR keystore import descriptions
And many more
BDK v1.1.0
In this release of bdk_wallet v1.1.0 the tx builder is updated to use transaction version 2 by default, and support for wallets using testnet4 is now live.
This release also includes important updates to bdk_electrum which has a new MSRV of 1.75.0 to stay current with the latest security fixes, bdk_bitcoind_rpc introduces a new compact block filter module, as well as various bug fixes and improvements.
Bitcoin Keeper
Mobile v2.0.1
Fresh new design across the app
Support Enhanced Vaults with Inheritance Key for BitBox02, Coldcard, Jade, and Ledger
In app concierge support system
Onboarding calls for Diamond Hands subscribers
Coldcard Q QR support
Desktop v0.2.0
Add support for Miniscript with Bitbox02, ColdCard, Jade, and Ledger
Add support for BitBox02 pairing code
Wasabi Wallet v2.5.0
Fee rate estimations and exchange rate providers are now configurable
Quality of Life Features: address old bugs and feature requests
Backend and Coordinator packaged for Linux: The Debian package now includes two extra binaries: one for the backend (Wallet API) and one for the coordinator (Coinjoin API).
Blockstream
Green QT
Green iOS / Android
Liquid network: enabled discount fees
Create support requests from the app
Electrs v0.10.9
Allow concurrent DB background operations for SSDs
Update bitcoin_slices to 0.10.0
Nunchuk Android v1.9.62
Support android 15
Umbrel v1.4.0-beta.1
umbrelOS 1.4 Beta 1 introduces Files, a new file manager that turns your Umbrel into a full-blown home cloud, along with Korean language support and various bug fixes.
Create, upload, and organize files and documents.
Share folders over your local network, and easily add them as network drives on macOS, Windows, iOS, or Android.
Set up a shared folder as a Time Machine backup location on macOS
Preview all your photos, videos, PDFs, and audio files
Access app data folders
External (USB) storage support for Umbrel Home arriving in umbrelOS 1.4 Beta 2.
Bisq v1.9.19
Produce exclusively low-R signatures from wallet keys
“Transfer Same Bank” & “Transfer Specific Banks” match case-insentitivity
Create payment method “Faster Payments System (SBP)” for Russian Ruble
New option in
PhoneNumberValidatorto enforce exact number of digitsAdd 500+ string translations to Russian language file
Implement
BitcoinCoreSeedListDiscoverymethodgetoffers (api): Return all offers by default
Add
suddenwhipvapormediator instance onionImprove resync handling
Add missing snapshot creation in full DAO mode
Bisq2 v2.1.5
A bug has been discovered in that release. Please do not install it and wait until a new version is available.
Security update: To enhance security for buyers, sellers must have sufficient reputation to secure a trade for the specified amount.
New features:
The new Profile Card comes with many features. Find the user profile details, trade terms, reputation, offers created and the public messages posted by clicking on the profile icon or profile name anywhere in the app.
To improve on privacy, sensitive trade data will be automatically deleted after a certain period of time
See trade details in the trade process window by clicking on the “Show details” button
Zaprite v2025-02-03
Add: New BTCPay integration, allowing users to accept bitcoin and lightning payments alongside fiat using self-hosted infrastructure.
Update:
Transactions CSV: Add a new Customer Note column to our Transactions CSV export
Square ACH: Update Square ACH payment flow to adhere to new requirements from Square
Remove: Transaction Canceled: Temporarily disabled the Transaction Canceled notification emails until we can resolve their over-sensitivity.
Mempal
Bitcoin Safe
BTC Map v0.9.2
Add merchant boosts
Add comments screen
Speed up element search within an area
Show user location marker
Show more info on deleted elements
Add Polish and Brazilian translation
Allow users to post merchant comments
ESP Miner v2.6.0b2
Is SPIRAM Available?
Keep old pool config synchronized until reboot
Add support for extranonce2_len<4
SSID WiFi lookup
Project spotlight
cbip32: A fast, secure, low-dependency C implementation of BIP32 [Github]
The library depends only on libsecp256k1 and libsodium, for minimal dependency.
Extensive testing includes cross-implementation fuzz testing against python-bip32 and verystable.
StackStates: A map of the United States that shows legislation of official Bitcoin adoption [Github]
Instamouse bitcoin: A full Bitcoin Core development environment accessible directly through a web browser
The environment includes pre-compiled Bitcoin Core software, with options to recompile if desired. Tools like Visual Studio Code and Qt Creator are pre-installed for development purposes.
The setup operates in regtest mode, with the Bitcoin configuration file located at ~/.bitcoin/bitcoin.conf. An autolaunch script is available and can be modified or deleted as needed.
Iris Wallet Desktop: RGB on Lightning from a simple interface [Github]
The wallet enables users to manage RGB assets, including issuance, spending, and receiving, within a familiar wallet application.
