BR096 - OP_RETURN Debate, Core Governance, Alternative Implementations, Future Soft Forks, CTV Prospects, Core Vulnerabilities, COLDCARD Hardware Design, Testnet vs Signet + MORE ft. Rob, Odell, Craig
I’m joined by guests Rob Hamilton, Craig Raw & Matt Odell to go through the list.
Housekeeping
New Coldcard Q tutorial: How to use the COLDCARD key teleport function on the Coldcard Q [YouTube]
OP_RETURN Drama
00:00:52 Odell’s thoughts
00:04:29 Craig’s thoughts
00:05:59 NVK’s thoughts
00:07:47 Rob’s thoughts
Bitcoin
Software Releases & Project Updates
00:22:10 COLDCARD
Shared Improvements - Both Mk4 and Q
Enhancement: Text word-wrap done more carefully so never cuts off any text, and yet doesn’t waste space.
Bugfix: Add current tmp option, which could be shown in Seed Vault menu under specific circumstances, would corrupt master settings if selected.
Bugfix: PUSHDATA2 in bitcoin script caused yikes.
Bugfix: Warning for unknown scripts was not shown at the top of the signing story.
Mk4 Specific Changes
5.4.3 - 2025-05-14
Bugfix: With both NFC & Virtual Disk OFF, user cannot exit Export Wallet menu. Gets stuck in export loop and needs reboot to escape.
Bugfix: Part of extended keys in stories were not always visible.
Q Specific Changes
1.3.3Q - 2025-05-14
Bugfix: Do not allow to teleport PSBTs from SD card when CC has no secrets. Bugfix: Calculator login mode: added “rand()” command, removed support for variables/assignments.
00:22:21 BDK v0.22.0 - Release chain
Improve syncing experience for electrum and esplora
Relevant transactions that are missing can now be evicted with the help of
SyncRequestBuilder
CanonicalizationParams
can be used to modify the behavior ofCanonicalIter
for a given queryUpdate dependency on miniscript to 12.3.1 along with various fixes and improvements
00:22:35 Cove Wallet v0.4.0
Support for importing hardware wallets with Key Expressions: adds support for using Cove with Krux
Create a CSV file of your transactions with fiat values for each transaction at the time of the transaction: useful for tax reporting
Send flow improvements and bug fixes
Show proper formatting as you type
Default to entering the amount in before the address
Testnet4 support
00:24:03 BTCPay Server v2.1.1
Add support for a subset of wallet policy output descriptors (BIP388, BIP389)
Add support for hardware wallet taproot signing (BIP86)
Enables linking payment requests to external invoices (e.g., QuickBooks, Xero) via a Reference Id
Allows searching Payment Requests Reference Id
Introduces a webhook triggered when a Payment Request is fully paid, useful for automating emails or other actions
00:24:06 Nunchuk Android v1.68
Custom blockchain explorer
Ability to archive wallets
Ability to long-press & reorder wallets on Home
Anti-fee sniping setting
00:24:12 Bitcoin Keeper v2.2.0
New Bitcoin Keeper branding
New Keeper Private tier
Add testnet support
Allow using Server Key with multiple users
Support import and export of BIP329 labels
00:24:14 Bitcoin Safe v1.3.0
Redesign of Chart, Quick Receive, Icons, and Mempool Preview
Interactive chart (clicking jumps to transaction and selected transactions are highlighted)
Receive faster (CPFP)
BDK 1.2 (upgraded from 0.32)
Testnet4 support
Preconfigured Testnet demo wallets
00:24:18 Wasabi Wallet v2.6.0 - Prometheus
Support for Standard BIP 158 Block Filters: Wasabi can now synchronize using BIP 158 filters without requiring a backend/indexer
Full Node Integration Rework: The previous integration was replaced with a simpler, more flexible system which is not limited to a specific Bitcoin node fork and doesn’t depend on the node running on the same machine as Wasabi, or require modifications to the node’s configuration.
Create & Recover SLIP 39 Shares: Create and recover wallets with multiple share backups using SLIP 39.
Nostr Update Manager: Use the Nostr network to receive update information and download locations instead of relying on GitHub’s goodwill
And more…
Add a configurable third-party fallback for broadcasting transactions if other methods fail
Change Windows Code Signing Certificate, now using Azure Trusted Signing
Provide the option to avoid using any third-party Exchange Rate and Fee Rate providers (Wasabi can work without them)
Rebuild all JSON Serialization mechanisms avoiding default .NET converters. Serialization is now stricter
00:25:43 RoboSats v0.7.7
For Users
New coordinators view
Available coordinator reviews signed by both the robot and the coordinator
Coordinators now display in their profiles market price sources
Users are now warned if they try to cancel a non taken order after a payment attempt
Uzbekistani sum currency now available
For Coordinators
Library updates
00:25:46 Umbrel v1.4.1
File search: Search within the Files UI or from anywhere in umbrelOS with the global ⌘/Ctrl + K search
Files widgets: Two new widgets - Favorites lets you open your pinned favorite folders, and Recents surfaces your recently modified files
File transfers: Keep an eye on speed and ETA while copying or moving files in real-time
00:25:57 Zaprite
Taproot: Add Taproot support for our Bitcoin (Wallet) connection
Payment Profiles: Add the ability for Customers to manage saved Payment Methods at merchant accounts
Orders Export: add CSV export feature for Orders
Unchained SegWit Vaults: add support for Unchained’s new SegWit vaults
00:26:22 Blockstream Satellite v2.5.1
Added
Installation of gr-dvbs2rx on Debian Bookworm (12)
User addition to video group when configuring a TBS USB receiver
Changed
Telstar 18V C-band downlink frequency
Rename blockstream-satellite systemd service to blocksatd
Add Lightning invoice payment status to GUI payment dialog
00:26:45 Stratum Work
00:26:58 SeedHammer II
Open sources the hardware design files for the SeedHammer II machine [Github]
“This includes the CAD STEP files as well as PCB schematics and layout in KiCad format.” [[Announcement](https://x.com/SeedHammer/status/1920496724042199121
00:27:11 ESP-Miner v2.7.0
Improve AP mode stability by stopping unnecessary Wi-Fi reconnections
PID Fan Control
Quicklink service init
Remove under power failure
Make “Latest Release” into a link for the changelog
Share reject reasons tooltips
Simplify share rejection explanations
Track rejection reasons to avoid flickering
Set
GAMMATURBO_POWER_OFFSET
to 10WAdd default to supra model
Use latest LTS release of Node
Project spotlight
00:27:34 Bitcoin Feature Matrix: A tool to track interoperability of Bitcoin products & services
“Bitcoin Optech’s new ‘Bitcoin Feature Matrix’ is now live in production”
00:27:41 secp256k1lab: An INSECURE implementation of the secp256k1 elliptic curve and related cryptographic schemes written in Python, intended for prototyping, experimentation and education [Github]
Contributors include Tim Ruffing, Sebastian Falbesoner, and Jonas Nick
Features:
Low-level secp256k1 field and group arithmetic
Schnorr signing/verification and key generation according to BIP-340
ECDH key exchange
00:28:00 GPGap: Air-gapped GPG signing Bitcoin-style [Github]
A project by Odudex, Krux contributor.
