Our 28th Socratic Seminar event will be held at TempoHouse

Tempohouse generously offered their space to host BitDevs

This time would like to take the opportunity to go over something more Taiwan-centric alongside the usual socratic

Bitcoin is the worlds first global digital money, and money speaks all languages. To use Bitcoin is to communicate with the world which throughout history Taiwanese have been eager to do. Taiwanese also contributes to Bitcoin in a meaningful way, let’s explore the unique aspects of how Taiwan is drawn to Bitcoin .

Learn about bitcoin development. Share, debate, and discuss trade offs in progress. We discuss a variety of developments, from industry updates and press releases, pull requests in popular git repositories (e.g. Bitcoin Core, lnd, c-lightning, rust-bitcoin, Joinmarket, WasabiWallet), research papers, technical blog posts, IRC logs, network monitors and more. Please add to the discussion topics on GitHub. We’d love to hear from you. After the event the we socialize over food and drinks.

我們每月舉辦的蘇格拉底式的研討會活動旨在促進辯論、信息共享和開放討論。在活動前幾週,聚會成員會從各種來源去整理討論主題：流行git倉儲（例如 Bitcoin Core、lnd、c-lightning、rust-bitcoin, Joinmarket、WasabiWallet）中的pull requests、研究論文、技術博客帖文、IRC 日誌、網絡監測等。經過一段時間的討論，一些活動會有來自開源項目、公司、研究和其他相關內容的介紹。隨後是反饋和問答部分。活動結束後，我們會在活動場地進行社交。

Discussion Topics

wallet migration bug causes Core v30 and v30.1 to be removed 1/6/2026

• the issue: wallet/ directory can be deleted during the migration process in core V30 1. doesn’t effect modern wallets >v.20 2. not that “rare”, normal use can result in this bug (pruned nodes or corrupted db log data)

• wallet migration -> convert wallet.dat BDB key-values to Sqlite descriptor wallets

• why this bug popped up now? 1. migration wasn’t mandatory before v30 2. proposed fixes to failed migrations broke tests 3. legacy wallets use the root wallet/ directory 4. legacy wallets are unnamed by default called [default wallet]

• what are legacy wallets?
  1. wallet.dat private keys vs descriptors
  2. BerkeleyDB vs Sqlite
  3. Past issues with BerkeleyDB – Bitcoin uses a specific version (4.8.30) of BerkeleyDB chosen by Satoshi to fit Bitcoin’s MIT license(?)
     1. block 225430 (2013)
     2. inflation bug (CVE-2018-17144 2018)
• the fix so far (v30.2, v31) 1. remove wallets, not the folder 2. long term: remove wallet functionality in Core

Core Announcement

Core FAQ

Complaints about BDB example

v30 Pull Request #34128

Observed Bugs

“It’s not a big deal”

Post-mortem analysis

BIP 110/444/RDTS Release Candidate 2

• Common misconceptions on soft forks
• Dangers ignoring softfork rules without URSF

BIP110/444 Implementation RC2

BIP444 Softfork Proposal

user dathonohm submitted a BIP (currently unassigned but 444 is how it is referred to at the moment) Reduced Data Temporary Softfork in response to growing adoption of Bitcoin Core v30.0.0 which relays and validates large OP_Returns that may have uninteded consequences

Blocks with a height from (TBD) until and including 987424 are checked with these additional rules:

• New output scriptPubKeys exceeding 34 bytes are invalid, unless the first opcode is OP_RETURN, in which case up to 83 bytes are valid.
• OP_PUSHDATA* with payloads larger than 256 bytes are invalid, except for the redeemScript push in BIP16 scriptSigs.
• Spending undefined witness (or Tapleaf) versions (ie, not Witness v0/BIP 141 nor Taproot/BIP 341) is invalid.
• Witness stacks with a Taproot annex are invalid.
• Taproot control blocks larger than 257 bytes (a merkle tree with 128 script leaves) are invalid.
• Tapscripts including OP_SUCCESS* opcodes anywhere (even unexecuted) are invalid.
• Tapscripts executing the OP_IF or OP_NOTIF instruction (regardless of result) are invalid.

Some background

ML discussion - Limit ScriptPubkey Size >=520 Bytes Consensus

Precedent of invalidating blocks from uninteded consequences of bitcoin reference implementation

• Inflation Bug (Satoshi Era)
• LevelDB/BerkeleyDB Bug (2013)

Common Misconceptions

• Difference between hard fork and soft forks and what has happened in the past
• Bip444 is not an “airdrop”
• Signaling vs Doing Nothing vs URSF

link

mailing list discussion

Joinstr in the wild

coinjoin implementation using nostr

Joinstr was launched as a proof of concept in August 2022. It uses nostr relays for coordination and has implementations in multiple languages.

website

announcement

New BIP Process BIP-3

BIP 2 was written in 2016. This BIP revisits aspects of the BIP 2 process that did not achieve broad adoption, reduces the judgment calls assigned to the BIP Editor role, delineates the BIP types more clearly, and generalizes the BIP process to fit the community’s use of the repository.

link

Venezuela could be sitting on a big Bitcoin stash

Following the United States’ capture of Nicolás Maduro, a report came out claiming that Venezuela had $60 billion stored in Bitcoin—leading to speculation that the U.S. could lay claim to cryptocurrency as well as oil. Despite numerous reports of the huge Venezuelan Bitcoin stash, however, a crypto forensic firm is skeptical of the claims.

Venezuela Bitcoin Mining industry had been a victim of the regime which could explain the rumor

link

A Venezuelan Escape Story with Mauricio and Daniel Di Bartolomeo

YouTube-alternative video app Rumble implements Bitcoin tipping

Rumble, a video-sharing platform with over 51 million monthly users, is partnering with Tether to roll out tipping in Bitcoin (and other crypto) by mid-December. The move aims to empower creators with additional monetisation tools beyond ads.

link

Trezor quantum-ready hardware wallet

Trezor has unveiled its new hardware wallet model (Safe 7) which features a “quantum-ready” architecture—designed to support future post-quantum firmware updates and includes an auditable secure element. However, the wallet does not provide immediate quantum-proof on-chain protection today.

link

Bitcoin-only app Relai secures EU approval

Relai, a Swiss “Bitcoin-only” investment app, has become one of the first such firms to receive a regulatory authorisation (a MiCA license via France’s regulator) enabling it to offer regulated services across the EU. This signals a milestone for regulated Bitcoin-only platforms in Europe.

link

Solo BTC miner secures $347

A solo miner solved block 920,440 entirely by themselves (outside major mining pools) and earned approximately $347,455 (≈ 3.125 BTC + fees). This win highlights the potential for smaller miners to compete and underscores the decentralisation ethos of Bitcoin.

link

AWS outage took down Coinbase

An operational failure at Amazon Web Services (specifically in the US-EAST-1 region involving its DynamoDB/DNS infrastructure) caused widespread disruptions, including to Coinbase and various Ethereum layer-2 networks. The incident highlighted the crypto industry’s dependence on centralised infrastructure even while promoting decentralisation.

link

Nostr, zaps and stuff (always)

Taiwan BitDevs would like to explore Nostr with the audience by generating an npub with the audience present to follow along. Nostr stands for “notes and other stuff transmitted over relays” it is a protocol designed around censorship resistance which can be used for social media. Nostr is a lot of fun and a great way to use Lightning Network (NIP-57 / zaps / LNURL)

NIP update - nostr marketplace (NIP-15)

Theres an LNBits extension that allows you to list and shop for goods using nostr relays and get paid through Bitcoin/Lightning

tutorial nip-15

github link

web client

Amethyst android

Damus iOS

Our 27th Socratic Seminar event will be held at TempoHouse

Tempohouse generously offered their space to host BitDevs

This time would like to take the opportunity to go over something more Taiwan-centric alongside the usual socratic

Bitcoin is the worlds first global digital money, and money speaks all languages. To use Bitcoin is to communicate with the world which throughout history Taiwanese have been eager to do. Taiwanese also contributes to Bitcoin in a meaningful way, let’s explore the unique aspects of how Taiwan is drawn to Bitcoin .

Learn about bitcoin development. Share, debate, and discuss trade offs in progress. We discuss a variety of developments, from industry updates and press releases, pull requests in popular git repositories (e.g. Bitcoin Core, lnd, c-lightning, rust-bitcoin, Joinmarket, WasabiWallet), research papers, technical blog posts, IRC logs, network monitors and more. Please add to the discussion topics on GitHub. We’d love to hear from you. After the event the we socialize over food and drinks.

我們每月舉辦的蘇格拉底式的研討會活動旨在促進辯論、信息共享和開放討論。在活動前幾週,聚會成員會從各種來源去整理討論主題：流行git倉儲（例如 Bitcoin Core、lnd、c-lightning、rust-bitcoin, Joinmarket、WasabiWallet）中的pull requests、研究論文、技術博客帖文、IRC 日誌、網絡監測等。經過一段時間的討論，一些活動會有來自開源項目、公司、研究和其他相關內容的介紹。隨後是反饋和問答部分。活動結束後，我們會在活動場地進行社交。

Discussion Topics

BIP444 Softfork Proposal

user dathonohm submitted a BIP (currently unassigned but 444 is how it is referred to at the moment) Reduced Data Temporary Softfork in response to growing adoption of Bitcoin Core v30.0.0 which relays and validates large OP_Returns that may have uninteded consequences

Blocks with a height from (TBD) until and including 987424 are checked with these additional rules:

• New output scriptPubKeys exceeding 34 bytes are invalid, unless the first opcode is OP_RETURN, in which case up to 83 bytes are valid.
• OP_PUSHDATA* with payloads larger than 256 bytes are invalid, except for the redeemScript push in BIP16 scriptSigs.
• Spending undefined witness (or Tapleaf) versions (ie, not Witness v0/BIP 141 nor Taproot/BIP 341) is invalid.
• Witness stacks with a Taproot annex are invalid.
• Taproot control blocks larger than 257 bytes (a merkle tree with 128 script leaves) are invalid.
• Tapscripts including OP_SUCCESS* opcodes anywhere (even unexecuted) are invalid.
• Tapscripts executing the OP_IF or OP_NOTIF instruction (regardless of result) are invalid.

Some background

ML discussion - Limit ScriptPubkey Size >=520 Bytes Consensus

Precedent of invalidating blocks from uninteded consequences of bitcoin reference implementation

• Inflation Bug (Satoshi Era)
• LevelDB/BerkeleyDB Bug (2013)

Common Misconceptions

• Difference between hard fork and soft forks and what has happened in the past
• Bip444 is not an “airdrop”
• Signaling vs Doing Nothing vs URSF

link

mailing list discussion

YouTube-alternative video app Rumble implements Bitcoin tipping

Rumble, a video-sharing platform with over 51 million monthly users, is partnering with Tether to roll out tipping in Bitcoin (and other crypto) by mid-December. The move aims to empower creators with additional monetisation tools beyond ads.
link

Trezor quantum-ready hardware wallet

Trezor has unveiled its new hardware wallet model (Safe 7) which features a “quantum-ready” architecture—designed to support future post-quantum firmware updates and includes an auditable secure element. However, the wallet does not provide immediate quantum-proof on-chain protection today.
link

Bitcoin-only app Relai secures EU approval

Relai, a Swiss “Bitcoin-only” investment app, has become one of the first such firms to receive a regulatory authorisation (a MiCA license via France’s regulator) enabling it to offer regulated services across the EU. This signals a milestone for regulated Bitcoin-only platforms in Europe.
link

Solo BTC miner secures $347

A solo miner solved block 920,440 entirely by themselves (outside major mining pools) and earned approximately $347,455 (≈ 3.125 BTC + fees). This win highlights the potential for smaller miners to compete and underscores the decentralisation ethos of Bitcoin.
link

AWS outage took down Coinbase

An operational failure at Amazon Web Services (specifically in the US-EAST-1 region involving its DynamoDB/DNS infrastructure) caused widespread disruptions, including to Coinbase and various Ethereum layer-2 networks. The incident highlighted the crypto industry’s dependence on centralised infrastructure even while promoting decentralisation.
link

Nostr, zaps and stuff (always)

Taiwan BitDevs would like to explore Nostr with the audience by generating an npub with the audience present to follow along. Nostr stands for “notes and other stuff transmitted over relays” it is a protocol designed around censorship resistance which can be used for social media. Nostr is a lot of fun and a great way to use Lightning Network (NIP-57 / zaps / LNURL)

NIP update - nostr marketplace (NIP-15)

Theres an LNBits extension that allows you to list and shop for goods using nostr relays and get paid through Bitcoin/Lightning

tutorial nip-15

github link

web client

Amethyst android

Damus iOS

Our 27th Socratic Seminar event will be held at TempoHouse

Tempohouse generously offered their space to host BitDevs

This time would like to take the opportunity to go over something more Taiwan-centric alongside the usual socratic

Bitcoin is the worlds first global digital money, and money speaks all languages. To use Bitcoin is to communicate with the world which throughout history Taiwanese have been eager to do. Taiwanese also contributes to Bitcoin in a meaningful way, let’s explore the unique aspects of how Taiwan is drawn to Bitcoin .

Learn about bitcoin development. Share, debate, and discuss trade offs in progress. We discuss a variety of developments, from industry updates and press releases, pull requests in popular git repositories (e.g. Bitcoin Core, lnd, c-lightning, rust-bitcoin, Joinmarket, WasabiWallet), research papers, technical blog posts, IRC logs, network monitors and more. Please add to the discussion topics on GitHub. We’d love to hear from you. After the event the we socialize over food and drinks.

我們每月舉辦的蘇格拉底式的研討會活動旨在促進辯論、信息共享和開放討論。在活動前幾週,聚會成員會從各種來源去整理討論主題：流行git倉儲（例如 Bitcoin Core、lnd、c-lightning、rust-bitcoin, Joinmarket、WasabiWallet）中的pull requests、研究論文、技術博客帖文、IRC 日誌、網絡監測等。經過一段時間的討論，一些活動會有來自開源項目、公司、研究和其他相關內容的介紹。隨後是反饋和問答部分。活動結束後，我們會在活動場地進行社交。

Discussion Topics

YouTube-alternative video app Rumble implements Bitcoin tipping

Rumble, a video-sharing platform with over 51 million monthly users, is partnering with Tether to roll out tipping in Bitcoin (and other crypto) by mid-December. The move aims to empower creators with additional monetisation tools beyond ads.
link

Trezor quantum-ready hardware wallet

Trezor has unveiled its new hardware wallet model (Safe 7) which features a “quantum-ready” architecture—designed to support future post-quantum firmware updates and includes an auditable secure element. However, the wallet does not provide immediate quantum-proof on-chain protection today.
link

Bitcoin-only app Relai secures EU approval

Relai, a Swiss “Bitcoin-only” investment app, has become one of the first such firms to receive a regulatory authorisation (a MiCA license via France’s regulator) enabling it to offer regulated services across the EU. This signals a milestone for regulated Bitcoin-only platforms in Europe.
link

Solo BTC miner secures $347

A solo miner solved block 920,440 entirely by themselves (outside major mining pools) and earned approximately $347,455 (≈ 3.125 BTC + fees). This win highlights the potential for smaller miners to compete and underscores the decentralisation ethos of Bitcoin.
link

AWS outage took down Coinbase

An operational failure at Amazon Web Services (specifically in the US-EAST-1 region involving its DynamoDB/DNS infrastructure) caused widespread disruptions, including to Coinbase and various Ethereum layer-2 networks. The incident highlighted the crypto industry’s dependence on centralised infrastructure even while promoting decentralisation.
link

Nostr, zaps and stuff (always)

Taiwan BitDevs would like to explore Nostr with the audience by generating an npub with the audience present to follow along. Nostr stands for “notes and other stuff transmitted over relays” it is a protocol designed around censorship resistance which can be used for social media. Nostr is a lot of fun and a great way to use Lightning Network (NIP-57 / zaps / LNURL)

NIP update - nostr marketplace (NIP-15)

Theres an LNBits extension that allows you to list and shop for goods using nostr relays and get paid through Bitcoin/Lightning

tutorial nip-15

github link

web client

Amethyst android

Damus iOS

Our 25th Socratic Seminar event will be held at TempoHouse

Tempohouse generously offered their space to host BitDevs alongside Taiwan Bitcoin Hub

We will start with a presentation on recent technical debates and if time allows the normal Socratic Seminar will be had which will include general introduction and discussions over recent news items.