Releases its first experimental release with the v0.1.0
Explorer.timechainindex: An address and transaction explorer by Timechainindex, powered by Mempool.space API
Users can save the explorer’s webpages locally and run them from their own mempool instance by changing the “api_endpoint” to their local mempool directory.
txTree: A tool to explore UTXO connections
txTree is a tool that visualizes Bitcoin transactions by fetching and displaying transaction data in a tree structure
HurriCash: A multisig tool for collaborative bitcoin transactions [Github]
The platform guides users through an initial transaction to allocate necessary funds, followed by a coinjoin process to collectively fund the multisig wallet.
The Bitcoin Trail: A community-driven bitcoin-themed game in development
The Bitcoin Trail began as a fun, stacking-themed game concept. Players can fund new features by zapping sats, including custom tombstones, news events, sound effects, new characters, and game mechanics.
The game aims to evolve dynamically, with features like in-game stops, custom graphics, and even original music—all dependent on user contributions.
Bitcoin Laws: A dedicated platform that monitors legislative measures related to Bitcoin and digital assets across various jurisdictions.
CoinMarketCrap: A website that provides bitcoin & shitcoins market cap rankings, and more. [Github]
Vulnerability Disclosures
Researchers uncover two security flaws, FLOP and SLAP, in Apple’s A and M-series chips, enabling attackers to steal sensitive data through speculative execution attacks [ArsTechnica]
FLOP exploits the Load Value Predictor to access memory contents, while SLAP manipulates the Load Address Predictor to intercept JavaScript strings in Safari. Affected devices include iPhones (13–16 series), iPads, and Macs from 2021 onwards.
Researchers demonstrate that FLOP can steal saved credit card information from Square storefronts, while SLAP can recover email data from ProtonMail, Amazon purchase details, and Reddit comments. [Demo]
Cybersecurity firm Kaspersky identifies “SparkCat” malware in both Google Play and Apple’s App Store targeting cryptocurrency owners [CyberInsider]
SparkCat employs OCR technology to extract sensitive information, including cryptocurrency wallet passwords from users’ photos. Infected apps request access to photo galleries under the guise of chat support features.
A reported exploit is targeting users who access adult websites through their Phantom or Trust Wallet browser [Twitter post]
Users are advised to avoid viewing adult content using these wallet-integrated browsers to prevent potential security breaches and loss of funds.
Lazarus Group deploys electron-based malware to steal cryptocurrency data [Security Online]
The Lazarus Group embeds malware into an open-source project, Uniswap Sniper Bot, to target cryptocurrency advanced users. This attack follows similar strategies where they exploited Python and Node.js repositories.
Coinbase users lose millions to social engineering scams amid security failures [ZachXBT Analysis]
Coinbase users have lost over $65 million between December 2024 and January 2025 due to social engineering scams. These scams involve attackers spoofing Coinbase phone numbers and emails to trick victims into transferring funds.
Singapore-based cryptocurrency exchange Phemex suffers $85 million hack, halts withdrawals [Security Week]
On January 23, 2025, the platform detected unusual activity in its hot wallets, leading to the theft of over $85 million in various cryptocurrencies.
Phemex is collaborating with third-party security firms and law enforcement agencies to investigate the breach and has announced plans to compensate affected users.
Peer-to-peer cryptocurrency trading platform NoOnes suffers $8 million exploit due to Solana bridge vulnerability [CryptoSlate]
The breach involved multiple small transactions, each under $7,000, across various networks, then subsequently funneled through Tornado Cash.
Bug in Solana-based wallet Solflare exposes 4,800 email addresses onchain, links them to more than 6,700 distinct wallets [Note by Jameson Lopp]
A bug in Solflare’s transaction signing process caused users’ email profiles to be sent onchain during a ‘claim’ event. This issue specifically affected users who used Solflare with Ledger hardware wallets.
WhatsApp reports Paragon Solutions’ spyware targeting journalists and civil society members [Reuters]
WhatsApp detects hacking attempts on approximately 90 users, including journalists and civil society members, by Israeli spyware company Paragon Solutions.
Despite Paragon’s claims of ethical practices and selling only to stable democratic governments, WhatsApp’s findings raise concerns about the commercial spyware industry’s impact.
Chinese AI startup Deepseek exposes over a million plaintext chat records, API keys, and internal logs due to unsecured ClickHouse databases. [Bleeping Computer]
Security firm Wiz discovers the vulnerability, noting that the publicly accessible databases allowed arbitrary SQL queries without authentication.
Five dollars wrench attacks:
Russian national released after being cleared of involvement in kidnapping in Indonesia [News Farahas]
The incident was made public in early February 2025, more than a month after the kidnapping occurred, when a Ukrainian national and his driver were ambushed in Bali, Indonesia. Four masked attackers, armed with weapons, forced them into a villa and stole cryptocurrency worth approximately ~$220,000. Authorities are still searching for eight other suspects.
Criminal gang jailed for kidnapping and extorting cryptocurrency from victim [Police report]
On 2 December 2023, police discovered a kidnapped man in an Irlam flat. He had been assaulted, tied up, and forced to transfer cryptocurrency under duress.