GPGap is an experimental Python application that lets you perform GPG signatures on an air-gapped device.
It leverages a modified version of PGPy to offload the signing operation to an external hardware signer.
00:28:16 NVK Validation Tweet: A quick cooked demo response for a Bitcoin (Rust) Script for testing data on Signet [Github]
In response to NVK’s Twitter post by @PortlandHODL
The script is setup as the following:
Xpub A has 10,000 txns at different block heights
Xpub B has 100 utxos made from the 10k above at different block heights
Then 20 txns out of xpub B to random addresses at different block heights
Ideally all with a good amount of distance in height so its over a few months
Don’t need PSBTs
00:28:54 BriberBrother: An ‘alternative mempool’ to help Bitcoin miners identify and include non-standard transactions that follow consensus rules but aren’t typically relayed through the P2P network [Github]
“Briber Brother addresses this challenge by introducing a system that:
Allows miners to efficiently detect and process non-standard transactions.
Enables users to provide incentives on another blockchain to encourage miners to include their transactions.
Ensures proper verification of incentivized transactions once they are successfully mined.”
00:29:11 Stack Math: The Bitcoin Modeling Engine [Github]
Stack Math is an open-source Monte Carlo framework that combines ergodic walk strategies with traditional Bitcoin pricing models to generate probabilistic financial planning scenarios.
emberOne/00: A 100W open source ASIC Bitcoin mining hashboard [Github]
The 256 Foundation releases the KiCAD design files for the emberOne/00 hashboard, a 12-chip modular Bitcoin mining hashboard that consumes only 100 watts of power.
mainnet-observer: Bitcoin Blockchain Statistics [Github] (Hosted by 0xB10C)
This tool and website provides protocol-level statistics and insights about Bitcoin: blocks, transactions, script usage and more. Powered by a Rust backend and Hugo-based frontend.
NomadBuild: Self-sovereign Bitaxe firmware builder & flasher [Github]
NomadBuild provides a tool for Bitaxe users to compile firmware directly from source rather than relying on pre-compiled binaries with trust assumptions.
NomadBuild focuses on internally reproducible builds by pinning all dependency versions and controlling build timestamps within its environment.
00:30:11 HashCommand: An Electron application for controlling Bitcoin miners on your local network, mainly Bitaxes and esp-miner devices [Github]
“It sits between a stratum server and miner, decoding and possibly manipulating traffic. Stratum messages from closed source pools/miners are hidden most of the time, this will let you view both.” [Announcement]
P2Pool v2: Rebooting P2Pool for Bitcoin [Github]
Features:
Share chain with uncles: all your work is accounted for
Pay large miners in coinbase: non custodial solution for top N miners
Support transactions: pay all miners with atomic swaps by market makers
Market makers buy shares from smaller miners: earning virgin coins
P2P Band: P2P Bitcoin exchanges decentralized aggregator [Github]
bitRaffle: A trustless and verifiable Bitcoin-based raffle system [Github]
bitRaffle is a trustless, automated, Bitcoin-based raffle system that uses Bitcoin’s blockchain to provide transparent and verifiable raffle drawings that cannot be manipulated.
BitcoinTravel: A bitcoin-only Online Travel Agency, offering flights, hotels, and travel experiences exclusively payable in Bitcoin
Bitcoin Travel operates under dual legal structures: registered in El Salvador as S.A. de C.V. to leverage Bitcoin-friendly regulations, and in the U.S. as Airlines Travel LLC based in Texas for supplier partnerships.
Bitcoin is for criminals: A list of case studies of real life examples of the ways criminals have used bitcoin across the globe [Github]
Vulnerability Disclosures
00:30:23 CVE-2024-52919: Remote crash due to addr message spam (part 2) [Disclosure]
The vulnerability allows remote crashes by spamming addr messages until a 32-bit identifier overflows, rated as Low severity.
Bitcoin Core v22.0 implemented rate-limiting (1 address per peer every 10 seconds) in 2021, making the attack more expensive but not impossible.
The vulnerability is fully addressed in Bitcoin Core v29.0 by changing to a 64-bit identifier, preventing overflow attacks.
00:33:02 CVE-2025-43707: Critical bug in rust-miniscript library causes transaction signing crashes [Blog post]
Bug found by @Pythcoiner from the WizardSardine team, communicated by Antoine Poinsot to rust-miniscript maintainers Andrew Poelstra and Sanket Kanjalkar
A vulnerability in rust-miniscript allows attackers to crash applications by crafting special descriptors, potentially creating denial-of-service for server applications.
The bug involves an out-of-bounds read in the Satisfaction::thresh() function when threshold k equals the number of sub-fragments.
Coinos service disruption due to database loss and outage [Note]
Coinos is back online but withdrawals remain frozen following complete database loss, with the latest backup being 24 hours old.
The service also experienced a 4-hour outage yesterday related to data center internet connection upgrades, though connection to database loss is unclear.
00:34:46 Hackers breach LockBit ransomware gang’s dark web affiliate panels, exposing nearly 60,000 bitcoin wallet addresses and 4,400 negotiation messages between attackers and victims [Forbes]
Database leak includes admin and affiliate actor information with plaintext passwords, though LockBitSupp claims private ransomware keys remain secure.
Signalgate (continued): TeleMessage’s modified Signal app exposes Trump officials’ chat logs after Reuters photo emerges [Micah Lee’s Analysis] [Heise]
TeleMessage creates TM SGNL, a modified Signal app used by Trump officials that sends plaintext chat logs to their archive server despite claiming E2EE encryption.
TM SGNL appears identical to regular Signal but archives every message to destinations like Microsoft 365, email servers, or file servers based on user archive plans. The archive server runs on public AWS cloud in Northern Virginia and was recently hacked.
AirBorne: Oligo Security discovers 23 vulnerabilities in Apple’s AirPlay protocol and SDK that enable various attacks including zero-click remote code execution on Apple and third-party devices [Vulnerability analysis]
Two vulnerabilities (CVE-2025-24252 and CVE-2025-24132) allow attackers to create wormable exploits that can spread malware across networks without user interaction, potentially affecting 2.35 billion Apple devices.
MacOS devices with AirPlay receiver enabled, CarPlay systems, and third-party speakers are particularly vulnerable to attacks that could enable eavesdropping, tracking, and malware deployment.
Apple has released software updates addressing the 17 CVEs issued from Oligo’s disclosures, following a responsible disclosure process from Oligo.