Learn about bitcoin development. Share, debate, and discuss trade offs in progress. We discuss a variety of developments, from industry updates and press releases, pull requests in popular git repositories (e.g. Bitcoin Core, lnd, c-lightning, rust-bitcoin, Joinmarket, WasabiWallet), research papers, technical blog posts, IRC logs, network monitors and more. Please add to the discussion topics on GitHub. We’d love to hear from you. After the event the we socialize over food and drinks.

我們每月舉辦的蘇格拉底式的研討會活動旨在促進辯論、信息共享和開放討論。在活動前幾週,聚會成員會從各種來源去整理討論主題：流行git倉儲（例如 Bitcoin Core、lnd、c-lightning、rust-bitcoin, Joinmarket、WasabiWallet）中的pull requests、研究論文、技術博客帖文、IRC 日誌、網絡監測等。經過一段時間的討論，一些活動會有來自開源項目、公司、研究和其他相關內容的介紹。隨後是反饋和問答部分。活動結束後，我們會在活動場地進行社交。

Discussion Topics

Overview of OP_Return (PR32406) being merged for Core V30

This is the english version of a presentation to be given in Chinese at TempoHouse:

Recently there has been a lot of drama concerning OP_Return at Bitcoin Core (pr 32406), generally there’s not much to talk about since Bitcoin Core has already made the decision, so rather than getting bogged down beating a dead horse let’s go over what happened

“This is important, but not necessarily important enough to not do nothing”

• Bitcoin Mailing List discussion
  • Contributor concerned over Citrea’s use case and that OP_Return limits should be relaxed
• Peter Todd Opens up first PR (pr 32359 duplicate of one from 2023)
  • Drama ensues
• 32359 PR becomes closed, a new one opens pr32406
• Btc++ debate
  • Gloria Zhao: Unified mempools would make things better
• Core Announcement

• PR merged (v30 expected to be October release)

• History
  • Arbitrary data/Spam on Bitcoin and how it has historically been handled through policy
    • What is Spam? Satoshi Dice Anecdote (policy.cpp explanation)
    • What is arbitrary data? White Paper Transaction (baremultisig)
  • concerns over Mining Centralization
    • block templates
    • compact block filters
  • Input-styled arbitrary data
    • P2SH
    • Segwit/Taproot (Inscriptions)
      • CVE
      • PR 28408 closed
• Effects
  • Contributors worried about “brigading”, dismissing concerns
  • Selective enforcement
  • Bitcoin Knots adoption (2%->14% of reachable nodes)
  • v30 introduces OP_Return with multiple outputs (possible design issue withh how maxdatacarriersize is set – or intentional?).
• How topic was covered at Taiwan BitDevs
  • how we covered ordinals
  • how we covered CVE-2023-50428
  • how we patched 280408
  • Blockstream Bootcamp - Adam Back “Luke-jr is probably right”
  • no discussion with any Core contributor, only after PR was merged
  • Now I’m here at BlockTempo
• Misconceptions
  • Filters != censorship (validation.cpp explanation)
  • “Filters don’t work”
  • Fee estimation concerns
  • Block propagation
  • RBF as precedent
  • Mining Centralization
    • disingenuous to think default policy is the factor that changes this, approach should be more like OCEAN
  • Core isn’t* bitcoin, Knots isn’t dangerous
• Call to Action
  • First time node runner – Run Core. Why you should run a node
  • Non-technical, still learning – Run Knots
  • Role of a node runner
  • Study, compile your own, give back
• Resources links
  • Gloria Zhao @ btc++
  • Ava Chow twitch live stream
  • BitcoinMechanic
• Personal Thoughts
  • I’m unwilling to defend Core’s actions because I don’t agree with them and have no need to (i don’t receive funding from chaincode labs or spiral)
    • heart of the issue was “fix or remove” datacarrier
    • Core dragged their feet – did nothing, then removed datacarrier without acknowledging their initial inaction
    • Core argues and communicates in bad faith
  • Unified mempools / Policy should equal consensus is the wrong approach
  • I don’t advocate for Knots, but I respect what Luke-jr is doing and encourage others to look into it
  • Core should have left it alone - unclear what need is there to push for a change that lacks technical merit with poor arguments – questionable motivations in funding

Human Rights foundation Financial Freedom Report #79

The Financial Freedom Report is a newsletter focusing on how currency plays a key role in the civil liberties and human rights struggles of those living under authoritarian regimes. We also spotlight new tools and applications that can help individuals protect their financial freedom.

link

Open Letter for CTV-CSFS signed by 66 individuals

James O’Beirne posted an open letter to the Bitcoin-Dev mailing signed by 66 individuals (as of this writing), many of them contributors to Bitcoin-related projects. The letter “asks Bitcoin Core contributors to prioritize the review and integration of OP_CHECKTEMPLATEVERIFY (CTV) and OP_CHECKSIGFROMSTACK (CSFS) within the next six months.” The thread contains over 60 replies. Some technical highlights include:

link

80,000 BTC on the move after 14 years of dormancy

During July 4th 2025, 80,000 BTC, equivalent to $8.6 billion at current exchange rates, were simultaneously moved from eight wallets that had been dormant for over 14 years. Each wallet contained exactly 10,000 BTC

link

Ross Ulbricht is Free!

Ross Ulbricht received a full pardon and was released from prison on January 21st, 2025. Here are some links to discuss Ross Ulbricht and Silk Road to celebrate his release

Bitcoin Equals Freedom by Ross Ulbricht

DPR Book Club

Bitcoin 2021 Ross Ulbricht Interview

Silk Road timeline

Screencaps

Wired/Gawker Article (2011)

TFTC - John Doe (2019

LNBits v1.0 incoming

After 5 years of open source development LNBits is coming now out of beta! LNBits is a project that helps users self-host custodial lightning wallets supporting most lightning implementations

LNbits is a Python server that sits on top of any funding source. It can be used as:

Accounts system to mitigate the risk of exposing applications to your full balance via unique API keys for each wallet Extendable platform for exploring Lightning network functionality via the LNbits extension framework Part of a development stack via LNbits API Fallback wallet for the LNURL scheme Instant wallet for LN demonstrations LNbits can run on top of almost all Lightning funding sources.

nostr post - Ben Arc

commit visualization

Czech Republic Eliminates Bitcoin Capital Gains Tax for Long-term Holdings

The Czech Republic has enacted a law that exempts Bitcoin holdings held for more than three years from capital gains tax. This legislation received unanimous approval from the nation’s parliament on December 6 and is scheduled to take effect on January 1, 2025.

article

BDK Wallet v1.1.0: v2 Transactions in Tx Builder by Default, Testnet4 Support

• “The bdk_wallet v1.1.0 release is out! tx builder now defaults to version 2 transactions and we added support for testnet4. This is the first in our planned series of 1.x bi-monthly features releases,” announced the project. This release also includes important updates to bdk_electrum, which now has a new Minimum Supported Rust Version (MSRV) of 1.75.0 to stay current with the latest security fixes.
• Additionally, bdk_bitcoind_rpc introduces a new compact block filter module, along with various bug fixes and improvements.
• Check out the project’s roadmap here.

announcement

github

Tether, Lightning Labs Announce USDT on Lightning Network

Tether has announced the integration of USDT into Bitcoin’s ecosystem, encompassing both its base layer and the Lightning Network. This integration is supported by the Taproot Assets protocol, developed by Lightning Labs.

Tether Blog Post

Bitcoin Magazine

US SEC Withdraws Controversial Accounting Guidance SAB 121 Days After Gary Gensler Leaves

The SEC issued Staff Accounting Bulletin (SAB) 122, which revokes the contentious SAB 121, and permits financial institutions that hold bitcoin and other digital assets for their customers to decide if the held digital assets should be reported as a liability.

• The SAB 122 “rescinds the interpretive guidance” and directs firms to use Financial Accounting Standards Board rules or International Accounting Standards. This enables financial institutions to offer bitcoin and cryptocurrency services with fewer regulatory hurdles.
• The rescinded guidance, SAB 121, was endorsed by former SEC Chair Gary Gensler, who claimed it would safeguard investors in the event of bankruptcies. Mark T. Uyeda has replaced Genlser as Acting Chairman of the agency.
• SAB 121 mandated that cryptocurrency custody providers and exchanges account for customer holdings as both an asset and a liability on their balance sheets. In essence, banks can now hold and protect cryptocurrencies for their customers as they deem appropriate. Companies have the discretion to decide whether they need to acknowledge a liability for safeguarding risks and how to assess it.
• SAB 121 was seen as a significant obstacle in the Bitcoin and digital assets industry and was challenged by a Congressional Review Act resolution that passed both the House and Senate. However, it was vetoed by former President Joe Biden.

nobsbitcoin link

SAB 122

coindesk

U.S. District Court Officially Reverses Sanctions on Tornado Cash Mixer

A U.S. District Court ordered the OFAC to remove addresses associated with Tornado Cash from its Specially Designated National and Blocked Persons (SDN) list, following an Appeals Court ruling that the Treasury Department exceeded its authority in sanctioning the crypto mixer.

nostr-L0la L33tz

Court Filing

The Block

WabiSabi Vulnerability Allows Malicious Coordinators to Deanonymize Coinjoin Users

A vulnerability in the WabiSabi protocol allows malicious coordinators to deanonymize users’ coins and link inputs to outputs, compromising the privacy of coinjoin participants. Users are urged to update their instances immediately.

The affected versions of the WabiSabi protocol have a vulnerability due to inadequate client-side validation of credential issuers. It allows malicious coordinators to use multiple issuers to differentiate inputs from outputs, trace input ownership, and break the anonymity set of Bitcoin’s coinjoin process, compromising user privacy.

disclosure

artcile

Vulnerability allowing theft from LN channels with miner assistance

David Harding announced to Delving Bitcoin a vulnerability he had responsibly disclosed earlier in the year. Old versions of Eclair, LDK, and LND with default settings allowed the party who opened a channel to steal up to 98% of channel value. Core Lightning remains affected if the non-default –ignore-fee-limits configuration option is used; this option’s documentation already indicates it is dangerous.

The announcement also described two less severe variants of the vulnerability. All LN implementations listed above attempt to mitigate those additional risks, but a complete solution awaits additional work on package relay, channel upgrades, and related projects.

The vulnerability takes advantage of the LN protocol allowing an old channel state to commit to more onchain fees than the fee-paying party controls in the latest state. For example, in a state where Mallory controls 99% of the channel balance, she dedicates 98% of the overall balance to endogenous fees. She then creates a new state that pays only minimal fees and forwards 99% of the channel balance to Bob’s side. By personally mining the old state that pays 98% to fees, she can capture those fees for herself—reducing the maximum value Bob can receive onchain from his expected 99% to an actual 2%. Mallory can use this method to simultaneously steal from about 3,000 channels per block (with each channel potentially controlled by a different victim), allowing theft of about $3 million USD per block if the average channel value is about $1,000 USD.

note: from version Eclair v0.10.0 (29 Feb 2024), LDK 0.0.123 (8 May 2024), LND 0.18.3-beta 1 (11 Sept 2024)

disclosure

Eclair v0.11.0: Official Bolt 12 Support, Splicing, Liquidity Ads & On-The-Fly Funding Prototypes

Eclair (French for Lightning) is a Scala implementation of the Lightning Network developed by ACINQ.

• Official support for Bolt 12. This release contains full support for Bolt 12 payments.
• Splicing prototype for private channels. Improved ACINQ implementation of splicing by relying on the official quiescence feature and adding RBF support.
• Liquidity ads prototype. Liquidity ads empower nodes to sell their liquidity in a trustless and decentralized way. Each node advertises the rates at which they are willing to sell their liquidity, allowing buyers to connect with sellers offering favorable rates.
• Updated minimal version of Bitcoin Core to v27.2. The latest version of Eclair requires Bitcoin Core 27.2, which introduces CoinGrinder, a new coin selection algorithm that reduces on-chain transaction costs when feerates are high. Newer Bitcoin Core versions may be used but haven’t been thoroughly tested.

announcement

Bitcoin ATM Operator Byte Federal Reports Data Breach Affecting 58,000 Users

U.S.-based Bitcoin ATM operator Byte Federal has reported a data breach that may have compromised the personal information of approximately 58,000 customers.

“Customer personal information that was subject to the attempt at unauthorized access includes name, birthdate, address, phone number, email address, government-issued ID, social security number, transaction activity, and photographs of users,” said the company.

breach announcement

Bitcoin Mempool Upgrades

Recently, there has been some really cool mempool P2P upgrades to Bitcoin that are worth talking about.

• Package relay for 1P1C (one parent one child).
• TRUC (topologically restricted until confirmation) transaction relay.
• Package RBF.
• Sibling eviction.
• A standard P2A (pay-to-anchor) output script type.

Gregory Sanders has written a guide for Optech aimed at developers of wallets and other software that uses Bitcoin Core to create or broadcast transactions. The guide walks through the use of several of the features and describes how the features can be useful for multiple protocols, including simple payments and RBF fee bumping, LN commitments and HTLCs, Ark, and LN splicing.

Optech Newsletter

Bitcoin Core v28.0: Testnet4, Full RBF by Default & More

• Bitcoin Core v28 supports testnet4 and introduces a variety of P2P/mempool policy changes, including opportunistic 1-parent-1-child (1p1c) package relay, default relay of opt-in TRUC and pay-to-anchor transactions, limited package RBF relay, and full-RBF is now on by default.
• It also adds default parameters for assumeUTXO, enabling the loadtxoutset RPC to use a UTXO set downloaded outside the Bitcoin network (etc. via torrents).
• The update also packages many other new features, updated RPCs, fixes, stability and performance improvements, as well as updated translations.
• AssumeUTXO available on mainnet. AssumeUTXO mainnet parameters have been added for height 840,000. The loadtxoutset RPC can now be used on mainnet with the matching UTXO set from that height.
• New Windows Data Directory. The default Windows data directory has been moved to C:\Users\Username\AppData\Local\Bitcoin. If old directory is present, the client will continue to use it for backwards compatibility.
• JSON-RPC 2.0 Support. The JSON-RPC server now recognizes JSON-RPC 2.0 requests and responds with strict adherence to the specification. “JSON-RPC clients may need to be updated to be compatible with the JSON-RPC server. Please open an issue on GitHub if any compatibility issues are found.”
• libbitcoinconsensus Removal. The libbitcoin-consensus library was deprecated in 27.0 and is now completely removed.
• Easier to migrate legacy wallets to descriptor wallet format. The “Migrate Wallet” menu allows users to migrate any legacy wallet in their wallet directory, regardless of the wallets loaded.
• A new createwalletdescriptor RPC allows users to add new automatically generated descriptors to their wallet. This can be used to upgrade wallets created prior to the introduction of a new standard descriptor, such as taproot.
• Blockstorage improvements. Block files are now XOR’d by default with a key stored in the blocksdir.
• Maximum mempool size along with the mempool usage are now displayed in the “Information” window.

CVE-2023-50428 remains at large

release

OCEAN Unveils Decentralized Alternative Templates for Universal Mining (DATUM)

Similar to Stratum V2, DATUM is designed to decentralize block construction by empowering miners to create their own block templates via their own Bitcoin node. Users can mine on pools that offer Datum support or solo mine without needing a third party to set up a server for them.

• The launch of datum is motivated by concerns of large mining pools controlling over 50% of Bitcoin’s hash rate, thus increasing the risk of miner centralization and potential transaction censorship. DATUM aims to decentralize block construction, prevent 51% attacks and keep Bitcoin network free and open.