The investigation revealed the gang had targeted the victim multiple times, using violence, threats, and even drugging him to obtain cryptocurrency. They had extorted over £100,000 before the final kidnapping.
Three individuals are charged with kidnapping and assault over a failed cryptocurrency investment in Accra, Ghana [Graphic Online]
The alleged assault occurred on December 19, 2024, when the victim was handcuffed, beaten, and electrocuted at one of the assaillant’s office for about 13 hours.
The attack followed claims that the victim held $600,000 linked to a misappropriated $1.6 million investment. Police intelligence intervened after a tip-off.
Criminals steal cryptocurrencies after invading family’s home in São Paulo, Brazil [Livecoins]
A group of criminals broke into a home in São Paulo, held a family hostage, and stole their cryptocurrencies. The attackers stayed in contact with a third accomplice by phone.
The stolen amount is estimated at $16,000, and the criminals also took the victims’ cell phones. The Civil Police have launched an investigation but have not yet identified any suspects, nor how the criminals discovered the family’s holdings.
A 30-year-old entrepreneur active in cryptocurrencies is kidnapped near Troyes, France during a staged client meeting [JDD]
Four individuals, including a fake client, hold him hostage and demand a €20,000 ransom.
Australian billionaire Tim Heath fights off kidnappers at his luxury apartment in Tallinn, Estonia [DailyMail]
The attackers, reportedly disguised as painters, had planned to abduct him and take him to a remote location. Heath, a cryptocurrency gambling entrepreneur, was targeted just before his new casino’s grand opening.
Audience Questions
Why, when you sign a transaction on the COLDCARD, does it generate 2 files. A “signed” and a “final” transaction. What’s the difference between the 2?
P1: What’s the maximum number of outputs there can be for a bitcoin transaction?
Is there any way to estimate what the size that a transaction will be depending on it’s number of outputs? For example is a 1 input, 3 output tx 33% bigger than a 1 input, 2 output tx? Is it a linear calculation, or a curve?
Does using a passphrase offer any protection against a malicious hardware wallet? Or is it the same level as risk as just generating a regular seed?
Privacy & Other Related Bitcoin Projects
Software Releases & Project Updates
Maple AI by OpenSecret, is an end-to-end encrypted chat tool that enables private conversations with a general-purpose AI assistant, is now publicly available [Github] [Technical primer]
SimpleX v6.3.0-beta.2
Send mentions, mentions-only notification mode for groups
Support on-device message expiration per chat
Send reports to group moderators
Fast group deletion
To keep original filename private, use timestamp as video filename
Support connecting to SMP servers via port 443 (via Advanced network settings)
TailsOS v6.12
Prevent an attacker from monitoring Tor circuits:
In Tails 6.11 or earlier, an attacker who has already taken control of an application in Tails could then exploit vulnerabilities in Onion Circuits and our Tor Browser wrapper that might lead to deanonymization.
Prevent an attacker from changing the Persistent Storage settings
Reticulum MeshChat v1.20.0
Add ability to manage additional interface types and settings thanks to @RFnexus in #60
Add ability to double click lxmf.delivery nodes in network visualiser to launch conversation
Add ability to double click nomadnetwork.node nodes in network visualiser to launch page browser
Add ability to reload ports when adding or editing an interface
Add IFAC network name to interface info when enabled
NomadNet v0.6.0
Add ability to configure LXMF PN max_peers and static_peers
Update required RNS to 0.9.1 and LXMF to 0.6.1
Signal now allows users to transfer their message history and the last 45 days of media when linking a new Desktop or iPad device to their primary account [Announcement]
Signal bundles the user’s data into a compressed, encrypted archive, which is then sent to the new device through Signal’s servers.
VPN provider Mullvad updates payment method options and adds Lightning payment as experimental beta feature with a 10% discount [Payment portal]
Previously, a third-party service was available to top-up Mullvad accounts, or purchase vouchers, using Lightning.
Project spotlight
Carbonio: A self-hosted digital workplace solution [Github]
It features modern tools for email management, calendar coordination, video meetings, and collaborative document editing, designed for scalability and security.
The platform supports mobile access and provides businesses with a secure alternative to hyperscale cloud providers while offering robust file management and privacy controls.
Privacy browser android: An open-source browser designed to minimize data sent to the internet and stored on devices [Code repository]
By default, it disables privacy-sensitive features like JavaScript and cookies, allowing users to enable them as needed per site.
Currently utilizing Android’s built-in WebView, future versions plan to adopt a forked version called Privacy WebView.
Lightning + L2+
Project spotlight
Ark Wallet SDK: A TypeScript library for building Bitcoin wallets with support for both on-chain and off-chain transactions via Ark protocol. [Github]
The SDK offers JavaScript developers a secure, portable solution for implementing Bitcoin functionality without WebAssembly dependencies.
Vortex: A Raycast extension that lets you control you bitcoin lightning wallet directly from MacOS [Code repository]
The latest update introduces a Redeem command, allowing users to convert Cashu tokens into their Nostr Wallet Connect connected wallets.