LLMs: ANSI terminal codes enable hidden malicious instructions in MCP [Trail of Bits]
Researchers discover ANSI escape sequences can be used to hide malicious payloads in MCP tool descriptions, making them invisible to users while still processed by LLMs
Claude Code version 0.2.76 lacks filtering for ANSI codes, allowing attackers to create invisible instructions that could lead to supply chain attacks through manipulated dependencies.
XRP Ledger SDK compromised in supply chain attack [Aikido’s Technical breakdown]
Official XPRL (Ripple) NPM package infected with backdoor that steals cryptocurrency private keys through a suspicious function called
checkValidityOfSeed
that sends data to domain “0x9c[.]xyz”.Attackers released five unauthorized versions (4.2.1-4.2.4, 2.14.2) of the popular package with over 140,000 weekly downloads, progressively refining their malicious code injection techniques.
Audience Questions
Thanks to everyone who sent in questions. Remember to send yours to questions@bitcoin.review.
00:35:12 What’s the difference between test net and signet? And what are the benefits of each?
00:37:15 Can you explain, in simple terms, what OP_CHECKCONTRACTVERIFY does?
There’s been a lot of talk about the difference between using OP_RETURN and witness data. Specifically that OP_RETURN is prunable and witness data ends up in the chain. Can you explain in normie terms how this works?
Privacy & Other Related Bitcoin Projects
Software Releases & Project Updates
Sideband v1.6.0
Add compatibility with new AES-256 modes in RNS
Add transfer speed display to outgoing messages
Add ability to exclude objects from telemetry collector responses
Add interactive console option to daemon mode
Add option to specify RNS config path
Add Windows location plugin example
Sideband now uses abstract domain sockets for IPC on supported platforms
Improve memory consumption
Improve I/O performance
SimpleX v6.3.3
Add support for connecting via short connection links.
To create short connection links:
Enable Dev Tools
Enable short links in Privacy & Security settings
Project spotlight
Berty: An open, secure, offline-first, peer-to-peer and zero trust messaging app [Github]
Berty is a decentralized messaging app with end-to-end encryption that requires no phone number or email, works without internet connection, and remains functional on adversarial networks.
Developed by Berty Technologies, a French nonprofit, Berty aims to serve users needing secure communication while traveling, wanting anonymity, avoiding third-party servers, or living under censorship.
Filekey: Encrypt and share files securely with passkeys. Fully offline, easy-to-use, and zero-knowledge for ultimate file protection [Github]
“FileKey is an offline web app that lets you quickly encrypt and share files using passkeys. No accounts, no tracking, no backend servers. Just local, offline security powered by passkeys.”
PixelSafe: A steganography tool for PNG images that uses the Least Significant Bit (LSB) algorithm [Github]
“It lets you embed hidden data inside PNG files - for example, storing a KeePass database inside a screenshot. You can use it to hide backup files, send private messages, embed digital signatures, or attach invisible metadata to your images.”
TorVPN Android app: A WIP from the Tor Project to replace Orbot [Gitlab]
TorVPN project develops whole-device and app-specific anonymous communication [Wiki]
The initiative involves cross-team coordination with Arti, TPO teams for user experience, network health, and focuses initially on Android implementation with future platform expansion.
Lightning + L2+
Project spotlight
NodeGuard: A treasury management solution for Lightning nodes [Github]
NodeGuard is an open-source technology stack developed to simplify treasury operations for lightning nodes, focusing on both Security and UX.
Features include asynchronous channel funding with multisig wallets, liquidity automation, remote signing, automatic fund sweeping, and hardware wallet support for transaction signing.
0Commons: A V4V platform where creators can share digital files (photos, graphics, videos, fonts, 3D printing files) under CC0 license with unrestricted commercial use.
The platform operates on a Value-for-Value model, allowing users to download content for free and zap creators directly, with creators receiving 100% of the contributions.
Bitcoin Lightning Network Profitability Calculator: An interactive tool designed to help users estimate their earnings from operating a Bitcoin Lightning Network node
It allows users to input various parameters to simulate different scenarios and assess the profitability of their investment.
Zapback: Last Pay Wins for Friends: A friend-based zap game with 24-Hour timer [Github]
A project inspired by lastpaywins.com
Players must zap back within 24 hours to stay in the game. The pool grows over time until one player forgets to respond, with the last player winning everything.
Coinbase launches x402, a protocol enabling instant stablecoin payments over HTTP that allows APIs, apps, and AI agents to transact within the internet economy [Announcement]
The protocol addresses limitations of traditional payment systems by leveraging the HTTP “402 Payment Required” status code, making stablecoin payments a native web function with minimal coding required. [White paper]
Software Releases & Project Updates
LND v0.19.0
New Features
Add support for archiving channel backup in a designated folder which allows for easy referencing in the future. A new config is added disable-backup-archive, with default set to false, to determine if previous channel backups should be archived or not.
Protocol Updates
lnd
now supports the new RBF cooperative close flowAdd support for experimental endorsement signal relay
Add initial support for quiescence
The max fee rate is now respected when a coop close is initiated
Functional Enhancements
Add ability to paginate wallet transactions
Make
MaxWaitNumBlocksFundingConf
configurable, allowing integration/development tests to set a lower value for faster funding confirmation timeout while keeping the default of 2016 blocks for production stability.Previously when sweeping inputs, the sweeper will wait until the specified budget can be covered by the inputs, which could cause the sweep to be delayed, and the sweeping tx ends up using large fees. This is now changed so the sweeper will always attempt the sweep as long as the budget can be partially covered.
Add validation to ensure that MPP parameters are compatible with the payment amount before attempting the payment
LDK
ldk-node v0.5.0
The
PaymentSuccessful
event now exposes apayment_preimage
fieldThe node now emits
PaymentForwarded
events for forwarded paymentsAdd ability to send custom TLVs as part of spontaneous payments
Add ability to override the used fee rates for on-chain sending
Add ability to set a description hash when creating a BOLT11 invoice
Add ability to export pathfinding scores
Add ability to request inbound channels from an LSP via the bLIP-51 / LSPS1 protocol
The ChannelDetails returned by
Node::list_channels
now exposes fields for the channel’s SCIDsLightning peer-to-peer gossip data is now being verified when syncing from a Bitcoin Core RPC backend
The logging sub-system was reworked to allow logging to backends using the Rust log facade, as well as via a custom logger trait
On-chain transactions are now added to the internal payment store and exposed via
Node::list_payments
Inbound announced channels are now rejected if not all requirements for operating as a forwarding node have been met
Add initial support for operating as an bLIP-52 / LSPS2 service
The
Builder::set_entropy_seed_bytes
method now takes an array rather than a VecThe builder will now return a NetworkMismatch error in case of network switching
The
Bolt11Jit
payment variant now exposes a field telling how much fee the LSP withheldAdd ability to disable syncing Lightning and on-chain wallets in the background
Add ability to configure the node’s announcement addresses independently from the listening addresses
Add ability to choose whether to honor the Anchor reserves when calling
send_all_to_address
Add ability to sync the node via an Electrum backend
rust-lightning v0.1.3 - “Routing Unicode in 2025”
Bug Fixes
Event::InvoiceReceived
is now only generated once for eachBolt12Invoice
received matching a pending outbound payment.LDK’s router now more fully saturates paths which are subject to HTLC maximum restrictions after the first hop.