Press Release

Ashigaru v1.1.0: Removed DNS Dependencies & UI Improvements

Ashigaru is a self-custodial, open-source and secure mobile Bitcoin wallet that is private by design. It has been forked and build upon Samourai Wallet Source Code. Available on Android.

“The Ashigaru Open Source Project is pleased to announce the update of Ashigaru mobile to v1.1.0. Thank you to those who have used the wallet and provided valuable feedback, some of which has been addressed within this update,” announced the project. This release implements automatic updates of Tor onion services, removing all dependencies and reliance on DNS from the app, overhauls Settings screen user interface, introduces new transaction alerts, and more

note: although ashigaru is open source from the remains of the last version of Samourai wallet, ashigaru uses a pre-compilied bitcoinj library

blogpost repo

Samourai Wallet & Tornado Cash Prosecutor Damian Williams to Step Down in December

Damian Williams, the United States Attorney for the Southern District of New York and the district’s chief federal law enforcement officer, announced his resignation. He will step down from his position effective at 11:59 p.m. on December 13, 2024.

Damian Williams assumed office on October 10, 2021, appointed by President Joe Biden. During his three-year tenure, Williams has overseen many high-profile cases, including the convictions of FTX’s Sam Bankman-Fried and Jeffrey Epstein’s accomplice Ghislaine Maxwell, the prosecutions of New York City Mayor Eric Adams and rap artist Sean “Diddy” Combs, as well as the developers of Tornado Cash and Samourai Wallet privacy tools. Edward Y. Kim, the current Deputy United States Attorney, will take over as Acting United States Attorney when he departs. Additionally, President-elect Trump has announced his intention to nominate Jay Clayton, former head of the Securities and Exchange Commission, to lead the office.

press release

Bitmain Launches the ANTMINER S21+ Series

At the Bitcoin Amsterdam 2024 conference, Bitcoin miner manufacturer Bitmain announced two new machines: the Antminer S21+ Hyd and the Antminer S21+.

• The Antminer S21+ Hyd. is said to deliver a hashrate of 319 TH/s and an efficiency of 15 J/TH.
• The S21+ model promises 216 TH/s with a power efficiency of 16.5 J/TH.
• Shipping of the new products is expected to begin in Q1/Q2 of 2025.

Press Release

RoboSats v0.7.3-alpha: LNP2PBot Orders & Nostr Order Books on Android

RoboSats is a simple and private way to exchange bitcoin. It simplifies the peer-to-peer user experience and uses lightning hold invoices to minimize custody and trust requirements while helping users stick to best privacy practices. Available on the web, Android, Windows, MacOS, and Linux.

RoboSats v0.7.3 is now available! This release introduces the ability to fetch orders from the LNP2PBot platform when the user enables Nostr orders in settings, thanks to shared Nostr order books. “Robosats and LNP2PBot are two separate platforms for P2P Bitcoin exchange. Both are now publishing their public orders to Nostr, so we can now display their orders in our client. This brings a lot of benefits. One of the most direct is that Robosats users will now have more info when comparing premiums, which will reduce the arbitrage between platforms and increase the general liquidity,” said KoalaSat. Additionally, Android app users now have the option to enable Nostr orders in settings, along with a few other fixes.

announcement repo

Electrum Plugin for Joinstr Tutorial

In this tutorial I will share the steps to use electrum plugin for joinstr on Ubuntu. First step is to get the latest version of electrum. Run the below commands so that electrum can be used:

tutorial article

Discussion of softfork proposals

(placeholder for discussion over drama regarding opcodes)

HRF Bitcoin Development Fund Grants 10 BTC to 13 Bitcoin Projects

Always great to see contributions to Bitcoin Development

“HRF’s latest batch of grants focus on education for people living under authoritarian regimes, privacy and Lightning development, decentralized communications, and providing nonprofits and human rights groups with easier onramps to financial freedom tools. Areas of focus include key countries and regions in Latin America, the Middle East, Asia, and Africa,” announcement reads. These are the projects receiving financial aid from the HRF:

• Robosats
• Bitshala Internship Program
• Building Bridges to Bitcoin (BBB)
• Flash
• Bitcoin Seoul
• Margot Paez
• Validating Lightning Signer
• OpenSats
• The Core
• Terry Yiu (nostr)
• Paulo Sacramento
• Blockchain Commons
• Summer of Bitcoin

Announcement

Scam Wallets - And how to spot them

Apple’s App Store continues to publish fraudulent apps that mimic popular Bitcoin wallets, leading to the theft of money from unsuspecting users.

Attack Scenarios

• Malicious Clone
• Clipboard Hijacker
• Compromised PC
• Social Engineering
• Planted Wallet File

nobsbitcoin article Electrum Tips

Cheyenne crypto mine with Chinese origins ordered to divest

In October, The New York Times published an article detailing some of the security concerns around a Cheyenne-based crypto-mining operation with Chinese origins located within one mile of F.E. Warren Air Force Base.

On Monday, The White House released a statement ordering the sale of land to the company be reversed, citing a national security risk.

The purchasers acquired the land from Cheyenne LEADS in June 2022, and then made improvements to allow for specialized cryptocurrency mining operations. The land is in close proximity to F.E. Warren, a strategic missile base and home to Minuteman III intercontinental ballistic missiles.droid

Link

Strike opens up for Taiwan Users!

Strike offers global remittance through the Bitcoin Network, using Lightning. Strike allows Taiwan users to register and supports VISA debit card deposits. Balances are only held in USD Strike currently has no banking relationships in Taiwan

link

New on Geyser: Bitcoin Explorama, BitFables, Smart Child Kenya & More

Discover and show support to some of the latest Bitcoin grassroots projects and initiatives launched via the Geyser crowdfunding platform.

nobsbitcoin

Nakamoto Institute update/facelift

The Satoshi Nakamoto Institute was founded in November 2013 to advance and preserve knowledge of Bitcoin’s history, economics, and technology.

SNI is a Texas nonprofit corporation exempt from tax under Section 501(c)(3) and classified as a public charity.

link

Nostr, zaps and stuff (always)

Taiwan BitDevs would like to explore Nostr with the audience by generating an npub with the audience present to follow along. Nostr stands for “notes and other stuff transmitted over relays” it is a protocol designed around censorship resistance which can be used for social media. Nostr is a lot of fun and a great way to use Lightning Network (NIP-57 / zaps / LNURL)

NIP update - nostr marketplace (NIP-15)

Theres an LNBits extension that allows you to list and shop for goods using nostr relays and get paid through Bitcoin/Lightning

tutorial nip-15

github link

web client

Amethyst android

Damus iOS

Our 24th Socratic Seminar event will be held at 9 LiShui St. Da’An Dist. Taipei.

Congratulations to Ross Ulbricht being free, a short presentation on the alleged Dread Pirate Roberts and his Silk Road will be used to drive discussion

We will start the Socratic Seminar with general introductions and follow with discussion on the latest bitcoin developments and news.

Learn about bitcoin development. Share, debate, and discuss trade offs in progress. We discuss a variety of developments, from industry updates and press releases, pull requests in popular git repositories (e.g. Bitcoin Core, lnd, c-lightning, rust-bitcoin, Joinmarket, WasabiWallet), research papers, technical blog posts, IRC logs, network monitors and more. Please add to the discussion topics on GitHub. We’d love to hear from you. After the event the we socialize over food and drinks.

我們每月舉辦的蘇格拉底式的研討會活動旨在促進辯論、信息共享和開放討論。在活動前幾週,聚會成員會從各種來源去整理討論主題：流行git倉儲（例如 Bitcoin Core、lnd、c-lightning、rust-bitcoin, Joinmarket、WasabiWallet）中的pull requests、研究論文、技術博客帖文、IRC 日誌、網絡監測等。經過一段時間的討論，一些活動會有來自開源項目、公司、研究和其他相關內容的介紹。隨後是反饋和問答部分。活動結束後，我們會在活動場地進行社交。

Discussion Topics

Ross Ulbricht is Free!

Ross Ulbricht received a full pardon and was released from prison on January 21st, 2025. Here are some links to discuss Ross Ulbricht and Silk Road to celebrate his release

Bitcoin Equals Freedom by Ross Ulbricht

DPR Book Club

Bitcoin 2021 Ross Ulbricht Interview

Silk Road timeline

Screencaps

Wired/Gawker Article (2011)

TFTC - John Doe (2019

LNBits v1.0 incoming

After 5 years of open source development LNBits is coming now out of beta! LNBits is a project that helps users self-host custodial lightning wallets supporting most lightning implementations

LNbits is a Python server that sits on top of any funding source. It can be used as:

Accounts system to mitigate the risk of exposing applications to your full balance via unique API keys for each wallet Extendable platform for exploring Lightning network functionality via the LNbits extension framework Part of a development stack via LNbits API Fallback wallet for the LNURL scheme Instant wallet for LN demonstrations LNbits can run on top of almost all Lightning funding sources.

nostr post - Ben Arc

commit visualization

Czech Republic Eliminates Bitcoin Capital Gains Tax for Long-term Holdings

The Czech Republic has enacted a law that exempts Bitcoin holdings held for more than three years from capital gains tax. This legislation received unanimous approval from the nation’s parliament on December 6 and is scheduled to take effect on January 1, 2025.

article

BDK Wallet v1.1.0: v2 Transactions in Tx Builder by Default, Testnet4 Support

• “The bdk_wallet v1.1.0 release is out! tx builder now defaults to version 2 transactions and we added support for testnet4. This is the first in our planned series of 1.x bi-monthly features releases,” announced the project. This release also includes important updates to bdk_electrum, which now has a new Minimum Supported Rust Version (MSRV) of 1.75.0 to stay current with the latest security fixes.
• Additionally, bdk_bitcoind_rpc introduces a new compact block filter module, along with various bug fixes and improvements.
• Check out the project’s roadmap here.

announcement

github

Tether, Lightning Labs Announce USDT on Lightning Network

Tether has announced the integration of USDT into Bitcoin’s ecosystem, encompassing both its base layer and the Lightning Network. This integration is supported by the Taproot Assets protocol, developed by Lightning Labs.

Tether Blog Post

Bitcoin Magazine

US SEC Withdraws Controversial Accounting Guidance SAB 121 Days After Gary Gensler Leaves

The SEC issued Staff Accounting Bulletin (SAB) 122, which revokes the contentious SAB 121, and permits financial institutions that hold bitcoin and other digital assets for their customers to decide if the held digital assets should be reported as a liability.

• The SAB 122 “rescinds the interpretive guidance” and directs firms to use Financial Accounting Standards Board rules or International Accounting Standards. This enables financial institutions to offer bitcoin and cryptocurrency services with fewer regulatory hurdles.
• The rescinded guidance, SAB 121, was endorsed by former SEC Chair Gary Gensler, who claimed it would safeguard investors in the event of bankruptcies. Mark T. Uyeda has replaced Genlser as Acting Chairman of the agency.
• SAB 121 mandated that cryptocurrency custody providers and exchanges account for customer holdings as both an asset and a liability on their balance sheets. In essence, banks can now hold and protect cryptocurrencies for their customers as they deem appropriate. Companies have the discretion to decide whether they need to acknowledge a liability for safeguarding risks and how to assess it.
• SAB 121 was seen as a significant obstacle in the Bitcoin and digital assets industry and was challenged by a Congressional Review Act resolution that passed both the House and Senate. However, it was vetoed by former President Joe Biden.

nobsbitcoin link

SAB 122

coindesk

U.S. District Court Officially Reverses Sanctions on Tornado Cash Mixer

A U.S. District Court ordered the OFAC to remove addresses associated with Tornado Cash from its Specially Designated National and Blocked Persons (SDN) list, following an Appeals Court ruling that the Treasury Department exceeded its authority in sanctioning the crypto mixer.

nostr-L0la L33tz

Court Filing

The Block

WabiSabi Vulnerability Allows Malicious Coordinators to Deanonymize Coinjoin Users

A vulnerability in the WabiSabi protocol allows malicious coordinators to deanonymize users’ coins and link inputs to outputs, compromising the privacy of coinjoin participants. Users are urged to update their instances immediately.

The affected versions of the WabiSabi protocol have a vulnerability due to inadequate client-side validation of credential issuers. It allows malicious coordinators to use multiple issuers to differentiate inputs from outputs, trace input ownership, and break the anonymity set of Bitcoin’s coinjoin process, compromising user privacy.

disclosure

artcile

Vulnerability allowing theft from LN channels with miner assistance

David Harding announced to Delving Bitcoin a vulnerability he had responsibly disclosed earlier in the year. Old versions of Eclair, LDK, and LND with default settings allowed the party who opened a channel to steal up to 98% of channel value. Core Lightning remains affected if the non-default –ignore-fee-limits configuration option is used; this option’s documentation already indicates it is dangerous.

The announcement also described two less severe variants of the vulnerability. All LN implementations listed above attempt to mitigate those additional risks, but a complete solution awaits additional work on package relay, channel upgrades, and related projects.

The vulnerability takes advantage of the LN protocol allowing an old channel state to commit to more onchain fees than the fee-paying party controls in the latest state. For example, in a state where Mallory controls 99% of the channel balance, she dedicates 98% of the overall balance to endogenous fees. She then creates a new state that pays only minimal fees and forwards 99% of the channel balance to Bob’s side. By personally mining the old state that pays 98% to fees, she can capture those fees for herself—reducing the maximum value Bob can receive onchain from his expected 99% to an actual 2%. Mallory can use this method to simultaneously steal from about 3,000 channels per block (with each channel potentially controlled by a different victim), allowing theft of about $3 million USD per block if the average channel value is about $1,000 USD.

note: from version Eclair v0.10.0 (29 Feb 2024), LDK 0.0.123 (8 May 2024), LND 0.18.3-beta 1 (11 Sept 2024)

disclosure

Eclair v0.11.0: Official Bolt 12 Support, Splicing, Liquidity Ads & On-The-Fly Funding Prototypes

Eclair (French for Lightning) is a Scala implementation of the Lightning Network developed by ACINQ.

• Official support for Bolt 12. This release contains full support for Bolt 12 payments.
• Splicing prototype for private channels. Improved ACINQ implementation of splicing by relying on the official quiescence feature and adding RBF support.
• Liquidity ads prototype. Liquidity ads empower nodes to sell their liquidity in a trustless and decentralized way. Each node advertises the rates at which they are willing to sell their liquidity, allowing buyers to connect with sellers offering favorable rates.
• Updated minimal version of Bitcoin Core to v27.2. The latest version of Eclair requires Bitcoin Core 27.2, which introduces CoinGrinder, a new coin selection algorithm that reduces on-chain transaction costs when feerates are high. Newer Bitcoin Core versions may be used but haven’t been thoroughly tested.

announcement

Bitcoin ATM Operator Byte Federal Reports Data Breach Affecting 58,000 Users

U.S.-based Bitcoin ATM operator Byte Federal has reported a data breach that may have compromised the personal information of approximately 58,000 customers.

“Customer personal information that was subject to the attempt at unauthorized access includes name, birthdate, address, phone number, email address, government-issued ID, social security number, transaction activity, and photographs of users,” said the company.

breach announcement

Bitcoin Mempool Upgrades

Recently, there has been some really cool mempool P2P upgrades to Bitcoin that are worth talking about.

• Package relay for 1P1C (one parent one child).
• TRUC (topologically restricted until confirmation) transaction relay.
• Package RBF.
• Sibling eviction.
• A standard P2A (pay-to-anchor) output script type.

Gregory Sanders has written a guide for Optech aimed at developers of wallets and other software that uses Bitcoin Core to create or broadcast transactions. The guide walks through the use of several of the features and describes how the features can be useful for multiple protocols, including simple payments and RBF fee bumping, LN commitments and HTLCs, Ark, and LN splicing.