Users can now withdraw satoshis from any LNURL-withdraw invoice into their connected wallets swiftly.
MNT: Cashu mint with admin dashboard [Github]
MNT introduces a new Cashu mint featuring an integrated admin dashboard.
The platform simplifies the management of ecash transactions by providing a user-friendly interface.
Paywally: A standalone web app with a lightning paywall powered by Cashu
The application fetches a 19-satoshi invoice from a specified Lightning Network address, creates a melt quote with this invoice, and upon payment, grants access to the protected content.
Mint Marketcap: A stats website that tries to guess how much money bitcoiners store on ecash mints [Github]
It queries each cashu mint for an invoice, extracts the public key, and retrieves associated data to approximate holdings.
Software Releases & Project Updates
Rust Lightning v0.1.1 - “Onchain Matters”
API Updates:
Re-Add a
ChannelManager::send_payment_with_routeAdd
RawBolt11Invoice::{to,from}_raw
Security: 0.1.1 fixes a denial-of-service vulnerability allowing channel counterparties to cause force-closure of unrelated channels.
Zeus v0.9.5
Embedded LND: Seed: allow export of ypriv/zpriv (export to external wallets like Sparrow)
CLNRest: add ability to use all funds for channel open
Activity list: performance improvements
Lurker mode improvements
Improve display of memos and keysend messages
Allow return key for password login
Automatically include routing hints if node has only unannounced channels
Wallets list: better highlighting of active mode
Enhance on-chain receive workflow and address type selection
Migration to new storage system
Alby
Alby Go v1.9.0
Real-time push notifications of sent and received payments
Support to pay 0-amount invoices
Update LN address flow to avoid confusion
Increase button touch area in header for ease of use
Lightning-browser-extension v3.11.0 - Pleiades over Half Dome
Separate card for just importing nostr key
Add sinhalese to language switcher
Add tamil and russian language to locale switcher
Show pending and failed transactions for NWC
Aqua Wallet v0.2.7
New Features:
Select from different price feeds
Set a passcode
Toggle between the Bitcoin Price, Total Account Balance, and hide account balance on the header
Send and receive Liquid USDt on 4 new chains
Add a button to clear inputs in address entry fields
Add new Share Logs features in settings to help debug errors
Integrations:
Add Changelly for USDt swaps in the US and Thailand
Add BTC Direct to buy Bitcoin in Europe
Add Money Badger support for Lightning payments at Pick n Pay
CDK v0.7.0
Token::to_raw_bytesserializes generic token to raw bytesToken::try_fromforVec<u8>constructs a generic token from raw bytesTokenV4::to_raw_bytes()serializes a TokenV4 to raw bytes following the specWallet::receive_rawwhich receives raw binary tokenscdk-mint-rpc: Mint management gRPC client and server
cdk-common: cdk specific types and traits
cashu: Core types and functions defined in NUTs
Cashu-ts v2.2.0
Move to vite for bundling (updated target + typescript, added standalone builds)
Add custom output data for consumers to take control over the output data used for proof creation
Use
sendOptiontype in function argument
Nutshell v0.16.5
This maintenance release contains various bug fixes for the mint and the wallet. Most notably, overpaid Lightning fees are now issued to the user at the next restart of the mint in cases where the mint has crashed or turned off while an outgoing Lightning payment was still pending.
Add restart policy for Redis Docker container
Issue NUT-08 overpaid Lightning fees for melt quote checks on startup
Clams Remote v2.6.0
Add TipModal component to settings screen
Plan B Network [January update]
Brand-new student dashboard
Add course conclusion pages
Expand resources section
Announce future search portal
Plan B Network launches Plan ₿ Labs - Lightning, a biweekly live session focusing on the Lightning Network’s developments and technical intricacies [Announcement]
Nostr
Project spotlight
Roz: A notary for nostr events [Github]
Roz is a proof-of-concept notary for nostr events, providing timestamp verification for event authenticity.
Vertex: A fast, reliable and open source Web of Trust DVM service based on the Personalized Pagerank algorithm [Github]
The service features a custom-designed data structure for rapid access to Pagerank and Personalized Pagerank within nostr, with all responses cryptographically signed by Vertex’s key.
Lockbox: A Nostr relay that accepts notes that should only be read by people you follow [Code repository]
Lockbox allows users to publish notes visible only to those they follow, using specific nostr protocols like NIP-70 and NIP-42
Notes can be shared from any client, but require the inclusion of a “-“ tag and support for authentication.
nostrdb-mcp: A Model Context Protocol server for nostrdb [Github]
nostrdb-mcp enables LLMs to interact with the nostrdb command-line tool for local queries. The server uses your Notedeck directory by default, allowing it to search your notes.
Freeflow: A TikTok clone in Flutter and Nostr [Github]
Users willing to post content can use zap.stream or olas to create shorts.
Pinja: A decentralized social media using the Nostr protocol
The platform offers features such as messaging, notifications, and search functionality.