Security
v0.1.3 fixes a denial-of-service vulnerability which cause a crash of an LDK-based node if an attacker has access to a valid
Bolt12Offer
which the LDK-based node created.A malicious payer which requests a BOLT 12 Invoice from an LDK-based node (via the
Bolt12InvoiceRequest
message) can cause the panic of the LDK-based node due to the wayString::truncate
handles UTF-8 codepoints.
Ark v0.6.0 - Indexer, RegisterIntent+BIP-322 support & SDK SQLite db
Features:
[Server] Make round failed if there’s not enough liquidity
[SDK] Retry settlement
Return utxo/vtxo amount limits in
GetInfo
Return updated
spentVtxos
list intransactionEventsCh
[SDK] Disable onchain features if server doesn’t allow them
Add RegisterIntent + BIP0322 Proof of Funds & Drop covenant & SDK SQLite db
Ark partners with Austrian educational institution TU Wien on a formal specification of the Ark protocol [Litepaper]
“Ark Litepaper formalizes Ark’s technical foundation and provides additional clarity for researchers & developers interested in contributing to its implementations.”
Fountain v1.2
Library design update:
Add new content-type filters at the top of the page
Recently Played is now the default view in your library
Music filter now makes it easier to find saved tracks and albums
Content pages design update: Redesign shows, episodes, artists, albums, tracks, clips and playlists pages
Episode summaries:
Add Summary button above show notes
Summaries and transcripts now come as a bundle
Playback improvements: Rebuilt the audio engine from the ground up
Tracks now load and play instantly when tapped
Faster skipping in-between collection of tracks
Replace scrollable player page with full-screen modals
Other bug fixes & improvements:
Rebuilt payment stats for more complete and reliable transaction records
Add new episode notification preferences in Settings
Phoenixd v0.6.0
Support simple close
Add support for linux arm64 target
Update Dockerfile - fix casing warnings
Support stateless offers with optional custom description and amount
Upgrade to lightning-kmp 1.10.2
BoltzExchange boltz-client v2.6.0 - Tiny
Allows lower swap limits for submarine swaps
Add support for a new minimal threshold (“MinimalBatched”) for batched swaps, allowing swaps below a certain amount to be handled differently.
Breez SDK
Lightning Loop
Autoloop now defaults to a slow publication deadline (30 minutes after initiation) to reduce fees. To revert to the previous behavior, users can run
loop setparams --fast
, which causes swap HTLCs to be published immediately after initiation.
Enhance the
loop listswaps
command by improving the ability to filter the response
lightning-kmp v1.10.0
Implement option_simple_close
Remove amount-based confirmation scaling
Bolt11 invoices: do not re-encode amounts
Add more force-close tests for HTLC settlement
Send normal failures for Bolt12 payments
Add test for Bolt11 features minimal encoding
Peer storage
Stateless offers
Use the offer description as default payer note
Add support for linux arm64 target
BlitzWallet v0.4.4-beta
eCash Improvements
Prevention of Duplicate eCash Payments: eCash transactions can no longer be paid twice
Fix Background eCash Invoice Handling: When a user creates an eCash quote but fails to pay before the quote expires, the app no longer attempts to claim it with an incorrect proof index during the next wallet load
Payment Experience
Bolt12 Payments from Liquid: Users can now send payments to BOLT12 invoices directly from their Liquid balance
Support for Blink QR Codes: Blink QR codes now open directly inside the Blitz native UI with LNURL-pay support
Lower Minimum for Lightning-to-Liquid Payments: The minimum receive amount for Lightning-to-Liquid swaps has been reduced to 100 sats
App Enhancements
Manual Sync via Swipe Gesture
Crash Reporting with User Control
Blitz Social Tracking: A new section in settings shows how many users have downloaded Blitz and tracks its growth over time
Half-modal Popups: Popups can now be dismissed
Nutshell v0.16.6-rc1
New Features
Blind Authentication
Limit mint access using Clear and Blind Authentication. Nutshell now supports NUT-21 and NUT-22, enabling the use of OAuth 2.0 identity providers like Keycloak (or any compatible provider)
NUT-22 introduces Blind Authentication, which enhances user privacy by anonymizing authentication within the set of registered users.
Improved Multi-Nut Payments
Multi-nut payments via LND are now more reliable
Additional Protocol Updates
SIG_ALL Multisig Flag: Users can now lock ecash to specific destinations (outputs)
Mint and Melt Quote Enhancements: The update to NUT-04/05 introduces new fields (amount, unit, request) to mint and melt quotes
ToS URL: Mints now have the option to enter a Terms of Service (ToS) URL in the mint info settings
Fixes and Improvements
Wallet Un-reservation: Nutshell wallet now un-reserves ecash after a failed Lightning payment more reliably
Improved Keyset Rotation: Enhanced keyset rotation process for mints
Pending Melt Quotes: Mints now check pending melt quotes in the background every hour
Balance Tracking for Keysets: Mints can now track balances for each keyset separately
Cashu-ts v2.5.0
Cashu-TS 2.5 is out, adding NUT-22 Blinded Authentication and plenty of DX improvements.
Replace Enums with Const Objects
Add getDecodedToken example in the README and an example of firebase API to receive cashu payments
Support for proof witness field in token serialization
Fix P2PK refund to reflect NUT-11 format
Add NUT-22 BlindedAuth
Melt: made blank output amount equal split length
Bringing back cashu-crypto-ts code into cashu-ts
Run format check on PR
Make sure to always stringify URL object for WebSockets
nut18: optional transport and add nut10 option
Add API-Extractor to project and CI
Minibits is now expanding to iOS TestFlight [Announcement]
Geyser launches Bitcoin Launchpad: A visibility platform for early-stage projects [Announcement]
Launchpad introduces a system requiring Bitcoin projects to gather 21 followers within 30 days to officially launch, addressing the issue that “projects don’t fail because they lack funds” but because “no one knew they existed.”
Each project receives a dedicated section for 30 days, with followers receiving email updates upon reaching the threshold of 21 followers; projects can alternatively launch manually for $21.
The platform aims to “separate signal from noise” by creating a small challenge that may trigger momentum, giving visibility to meaningful projects before they go live.
Nostr
Project spotlight
Nostr Follow List: A minimalistic Nostr application for creating, sharing, and discovering Nostr Follow Packs [Github] by callebtc
Relays.land: A customizable relay management tool for Nostr [Code repository] by fiatjaf
Relays.land is a platform that enables users to create and manage custom Nostr relays with specific content curation and moderation rules. It offers three types of relays: curated, programmable, and moderated.