Optech Newsletter

Bitcoin Core v28.0: Testnet4, Full RBF by Default & More

• Bitcoin Core v28 supports testnet4 and introduces a variety of P2P/mempool policy changes, including opportunistic 1-parent-1-child (1p1c) package relay, default relay of opt-in TRUC and pay-to-anchor transactions, limited package RBF relay, and full-RBF is now on by default.
• It also adds default parameters for assumeUTXO, enabling the loadtxoutset RPC to use a UTXO set downloaded outside the Bitcoin network (etc. via torrents).
• The update also packages many other new features, updated RPCs, fixes, stability and performance improvements, as well as updated translations.
• AssumeUTXO available on mainnet. AssumeUTXO mainnet parameters have been added for height 840,000. The loadtxoutset RPC can now be used on mainnet with the matching UTXO set from that height.
• New Windows Data Directory. The default Windows data directory has been moved to C:\Users\Username\AppData\Local\Bitcoin. If old directory is present, the client will continue to use it for backwards compatibility.
• JSON-RPC 2.0 Support. The JSON-RPC server now recognizes JSON-RPC 2.0 requests and responds with strict adherence to the specification. “JSON-RPC clients may need to be updated to be compatible with the JSON-RPC server. Please open an issue on GitHub if any compatibility issues are found.”
• libbitcoinconsensus Removal. The libbitcoin-consensus library was deprecated in 27.0 and is now completely removed.
• Easier to migrate legacy wallets to descriptor wallet format. The “Migrate Wallet” menu allows users to migrate any legacy wallet in their wallet directory, regardless of the wallets loaded.
• A new createwalletdescriptor RPC allows users to add new automatically generated descriptors to their wallet. This can be used to upgrade wallets created prior to the introduction of a new standard descriptor, such as taproot.
• Blockstorage improvements. Block files are now XOR’d by default with a key stored in the blocksdir.
• Maximum mempool size along with the mempool usage are now displayed in the “Information” window.

CVE-2023-50428 remains at large

release

OCEAN Unveils Decentralized Alternative Templates for Universal Mining (DATUM)

Similar to Stratum V2, DATUM is designed to decentralize block construction by empowering miners to create their own block templates via their own Bitcoin node. Users can mine on pools that offer Datum support or solo mine without needing a third party to set up a server for them.

• The launch of datum is motivated by concerns of large mining pools controlling over 50% of Bitcoin’s hash rate, thus increasing the risk of miner centralization and potential transaction censorship. DATUM aims to decentralize block construction, prevent 51% attacks and keep Bitcoin network free and open.

Press Release

Ashigaru v1.1.0: Removed DNS Dependencies & UI Improvements

Ashigaru is a self-custodial, open-source and secure mobile Bitcoin wallet that is private by design. It has been forked and build upon Samourai Wallet Source Code. Available on Android.

“The Ashigaru Open Source Project is pleased to announce the update of Ashigaru mobile to v1.1.0. Thank you to those who have used the wallet and provided valuable feedback, some of which has been addressed within this update,” announced the project. This release implements automatic updates of Tor onion services, removing all dependencies and reliance on DNS from the app, overhauls Settings screen user interface, introduces new transaction alerts, and more

note: although ashigaru is open source from the remains of the last version of Samourai wallet, ashigaru uses a pre-compilied bitcoinj library

blogpost repo

Samourai Wallet & Tornado Cash Prosecutor Damian Williams to Step Down in December

Damian Williams, the United States Attorney for the Southern District of New York and the district’s chief federal law enforcement officer, announced his resignation. He will step down from his position effective at 11:59 p.m. on December 13, 2024.

Damian Williams assumed office on October 10, 2021, appointed by President Joe Biden. During his three-year tenure, Williams has overseen many high-profile cases, including the convictions of FTX’s Sam Bankman-Fried and Jeffrey Epstein’s accomplice Ghislaine Maxwell, the prosecutions of New York City Mayor Eric Adams and rap artist Sean “Diddy” Combs, as well as the developers of Tornado Cash and Samourai Wallet privacy tools. Edward Y. Kim, the current Deputy United States Attorney, will take over as Acting United States Attorney when he departs. Additionally, President-elect Trump has announced his intention to nominate Jay Clayton, former head of the Securities and Exchange Commission, to lead the office.

press release

Bitmain Launches the ANTMINER S21+ Series

At the Bitcoin Amsterdam 2024 conference, Bitcoin miner manufacturer Bitmain announced two new machines: the Antminer S21+ Hyd and the Antminer S21+.

• The Antminer S21+ Hyd. is said to deliver a hashrate of 319 TH/s and an efficiency of 15 J/TH.
• The S21+ model promises 216 TH/s with a power efficiency of 16.5 J/TH.
• Shipping of the new products is expected to begin in Q1/Q2 of 2025.

Press Release

RoboSats v0.7.3-alpha: LNP2PBot Orders & Nostr Order Books on Android

RoboSats is a simple and private way to exchange bitcoin. It simplifies the peer-to-peer user experience and uses lightning hold invoices to minimize custody and trust requirements while helping users stick to best privacy practices. Available on the web, Android, Windows, MacOS, and Linux.

RoboSats v0.7.3 is now available! This release introduces the ability to fetch orders from the LNP2PBot platform when the user enables Nostr orders in settings, thanks to shared Nostr order books. “Robosats and LNP2PBot are two separate platforms for P2P Bitcoin exchange. Both are now publishing their public orders to Nostr, so we can now display their orders in our client. This brings a lot of benefits. One of the most direct is that Robosats users will now have more info when comparing premiums, which will reduce the arbitrage between platforms and increase the general liquidity,” said KoalaSat. Additionally, Android app users now have the option to enable Nostr orders in settings, along with a few other fixes.

announcement repo

Electrum Plugin for Joinstr Tutorial

In this tutorial I will share the steps to use electrum plugin for joinstr on Ubuntu. First step is to get the latest version of electrum. Run the below commands so that electrum can be used:

tutorial article

Discussion of softfork proposals

(placeholder for discussion over drama regarding opcodes)

HRF Bitcoin Development Fund Grants 10 BTC to 13 Bitcoin Projects

Always great to see contributions to Bitcoin Development

“HRF’s latest batch of grants focus on education for people living under authoritarian regimes, privacy and Lightning development, decentralized communications, and providing nonprofits and human rights groups with easier onramps to financial freedom tools. Areas of focus include key countries and regions in Latin America, the Middle East, Asia, and Africa,” announcement reads. These are the projects receiving financial aid from the HRF:

• Robosats
• Bitshala Internship Program
• Building Bridges to Bitcoin (BBB)
• Flash
• Bitcoin Seoul
• Margot Paez
• Validating Lightning Signer
• OpenSats
• The Core
• Terry Yiu (nostr)
• Paulo Sacramento
• Blockchain Commons
• Summer of Bitcoin

Announcement

Scam Wallets - And how to spot them

Apple’s App Store continues to publish fraudulent apps that mimic popular Bitcoin wallets, leading to the theft of money from unsuspecting users.

Attack Scenarios

• Malicious Clone
• Clipboard Hijacker
• Compromised PC
• Social Engineering
• Planted Wallet File

nobsbitcoin article Electrum Tips

Cheyenne crypto mine with Chinese origins ordered to divest

In October, The New York Times published an article detailing some of the security concerns around a Cheyenne-based crypto-mining operation with Chinese origins located within one mile of F.E. Warren Air Force Base.

On Monday, The White House released a statement ordering the sale of land to the company be reversed, citing a national security risk.

The purchasers acquired the land from Cheyenne LEADS in June 2022, and then made improvements to allow for specialized cryptocurrency mining operations. The land is in close proximity to F.E. Warren, a strategic missile base and home to Minuteman III intercontinental ballistic missiles.droid

Link

Strike opens up for Taiwan Users!

Strike offers global remittance through the Bitcoin Network, using Lightning. Strike allows Taiwan users to register and supports VISA debit card deposits. Balances are only held in USD Strike currently has no banking relationships in Taiwan

link

New on Geyser: Bitcoin Explorama, BitFables, Smart Child Kenya & More

Discover and show support to some of the latest Bitcoin grassroots projects and initiatives launched via the Geyser crowdfunding platform.

nobsbitcoin

Nakamoto Institute update/facelift

The Satoshi Nakamoto Institute was founded in November 2013 to advance and preserve knowledge of Bitcoin’s history, economics, and technology.

SNI is a Texas nonprofit corporation exempt from tax under Section 501(c)(3) and classified as a public charity.

link

Nostr, zaps and stuff (always)

Taiwan BitDevs would like to explore Nostr with the audience by generating an npub with the audience present to follow along. Nostr stands for “notes and other stuff transmitted over relays” it is a protocol designed around censorship resistance which can be used for social media. Nostr is a lot of fun and a great way to use Lightning Network (NIP-57 / zaps / LNURL)

NIP update - nostr marketplace (NIP-15)

Theres an LNBits extension that allows you to list and shop for goods using nostr relays and get paid through Bitcoin/Lightning

tutorial nip-15

github link

web client

Amethyst android

Damus iOS

Our 23rd Socratic Seminar event will be held at 9 LiShui St. Da’An Dist. Taipei.

For the last event of 2024, a year-end review of all technical discussions will also be had

We will start the Socratic Seminar with general introductions and follow with discussion on the latest bitcoin developments and news.

Learn about bitcoin development. Share, debate, and discuss trade offs in progress. We discuss a variety of developments, from industry updates and press releases, pull requests in popular git repositories (e.g. Bitcoin Core, lnd, c-lightning, rust-bitcoin, Joinmarket, WasabiWallet), research papers, technical blog posts, IRC logs, network monitors and more. Please add to the discussion topics on GitHub. We’d love to hear from you. After the event the we socialize over food and drinks.

我們每月舉辦的蘇格拉底式的研討會活動旨在促進辯論、信息共享和開放討論。在活動前幾週,聚會成員會從各種來源去整理討論主題：流行git倉儲（例如 Bitcoin Core、lnd、c-lightning、rust-bitcoin, Joinmarket、WasabiWallet）中的pull requests、研究論文、技術博客帖文、IRC 日誌、網絡監測等。經過一段時間的討論，一些活動會有來自開源項目、公司、研究和其他相關內容的介紹。隨後是反饋和問答部分。活動結束後，我們會在活動場地進行社交。

Discussion Topics

Czech Republic Eliminates Bitcoin Capital Gains Tax for Long-term Holdings

The Czech Republic has enacted a law that exempts Bitcoin holdings held for more than three years from capital gains tax. This legislation received unanimous approval from the nation’s parliament on December 6 and is scheduled to take effect on January 1, 2025.

article

WabiSabi Vulnerability Allows Malicious Coordinators to Deanonymize Coinjoin Users

A vulnerability in the WabiSabi protocol allows malicious coordinators to deanonymize users’ coins and link inputs to outputs, compromising the privacy of coinjoin participants. Users are urged to update their instances immediately.

The affected versions of the WabiSabi protocol have a vulnerability due to inadequate client-side validation of credential issuers. It allows malicious coordinators to use multiple issuers to differentiate inputs from outputs, trace input ownership, and break the anonymity set of Bitcoin’s coinjoin process, compromising user privacy.

disclosure artcile

Vulnerability allowing theft from LN channels with miner assistance

David Harding announced to Delving Bitcoin a vulnerability he had responsibly disclosed earlier in the year. Old versions of Eclair, LDK, and LND with default settings allowed the party who opened a channel to steal up to 98% of channel value. Core Lightning remains affected if the non-default –ignore-fee-limits configuration option is used; this option’s documentation already indicates it is dangerous.

The announcement also described two less severe variants of the vulnerability. All LN implementations listed above attempt to mitigate those additional risks, but a complete solution awaits additional work on package relay, channel upgrades, and related projects.

The vulnerability takes advantage of the LN protocol allowing an old channel state to commit to more onchain fees than the fee-paying party controls in the latest state. For example, in a state where Mallory controls 99% of the channel balance, she dedicates 98% of the overall balance to endogenous fees. She then creates a new state that pays only minimal fees and forwards 99% of the channel balance to Bob’s side. By personally mining the old state that pays 98% to fees, she can capture those fees for herself—reducing the maximum value Bob can receive onchain from his expected 99% to an actual 2%. Mallory can use this method to simultaneously steal from about 3,000 channels per block (with each channel potentially controlled by a different victim), allowing theft of about $3 million USD per block if the average channel value is about $1,000 USD.

note: from version Eclair v0.10.0 (29 Feb 2024), LDK 0.0.123 (8 May 2024), LND 0.18.3-beta 1 (11 Sept 2024)

disclosure

Eclair v0.11.0: Official Bolt 12 Support, Splicing, Liquidity Ads & On-The-Fly Funding Prototypes

Eclair (French for Lightning) is a Scala implementation of the Lightning Network developed by ACINQ.

• Official support for Bolt 12. This release contains full support for Bolt 12 payments.
• Splicing prototype for private channels. Improved ACINQ implementation of splicing by relying on the official quiescence feature and adding RBF support.
• Liquidity ads prototype. Liquidity ads empower nodes to sell their liquidity in a trustless and decentralized way. Each node advertises the rates at which they are willing to sell their liquidity, allowing buyers to connect with sellers offering favorable rates.
• Updated minimal version of Bitcoin Core to v27.2. The latest version of Eclair requires Bitcoin Core 27.2, which introduces CoinGrinder, a new coin selection algorithm that reduces on-chain transaction costs when feerates are high. Newer Bitcoin Core versions may be used but haven’t been thoroughly tested.

announcement

Bitcoin ATM Operator Byte Federal Reports Data Breach Affecting 58,000 Users

U.S.-based Bitcoin ATM operator Byte Federal has reported a data breach that may have compromised the personal information of approximately 58,000 customers.

“Customer personal information that was subject to the attempt at unauthorized access includes name, birthdate, address, phone number, email address, government-issued ID, social security number, transaction activity, and photographs of users,” said the company.

breach announcement

Bitcoin Mempool Upgrades

Recently, there has been some really cool mempool P2P upgrades to Bitcoin that are worth talking about.

• Package relay for 1P1C (one parent one child).
• TRUC (topologically restricted until confirmation) transaction relay.
• Package RBF.
• Sibling eviction.
• A standard P2A (pay-to-anchor) output script type.

Gregory Sanders has written a guide for Optech aimed at developers of wallets and other software that uses Bitcoin Core to create or broadcast transactions. The guide walks through the use of several of the features and describes how the features can be useful for multiple protocols, including simple payments and RBF fee bumping, LN commitments and HTLCs, Ark, and LN splicing.

Optech Newsletter

Bitcoin Core v28.0: Testnet4, Full RBF by Default & More

• Bitcoin Core v28 supports testnet4 and introduces a variety of P2P/mempool policy changes, including opportunistic 1-parent-1-child (1p1c) package relay, default relay of opt-in TRUC and pay-to-anchor transactions, limited package RBF relay, and full-RBF is now on by default.
• It also adds default parameters for assumeUTXO, enabling the loadtxoutset RPC to use a UTXO set downloaded outside the Bitcoin network (etc. via torrents).
• The update also packages many other new features, updated RPCs, fixes, stability and performance improvements, as well as updated translations.
• AssumeUTXO available on mainnet. AssumeUTXO mainnet parameters have been added for height 840,000. The loadtxoutset RPC can now be used on mainnet with the matching UTXO set from that height.
• New Windows Data Directory. The default Windows data directory has been moved to C:\Users\Username\AppData\Local\Bitcoin. If old directory is present, the client will continue to use it for backwards compatibility.
• JSON-RPC 2.0 Support. The JSON-RPC server now recognizes JSON-RPC 2.0 requests and responds with strict adherence to the specification. “JSON-RPC clients may need to be updated to be compatible with the JSON-RPC server. Please open an issue on GitHub if any compatibility issues are found.”
• libbitcoinconsensus Removal. The libbitcoin-consensus library was deprecated in 27.0 and is now completely removed.
• Easier to migrate legacy wallets to descriptor wallet format. The “Migrate Wallet” menu allows users to migrate any legacy wallet in their wallet directory, regardless of the wallets loaded.
• A new createwalletdescriptor RPC allows users to add new automatically generated descriptors to their wallet. This can be used to upgrade wallets created prior to the introduction of a new standard descriptor, such as taproot.
• Blockstorage improvements. Block files are now XOR’d by default with a key stored in the blocksdir.
• Maximum mempool size along with the mempool usage are now displayed in the “Information” window.