BitVid: A decentralized platform where users can share videos and follow creators with privacy and freedom [Github]
The platform employs WebTorrent for peer-to-peer video streaming and Nostr for secure, password-free user authentication
Crawler: A nostr crawler that generates random walks used for computing monte-carlo pagerank and personalized pagerank [Github]
Vertex-lab’s crawler continuously scans the nostr network, focusing on follow lists (kind3s), to maintain an updated database.
Software Releases & Project Updates
rust-nostr v0.39.0
Add NIP96 support
Add NIP22 helpers
Adjust NIP01
Add
try_connectandwait_for_connectionmethods for better connection handlingAdd support for custom WebSocket clients (both in Rust, Python, Kotlin and Swift)
New JVM bindings
Huge reduction of UniFFI bindings binaries size
Primal v2.1.4
This update implemented the following:
Primal Wallet NWC
Primal Legend cards
Legends & Primal OG Leaderboards
Updated Legends Settings with leaderboard toggle and shoutout edits
Deep links for primal.net notes
Spotify and Tidal link previews
Embedded web player for YouTube, Spotify and Tidal
Rendering referenced note zaps
Support for kind20 referenced events in feeds
Showing top zaps in all note feeds (incl. thread screen)
Clikcable zap links in Reactions screen & Wallet TX details
Olas Update
Multiple images per post
Pause videos when switching away from the video feed
Add Instagram-like filters
Improve Nostr-native wallet
Improve NWC reliability
Add setting to toggle between displaying posts squared or full-length
Damus
v1.12 App Store release
Render Gif and video files while composing posts
Add profile info text in stretchable banner with follow button
Paste Gif image similar to jpeg and png files
Launch of the Alpha version of Notedeck for all users, Damus’ multiplatform Nostr client [Announcement]
Futr v0.2.0
Comment support with threaded discussions (NIP-10)
Repost and quote repost functionality (NIP-18)
Improve post rendering and content display
Event deletion support (NIP-09)
Persistent LMDB-based storage for all data
LRU caching system for improved performance
Optimize timeline storage and retrieval
Better subscription handling and event processing
Improve relay connection stability with websocket ping/pong
Better relay discovery through NIP-65 (Inbox & Outbox Model)
Optimize subscription management
Enhance relay authentication
Reference post display
Comment threading and counts
Better notification handling for post updates
Consolidate LMDB operations
Improve subscription lifecycle management
Enhance tag parsing and handling
Optimize event caching and invalidation
Flotilla
Add calendar events
Make reply indicator nicer
Make share indicator nicer
Improve feed loading
Add reply to long-press menu
Replace nsec.app signup with njump.me
Add new messages button in rooms
Add media server settings
Add build hash to about page
Improve room and data loading
Drop support for legacy event kinds
Add support for back button navigation on android
Remove note to self page (still available via chat)
Improve chat conversation search
Change how reply UI works
Yakihonne
Yakihonne wallet name customization for newly created wallets
Option to toggle between collapsed or expanded notes in the feed for a personalized experience
Notification preferences can now be managed directly from the settings page
Quick access to your profile with the newly added profile button
Native poll rendering and voting functionality within notes
Nak Update
Nak wallet: Implement NIP-60 token receiving, sending and swapping
Nak curl: Wrap the actual curl command and add a NIP-98 header to it, allowing APIs calls with Nostr authorization
Nak mcp: Allow AIs to search people on Nostr, publish notes, mention people, read notes with built-in outbox model
Nak outbox: List NIP-65 relays for a given pubkey
Add option to pipe multiline JSON into ‘nak event’ or ‘nak req’
Narr v0.3.3
Setup amd64 and arm64 docker image builds
Increase article fetching limit to 300.
Njump.me Update
Add support for kind:20 photos
Keycast Update
Docker now actually builds properly
Simplify own domain setup
Simplify config via a single .env file
Add config for “allowed pubkeys”
Citrine v0.7.1
Add the restore follows button back
Show notification when backing up database
Listen for pokey broadcasts
nos.social v1.1.1
Add Lists view and two ways to navigate to it
Add view for editing a list’s title and description
Add List detail view
Add view for managing users in a list
Add ability to delete lists
Add analytics for feed source selection and lists
Amber
Add some details when signing a contact list
Refactor check for logged in account
After granting notification permissions show the notification
Add profile picture in the incoming requests screen when using a large screen device
Add more event kinds translations
Add a log with the bunker request response
Use the relay from the request to send the response when no app is found
Add missing logs for relay errors
Change listen for new connections button text and icons
Macadamia v0.2.1
This release is the first to be published to the App Store:
UI Improvements and project structure
Token V4 support, drop multi mint token redeem capability
Hide Mints instead of deleting
SwiftData thread safety & melt recoverability
Add Onboarding
KeyChat App v1.26.5
Add browser tab
Support nip07 to login websites
Fountain v1.1.14
Improve Nostr connect
Add ability to switch between NIP55 and nsec
Add the ability to seek while paused
Pokey v0.1.4-alpha
Features
Permanent and note notifications are now separated in 2 groups to be managed by Android settings
Number of connected relays now displays as part of the permanent notification
What’s Changed
Create a group for the service notification
Show connected relays
Haven
Algo Relay v0.1.4
Ranking any note type: support for NIP-20 & NIP-23
nos2x-fox v1.17.0
Unique unified prompt popup to avoid flooding windows
New kind description in prompt popup
Plebeian app launches the MVP of Plebeian.Market, its decentralized marketplace dedicated to goods and services tailored for the Bitcoin and Nostr communities [No BS Bitcoin]
After four years of development and multiple pivots, the Plebeian app has settled on NOSTR to demonstrate a proof of concept that is poised to disrupt traditional commerce.
