The risk of hidden malicious code is why general purpose computers aren’t suitable for #Bitcoin security.
With embedded hardware, you can have much more confidence that the device has not been tampered with, reducing the risk of attacks like Dark Skippy.
nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 explains in BR072.
When it comes to #Bitcoin, verifying the integrity of your signing device is essential. If you can’t trust the firmware, you’re taking a big risk with your private keys.
nostr:npub1mxrssnzg8y9zjr6a9g6xqwhxfa23xlvmftluakxqatsrp6ez9gjssu0htc gives the lowdown in light of the recent Dark Skippy attack revelations, in BR072.
When it comes to #Bitcoin, keeping your private key secret is critical.
The Dark Skippy attack demonstrates how the nonce, which is required for signatures, could potentially reveal the master secret.
nostr:npub1emdtsxly9m68m00x206t574jttp65vk0c2m89ms038q047yz7ylqcac9aw breaks down the attack in BR072.
🚀 BR072: Dark Skippy Attack, Proton Wallet, Mutiny Sunsets, BDK, Nunchuk +MORE ft. nostr:npub1p4kg8zxukpym3h20erfa3samj00rm2gt4q5wfuyu3tg0x3jg3gesvncxf8 , nostr:npub1emdtsxly9m68m00x206t574jttp65vk0c2m89ms038q047yz7ylqcac9aw , nostr:npub1mxrssnzg8y9zjr6a9g6xqwhxfa23xlvmftluakxqatsrp6ez9gjssu0htc & nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8
Listen to the episode:
➡️ Fountain: https://fountain.fm/episode/HZcDSZ8cuSmBeSpwvFBs
➡️ Spotify: https://open.spotify.com/episode/6s6VrUymh7S0baQetEBoOG?si=9f77b8841ce54841
➡️ YouTube: https://youtu.be/Cy_0d8BiZiI
Shownotes:
➡️ Website: https://bitcoin.review/podcast/episode-72
➡️ Substack: https://substack.bitcoin.review/p/bitcoin-review-podcast-br072-dark?r=2tlln9
Rijndael gives the TLDR on Dark Skippy - an attack that can exfiltrate secret keys from compromised signing devices using malicious firmware. 👇
The Great Script Restoration aims to restore old #Bitcoin opcodes with Taproot analogs.
Could this allow us to solve problems like L1 custody? nostr:npub1mxrssnzg8y9zjr6a9g6xqwhxfa23xlvmftluakxqatsrp6ez9gjssu0htc thinks so.
What do you want to see improved in Bitcoin? Could The Great Script Restoration offer a solution? [BR069]
There are a lot of strong opinions out there about OP_CAT. But what does it actually DO?!
nostr:npub1mxrssnzg8y9zjr6a9g6xqwhxfa23xlvmftluakxqatsrp6ez9gjssu0htc takes it back to basics, discussing with nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 what CAT does, and crucially, how previously unresolved risks are mitigated against. [BR069]
Hey Root, wanna come on the pod and talk about some of this stuff with nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 and guests? We're putting together a panel and we want your brains!
Ordinals & inscriptions have prompted us to ask questions about how the economics of non-financial transactions could evolve.
Could it disrupt the financial use case of #Bitcoin? And should we/can we mitigate it?
Adam Gibson, Poelstra and nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 debated this very topic in BR029.
Why does witness data get a discount while UTXO data doesn't?
The answer lies in how and why SegWit resolved the quadratic hashing issue.
Andrew Poelstra discusses with nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 the reason for the witness discount in BR029.
How do we prevent small UTXOs from being useless due to miner fees outweighing the UTXO?
nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 , nostr:npub16fhh3ev4gytmt3jn3gkkez9z99kxtspcwupen4cxn2tcym4sd22surn62p and nostr:npub1hea99yd4xt5tjx8jmjvpfz2g5v7nurdqw7ydwst0ww6vw520prnq6fg9v2 weigh in on this important question, discussing best practices for UTXO management in BR071.
Speedy Trial? UASF? What would be the best approach to activate OP_CAT?
nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 , nostr:npub1mxrssnzg8y9zjr6a9g6xqwhxfa23xlvmftluakxqatsrp6ez9gjssu0htc and Andrew Poelstra discuss the most practical and safe method of potential CAT activation in the future [BR069].