CVE-2023-50428 remains at large

release

OCEAN Unveils Decentralized Alternative Templates for Universal Mining (DATUM)

Similar to Stratum V2, DATUM is designed to decentralize block construction by empowering miners to create their own block templates via their own Bitcoin node. Users can mine on pools that offer Datum support or solo mine without needing a third party to set up a server for them.

• The launch of datum is motivated by concerns of large mining pools controlling over 50% of Bitcoin’s hash rate, thus increasing the risk of miner centralization and potential transaction censorship. DATUM aims to decentralize block construction, prevent 51% attacks and keep Bitcoin network free and open.

Press Release

Ashigaru v1.1.0: Removed DNS Dependencies & UI Improvements

Ashigaru is a self-custodial, open-source and secure mobile Bitcoin wallet that is private by design. It has been forked and build upon Samourai Wallet Source Code. Available on Android.

“The Ashigaru Open Source Project is pleased to announce the update of Ashigaru mobile to v1.1.0. Thank you to those who have used the wallet and provided valuable feedback, some of which has been addressed within this update,” announced the project. This release implements automatic updates of Tor onion services, removing all dependencies and reliance on DNS from the app, overhauls Settings screen user interface, introduces new transaction alerts, and more

note: although ashigaru is open source from the remains of the last version of Samourai wallet, ashigaru uses a pre-compilied bitcoinj library

blogpost repo

Samourai Wallet & Tornado Cash Prosecutor Damian Williams to Step Down in December

Damian Williams, the United States Attorney for the Southern District of New York and the district’s chief federal law enforcement officer, announced his resignation. He will step down from his position effective at 11:59 p.m. on December 13, 2024.

Damian Williams assumed office on October 10, 2021, appointed by President Joe Biden. During his three-year tenure, Williams has overseen many high-profile cases, including the convictions of FTX’s Sam Bankman-Fried and Jeffrey Epstein’s accomplice Ghislaine Maxwell, the prosecutions of New York City Mayor Eric Adams and rap artist Sean “Diddy” Combs, as well as the developers of Tornado Cash and Samourai Wallet privacy tools. Edward Y. Kim, the current Deputy United States Attorney, will take over as Acting United States Attorney when he departs. Additionally, President-elect Trump has announced his intention to nominate Jay Clayton, former head of the Securities and Exchange Commission, to lead the office.

press release

Bitmain Launches the ANTMINER S21+ Series

At the Bitcoin Amsterdam 2024 conference, Bitcoin miner manufacturer Bitmain announced two new machines: the Antminer S21+ Hyd and the Antminer S21+.

• The Antminer S21+ Hyd. is said to deliver a hashrate of 319 TH/s and an efficiency of 15 J/TH.
• The S21+ model promises 216 TH/s with a power efficiency of 16.5 J/TH.
• Shipping of the new products is expected to begin in Q1/Q2 of 2025.

Press Release

RoboSats v0.7.3-alpha: LNP2PBot Orders & Nostr Order Books on Android

RoboSats is a simple and private way to exchange bitcoin. It simplifies the peer-to-peer user experience and uses lightning hold invoices to minimize custody and trust requirements while helping users stick to best privacy practices. Available on the web, Android, Windows, MacOS, and Linux.

RoboSats v0.7.3 is now available! This release introduces the ability to fetch orders from the LNP2PBot platform when the user enables Nostr orders in settings, thanks to shared Nostr order books. “Robosats and LNP2PBot are two separate platforms for P2P Bitcoin exchange. Both are now publishing their public orders to Nostr, so we can now display their orders in our client. This brings a lot of benefits. One of the most direct is that Robosats users will now have more info when comparing premiums, which will reduce the arbitrage between platforms and increase the general liquidity,” said KoalaSat. Additionally, Android app users now have the option to enable Nostr orders in settings, along with a few other fixes.

announcement repo

Electrum Plugin for Joinstr Tutorial

In this tutorial I will share the steps to use electrum plugin for joinstr on Ubuntu. First step is to get the latest version of electrum. Run the below commands so that electrum can be used:

tutorial article

Discussion of softfork proposals

(placeholder for discussion over drama regarding opcodes)

HRF Bitcoin Development Fund Grants 10 BTC to 13 Bitcoin Projects

Always great to see contributions to Bitcoin Development

“HRF’s latest batch of grants focus on education for people living under authoritarian regimes, privacy and Lightning development, decentralized communications, and providing nonprofits and human rights groups with easier onramps to financial freedom tools. Areas of focus include key countries and regions in Latin America, the Middle East, Asia, and Africa,” announcement reads. These are the projects receiving financial aid from the HRF:

• Robosats
• Bitshala Internship Program
• Building Bridges to Bitcoin (BBB)
• Flash
• Bitcoin Seoul
• Margot Paez
• Validating Lightning Signer
• OpenSats
• The Core
• Terry Yiu (nostr)
• Paulo Sacramento
• Blockchain Commons
• Summer of Bitcoin

Announcement

Scam Wallets - And how to spot them

Apple’s App Store continues to publish fraudulent apps that mimic popular Bitcoin wallets, leading to the theft of money from unsuspecting users.

Attack Scenarios

• Malicious Clone
• Clipboard Hijacker
• Compromised PC
• Social Engineering
• Planted Wallet File

nobsbitcoin article Electrum Tips

Cheyenne crypto mine with Chinese origins ordered to divest

In October, The New York Times published an article detailing some of the security concerns around a Cheyenne-based crypto-mining operation with Chinese origins located within one mile of F.E. Warren Air Force Base.

On Monday, The White House released a statement ordering the sale of land to the company be reversed, citing a national security risk.

The purchasers acquired the land from Cheyenne LEADS in June 2022, and then made improvements to allow for specialized cryptocurrency mining operations. The land is in close proximity to F.E. Warren, a strategic missile base and home to Minuteman III intercontinental ballistic missiles.droid

Link

Strike opens up for Taiwan Users!

Strike offers global remittance through the Bitcoin Network, using Lightning. Strike allows Taiwan users to register and supports VISA debit card deposits. Balances are only held in USD Strike currently has no banking relationships in Taiwan

link

New on Geyser: Bitcoin Explorama, BitFables, Smart Child Kenya & More

Discover and show support to some of the latest Bitcoin grassroots projects and initiatives launched via the Geyser crowdfunding platform.

nobsbitcoin

Nakamoto Institute update/facelift

The Satoshi Nakamoto Institute was founded in November 2013 to advance and preserve knowledge of Bitcoin’s history, economics, and technology.

SNI is a Texas nonprofit corporation exempt from tax under Section 501(c)(3) and classified as a public charity.

link

Nostr, zaps and stuff (always)

Taiwan BitDevs would like to explore Nostr with the audience by generating an npub with the audience present to follow along. Nostr stands for “notes and other stuff transmitted over relays” it is a protocol designed around censorship resistance which can be used for social media. Nostr is a lot of fun and a great way to use Lightning Network (NIP-57 / zaps / LNURL)

NIP update - nostr marketplace (NIP-15)

Theres an LNBits extension that allows you to list and shop for goods using nostr relays and get paid through Bitcoin/Lightning

tutorial nip-15

github link

web client

Amethyst android

Damus iOS

Our 22nd Socratic Seminar will be co-hosted with TempoX! Thank you to TempoX for offering the space, food, and their willingness to promote Bitcoin development and awareness. Hopefully, we will be able to showcase the importance of Bitcoin, and the problems it solves, to a wider audience.

Location : Tempo House

We will start the Socratic Seminar with general introductions and follow with discussion on the latest bitcoin developments and news.

Learn about bitcoin development. Share, debate, and discuss trade offs in progress. We discuss a variety of developments, from industry updates and press releases, pull requests in popular git repositories (e.g. Bitcoin Core, lnd, c-lightning, rust-bitcoin, Joinmarket, WasabiWallet), research papers, technical blog posts, IRC logs, network monitors and more. Please add to the discussion topics on GitHub. We’d love to hear from you. After the event the we socialize over food and drinks.

我們每月舉辦的蘇格拉底式的研討會活動旨在促進辯論、信息共享和開放討論。在活動前幾週,聚會成員會從各種來源去整理討論主題：流行git倉儲（例如 Bitcoin Core、lnd、c-lightning、rust-bitcoin, Joinmarket、WasabiWallet）中的pull requests、研究論文、技術博客帖文、IRC 日誌、網絡監測等。經過一段時間的討論，一些活動會有來自開源項目、公司、研究和其他相關內容的介紹。隨後是反饋和問答部分。活動結束後，我們會在活動場地進行社交。

Discussion Topics

Bitcoin Mempool Upgrades

Recently, there has been some really cool mempool P2P upgrades to Bitcoin that are worth talking about.

• Package relay for 1P1C (one parent one child).
• TRUC (topologically restricted until confirmation) transaction relay.
• Package RBF.
• Sibling eviction.
• A standard P2A (pay-to-anchor) output script type.

Gregory Sanders has written a guide for Optech aimed at developers of wallets and other software that uses Bitcoin Core to create or broadcast transactions. The guide walks through the use of several of the features and describes how the features can be useful for multiple protocols, including simple payments and RBF fee bumping, LN commitments and HTLCs, Ark, and LN splicing.

Optech Newsletter

Bitcoin Core v28.0: Testnet4, Full RBF by Default & More

• Bitcoin Core v28 supports testnet4 and introduces a variety of P2P/mempool policy changes, including opportunistic 1-parent-1-child (1p1c) package relay, default relay of opt-in TRUC and pay-to-anchor transactions, limited package RBF relay, and full-RBF is now on by default.
• It also adds default parameters for assumeUTXO, enabling the loadtxoutset RPC to use a UTXO set downloaded outside the Bitcoin network (etc. via torrents).
• The update also packages many other new features, updated RPCs, fixes, stability and performance improvements, as well as updated translations.
• AssumeUTXO available on mainnet. AssumeUTXO mainnet parameters have been added for height 840,000. The loadtxoutset RPC can now be used on mainnet with the matching UTXO set from that height.
• New Windows Data Directory. The default Windows data directory has been moved to C:\Users\Username\AppData\Local\Bitcoin. If old directory is present, the client will continue to use it for backwards compatibility.
• JSON-RPC 2.0 Support. The JSON-RPC server now recognizes JSON-RPC 2.0 requests and responds with strict adherence to the specification. “JSON-RPC clients may need to be updated to be compatible with the JSON-RPC server. Please open an issue on GitHub if any compatibility issues are found.”
• libbitcoinconsensus Removal. The libbitcoin-consensus library was deprecated in 27.0 and is now completely removed.
• Easier to migrate legacy wallets to descriptor wallet format. The “Migrate Wallet” menu allows users to migrate any legacy wallet in their wallet directory, regardless of the wallets loaded.
• A new createwalletdescriptor RPC allows users to add new automatically generated descriptors to their wallet. This can be used to upgrade wallets created prior to the introduction of a new standard descriptor, such as taproot.
• Blockstorage improvements. Block files are now XOR’d by default with a key stored in the blocksdir.
• Maximum mempool size along with the mempool usage are now displayed in the “Information” window.

CVE-2023-50428 remains at large

release

OCEAN Unveils Decentralized Alternative Templates for Universal Mining (DATUM)

Similar to Stratum V2, DATUM is designed to decentralize block construction by empowering miners to create their own block templates via their own Bitcoin node. Users can mine on pools that offer Datum support or solo mine without needing a third party to set up a server for them.

• The launch of datum is motivated by concerns of large mining pools controlling over 50% of Bitcoin’s hash rate, thus increasing the risk of miner centralization and potential transaction censorship. DATUM aims to decentralize block construction, prevent 51% attacks and keep Bitcoin network free and open.

Press Release

Bitcoin Core Discloses Three Vulnerabilities Affecting Versions Before v25.0

Disclosed vulnerabilities include a blocktxn remote node crash (CVE-2024-35202), an issue with mutated blocks hindering block propagation, and a node communication issue due to inv-to-send sets growing too large.

Disclosed vulnerabilities include:

• CVE-2024-35202. This is a high severity issue that allows attackers to crash Bitcoin Core nodes remotely by triggering an assertion in the blocktxn message handling logic. The vulnerability was discovered by Niklas Gögge and fixed in Bitcoin Core v25.0.
• Hindered block propagation due to mutated blocks. This is a medium severity issue that allows a peer to clear the block download state of other peers by sending unrequested, mutated blocks. It was fixed in #27608 by ensuring that a peer can only affect its own block download state, not the download states of other peers.
• DoS due to inv-to-send sets growing too large. It’s a medium severity issue where excessively large m_tx_inventory_to_send sets could disrupt node communication by slowing inventory message construction.

Announcement

Bitmain Launches the ANTMINER S21+ Series

At the Bitcoin Amsterdam 2024 conference, Bitcoin miner manufacturer Bitmain announced two new machines: the Antminer S21+ Hyd and the Antminer S21+.

• The Antminer S21+ Hyd. is said to deliver a hashrate of 319 TH/s and an efficiency of 15 J/TH.
• The S21+ model promises 216 TH/s with a power efficiency of 16.5 J/TH.
• Shipping of the new products is expected to begin in Q1/Q2 of 2025.

Press Release

Italy Plans to Raise Bitcoin Capital Gains Tax from 26% to 42%

Italy intends to increase the capital gains tax on Bitcoin from 26% to 42% as part of a strategy to fund costly election commitments while reducing the budget deficit.

• On Wednesday, Italy unveiled its draft budgetary plan (DBP), which outlined new revenue-raising strategies.
• The proposal to hike bitcoin taxes accompanies the country’s aim to generate 0.2% of its gross domestic product (GDP), translating to approximately 4 billion euros ($4.35 billion) by 2025.
• The plan also includes raising funds through new tax regulations targeting banks, insurance products, gaming business licenses, and adjustments to the web tax.

Reuters

Electrum Plugin for Joinstr Tutorial

In this tutorial I will share the steps to use electrum plugin for joinstr on Ubuntu. First step is to get the latest version of electrum. Run the below commands so that electrum can be used:

tutorial article

BDK v1.0.0-beta.5 Released

Here is the summary of the latest and previous beta releases.

• beta.1: This release includes the first beta version of bdk_wallet with a stable 1.0.0 API. The changes in this version include reworked wallet persistence, changeset, and construction, optional user provided RNG, custom tx sorting, and use of merkle proofs in bdk_electrum.
• beta.2: The primary user facing changes are re-enabling single descriptor wallets and renaming LoadParams methods to be more explict. Wallet persistence was also simplified and blockchain clients no longer depend on bdk_chain.
• beta.{3|4}: Fixed transaction creation to not skip unused addresses, added function for sorting wallet transactions and option to change default BNB fallback coin selection. We moved the bdk_hwi crate functionality to the rust-hwi repo.
• beta.5: This release changes bdk_wallet transaction creation to enable RBF by default, it also updates the bdk_esplora client to retry server requests that fail due to rate limiting. The bdk_electrum crate now also offers a use-openssl feature.

Proton Wallet by Proton Mail

Proton, the privacy-focused Swiss technology company, is launching Proton Wallet, an open-source, E2E-encrypted, and self-custodial Bitcoin wallet.

The product is currently available to Proton Visionary and Lifetime plan users. Other users can sign up to an early waitlist or receive an invite from an active Proton Wallet user.

Website

Announcement github

HRF Bitcoin Development Fund Grants 10 BTC to 13 Bitcoin Projects

Always great to see contributions to Bitcoin Development

“HRF’s latest batch of grants focus on education for people living under authoritarian regimes, privacy and Lightning development, decentralized communications, and providing nonprofits and human rights groups with easier onramps to financial freedom tools. Areas of focus include key countries and regions in Latin America, the Middle East, Asia, and Africa,” announcement reads. These are the projects receiving financial aid from the HRF:

• Robosats
• Bitshala Internship Program
• Building Bridges to Bitcoin (BBB)
• Flash
• Bitcoin Seoul
• Margot Paez
• Validating Lightning Signer
• OpenSats
• The Core
• Terry Yiu (nostr)
• Paulo Sacramento
• Blockchain Commons
• Summer of Bitcoin

Announcement

Utreexod Beta Is Now Available for General Public Testing

utreexod is a full node bitcoin implementation with support for utreexo accumulators. It enables immediate node bootstrap by having the UTXO state hardcoded into the codebase, uses a tiny amount of memory, and has a low disk i/o.