Boosts
Thanks to everyone who streamed sats, and shoutout to our top boosters:
@Anonymous (2,100 sats) “Second best bitcoin show!”
@Anonymous (2,100 sats) “Created Bip85 seed for friend. Exported xpub to his bluewallet for deposits, and he recorded seed phrase. After listening to pod I freaked… SUCCESS!!! Seed words were good, on hardware wallet.”
@AVERAGE_GARY (100 sats) “🤝🫶🫂🤌🫡👏🔥🥳🙇🏻♂️”
Tech Tips of the Day
Link cleaner: An open-source progressive web app for removing tracking parameters from URLs [Github]
It works offline, can bulk process multiple links and integrate with device share menus.
Bitcoin Optech Newsletter
Highlights from recent Bitcoin Optech Newsletters
Channel force closure vulnerability in LDK
Zero-knowledge gossip for LN channel announcements
Discovery of previous research for finding optimal cluster linearization
Erlay update
Tradeoffs in LN ephemeral anchor scripts
Emulating OP_RAND
Discussion about lowering the minimum transaction relay feerate
Vulnerability in LDK claim processing
Replacement cycling attacks with miner exploitation
Updated stats on compact block reconstruction
Draft BIP for unspendable keys in descriptors
PSBTv2 integration testing
Correction about offchain DLCs
News & Noteworthy
Lightning + L2+
Tether announces the integration of USDT on bitcoin’s Lightning Network, utilizing the Taproot Assets protocol developed by Lightning Labs [Announcement]
With over 350 million users, Tether aims to enable instant, low-cost cross-border USDT transactions on Lightning.
Developers are encouraged to integrate USDT on Lightning by downloading the latest version of the litd suite, which combines necessary services into a single binary for an easy integration.
Core Lightning now offers bounties for open-source contributions on the CLN Build on L2 platform [Announcement]
Developers can browse issues, claim bounties, and contribute to CLN’s development.
Business & Finance
Blockstream launches Blockstream Asset Management and announces two Bitcoin-based investment funds: the Blockstream Income Fund and the Blockstream Alpha Fund, both set to open in Q1 2025. [Press release]
The Blockstream Income Fund aims to generate stable, predictable USD-based income by lending against Bitcoin collateral with conservative loan-to-value ratios.
The Blockstream Alpha Fund is designed to capitalize on Bitcoin’s ecosystem through diverse strategies, offering institutions and accredited investors exposure to Bitcoin’s growth potential.
Casa launches Casa Business, enabling companies to hold digital assets in a 3-key vault for self-custody [Blog post]
The platform offers team signing, allowing multiple key holders within a company to manage the treasury securely
Galoy launches Lana, a lending platform enabling banks to offer fiat loans secured by bitcoin collateral [Blog post]
Bitcoin-backed loans allow customers to access liquidity without selling assets, avoiding capital gains taxes.
European fintech company Bringin launches its debit card [Announcement]
The card integrates with Google Pay and Apple Pay via the Curve app, and enables tap-and-pay functionality at global merchants.
Trivago integrates with Travala, allowing users to book hotels using over 100 cryptocurrencies, including bitcoin [The Block]
Braiins Mining introduces Braiins Solo, a dedicated solo pool designed for miners who want to mine independently, to avoid diluting the hashrate of the original Braiins Mining pool.
Bitcoin financial services company River announces zero-fee status for U.S.-based open-source Bitcoin developers and non-profits funding such development [Announcement]
Rumble announces the development of Rumble Wallet, aiming to provide creators with a new way to transact using Bitcoin and Tether [CryptoSlate]
Rumble has also entered a cloud services agreement with the Government of El Salvador, providing cloud storage, computing, databases, load balancers, and Kubernetes integration.
FTX Recovery Trust to begin distributing funds to creditors in the convenience class (claims under $50,000) in February 2025 [Announcement]
Open House Group introduces bitcoin payments for property purchases in Japan [PR Newswire]
The company collaborates with Diamond Hands, Japan’s largest Lightning Network community, to explore applications in real estate.
Research areas include operating full nodes for businesses and utilizing the Lightning Network for IoT micropayments.
Digital Currency Group (DCG) launches Fortitude Mining, a wholly-owned subsidiary focusing on venture mining across various digital assets [Business Wire]
AI
Block introduces codename goose: An open-source, extensible AI agent that goes beyond code suggestions [Github]
Goose is compatible with a wide range of large language model providers, allowing users to choose and integrate their preferred model.