(Pub)Caster: Effortlessly turn your npub into a podcast feed [Github] by dergigi
“(Pub)Castr is a service that automatically generates podcast feeds from Nostr profiles. It converts kind1 events containing audio (and video) file links into a valid Podcasting 2.0 feed.”
Camelus: A nostr client for Android and iOS (beta TestFlight) [Github] (WIP)
Features:
Nostr Protocol for Decentralized Data Storage: Ensures user data privacy and control
Clean Architecture: Uses Dart and Flutter
Dart_NDK Integration: Optimized for mobile battery
In-Box and Out-Box Messaging: Optimized for gossip and database performance
Open-Source Development: Community-driven project
Riverpod for State Management: Efficient and testable state management
nparrot-chat: Integrate any command line tool with Nostr relays-as-groups [Github]
Nostr Parrot Chat is a convenient CLI tool that facilitates messaging over Nostr relay chat rooms
Use cases:
Talk to your Goose AI agent via DMs from your phone by using any Nostr client compatible with NIP-17
Easily integrate almost any other command line tool with Nostr DMs
Send yourself notifications easily from any environment that can run shell commands
Use this as a test or troubleshooting tool for NIP-17 messages
Anchor Alerts: A notification and syncing server for flotilla.social [Github]
The tool bridges nostr to email, offering notifications without requiring users to install additional software.
Chronostr: A scheduling adjustment and RSVP tool working on the Nostr [Github]
Nostash: A nostr signing extension for Safari [Github]
This is a NIP-07 compatible extension for signing nostr events, forked from (the no longer supported project) nostore
Kinostr: A nostr client that renders kind 1 nostr notes and their attachments
Kinostr is a YouTube-like interface for Nostr videos using the #kinostr tag
Swae: A live streaming application built on the Nostr protocol, aiming to provide a censorship-resistant platform for content creators and viewers [Github] (WIP)
“Users are able to send bitcoin to streamers and other users over the lightning protocol.”
Nostroots: An initiative to seamlessly transition Trustroots, the platform for sharing, hosting, and community building, onto the nostr network [Github]
“Trustroots is a social network of travelers and hosts that offer couches. Founded in 2014, 112k+ members now.”
Sobrkey: A decentralized sobriety tracking and community support application built on Nostr [Github]
Features include: 12-step journey tracking, public community support, emergency resources, zap-based donations, and Decentralized identity.
Nostrly: A web-based service that allows users to register a verified Nostr address
Nostrly also provides various tools for Nostr and Cashu, including: NIP-09 Note Deleter, NIP-19 Decoder, and NIP-57 Web Zap
Cashu tools: Cache, Gather, NutLock, Witness, and Redeem
Nostream: A media-only Nostr firehose stream, unfiltered (A project by @jack)
Software Releases & Project Updates
00:46:55 Nostr Messaging Layer Security (MLS) Update [Note]
Libraries released: nostr_mls_storage, nostr_mls_memory_storage, nostr_mls_sqlite_storage, and nostr_mls
White Noise refactor
Encrypted media with Blossom: Media in groups is encrypted using an MLS secret and uploaded to Blossom with a one-time use keypair
Damn mobile: beta version coming live on Zapstore in a few weeks
00:48:42 Primal v2.2.13
Login with public key
Amber support
Blossom media uploads & settings
Push notifications for Google builds (not available in Github APKs)
Notifications revamp
Image gallery in article details
Muting words, hashtags & threads
New gallery rendering for media attachments in notes
“Share note as image” option in note context menu
Copy Url & Copy Image in media gallery screen
Copy to clipboard when tapping on bitcoin or lightning address in wallet
Topological sort for FeedPost on threads
Request Delete action for notes & articles
Simplified note context menu
00:48:43 Damus v1.14 - TestFlight for Purple users
Introduce new one-click wallet setup, powered by Coinos
Revamp wallet experience with balance and transactions view for your NWC wallet
New notification setting to hide hellthreads
Add NIP-65 relay list support
Add Unicode 16 emoji reactions (only for iOS 18.4+)
Blurred images now show some more information
Damus Notedeck Beta Release [Announcement]
New in Notedeck Beta:
Dave nostr AI assistant app
GIFs
Fulltext note search
Zaps (NWC/ Wallet UI)
Introduce last note per pubkey feed (experimental)
Allow multiple media uploads per selection
Major Android improvements (still wip)
Add notedeck app sidebar
User Tagging
Note truncation
Local network note broadcast, broadcast notes to other notedeck notes while you’re offline
Mute list support (reading)
Relay list support
Coracle
Add support for editing WOT feeds
Change default blossom servers
Add support for custom emojis
Improve remote signing
Drop nip 96 support
Use user blossom servers
Avoid duplicate notes in feeds
Add safe areas for phones
Upgrade capacitor
Allow use of ws:// relays on android
Use new version of network library
Re-work storage adapter to minimize storage and improve performance
Improve initial page load times
Upgrade welshman
Remove platform relay
Show PoW
Don’t fetch messages until decryption is enabled
Flotilla
Add light theme
Use correct alerts server
Ignore relay errors for claims
Add custom emoji parsing and display
Add alerts via Anchor
Allow use of cleartext relays on native builds
Detect blossom support on community relays
Use user blossom server list in settings
Improve thunk indicator
Update storage adapters
Switch to pnpm
ndk-cache-sqlite-wasm v0.2.0 - Introduces the Sqlite WASM cache adapter package (feat: add SQLite WASM cache adapter with support for decrypted and unpublished events, including schema updates and migration logic)
Implements the full NDKCacheAdapter interface, including:
Event caching (setEvent, getEvent, etc.)
Profile caching (fetchProfile, saveProfile, etc.)