Key features:

• Implementation of efficient Utreexo accumulators with an improved deletionn algorithm from the Utreexo paper.
• Efficient P2P transaction relay with support for caching utreexo proofs for mempool transactions.
• Quick sync to the tip of the blockchain with AssumeUtreexo.
• Built in wallet support (with BDK wallet).
• Electrum personal server support for usage with other wallets.

utreexo proponent Calvin Kim attended Taipei Bitcoin Tech Summit 2023 with Taiwan BitDevs

announcement github

A Bitaxe Has Mined Block 853742

A solo Bitcoin miner with 3 TH/s has mined block 853742, overcoming odds of 1 in 1.2 million and earning 3.192 BTC (approximately $200,000). 1 in 3,500 year odds!

nobsbitcoin article

OCEAN Pool Integrates BOLT12 Lightning Payouts

“Using BOLT12 also allows us to prove to the world that a payment was made, the size of the payment, the node to which it was paid, and that it was paid by us. This means we can continue to offer fully transparent and verifiable pooled mining while no longer being restricted by the base layer.”

“Pools traditionally have held miners’ bitcoins like a bank, while on-chain Bitcoin transactions get increasingly expensive as the demand for Bitcoin rises. For small miners, the problem is exacerbated since in some cases the cost of the transaction fee is higher than the reward that they earn. This is unsustainable because it creates lock-in to custodial pools. OCEAN helps overcome this risk using Lightning,” OCEAN co-founder Luke Dashjr said.

Announcement Press Release Documentation]

AntPool & Bitmain Acting as ‘a Pool of Pools’ - Report

“Looking at the merkle branches that mining pools send to miners as part of stratum jobs, it’s clear that the BTCcom pool, Binance pool, Poolin, EMCD, Rawpool, and possibly Braiins* have exactly the same template and custom transaction prioritization as AntPool,” analyst 0xB10C recently shared in a post.

note: pooled mining is surprisingly something that wasn’t unexpected

full post

RFK Speech at Bicoin Conference 2024

Robert F. Kennedy Jr. delivers a groundbreaking speech Bitcoin 2024, outlining his vision for integrating Bitcoin into America’s economic and national security strategies. As an independent presidential candidate, RFK Jr. proposes bold initiatives including making the US government a major Bitcoin holder, eliminating taxes on Bitcoin transactions, and using Bitcoin mining to incentivize green energy production.

youtube 中文翻譯

Bitcoin Optech #306: Disclosure of Vulnerabilities Affecting Older Versions of Bitcoin Core

This issue announces an upcoming disclosure of Bitcoin Core vulnerabilities, and describes: a draft BIP for testnet4, functional encryption covenants, proposed updates to 64-bit arithmetic in Bitcoin Script, looks at OP_CAT script to validate proof of work, as well as proposed update to BIP21.

“Several members of the Bitcoin Core project discussed on IRC a proposed policy for disclosing vulnerabilities that affected older versions of Bitcoin Core…” “After this policy has a chance to be further discussed, it is the intention of the project to begin disclosing vulnerabilities affecting Bitcoin Core 24.x and below. It is strongly recommended that all users and administrators upgrade to Bitcoin Core 25.0 or above within the next two weeks.”

Ava Chow post Newsletter

Scam Wallets - And how to spot them

Apple’s App Store continues to publish fraudulent apps that mimic popular Bitcoin wallets, leading to the theft of money from unsuspecting users.

Attack Scenarios

• Malicious Clone
• Clipboard Hijacker
• Compromised PC
• Social Engineering
• Planted Wallet File

nobsbitcoin article Electrum Tips

Cheyenne crypto mine with Chinese origins ordered to divest

In October, The New York Times published an article detailing some of the security concerns around a Cheyenne-based crypto-mining operation with Chinese origins located within one mile of F.E. Warren Air Force Base.

On Monday, The White House released a statement ordering the sale of land to the company be reversed, citing a national security risk.

The purchasers acquired the land from Cheyenne LEADS in June 2022, and then made improvements to allow for specialized cryptocurrency mining operations. The land is in close proximity to F.E. Warren, a strategic missile base and home to Minuteman III intercontinental ballistic missiles.droid

Link

Mutiny Wallet to shut down

Mutiny Wallet to shut down EOY

blog post nostr post

Robosats Mobile App

The RoboSats Federation is a set of rules that allows multiple RoboSats instances to work together under a unified client app. This federated client app enables users to seamlessly interact with any coordinator, track the coordinator reputation, verify transparently devFund donations, and more.g the current cost-less-impairment accounting model for many entities.

nobsbitcoin article Announcement

BitVM 8-bit PC

“It’s true, you can write bitcoin smart contracts in Assembly now instead of learning boolean logic circuits,” wrote @Super Testnet. Someone also wrote a multiplication function for this virtual CPU

Link BitVM Calculator

Strike opens up for Taiwan Users!

Strike offers global remittance through the Bitcoin Network, using Lightning. Strike allows Taiwan users to register and supports VISA debit card deposits. Balances are only held in USD Strike currently has no banking relationships in Taiwan

link

Discussion on CVE-2023-50428 / Vulnerability in Bitcoin Core and Bitcoin Knots (Remains Open!)

Why this is a CVE - the software which creates these OP_IF/FALSE/PUSH transactions circumvents the existing filters, and there is no such mechanism is in place to to recognize these transactions as non-standard (there are no configuration options to address this).

datacarrier and datacarrier size parameters in bitcoin.conf does not include inscription transactions

Companies and individuals maintain their own versions of Bitcoin software and should be monitoring vulnerabilities across their stack. Ultimately everyone can decide whether or not a CVE applies to them, whether or not vulnerability should be classified as such is not the issue, it is a situation to address.

There is a patch available as commit #28408, the patch does not censor ordinals, it simply subjects an expanded set of transactions which inscribe data onto the blockchain to go through the same filters as before. The miners aligned with the patch are forgoing mining fees to run this filter.

Nodes which apply the patch have the drawbacks of fee-estimations being off and slower block validation times.

Note: demonstration available on how to apply the patch (homework!)

CVE-2023-50428

Pull Request/Patch

New on Geyser: Bitcoin Explorama, BitFables, Smart Child Kenya & More

Discover and show support to some of the latest Bitcoin grassroots projects and initiatives launched via the Geyser crowdfunding platform.

nobsbitcoin

Nakamoto Institute update/facelift

The Satoshi Nakamoto Institute was founded in November 2013 to advance and preserve knowledge of Bitcoin’s history, economics, and technology.

SNI is a Texas nonprofit corporation exempt from tax under Section 501(c)(3) and classified as a public charity.

link

Nostr, zaps and stuff (always)

Taiwan BitDevs would like to explore Nostr with the audience by generating an npub with the audience present to follow along. Nostr stands for “notes and other stuff transmitted over relays” it is a protocol designed around censorship resistance which can be used for social media. Nostr is a lot of fun and a great way to use Lightning Network (NIP-57 / zaps / LNURL)

NIP update - nostr marketplace (NIP-15)

Theres an LNBits extension that allows you to list and shop for goods using nostr relays and get paid through Bitcoin/Lightning

tutorial nip-15

github link

web client

Amethyst android

Damus iOS

Welcome again Bitdevs Taiwan

We are at a our T7 location this month again, thanks to Evan!

Our special 21st Socratic Seminar event will be held at No. 563, Section 4, Zhongxiao E Rd, 新仁里 · Xinyi District

We will start the socratic seminar discussion with general introductions and follow with discussion on the latest bitcoin developents and news.

Learn about bitcoin development. Share, debate, and discuss trade offs in progress. We discuss a variety of developments, from industry updates and press releases, pull requests in popular git repositories (e.g. Bitcoin Core, lnd, c-lightning, rust-bitcoin, Joinmarket, WasabiWallet), research papers, technical blog posts, IRC logs, network monitors and more. Please add to the discussion topics on GitHub. We’d love to hear from you. After the event the we socialize over food and drinks.

我們每月舉辦的蘇格拉底式的研討會活動旨在促進辯論、信息共享和開放討論。在活動前幾週,聚會成員會從各種來源去整理討論主題：流行git倉儲（例如 Bitcoin Core、lnd、c-lightning、rust-bitcoin, Joinmarket、WasabiWallet）中的pull requests、研究論文、技術博客帖文、IRC 日誌、網絡監測等。經過一段時間的討論，一些活動會有來自開源項目、公司、研究和其他相關內容的介紹。隨後是反饋和問答部分。活動結束後，我們會在活動場地進行社交。

Discussion Topics

Disclosure of vulnerabilities affecting Bitcoin Core versions before 0.21.0

Update your nodes! Niklas Gögge posted to the Bitcoin-Dev mailing list a link to announcements of two vulnerabilities affecting versions of Bitcoin Core that have been past their end of life since at least October 2022. This follows a previous disclosure last month of older vulnerabilities (see Newsletter #310). We summarize the disclosures below:

• Remote crash by sending excessive addr messages: before Bitcoin Core 22.0 (released September 2021), a node that was told about more than 232 other possible nodes would crash due to exhaustion of a 32-bit counter. This could be accomplished by an attacker sending a large number of P2P addr messages (at least 4 million messages). Eugene Siegel responsibly disclosed the vulnerability and a fix was included in Bitcoin Core 22.0. See Newsletter #159 for our summary of the fix, which was written without us knowing that it patched a vulnerability.

• Remote crash on local network when UPnP enabled: before Bitcoin Core 22.0, nodes that enabled UPnP for automatically configuring NAT traversal (disabled by default due to previous vulnerabilities, see Newsletter #310) were vulnerable to a malicious device on the local network repeatedly sending variants of a UPnP message. Each message could result in the allocation of additional memory until the node crashed or was terminated by the operating system. An infinite loop bug in Bitcoin Core’s dependency miniupnpc was reported to the miniupnpc project by Ronald Huveneers, with Michael Ford discovering and responsibly disclosing how it could be used to crash Bitcoin Core. A fix was included in Bitcoin Core 22.0.

Additional vulnerabilities affecting later versions of Bitcoin Core are expected to be disclosed in a few weeks.

mailing list

RFK Speech at Bicoin Conference 2024

Robert F. Kennedy Jr. delivers a groundbreaking speech Bitcoin 2024, outlining his vision for integrating Bitcoin into America’s economic and national security strategies. As an independent presidential candidate, RFK Jr. proposes bold initiatives including making the US government a major Bitcoin holder, eliminating taxes on Bitcoin transactions, and using Bitcoin mining to incentivize green energy production.

youtube 中文翻譯

Taiwan FSC Publishes Guidelines and Q&A for the Management of VASPs

Taiwan Regulators publishes guidelines for platforms offering virtual assets. Surprisingly these guidelines are specific to not include Bitcoin. This could be a start of interesting developments on how Taiwan treats Bitcoin.

Announcement

Full RBF enabled

Peter Todd announced that his pull request was merged. Default behavior for nodes will be mempoolfullrbf=1

Default settings are important (datacarrier changes are still not in Core)

github

Bitcoin Core v27.1: Bug Fixes & Performance Improvements

Another release of Core

“Bitcoin Core version v27.1 is now available from: https://bitcoincore.org/bin/bitcoin-core-27.1/ or through BitTorrent (magnet link),” announced the project. “This release includes various bug fixes and performance improvements, as well as updated translations. Please report bugs using the issue tracker at GitHub.”

note: I think some of Taiwan BitDevs traditional chinese transaltions made it in github

Bitcoin Optech #306: Disclosure of Vulnerabilities Affecting Older Versions of Bitcoin Core

This issue announces an upcoming disclosure of Bitcoin Core vulnerabilities, and describes: a draft BIP for testnet4, functional encryption covenants, proposed updates to 64-bit arithmetic in Bitcoin Script, looks at OP_CAT script to validate proof of work, as well as proposed update to BIP21.

“Several members of the Bitcoin Core project discussed on IRC a proposed policy for disclosing vulnerabilities that affected older versions of Bitcoin Core…” “After this policy has a chance to be further discussed, it is the intention of the project to begin disclosing vulnerabilities affecting Bitcoin Core 24.x and below. It is strongly recommended that all users and administrators upgrade to Bitcoin Core 25.0 or above within the next two weeks.”

Ava Chow post Newsletter

Senator Cynthia Lummis announces BITCOIN Act

U.S. Senator Cynthia Lummis introduced the Boosting Innovation, Technology, and Competitiveness through Optimized Investment Nationwide (BITCOIN) Act’ in the U.S. Senate.

The Act proposes establishing a decentralized network of secure Bitcoin storage facilities managed by the U.S. Department of Treasury, ensuring compliance with statutory requirements for high levels of physical and cybersecurity. The program aims to acquire up to 1 million Bitcoins over five years, purchasing no more than 200,000 Bitcoins annually, similar in size and scope to U.S. gold reserves. The bill specifies a minimum holding period of 20 years, during which no Bitcoins held in the reserve may be sold or auctioned.

full bill

Electrum Plugin for Joinstr Tutorial

In this tutorial I will share the steps to use electrum plugin for joinstr on Ubuntu. First step is to get the latest version of electrum. Run the below commands so that electrum can be used:

tutorial article

BDK v1.0.0-beta1 released

congrats to Evan!

Case Documents (Dutch) News Article

Proton Wallet by Proton Mail

Proton, the privacy-focused Swiss technology company, is launching Proton Wallet, an open-source, E2E-encrypted, and self-custodial Bitcoin wallet.

The product is currently available to Proton Visionary and Lifetime plan users. Other users can sign up to an early waitlist or receive an invite from an active Proton Wallet user.

Website

Announcement github

HRF Bitcoin Development Fund Grants 10 BTC to 13 Bitcoin Projects

Always great to see contributions to Bitcoin Development

“HRF’s latest batch of grants focus on education for people living under authoritarian regimes, privacy and Lightning development, decentralized communications, and providing nonprofits and human rights groups with easier onramps to financial freedom tools. Areas of focus include key countries and regions in Latin America, the Middle East, Asia, and Africa,” announcement reads. These are the projects receiving financial aid from the HRF:

• Robosats
• Bitshala Internship Program
• Building Bridges to Bitcoin (BBB)
• Flash
• Bitcoin Seoul
• Margot Paez
• Validating Lightning Signer
• OpenSats
• The Core
• Terry Yiu (nostr)
• Paulo Sacramento
• Blockchain Commons
• Summer of Bitcoin

Announcement

Utreexod Beta Is Now Available for General Public Testing

utreexod is a full node bitcoin implementation with support for utreexo accumulators. It enables immediate node bootstrap by having the UTXO state hardcoded into the codebase, uses a tiny amount of memory, and has a low disk i/o.

Key features:

• Implementation of efficient Utreexo accumulators with an improved deletionn algorithm from the Utreexo paper.
• Efficient P2P transaction relay with support for caching utreexo proofs for mempool transactions.
• Quick sync to the tip of the blockchain with AssumeUtreexo.
• Built in wallet support (with BDK wallet).
• Electrum personal server support for usage with other wallets.

utreexo proponent Calvin Kim attended Taipei Bitcoin Tech Summit 2023 with Taiwan BitDevs

announcement github

A Bitaxe Has Mined Block 853742

A solo Bitcoin miner with 3 TH/s has mined block 853742, overcoming odds of 1 in 1.2 million and earning 3.192 BTC (approximately $200,000). 1 in 3,500 year odds!

nobsbitcoin article

OCEAN Pool Integrates BOLT12 Lightning Payouts

“Using BOLT12 also allows us to prove to the world that a payment was made, the size of the payment, the node to which it was paid, and that it was paid by us. This means we can continue to offer fully transparent and verifiable pooled mining while no longer being restricted by the base layer.”