Funding
OpenSats announces the Ninth Wave of Bitcoin Grants, supporting four projects that enhance open-source innovation, privacy, and accessibility within the Bitcoin ecosystem: Kibo, El Tor, Nutstash, and rust-bitcoin.
The 256 Foundation raises a total of 3.146 BTC for open-source bitcoin mining during its Telehash fundraiser [Twitter post]
Supporters contributed hashrate to a self-hosted mining pool, which successfully solved block 881423 during the event.
Brink renews its financial support for all of its 8 Bitcoin Core engineers through 2025: @fanquake, @glozow, @hhebasto, @theStack, @dergoegge, @stphnvlstk, @fjahr and @marcofleon [Announcement]
HRF announces all 11 bounties of its Bitcoin Bounty Challenge have been claimed by developers [Announcement]
Spiral renews grant to Justin Moeller (@m1sterc001guy) for his work on Fedimint [Announcement]
Bitcoin association Einundzwanzig announces a 0.021 bitcoin donation to both Sparrow Wallet and Alby, and 0.1 bitcoin to the legal defense of the Samourai Wallet developers.
Breez secures $5 million to expand bitcoin payment integration [Blog post]
Taproot Wizards raises $30 million in a post-seed funding round to enhance OP_CAT [The Block]
Mining
Proto announces a long-term partnership with The 256 Foundation, donating 256,000 Intel BZM2 chips to support decentralized bitcoin mining initiatives [Announcement]
Braiins Mining open sources its BCB 100 bitcoin mining control board as a contribution to the open-source mining initiative led by the 256 Foundation [Announcement]
The BCB 100, designed for Bitmain S19 series and Mini Miner, is now available for public use and development.
Decentralization concerns grow as Bitcoin mining pools consolidate [Twitter post]
The Bitcoin mempool displays live centralized mining pools that share the same Stratum jobs, reflecting increased consolidation. These pools collectively account for over 35% of the total network hashrate.
Antpool leads the consolidation, while other major Chinese pools like F2Pool and ViaBTC—known to collaborate with Antpool—are not included in this count. This suggests that over 51% of the hashrate is controlled by a few entities.
Stolen identities lead to $1.9m bitcoin mining power theft in Malaysia [The Miner Mag]
Forty-five homeowners and business operators in Malaysia received power bills after tenants allegedly stole their identities to mine Bitcoin illegally.
Privacy
France bans crypto mixers to combat money laundering [Amendment N°COM-59]
The ban anticipates a similar European regulation effective from July 10, 2027. The French Senate’s legal commission adopted the amendment to address the alledgedly increasing use of mixers in laundering illicit funds.
DARPA to launch pre-crime anti-money laundering program [The Rage]
The Defense Advanced Research Projects Agency (DARPA) announces the Anticipatory and Adaptive Anti-Money Laundering (A3ML) program, aiming to develop algorithms that detect suspicious financial patterns to anticipate and prevent money laundering activities.
The objective of the program is to “eliminate global money laundering by replacing the current manual, reactive, and expensive analytic practices with agile, algorithmic methods”.
Swiss FinMa accused of overstepping authority in implementing new KYC rule [The Rage]
A leaked email reveals that Switzerland’s Financial Market Supervisory Authority (FINMA) instructed Self-Regulatory Organizations to enforce a monthly 1,000 CHF limit on no-KYC transactions for Virtual Asset Service Providers. Critics argue that FINMA overstepped its authority, as it is permitted to issue guidance but not direct instructions to SROs.
United Kingdom demands Apple to provide global backdoor access to encrypted data [The Washington Post]
The UK government has secretly ordered Apple to grant blanket access to users’ encrypted cloud backups under the Investigatory Powers Act. This unprecedented demand applies worldwide, forcing Apple to either compromise encryption or withdraw the service in the UK. Apple has refused to comment but is expected to challenge the order.
Digital rights group EFF urges dismissal of charges against Tornado Cash developer Roman Storm [CoinDesk]
The Electronic Frontier Foundation emphasizes that many privacy tools are dual-use, serving legitimate purposes but potentially misused by bad actors. They argue that holding developers liable for misuse of their open-source software threatens innovation and privacy rights.
Poland proposes changes to EU Chat Control, but concerns remain [Blog post]
Poland proposes making chat content searches voluntary instead of mandatory, aiming to protect encryption while still allowing surveillance.
The proposed ban on anonymous communication would require users to present an ID or facial verification to set up email or messaging accounts.
The EU’s Artificial Intelligence Act prohibits real-time remote biometric identification by law enforcement in public spaces, except under specific circumstances. [Reclaim The Net]
Exceptions include situations involving a present or foreseeable terrorist threat, allowing law enforcement to use such technology under certain conditions.
Critics argue that these exceptions effectively legalize biometric mass surveillance, as they provide legal avenues for its deployment.