The incompatibility between LNURL and BOLT12 is causing some friction in the Lightning Network space.
nostr:npub16fhh3ev4gytmt3jn3gkkez9z99kxtspcwupen4cxn2tcym4sd22surn62p , nostr:npub1u8lnhlw5usp3t9vmpz60ejpyt649z33hu82wc2hpv6m5xdqmuxhs46turz and nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 discuss how can this be resolved and where we're headed with these two standards.
BIP47 and silent payments offer different approaches for payment privacy.
nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 , nostr:npub16fhh3ev4gytmt3jn3gkkez9z99kxtspcwupen4cxn2tcym4sd22surn62p and nostr:npub1hea99yd4xt5tjx8jmjvpfz2g5v7nurdqw7ydwst0ww6vw520prnq6fg9v2 discuss the need to consider the UX and long-term viability of these solutions in BR071.
Lava Wallet is set to provide liquidity for #Bitcoin loans, all while keeping it self-custodial and private.
nostr:npub16fhh3ev4gytmt3jn3gkkez9z99kxtspcwupen4cxn2tcym4sd22surn62p discusses with nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 how Lava is changing the game when it comes to DLC based loans in BR071.
Want to get started building in #Bitcoin and #nostr ?
Great places to start:
- Programming Bitcoin by nostr:npub10vlhsqm4qar0g42p8g3plqyktmktd8hnprew45w638xzezgja95qapsp42
- Bitscript.app learning resources
Or just pick an area that fascinates you, dig into the specs, and start coding! nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 nostr:npub1hea99yd4xt5tjx8jmjvpfz2g5v7nurdqw7ydwst0ww6vw520prnq6fg9v2 and nostr:npub16fhh3ev4gytmt3jn3gkkez9z99kxtspcwupen4cxn2tcym4sd22surn62p share their tips.
#bitcoin custody considerations differ for each person.
Without custodians, good key management is paramount. With custodians, rug pulls and social engineering become threats.
nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 , nostr:npub16fhh3ev4gytmt3jn3gkkez9z99kxtspcwupen4cxn2tcym4sd22surn62p & nostr:npub1hea99yd4xt5tjx8jmjvpfz2g5v7nurdqw7ydwst0ww6vw520prnq6fg9v2 discuss the varying security considerations, especially as value grows.
Could FROST and ROAST solve #nostr key rotation issues?
nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 , nostr:npub1u8lnhlw5usp3t9vmpz60ejpyt649z33hu82wc2hpv6m5xdqmuxhs46turz and nostr:npub1hea99yd4xt5tjx8jmjvpfz2g5v7nurdqw7ydwst0ww6vw520prnq6fg9v2 explore how these primitives could ensure seamless key management in BR071.
Is this the key (pun intended) to better security? 🔐
Did you hear about the recently launched nostr:npub1tt77ckayp4xqgausz72saygxx2574xht9lfm7ftmw40kcttrr0sswmz8a9 ?
Lendasat lets you take instant loans to pay Lightning invoices, so you don't need to sell your #bitcoin.
It's a non-custodial protocol powered by DLCs on Ark.
nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 discussed the project with nostr:npub16fhh3ev4gytmt3jn3gkkez9z99kxtspcwupen4cxn2tcym4sd22surn62p in BR071.
How bullish are you on #nostr?!
nostr:npub16c0nh3dnadzqpm76uctf5hqhe2lny344zsmpm6feee9p5rdxaa9q586nvr has set the bar high with nostr:npub12vkcxr0luzwp8e673v29eqjhrr7p9vqq8asav85swaepclllj09sylpugg as a client with UX which can rival platform like X. While other projects are experimenting with unique features enabled by nostr's design.
nostr:npub132ertlsrunh600cph2au55ssmel2cqdt5mnrpxfand5ych4nmp8q50zmdh and nostr:npub16fhh3ev4gytmt3jn3gkkez9z99kxtspcwupen4cxn2tcym4sd22surn62p give their take in BR071.
The intersection of #nostr and #ecash is becoming extremely exciting.
nostr:npub16fhh3ev4gytmt3jn3gkkez9z99kxtspcwupen4cxn2tcym4sd22surn62p discusses the efforts of nostr:npub1l2vyh47mk2p0qlsku7hg0vn29faehy9hy34ygaclpn66ukqp3afqutajft in tying your ecash balance to your npub, which offers both huge opportunities as well as raising some important questions about opsec. #BR071