“Pools traditionally have held miners’ bitcoins like a bank, while on-chain Bitcoin transactions get increasingly expensive as the demand for Bitcoin rises. For small miners, the problem is exacerbated since in some cases the cost of the transaction fee is higher than the reward that they earn. This is unsustainable because it creates lock-in to custodial pools. OCEAN helps overcome this risk using Lightning,” OCEAN co-founder Luke Dashjr said.

Announcement Press Release Documentation]

AntPool & Bitmain Acting as ‘a Pool of Pools’ - Report

“Looking at the merkle branches that mining pools send to miners as part of stratum jobs, it’s clear that the BTCcom pool, Binance pool, Poolin, EMCD, Rawpool, and possibly Braiins* have exactly the same template and custom transaction prioritization as AntPool,” analyst 0xB10C recently shared in a post.

note: pooled mining is surprisingly something that wasn’t unexpected

full post

Scam Wallets - And how to spot them

Apple’s App Store continues to publish fraudulent apps that mimic popular Bitcoin wallets, leading to the theft of money from unsuspecting users.

Attack Scenarios

• Malicious Clone
• Clipboard Hijacker
• Compromised PC
• Social Engineering
• Planted Wallet File

nobsbitcoin article Electrum Tips

Cheyenne crypto mine with Chinese origins ordered to divest

In October, The New York Times published an article detailing some of the security concerns around a Cheyenne-based crypto-mining operation with Chinese origins located within one mile of F.E. Warren Air Force Base.

On Monday, The White House released a statement ordering the sale of land to the company be reversed, citing a national security risk.

The purchasers acquired the land from Cheyenne LEADS in June 2022, and then made improvements to allow for specialized cryptocurrency mining operations. The land is in close proximity to F.E. Warren, a strategic missile base and home to Minuteman III intercontinental ballistic missiles.droid

Link

Mutiny Wallet to shut down

Mutiny Wallet to shut down EOY

blog post nostr post

Robosats Mobile App

The RoboSats Federation is a set of rules that allows multiple RoboSats instances to work together under a unified client app. This federated client app enables users to seamlessly interact with any coordinator, track the coordinator reputation, verify transparently devFund donations, and more.g the current cost-less-impairment accounting model for many entities.

nobsbitcoin article Announcement

BitVM 8-bit PC

“It’s true, you can write bitcoin smart contracts in Assembly now instead of learning boolean logic circuits,” wrote @Super Testnet. Someone also wrote a multiplication function for this virtual CPU

Link BitVM Calculator

Strike opens up for Taiwan Users!

Strike offers global remittance through the Bitcoin Network, using Lightning. Strike allows Taiwan users to register and supports VISA debit card deposits. Balances are only held in USD Strike currently has no banking relationships in Taiwan

link

Discussion on CVE-2023-50428 / Vulnerability in Bitcoin Core and Bitcoin Knots (Remains Open!)

Why this is a CVE - the software which creates these OP_IF/FALSE/PUSH transactions circumvents the existing filters, and there is no such mechanism is in place to to recognize these transactions as non-standard (there are no configuration options to address this).

datacarrier and datacarrier size parameters in bitcoin.conf does not include inscription transactions

Companies and individuals maintain their own versions of Bitcoin software and should be monitoring vulnerabilities across their stack. Ultimately everyone can decide whether or not a CVE applies to them, whether or not vulnerability should be classified as such is not the issue, it is a situation to address.

There is a patch available as commit #28408, the patch does not censor ordinals, it simply subjects an expanded set of transactions which inscribe data onto the blockchain to go through the same filters as before. The miners aligned with the patch are forgoing mining fees to run this filter.

Nodes which apply the patch have the drawbacks of fee-estimations being off and slower block validation times.

Note: demonstration available on how to apply the patch (homework!)

CVE-2023-50428

Pull Request/Patch

New on Geyser: Bitcoin Explorama, BitFables, Smart Child Kenya & More

Discover and show support to some of the latest Bitcoin grassroots projects and initiatives launched via the Geyser crowdfunding platform.

nobsbitcoin

Nakamoto Institute update/facelift

The Satoshi Nakamoto Institute was founded in November 2013 to advance and preserve knowledge of Bitcoin’s history, economics, and technology.

SNI is a Texas nonprofit corporation exempt from tax under Section 501(c)(3) and classified as a public charity.

link

Nostr, zaps and stuff (always)

Taiwan BitDevs would like to explore Nostr with the audience by generating an npub with the audience present to follow along. Nostr stands for “notes and other stuff transmitted over relays” it is a protocol designed around censorship resistance which can be used for social media. Nostr is a lot of fun and a great way to use Lightning Network (NIP-57 / zaps / LNURL)

NIP update - nostr marketplace (NIP-15)

Theres an LNBits extension that allows you to list and shop for goods using nostr relays and get paid through Bitcoin/Lightning

tutorial nip-15

github link

web client

Amethyst android

Damus iOS

Welcome again Bitdevs Taiwan

We are at a our T7 location this month again, thanks to Evan!

Our twentieth Socratic Seminar event will be held at No. 563, Section 4, Zhongxiao E Rd, 新仁里 · Xinyi District

We will start the socratic seminar discussion with general introductions and follow with discussion on the latest bitcoin developents and news.

Learn about bitcoin development. Share, debate, and discuss trade offs in progress. We discuss a variety of developments, from industry updates and press releases, pull requests in popular git repositories (e.g. Bitcoin Core, lnd, c-lightning, rust-bitcoin, Joinmarket, WasabiWallet), research papers, technical blog posts, IRC logs, network monitors and more. Please add to the discussion topics on GitHub. We’d love to hear from you. After the event the we socialize over food and drinks.

我們每月舉辦的蘇格拉底式的研討會活動旨在促進辯論、信息共享和開放討論。在活動前幾週,聚會成員會從各種來源去整理討論主題：流行git倉儲（例如 Bitcoin Core、lnd、c-lightning、rust-bitcoin, Joinmarket、WasabiWallet）中的pull requests、研究論文、技術博客帖文、IRC 日誌、網絡監測等。經過一段時間的討論，一些活動會有來自開源項目、公司、研究和其他相關內容的介紹。隨後是反饋和問答部分。活動結束後，我們會在活動場地進行社交。

Discussion Topics

Vulnerabilities disclosed for LND versions prior to 0.17, and other Denial-of-Service attacks

Matt Morehouse publicly disclosed DoS vulnerabilities for Lightning Network implementations after privately disclosing to Lightning Labs about a year ago.

DoS vulnerabilities are critical because when Lightning Nodes are taken offline, funds are at risk

Morehouse describes other methods of DoS attacks which affects CLN and eclar implementations too. Also does a great job highlighting the difference in how implementations handle being offline

As more features are added to the Lightning Network Protocol, then attack surfaces increases from the additional complexity. Encourages more awareness into security research on lightning

Link

Taiwan FSC Publishes Guidelines and Q&A for the Management of VASPs

Taiwan Regulators publishes guidelines for platforms offering virtual assets. Surprisingly these guidelines are specific to not include Bitcoin. This could be a start of interesting developments on how Taiwan treats Bitcoin.

Announcement

Bitcoin Core v27.1: Bug Fixes & Performance Improvements

Another release of Core

“Bitcoin Core version v27.1 is now available from: https://bitcoincore.org/bin/bitcoin-core-27.1/ or through BitTorrent (magnet link),” announced the project. “This release includes various bug fixes and performance improvements, as well as updated translations. Please report bugs using the issue tracker at GitHub.”

note: I think some of Taiwan BitDevs traditional chinese transaltions made it in github

Bitcoin Optech #306: Disclosure of Vulnerabilities Affecting Older Versions of Bitcoin Core

This issue announces an upcoming disclosure of Bitcoin Core vulnerabilities, and describes: a draft BIP for testnet4, functional encryption covenants, proposed updates to 64-bit arithmetic in Bitcoin Script, looks at OP_CAT script to validate proof of work, as well as proposed update to BIP21.

“Several members of the Bitcoin Core project discussed on IRC a proposed policy for disclosing vulnerabilities that affected older versions of Bitcoin Core…” “After this policy has a chance to be further discussed, it is the intention of the project to begin disclosing vulnerabilities affecting Bitcoin Core 24.x and below. It is strongly recommended that all users and administrators upgrade to Bitcoin Core 25.0 or above within the next two weeks.”

Ava Chow post Newsletter

Electrum Plugin for Joinstr Tutorial

In this tutorial I will share the steps to use electrum plugin for joinstr on Ubuntu. First step is to get the latest version of electrum. Run the below commands so that electrum can be used:

tutorial article

Alexey Pertsev - Tornado Cash case (REVIEW)

Dutch court found Tornado Cash developer Alexey Pertsev guilty of money laundering and sentenced him to 64 months in prison. Pertsev’s legal team has 14 days to appeal the decision.

Tornado Cash Developer Alexey Pertsev Sentenced to 64 Months in Prison in the Netherlands

A Dutch court convicted 31-year-old Alexey Pertsev of laundering $2.3 billion in cryptocurrency through the Tornado Cash mixer. Dutch prosecutors have alleged that Pertsev designed Tornado Cash to be the ideal money laundering tool through the use of “smart contracts.” Conversely, Pertsev’s defenders argued that these same attributes made Tornado Cash such an effective privacy tool.

The judges rejected Pertsev’s argument that it was wrong to hold him accountable for Tornado Cash’s users, who are, by design, anonymous and independent.

Case Documents (Dutch) News Article

Aqua Wallet - Lightning - Liquid Wallet

Aqua Wallet, developed by Jan3, is a non-custodial mobile Bitcoin, Lightning, Liquid and Tether USDT (on Liquid, Ethereum, and Tron) wallet. Available on Android (APK only for now) and iOS.

Website

Announcement Blogpost

HRF Bitcoin Development Fund Grants 10 BTC to 13 Bitcoin Projects

Always great to see contributions to Bitcoin Development

“HRF’s latest batch of grants focus on education for people living under authoritarian regimes, privacy and Lightning development, decentralized communications, and providing nonprofits and human rights groups with easier onramps to financial freedom tools. Areas of focus include key countries and regions in Latin America, the Middle East, Asia, and Africa,” announcement reads. These are the projects receiving financial aid from the HRF:

• Robosats
• Bitshala Internship Program
• Building Bridges to Bitcoin (BBB)
• Flash
• Bitcoin Seoul
• Margot Paez
• Validating Lightning Signer
• OpenSats
• The Core
• Terry Yiu (nostr)
• Paulo Sacramento
• Blockchain Commons
• Summer of Bitcoin

Announcement

Utreexod Beta Is Now Available for General Public Testing

utreexod is a full node bitcoin implementation with support for utreexo accumulators. It enables immediate node bootstrap by having the UTXO state hardcoded into the codebase, uses a tiny amount of memory, and has a low disk i/o.

Key features:

• Implementation of efficient Utreexo accumulators with an improved deletionn algorithm from the Utreexo paper.
• Efficient P2P transaction relay with support for caching utreexo proofs for mempool transactions.
• Quick sync to the tip of the blockchain with AssumeUtreexo.
• Built in wallet support (with BDK wallet).
• Electrum personal server support for usage with other wallets.

utreexo proponent Calvin Kim attended Taipei Bitcoin Tech Summit 2023 with Taiwan BitDevs

announcement github

How to Make Use of BOLT12 in LDK

Jeff Czyz from Lightning Dev Kit wrote a walkthrough on BOLT12, explaining what it is and how one can make use of it in LDK.

“BOLT12 is a new payment protocol for Lightning that offers enhanced privacy, reusable payment codes, refunds, and much more, all natively over the Lightning Network.” No additional servers are required. This is all possible using new technologies like onion messages and route blinding. BOLT12 specification defines “an offer that can be considered a precursor to an invoice. It contains less data than an invoice and is smaller to display as a QR code. Optionally, it may contain blinded paths—more on that in a moment. Someone scanning an offer sends an invoice request to the intended recipient, who replies with an invoice containing a unique payment hash.”

Guide

OCEAN Pool Integrates BOLT12 Lightning Payouts

“Using BOLT12 also allows us to prove to the world that a payment was made, the size of the payment, the node to which it was paid, and that it was paid by us. This means we can continue to offer fully transparent and verifiable pooled mining while no longer being restricted by the base layer.”

“Pools traditionally have held miners’ bitcoins like a bank, while on-chain Bitcoin transactions get increasingly expensive as the demand for Bitcoin rises. For small miners, the problem is exacerbated since in some cases the cost of the transaction fee is higher than the reward that they earn. This is unsustainable because it creates lock-in to custodial pools. OCEAN helps overcome this risk using Lightning,” OCEAN co-founder Luke Dashjr said.

Announcement Press Release Documentation]

AntPool & Bitmain Acting as ‘a Pool of Pools’ - Report

“Looking at the merkle branches that mining pools send to miners as part of stratum jobs, it’s clear that the BTCcom pool, Binance pool, Poolin, EMCD, Rawpool, and possibly Braiins* have exactly the same template and custom transaction prioritization as AntPool,” analyst 0xB10C recently shared in a post.

note: pooled mining is surprisingly something that wasn’t unexpected

full post

Scam Wallets - And how to spot them

Apple’s App Store continues to publish fraudulent apps that mimic popular Bitcoin wallets, leading to the theft of money from unsuspecting users.

Attack Scenarios

• Malicious Clone
• Clipboard Hijacker
• Compromised PC
• Social Engineering
• Planted Wallet File

nobsbitcoin article Electrum Tips

Cheyenne crypto mine with Chinese origins ordered to divest

In October, The New York Times published an article detailing some of the security concerns around a Cheyenne-based crypto-mining operation with Chinese origins located within one mile of F.E. Warren Air Force Base.

On Monday, The White House released a statement ordering the sale of land to the company be reversed, citing a national security risk.

The purchasers acquired the land from Cheyenne LEADS in June 2022, and then made improvements to allow for specialized cryptocurrency mining operations. The land is in close proximity to F.E. Warren, a strategic missile base and home to Minuteman III intercontinental ballistic missiles.droid

Link

El Salvador’s Chivo Wallet Source Code & VPN Access Leaked

According to The Block, the hackers released the stolen information to the public to punish the Salvadoran government for refusing to engage with them. It’s unclear what the hackers want to discuss with El Salvador officials. “This time I am bringing you the code that is inside the Bitcoin Chivo Wallet ATMs in El Salvador, remember that it is a government wallet, and as you know, we do not sell, we publish everything for free for you,” CiberInteligenciaSV said in a post. The files reportedly contain snippets of the wallet’s code and VPN credentials associated with the Chivo Wallet’s ATM network. The group recently disclosed the personal data of approximately 5.1 million Salvadorans in a separate exploit. This is part of a series of extensive database leaks containing various records from the country.

Note: stakes are high

Article

Robosats Mobile App

The RoboSats Federation is a set of rules that allows multiple RoboSats instances to work together under a unified client app. This federated client app enables users to seamlessly interact with any coordinator, track the coordinator reputation, verify transparently devFund donations, and more.g the current cost-less-impairment accounting model for many entities.

nobsbitcoin article Announcement

BitVM 8-bit PC

“It’s true, you can write bitcoin smart contracts in Assembly now instead of learning boolean logic circuits,” wrote @Super Testnet. Someone also wrote a multiplication function for this virtual CPU

Link BitVM Calculator

Strike opens up for Taiwan Users!

Strike offers global remittance through the Bitcoin Network, using Lightning. Strike allows Taiwan users to register and supports VISA debit card deposits. Balances are only held in USD Strike currently has no banking relationships in Taiwan

link

Discussion on CVE-2023-50428 / Vulnerability in Bitcoin Core and Bitcoin Knots (Remains Open!)