Synchronous and asynchronous APIs
Relay status management
Decrypted event cache (getDecryptedEvent, addDecryptedEvent)
Unpublished event management (addUnpublishedEvent, getUnpublishedEvents, discardUnpublishedEvent)
Database schema and migration logic mirrors ndk-mobile’s implementation
Uses sql.js (WASM) for cross-platform SQLite support in browsers and JS environments
Database is persisted automatically to IndexedDB with debounced saves for performance
Example page included for browser testing and benchmarking
Documentation is symlinked into the main docs/cache directory
Amber
Move from deprecated Autofill api
Move from deprecated ClipboardManager api
Move from encrypted shared preferences to DataStore and normal shared preferences
Add more event translations
Bigger qrcodes, increase brightness when showing the qrcode
Add a option to accept/reject a permission temporarily
Better connection handling when switching networks
Use bunker response from quartz
Include zapstore in the new bunker and initial message
Add search to the activity screen
Show option to never close the app when using bunker url
Separate general prefs and account prefs keys
Add loading indicator when trying to fetch profile picture
0xChat App v1.4.9
Implement updated NIP-29 group logic with support for group admin roles
Add support for Aegis URL scheme login on iOS
Kyoto
Fetch the Network from the node builder
Configure the initial TCP connection timeout when trying new peers
Add BDK integration links to the README
Update resource usage and profiling in DETAILS.md
Template issue for bugs, enhancement requests, releases
Mainnet, signet, testnet4 checkpoints
Testnet4 DNS seeds
Socks5 proxy connections supported
justfile
improvements
Nostrmo v3.0.0
Add support to nesigner (Windows, Linux and MacOS)
Using ISar to recode local relay’s database
Upgrade flutter versions
Show comment event (kind: 1111)
Add Relay Group Naddr and Follow Set Naddr str decode
Citrine v0.8.0
Support for protected events
Support for auth
Option to disable listening to pokey broadcasts
Option to disable start on boot
Change how the last backup time is calculated
Keychat v1.31.13
browser: Save the status of the tab unless it is closed manually
browser: Remove btcnav.org from mini app
message: Automatically refresh the homepage when a new message is added
desktop: Support packaging exe for windows platform. Optimize cmd+shift line break operation
mls: Cache state for uploading mls key package
android: The minimum supported Android version is now 12 (API level 31)
Nowser v1.1.0
Add hardware signer (nesigner) support
Android Signer package name method change
Image and link add long press support
Incognito Mode
Add download support
Url https check
YakiHonne - iOS/Android/Web/Zap.Store
Web v4.6.0
Introducing Smart Widgets v2
New Tools Smart Widgets section in note creation for advanced content editing
Curations, videos, and polls are now Tools Smart Widgets, enabling quick creation and seamless embedding in notes
Zap advertisements added—top zappers can now appear below notes
Note translation button has been relocated next to the note options for easier access
Follower and following lists are now visible directly on the dashboard home page
Mobile v1.7.0
Introducing the fully upgraded smart widget with its expanded set of functionalities
A set of tools to enhance content editing
Curations, videos, and polls are now Tools Smart Widgets, enabling quick creation and seamless embedding in notes
Shortened URLs for a better user experience
Highest zappers in notes will be highlighted
Zapper list now includes zaps messages
Gossip model can be enabled and disabled
Yumyume v0.6.0 - Biryani with Pickled Onion & Raita
Optimized & Interactive Tag Cloud: The tag cloud is now fully visualized with tag density and colors.
Bookmark Cards Now Ordered by Publishing Time: Update the global feed to sort and display bookmarks based on their original publishing timestamp, rather than the last edit.
Saving Client Info: Yumyume now saves the client name (“Yumyume”) in the background when publishing a bookmark.
Samiz v0.0.4
Now Samiz will broadcast:
Notes of any Kind created up to 1 hour before the session started.
User Metadata created at any time
Shopstr v0.4.2
Add Blossom media support for image uploads with metadata stripping
Add a terms of service and privacy policy
Add pagination for product viewing
Nostur Update (TestFlight)
Add blossom media server support
Support multiple blossom servers as mirror
Boosts
01:01:58 Thanks to everyone who streamed sats, and shoutout to our top boosters:
[🏆 TOP BOOSTER] @Rod Palmer (5000 sats) “PODCONF Disapproved ❌(due to Rijndael)”
@AVERAGE_GARY (1100 sats) “OpNext was great. Run your testnet4 CTV + CSFS client. [Code repository] Has Sv2 enabled branch too.” “dB near zero ⚡”
@pink money (500 sats) “🔥🔥🔥”
@user4 (500 sats) “🔥🔥🔥”
@Wartime (333 sats) “Mon a not 🤔🤣”
@btconboard (300 sats) “👍🏻⚡️🫡”
Tech Tip of the Day
01:03:51 Cryptography 101: A free online cryptography course repository, by Alfred Menezes
Includes “videos, slides, exercises and solutions, and news items.” [Koob’s SN post]
Bitcoin Optech Newsletter
Highlights from recent Bitcoin Optech Newsletters
BIP30 consensus failure vulnerability: Ruben Somsen posted to the Bitcoin-Dev mailing list about a theoretical consensus failure that could occur now that checkpoints have been removed from Bitcoin Core.
Avoiding BIP32 path reuse: Kevin Loaec posted to Delving Bitcoin to discuss options for preventing the same BIP32 wallet path from being used with different wallets, which could lead to a loss of privacy due to output linking and a theoretical loss of security.
Comparison of cluster linearization techniques: Pieter Wuille posted to Delving Bitcoin about some of the fundamental tradeoffs between three different cluster linearization techniques.
Increasing or removing Bitcoin Core’s
OP_RETURN
size limit: in a thread on Bitcoin-Dev, several developers discussed changing or removing Bitcoin Core’s default limit for OP_RETURN data carrier outputs.
Interactive aggregate signatures compatible with secp256k1: Jonas Nick, Tim Ruffing, Yannick Seurin posted to the Bitcoin-Dev mailing list to announce a paper they’ve written about creating 64-byte aggregate signatures compatible with the cryptographic primitives already used by Bitcoin.
Standardized backup for wallet descriptors: Salvatore Ingala posted to Delving Bitcoin a summary of various tradeoffs related to backing up wallet descriptors and a proposed scheme that should be useful for many different types of wallets, including those using complex scripts.
News & Noteworthy
Bitcoin
Elliptic’s new report shows cartels deposit cash into banks before converting to stablecoins, challenging the narrative that “unhosted wallets” are the primary problem [The Rage]
The report cautions lawmakers against relying on blockchain surveillance firm reports, noting these companies have “clear profit incentive to expand their services” into the non-custodial sector.
Lightning + L2+
Aqua Wallet to introduce Dolphin Card: A KYC-free VISA card for spending [Blog post]
Aqua Wallet’s upcoming Dolphin Card allows spending Bitcoin, Liquid Bitcoin, and Tether at VISA merchants without identity verification, with a monthly limit of $4,000.
Initially launching as a virtual card with physical version to follow, the Dolphin Card will be available in most countries except the U.S. and Canada.
Nostr
Bitcoin-focused news desk No Bullshit Bitcoin integrates zapthreads-based Nostr comments [Note]
“Comments you leave under the original (quoted) post below should appear on our site, and comments you leave on our site should be visible under the post on Nostr.”
Guide: Self-hosted NIP-05 as a Lightning Zap Address for Nostr, by Avren [Note]
Business & Finance
Bitcoin-native holding company Nakamoto merges with KindlyMD to build Bitcoin treasury [Bitcoin Magazine]
KindlyMD and Nakamoto Holdings announce $710 million merger deal with David Bailey becoming CEO of the combined entity while Tim Pickett continues managing healthcare operations.
Tether, SoftBank Group, and Jack Mallers launch Twenty One, a Bitcoin-native company, through a business combination with Cantor Equity Partners [Business Wire]
Twenty One Capital is launching with over 42,000 BTC in its treasury and plans to go public through a SPAC merger with Cantor Equity Partners.