The Reserve Bank of India teams up with fintech firms MobiKwik, Cred, and Yes Bank to pilot the digital rupee [Business Today]
The e₹ wallet app requires video verification and enforces daily limits of ₹50,000 ($577) and ₹10,000 ($115) per transaction. These platforms, with a combined user base of 180 million, will provide public access via the e₹ wallet app.
Google revises AI principles, removes pledge against weaponization [TechCrunch]
Google has updated its AI principles, removing previous commitments to avoid developing AI for weapons and surveillance. This change aligns Google with other tech companies like Meta and OpenAI, which permit certain military applications of their technologies.
Security
Tropic Square releases TROPIC01 RISC-V-based secure element samples for testing [Announcement]
TROPIC01 is an open and auditable secure element designed to safeguard hardware systems.
Protocol
Bitcoin Core #21590: Safegcd-based modular inverses in MuHash3072 [Merged]
Bitcoin Core #31397: p2p: track and use all potential peers for orphan resolution [Merged]
Bitcoin Core #31376: Miner: never create a template which exploits the timewarp bug [Merged]
LDK #3408: Add static invoice creation utils to
ChannelManager[Merged]BOLT #1110: Peer storage for nodes to distribute small encrypted blobs [Merged]
Eclair #2982: Add liquidity griefing protection for liquidity ads [Merged]
Eclair #2968: Send
channel_announcementfor splice transactions on public channels [Merged]NIP #1713: Add NIP-4A Event Onion Routing [Open]
NIP #1718: NIP-101 - Decentralized Trust System for Nostr [Open]
NIP #1728: Re-write NIP 89 to accommodate relays/dvms [Open]
Government & Political
Czech President Petr Pavel signs a bill exempting Bitcoin and other digital assets from capital gains tax if held for more than three years [CoinDesk]
Individual transactions up to CZK 100,000 (approximately $4,136) per year will not need to be reported to tax authorities
Czech National Bank Governor plans to propose investing up to 5% of the bank’s €140 billion reserves in bitcoin [CoinDesk]
The governor emphasizes that diversifying assets with bitcoin is beneficial, stating that the cryptocurrency’s value is likely to rise independently of U.S. President Donald Trump’s backing.
European Central Bank President Christine Lagarde dismisses the proposal, asserting that bitcoin will not be part of central bank reserves due to concerns over its liquidity, safety, and security. [Reuters]
Tornado Cash developer Alexey Pertsev released from prison to prepare appeal [CoinDesk]
In May 2024, Pertsev was sentenced to 64 months in prison for money laundering.
U.S. government argues money isn’t property to justify seizure [Reason]
The U.S. Department of Justice contends that confiscating $50,000 from small business doesn’t violate property rights, asserting that “money is not necessarily ‘property’ for constitutional purposes.”
The DOJ’s argument includes three points: the government creates money, so individuals can’t own it; the government can tax money, indicating lack of ownership; and the Constitution permits government spending for the “general welfare.”
El Salvador amends Bitcoin law following IMF agreement [Reuters]
On January 29, 2025, El Salvador’s Congress approved a bill to amend the nation’s bitcoin law, aligning with a $1.4 billion loan agreement made with the IMF in December 2024.
U.S. President Trump establishes working group on digital assets [Press release]
The group aims to develop a federal regulatory framework for digital assets, including stablecoins, and will evaluate establishing a national digital asset reserve.
Events
Bitcoin Renaissance: A pioneering thought leadership summit that marks a new chapter in the evolution of the Bitcoin ecosystem.
February 27-28, 2025 in Denver, U.S
Bitcoin Ski Summit: The Bitcoin Ski Summit is an immersive, invite-only gathering in the heart of the Tetons.
March 5-9, 2025 in Teton Village, U.S
Opt Out Conf: A Bitcoin only conference about Philosophy, Freedom, Economy, Open Source, Privacy, Individual Sovereignty, Nostr, Layer 2 and more!
March 29, 2025 in Buenos Aires, Argentina
Swiss Bitcoin Conference: Bitcoin only conference in Kreuzlingen on Lake Constance
April 24-27, 2025 in Creuzlings, Switzerland
BitCare Forum: The Italian Bitcoin Conference
May 10, 2025 in Brescia, Italy
Budapest Bitcoin: The Bitcoin Conference with a bit of difference
August 8-9, 2025 in Budapest, Hungary
Learning Bitcoin: A Bitcoin Education Conference
August 16-17, 2025 in Vancouver, Canada
Reads
Here’s a list of our top recently published reads:
Bitcoin Payments: From Digital Gold to Everyday Currency, by Breez & 1A1z [Report]
Block Size Report, by Orange Surf [Mempool Research]
What is a nostr app anyway?, by hodlbod [Note]
Is It the Money or Is It the People?, by Don Olanrewaju [Mises Institute]
Everyone knows your location, by Tim Sh [Blog post]
Episode submission ideas
We’re looking for ideas for interesting panel conversations. To send Bitcoin related questions, just go to bitcoin.review and follow the contact links at the bottom of the page.
Get in touch with the pod
Nostr & LN ⚡nvk@nvk.org (not an email!)