Why this is a CVE - the software which creates these OP_IF/FALSE/PUSH transactions circumvents the existing filters, and there is no such mechanism is in place to to recognize these transactions as non-standard (there are no configuration options to address this).

datacarrier and datacarrier size parameters in bitcoin.conf does not include inscription transactions

Companies and individuals maintain their own versions of Bitcoin software and should be monitoring vulnerabilities across their stack. Ultimately everyone can decide whether or not a CVE applies to them, whether or not vulnerability should be classified as such is not the issue, it is a situation to address.

There is a patch available as commit #28408, the patch does not censor ordinals, it simply subjects an expanded set of transactions which inscribe data onto the blockchain to go through the same filters as before. The miners aligned with the patch are forgoing mining fees to run this filter.

Nodes which apply the patch have the drawbacks of fee-estimations being off and slower block validation times.

Note: demonstration available on how to apply the patch (homework!)

CVE-2023-50428

Pull Request/Patch

New on Geyser: Bitcoin Explorama, BitFables, Smart Child Kenya & More

Discover and show support to some of the latest Bitcoin grassroots projects and initiatives launched via the Geyser crowdfunding platform.

nobsbitcoin

Nakamoto Institute update/facelift

The Satoshi Nakamoto Institute was founded in November 2013 to advance and preserve knowledge of Bitcoin’s history, economics, and technology.

SNI is a Texas nonprofit corporation exempt from tax under Section 501(c)(3) and classified as a public charity.

link

Nostr, zaps and stuff (always)

Taiwan BitDevs would like to explore Nostr with the audience by generating an npub with the audience present to follow along. Nostr stands for “notes and other stuff transmitted over relays” it is a protocol designed around censorship resistance which can be used for social media. Nostr is a lot of fun and a great way to use Lightning Network (NIP-57 / zaps / LNURL)

NIP update - nostr marketplace (NIP-15)

Theres an LNBits extension that allows you to list and shop for goods using nostr relays and get paid through Bitcoin/Lightning

tutorial nip-15

github link

web client

Amethyst android

Damus iOS

Welcome again Bitdevs Taiwan

We are at a new location this month!

Our nineteenth Socratic Seminar event will be held at No. 563, Section 4, Zhongxiao E Rd, 新仁里 · Xinyi District

We will start the socratic seminar discussion with general introductions and follow with discussion on the latest bitcoin developents and news.

Learn about bitcoin development. Share, debate, and discuss trade offs in progress. We discuss a variety of developments, from industry updates and press releases, pull requests in popular git repositories (e.g. Bitcoin Core, lnd, c-lightning, rust-bitcoin, Joinmarket, WasabiWallet), research papers, technical blog posts, IRC logs, network monitors and more. Please add to the discussion topics on GitHub. We’d love to hear from you. After the event the we socialize over food and drinks.

我們每月舉辦的蘇格拉底式的研討會活動旨在促進辯論、信息共享和開放討論。在活動前幾週,聚會成員會從各種來源去整理討論主題：流行git倉儲（例如 Bitcoin Core、lnd、c-lightning、rust-bitcoin, Joinmarket、WasabiWallet）中的pull requests、研究論文、技術博客帖文、IRC 日誌、網絡監測等。經過一段時間的討論，一些活動會有來自開源項目、公司、研究和其他相關內容的介紹。隨後是反饋和問答部分。活動結束後，我們會在活動場地進行社交。

Discussion Topics

Samourai Wallet Founders Arrested & Charged with Money Laundering, Unlicensed Money Transmitting Offenses

The charges include conspiracy to commit money laundering and conspiracy to run an unlicensed money transmitting business. These charges could lead to a maximum sentence of 20 years and five years, respectively.

Samourai’s web servers and domain (https://samourai.io/) have been seized and a seizure warrant for Samourai’s mobile application was served on the Google Play Store. Per DOJ, the application will no longer be available to be downloaded from the Google Play Store in the United States.

“As alleged, Keonne Rodriguez and William Lonergan Hill are responsible for developing, marketing, and operating Samourai, a cryptocurrency mixing service that executed over $2 billion in unlawful transactions and served as a haven for criminals to engage in large-scale money laundering. Rodriguez and Hill allegedly knowingly facilitated the laundering of over $100 million of criminal proceeds from the Silk Road, Hydra Market, and a host of other computer hacking and fraud campaigns. Together with our law enforcement partners, we will continue to relentlessly pursue and dismantle criminal organizations that use cryptocurrency to hide illicit conduct,” U.S. Attorney Damian Williams said. Press Release Full Indictment

FBI Issues Warning Against Using ‘No-KYC Cryptocurrency Money Transmitting Services’

In a move against what’s deemed the best practices in Bitcoin security, the Federal Bureau of Investigations issued a warning to Americans against using ‘cryptocurrency’ services that are not registered as money services businesses (MSB) or do not perform KYC surveillance on their users. Delivering these same capabilities on the Bitcoin blockchain without smart contracts and stablecoins was challenging & we therefore made the difficult decision to remove native Bitcoin & other UTXO support,” she added.

Events like this cause a chilling-effect

Announcement

zkSNACKs Coinjoin Coordinator is Now Blocking US Residents and Citizens

update: zkSNACKs to Suspend Its Coinjoin Coordination Service on June 1st

Wasabi Wallet also offers coinjoins similar to Samourai (Wasabi allows for many coordinators)

“Effective immediately and until further notice, zkSNACKs is now blocking U.S. citizens and residents from visiting its websites, downloading and using Wasabi Wallet and any related products and services, including APIs and RPC interfaces,” announced the company.

“zkSNACKs is now blocking U.S. citizens and residents from visiting its websites, downloading and using Wasabi Wallet and any related products and services, including APIs and RPC interfaces,” announced the developers of Wasabi Wallet.

zkSNACKs is the company behind the default coinjoin coordinator of Wasabi Wallet. Since March 2022, the company has been proactively filtering certain UXTOs from registering to coinjoins by partnership with a chain surveillance partner since March 2022.

blogpost

Phoenix Wallet to Stop Serving US Customers on May 3rd

“On May 3rd, 2024, Phoenix Wallet will be removed from US app stores,” announced the project. “Recent announcements from US authorities cast a doubt on whether self-custodial wallet providers, Lightning service providers, or even Lightning nodes could be considered Money Services Businesses and be regulated as such. We are removing Phoenix Wallet from US app stores and will be assessing other potential impacts to our operations,” said ACINQ, the developer behind Phoenix Wallet. The project developer added that users from the US should empty their wallet by going to:

Settings > Close channels (Android) Settings > Drain wallet (iOS) “We highly recommend not force-closing channels, as on-chain fees could be significant,” added the developer.

Phoenix wallet users in the United States are encouraged to close their channels and empty their wallets prior to May 3, 2024.

ACINQ statement Announcement

Alexey Pertsev - Tornado Cash case (REVIEW)

Dutch court found Tornado Cash developer Alexey Pertsev guilty of money laundering and sentenced him to 64 months in prison. Pertsev’s legal team has 14 days to appeal the decision.

Tornado Cash Developer Alexey Pertsev Sentenced to 64 Months in Prison in the Netherlands

A Dutch court convicted 31-year-old Alexey Pertsev of laundering $2.3 billion in cryptocurrency through the Tornado Cash mixer. Dutch prosecutors have alleged that Pertsev designed Tornado Cash to be the ideal money laundering tool through the use of “smart contracts.” Conversely, Pertsev’s defenders argued that these same attributes made Tornado Cash such an effective privacy tool.

The judges rejected Pertsev’s argument that it was wrong to hold him accountable for Tornado Cash’s users, who are, by design, anonymous and independent.

Case Documents (Dutch) News Article

Aqua Wallet - Lightning - Liquid Wallet

Aqua Wallet, developed by Jan3, is a non-custodial mobile Bitcoin, Lightning, Liquid and Tether USDT (on Liquid, Ethereum, and Tron) wallet. Available on Android (APK only for now) and iOS.

Website

Announcement Blogpost

Roger Ver Charged with Mail Fraud, Tax Evasion & Filing False Tax Returns

Roger was an early bitcoin advocate turned fork proponent

Ver is accused of neglecting to file tax returns on asset sales and failing to pay a “United States exit tax” on capital gains after he gave up U.S. citizenship and set up businesses and secured citizenship in St. Kitts and Nevis. The indictment claims that by June 2017, Ver’s two U.S. registered companies, MemoryDealers and Agilestar, owned approximately 70,000 BTC. In November 2017, Ver allegedly sold tens of thousands of them on cryptocurrency exchanges for approximately $240 million in cash. “Even though Ver was not then a U.S. citizen, he was still legally required to report to the IRS and pay tax on certain distributions such as dividends from MemoryDealers and Agilestar, which were U.S. corporations. Ver allegedly concealed from his accountant that he had received and sold MemoryDealers’ and Agilestar’s bitcoins that year. As a result, Ver’s 2017 individual income tax return did not report any gain or pay any tax related to the distribution of MemoryDealers’ and Agilestar’s bitcoins to him,” was stated in the press release. “In total, Ver is alleged to have caused a loss to the IRS of at least $48 million,” was stated in the indicment.

Indictment Press Release

Utreexod Beta Is Now Available for General Public Testing

utreexod is a full node bitcoin implementation with support for utreexo accumulators. It enables immediate node bootstrap by having the UTXO state hardcoded into the codebase, uses a tiny amount of memory, and has a low disk i/o.

Key features:

• Implementation of efficient Utreexo accumulators with an improved deletionn algorithm from the Utreexo paper.
• Efficient P2P transaction relay with support for caching utreexo proofs for mempool transactions.
• Quick sync to the tip of the blockchain with AssumeUtreexo.
• Built in wallet support (with BDK wallet).
• Electrum personal server support for usage with other wallets.

utreexo proponent Calvin Kim attended Taipei Bitcoin Tech Summit 2023 with Taiwan BitDevs

announcement github

How to Make Use of BOLT12 in LDK

Jeff Czyz from Lightning Dev Kit wrote a walkthrough on BOLT12, explaining what it is and how one can make use of it in LDK.

“BOLT12 is a new payment protocol for Lightning that offers enhanced privacy, reusable payment codes, refunds, and much more, all natively over the Lightning Network.” No additional servers are required. This is all possible using new technologies like onion messages and route blinding. BOLT12 specification defines “an offer that can be considered a precursor to an invoice. It contains less data than an invoice and is smaller to display as a QR code. Optionally, it may contain blinded paths—more on that in a moment. Someone scanning an offer sends an invoice request to the intended recipient, who replies with an invoice containing a unique payment hash.”

Guide

OCEAN Pool Integrates BOLT12 Lightning Payouts

“Using BOLT12 also allows us to prove to the world that a payment was made, the size of the payment, the node to which it was paid, and that it was paid by us. This means we can continue to offer fully transparent and verifiable pooled mining while no longer being restricted by the base layer.”

“Pools traditionally have held miners’ bitcoins like a bank, while on-chain Bitcoin transactions get increasingly expensive as the demand for Bitcoin rises. For small miners, the problem is exacerbated since in some cases the cost of the transaction fee is higher than the reward that they earn. This is unsustainable because it creates lock-in to custodial pools. OCEAN helps overcome this risk using Lightning,” OCEAN co-founder Luke Dashjr said.

Announcement Press Release Documentation]

AntPool & Bitmain Acting as ‘a Pool of Pools’ - Report

“Looking at the merkle branches that mining pools send to miners as part of stratum jobs, it’s clear that the BTCcom pool, Binance pool, Poolin, EMCD, Rawpool, and possibly Braiins* have exactly the same template and custom transaction prioritization as AntPool,” analyst 0xB10C recently shared in a post.

note: pooled mining is surprisingly something that wasn’t unexpected

full post

Scam Wallets - And how to spot them

Apple’s App Store continues to publish fraudulent apps that mimic popular Bitcoin wallets, leading to the theft of money from unsuspecting users.

Attack Scenarios

• Malicious Clone
• Clipboard Hijacker
• Compromised PC
• Social Engineering
• Planted Wallet File

nobsbitcoin article Electrum Tips

Cheyenne crypto mine with Chinese origins ordered to divest

In October, The New York Times published an article detailing some of the security concerns around a Cheyenne-based crypto-mining operation with Chinese origins located within one mile of F.E. Warren Air Force Base.

On Monday, The White House released a statement ordering the sale of land to the company be reversed, citing a national security risk.

The purchasers acquired the land from Cheyenne LEADS in June 2022, and then made improvements to allow for specialized cryptocurrency mining operations. The land is in close proximity to F.E. Warren, a strategic missile base and home to Minuteman III intercontinental ballistic missiles.droid

Link

El Salvador’s Chivo Wallet Source Code & VPN Access Leaked

According to The Block, the hackers released the stolen information to the public to punish the Salvadoran government for refusing to engage with them. It’s unclear what the hackers want to discuss with El Salvador officials. “This time I am bringing you the code that is inside the Bitcoin Chivo Wallet ATMs in El Salvador, remember that it is a government wallet, and as you know, we do not sell, we publish everything for free for you,” CiberInteligenciaSV said in a post. The files reportedly contain snippets of the wallet’s code and VPN credentials associated with the Chivo Wallet’s ATM network. The group recently disclosed the personal data of approximately 5.1 million Salvadorans in a separate exploit. This is part of a series of extensive database leaks containing various records from the country.

Note: stakes are high

Article

Robosats Mobile App

The RoboSats Federation is a set of rules that allows multiple RoboSats instances to work together under a unified client app. This federated client app enables users to seamlessly interact with any coordinator, track the coordinator reputation, verify transparently devFund donations, and more.g the current cost-less-impairment accounting model for many entities.

nobsbitcoin article Announcement

BitVM 8-bit PC

“It’s true, you can write bitcoin smart contracts in Assembly now instead of learning boolean logic circuits,” wrote @Super Testnet. Someone also wrote a multiplication function for this virtual CPU

Link BitVM Calculator

Strike opens up for Taiwan Users!

Strike offers global remittance through the Bitcoin Network, using Lightning. Strike allows Taiwan users to register and supports VISA debit card deposits. Balances are only held in USD Strike currently has no banking relationships in Taiwan

link

Discussion on CVE-2023-50428 / Vulnerability in Bitcoin Core and Bitcoin Knots (Remains Open!)

Why this is a CVE - the software which creates these OP_IF/FALSE/PUSH transactions circumvents the existing filters, and there is no such mechanism is in place to to recognize these transactions as non-standard (there are no configuration options to address this).

datacarrier and datacarrier size parameters in bitcoin.conf does not include inscription transactions

Companies and individuals maintain their own versions of Bitcoin software and should be monitoring vulnerabilities across their stack. Ultimately everyone can decide whether or not a CVE applies to them, whether or not vulnerability should be classified as such is not the issue, it is a situation to address.

There is a patch available as commit #28408, the patch does not censor ordinals, it simply subjects an expanded set of transactions which inscribe data onto the blockchain to go through the same filters as before. The miners aligned with the patch are forgoing mining fees to run this filter.

Nodes which apply the patch have the drawbacks of fee-estimations being off and slower block validation times.

Note: demonstration available on how to apply the patch (homework!)

CVE-2023-50428

Pull Request/Patch

New on Geyser: Bitcoin Explorama, BitFables, Smart Child Kenya & More

Discover and show support to some of the latest Bitcoin grassroots projects and initiatives launched via the Geyser crowdfunding platform.

nobsbitcoin

Nakamoto Institute update/facelift

The Satoshi Nakamoto Institute was founded in November 2013 to advance and preserve knowledge of Bitcoin’s history, economics, and technology.

SNI is a Texas nonprofit corporation exempt from tax under Section 501(c)(3) and classified as a public charity.

link

Nostr, zaps and stuff (always)

Taiwan BitDevs would like to explore Nostr with the audience by generating an npub with the audience present to follow along. Nostr stands for “notes and other stuff transmitted over relays” it is a protocol designed around censorship resistance which can be used for social media. Nostr is a lot of fun and a great way to use Lightning Network (NIP-57 / zaps / LNURL)

NIP update - nostr marketplace (NIP-15)

Theres an LNBits extension that allows you to list and shop for goods using nostr relays and get paid through Bitcoin/Lightning

tutorial nip-15

github link

web client

Amethyst android

Damus iOS