Strike launches Strike Lending: Bitcoin-backed loans for individuals and businesses []
Strike introduces bitcoin-backed loans allowing eligible customers to borrow $75k to 2m for up to 12 months at 12% APR.
Bull Bitcoin introduces brand new platform for Canadian customer base, following its extension in Costa Rica, Europe, and Mexico [Blog post]
New features include instant e-transfers, transparent price spreads instead of fees, and enhanced Bitcoin transaction options including Lightning Network support, with automatic data deletion for inactive accounts.
Future developments include recurring buys over Lightning and Liquid networks, auto-buy/sell functions, Payjoin technology for privacy, and limit orders, all built on self-hosted infrastructure.
Relai brings Bitcoin-collateralized lending to the European market [Announcement]
The service requires qualified investors under Swiss FinSA regulations, with minimum financial assets of CHF 500,000 and initial deposit of CHF 100,000, offering loans with 12-month minimum terms and up to 40% LTV ratios.
Coinbase agrees to purchase Dubai-based Deribit for $2.9bn, paying 700mn in cash and the remainder in shares, marking the digital market’s largest ever acquisition [FT]
Deribit, the world’s largest cryptocurrency derivatives market, handled over $1tn in trading volumes last year as the industry prepares for anticipated demand from banks and asset managers.
Coinbase Asset Management launches the Coinbase Bitcoin Yield Fund (CBYF), aiming to generate 4-8% net returns in bitcoin annually [Press release]
Multiple investors including Abu Dhabi-based Aspen Digital have seeded the fund, which launched on May 1, 2025 with Aspen serving as initial distribution partner across UAE and Asia.
Lightspark announces partnership with Revolut to implement Bitcoin network payment infrastructure in the UK and select EEA countries, offering lower fees and faster transactions [Press release]
Ruya bank partners with Fuze to become the first Islamic bank globally to offer Shari’ah-compliant virtual asset investments [Bitcoin Magazine]
Meta explores stablecoin integration three years after Diem project collapse [Fortune]
Meta initiates talks with crypto infrastructure companies to potentially deploy stablecoins for cross-border payments to content creators
Spar now accepts Bitcoin payments at its Zug supermarket via LNURL, implemented by DFX Swiss through OpenCryptoPay solution that enables QR code transactions [Bitcoin News]
Citrea deploys Clementine Bridge on Bitcoin testnet using BitVM2 programming language to overcome the “bottleneck for using BTC in a programmable environment.” [CoinDesk]
Apple changes U.S. App Store guidelines to allow apps to link users to their websites for purchases after losing court battle against Epic Games [TechCrunch]
The ruling requires Apple to stop using “scare screens” and remove restrictive language guidelines, though the company states they will appeal the decision.s
Funding
Tether renews $100,000 grant to the BTCPay Server Foundation for the second consecutive year [Announcement]
Spiral renews grant to Dan Gould (@bitgould) for his work on the Payjoin Dev Kit, and to @joschisanbtc, for “simplifying federations, allowing anyone to run Fedimint guardians on laptops, Start9s, whatever”.
Btrust awards grant to Africa Free Routing to support five Bitcoin Lightning-focused developer bootcamps across Africa in 2025 [Press Release]
The bootcamps aim to onboard non-Bitcoin developers into the ecosystem, providing training, mentorship, and pathways to open-source contribution.
The initiative seeks to build local developer communities, increase participation in global Bitcoin projects, and expand technical capacity across the continent.
Participants will be funneled into long-term mentorship networks like Btrust Builders for continued growth.
Privacy
France bans mixers and privacy coins [Twitter post]
A new law adopted in France now considers mixers and privacy coins as an indicator of suspicious activity by default [Adopted Law proposal]
Jury orders NSO Group to pay WhatsApp $167 million in punitive damages for hacking 1,400 users in 2019 [TechCrunch]
Judge previously ruled NSO Group violated federal and California hacking laws, with researcher John Scott-Railton stating: “NSO makes many millions of dollars helping dictators hack people.”
Bitcoin Security Incidents
Elderly US citizen falls victim to 3,520 bitcoin social engineering theft [Coin Telegraph]
An elderly US investor loses $330 million worth of Bitcoin in a sophisticated social engineering attack, ranking as the fifth-largest crypto hack in history, as reported by ZachXBT
The attacker then laundered the 3,520 stolen bitcoin through over six exchanges using peel chain methods and swapped significant portions into Monero, which spiked its price by 45% and lead to estimated slippage losses reaching $66 million.
Five dollar wrench attacks: (Credit goes to Jameson Lopp’s physical bitcoin attacks repository)
Philippine National Police arrest three suspects for the kidnapping and murder of businessman and his driver [Global Nation]
The victims were lured to a house on March 29, 2025 and held captive for 10 days. The group demanded a $20m ransom, then killed their victim despite receiving a sum totalling $3m paid in cryptocurrency.
Pakistani Counter-Terrorism Department arrests four individuals in Karachi for conducting short-term kidnappings while impersonating various law enforcement offices [Ary News]
The suspects used fake government number plates on their car, abducted citizens to a remote area, and extracted ransoms including bitcoin secrets and cash from ATMs before releasing victims. The event took place on April 13, 2025.
Father of crypto firm boss rescued in French police raid [Le Monde]
French police free a kidnapped man during a weekend raid in Paris, arresting five suspects in their 20s. The victim’s finger was mutilated, with kidnappers demanding a €5-7 million ransom from his cryptocurrency-wealthy son. The event took place on May 1, 2025.
Three Florida teenagers kidnap Las Vegas business man at gunpoint, drive him to remote Arizona desert, and steal $4 million in cryptocurrency and other digital assets [8News Now]
The victim, who was the organizer of a cryptocurrency-related event in downtown Las Vegas, was forced to reveal the passwords of his financial accounts. The event took place in November 2024.
Montreal police arrest three men for kidnapping and stealing $15,000 in cryptocurrency from a Verdun businessman [CTV News]
The suspects allegedly tied up the victim, a man in his 30s who ran his own cryptocurrency business and tortured him for hours before obtaining transfer details and fleeing the scene. The event took place on August 15, 2024
Protocol
Bitcoin Core #31250: wallet: Disable creating and loading legacy wallets [Merged]
Bitcoin Core #31247: psbt: MuSig2 Fields [Merged] (Implements un/serialization of MuSig2 PSBT fields and prepares PSBT to be able to sign for MuSig2 inputs.)
BIPs #1835: BIP48: Add p2tr script type derivation [Merged]
BIPs #1555: BIP 321: URI Scheme (Replace BIP 21 with a new BIP containing information about more modern usage of it) [Merged]
BTCPay Server #6684: Add support for wallet policy descriptors (BIP388) [Merged]
Eclair #3064: Simplify channel keys management [Merged]
NIPs #1890: Adds optional nip60.signSecret() and kind 10019 filter tag [Open] (The PR clarifies and improves Nostr <-> Cashu interoperability)
Government & Political
Spain’s new banking regulations clarified: no pre-approval needed for cash withdrawals [Cryptoslate]
Spain’s Royal Decree 253/2025 requires financial institutions, not individuals, to report cash transactions over €3,000 monthly to tax authorities.
Financial institutions must now report all cash movements over €3,000 to tax authorities in monthly reports, offering the tax agency “granular, near‑real‑time data on every sizable cash movement and virtually every card transaction.”
European Union plans to ban anonymous crypto accounts and privacy-preserving coins by 2027 under new AML regulation [Coin Telegraph]
Credit institutions, financial institutions, and crypto asset service providers will be prohibited from maintaining any anonymous accounts or handling privacy-enhancing cryptocurrencies.
Customer due diligence will be mandatory for transactions above €1,000 as part of the EU’s expanded regulatory framework building on the Markets in Crypto-Assets Regulation.
German prosecutors confiscate Bitcoin, Ether, Litecoin, and Dash worth $38.2 million from privacy-focused crypto platform eXch, which operated without AML protocols [The Block] [Presse Portal]
Authorities claim approximately 1.9bn in crypto moved through eXch since 2014, with some funds originating from criminal sources, including part of 1.4 billion stolen from Bybit.
eXch operators, who announced shutdown on May 1, argue privacy is not a crime and that their “privacy-centered goals were being misinterpreted” by authorities. (See BR095 for added context on their planned shutdown after announcing a 50 BTC open-source fund to support privacy-enhancing projects: “eXch is shutting down operations and changing owners on May 1st, 2025 after learning they are the target of a transatlantic operation aiming to prosecute them for money laundering and terrorism.”)
France now allows crypto-backed Lombard credit [BFMTV]
France legalizes using cryptocurrencies as collateral for euro loans starting April 30, 2025, enabling investors to access liquidity without selling their digital assets.
U.S.: Florida lobbyist Brian Ballard faces Trump’s ire regarding the Truth Social post promoting a “Crypto Strategic Reserve” [Politico]
The Truth Social incident involved a Ballard employee at Mar-a-Lago persuading Trump to promote cryptocurrency, providing him with text to post, which promoted Ripple Labs, a Ballard client.
U.S.: Arizona Governor Katie Hobbs signs House Bill 2749 allowing the state to claim ownership of digital assets abandoned for three years and create a Bitcoin Reserve Fund [Coin Telegraph]
The new law follows Hobbs’ veto of a similar bill citing concerns over “untested assets,” while another pending bill would allow investment of up to 10% of state funds into Bitcoin [Coin Telegraph]
U.S.: Missouri House Bill 594 passes state House vote, proposing 100% income tax deduction for capital gains as the state tax code doesn’t distinguish between capital gains and income tax [Coin Telegraph]
Bhutan introduces its nation-wide digital currency tourism payment system in partnership with Binance Pay and DK Bank [Blog post]
Over 100 local merchants accept crypto payments for services from flights and visas to street market goods, with instant settlement in local currency.
Nigerian Government signs Investment and Securities Act 2025, bringing regulatory clarity to digital assets in Nigeria, recognizes Bitcoin as Security [Forbes]
The new law classifies all virtual assets as securities under SEC oversight, with penalties of ₦20 million ($12,430) and up to 10 years imprisonment for Ponzi schemes.
Prosecution
FinCEN told prosecutors Samourai Wallet developers likely didn’t need MSB license [The Rage]
Recent court filing reveals FinCEN informed SDNY prosecutors that Samourai Wallet “would not qualify as a ‘Money Services Business’ requiring a FinCEN license” six months before developers were charged.
Defense attorneys claim prosecutors “suppressed this information for over a year,” only disclosing it on April 1, 2025, after a specific Brady request for exculpatory evidence.
Update: SDNY prosecutors refuse to grant hearing requested by Samourai Wallet developers after FinCEN opinions suggesting non-custodial wallets might not need MSB licenses were withheld for nearly a year [The Rage]
Prosecutors claim the withheld FinCEN statements were merely “informal, individual opinions” and “not Brady material,” while maintaining the case focuses on alleged money laundering conduct.
Related: New Jersey District Court dismisses charges against Christopher James Scalon, citing the DOJ’s April 7 “Ending Regulation by Prosecution” memo that discourages prosecution where “ambiguity exists.” [The Rage]
Scanlon is a businessman who founded and operated Aurae Lifestyle and Club Swann, providing financial services to high-net-worth clients through various entities that allegedly functioned as an unlicensed money transmitting business between 2015 and 2019, resulting in criminal charges that have now been dismissed.
Indiana court previously dropped charges against AurumXchange operator Maximiliano Pilipis, ruling he couldn’t be held accountable for regulations that were ambiguous or non-existent at the time.
Texas District Court rules against Treasury’s attempt to retain power to re-list Tornado Cash on sanctions list after its removal last month [The Rage]
Court rejects Treasury’s argument that final ruling was unnecessary, noting they “do not suggest they will not sanction Tornado Cash again.”
Fifth Circuit previously determined Treasury overstepped authority by sanctioning immutable smart contract software, stating Treasury would need Congress to amend the IEEPA.
The DeFi Education Fund launches a petition urging Trump administration to end prosecution of software developers [Announcement]
“The SDNY is attempting to hold software developers criminally liable for how others use their code,” contradicting previous FinCEN guidance that developers of self-custodial protocols are not money transmitters.
The petition argues this prosecution “sets a precedent that potentially chills all crypto development in the United States” and threatens technological innovation.
Events
Kaduna Lightning Developer Bootcamp: A 4-day hands-on Bitcoin Lightning Developer Bootcamp
Organized by Africa Free Routing, in partnership with Btrust, Tether, and African Bitcoiners.
14-17 May, 2025 in Kaduna, Nigeria
Bitcoin for AI Conference: One-day virtual conference exploring how Bitcoin meets AI
June 21, 2025
Reads
Here’s a list of our top recently published reads:
Removing Bitcoin’s Guardrails, by BitMEX Research [Blog post]
Relay policy drama, by Antoine Poinsot [Blog post]
The MEVil of Relay Policy, by Matt Corallo [Spiral]
When Prosecutors Ignore the Regulators, by Peter Van Valkenburgh [Coin Center]
Taplocks, Policy-Signer Wallets & the Anchor Era, by Murray Rudd [Blog post]
Decentralized Media Hosting via Blossom, by Miljan [Note]
Episode submission ideas
We’re looking for ideas for interesting panel conversations. To send Bitcoin related questions, just go to bitcoin.review and follow the contact links at the bottom of the page.
Get in touch with the pod
Nostr & LN ⚡nvk@nvk.org (not an email!)