Complex multisig can add security through obscurity, but every choice leaves its mark, and trade-offs remain.
nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 , nostr:npub1hea99yd4xt5tjx8jmjvpfz2g5v7nurdqw7ydwst0ww6vw520prnq6fg9v2 , and nostr:npub1emdtsxly9m68m00x206t574jttp65vk0c2m89ms038q047yz7ylqcac9aw dive into the pros and cons of unusual multisig setups in BR089.
Is your client different from your signer? 🤔
In an ideal world, the client wallet will not know which signer you're using (but, as with all things security related, there are always some exceptions to the rule).
nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 and nostr:npub1hea99yd4xt5tjx8jmjvpfz2g5v7nurdqw7ydwst0ww6vw520prnq6fg9v2 discuss client/signer independence in BR089.
Are you a 12 word or 24 word maxi?
A often overlooked benefit of 24 words is that you can split a seed plate - 12 words on each side - which renders it unbreakable by brute force if one part is discovered.
nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 gives his pitch for 24 words over12 words for single sig in BR089.
COLDCARD and Jade simplify PSPT workflows with full-file transfers. Trezor and Ledger, on the other hand, break it into parts, requiring more steps.
nostr:npub1hea99yd4xt5tjx8jmjvpfz2g5v7nurdqw7ydwst0ww6vw520prnq6fg9v2 sheds some light on the complexities involved in building the Lark app for interacting with hardware wallets in BR089.
🚀 BR089 - Lark, Security Tradeoffs Masterclass, Bitcoin Quantum Risks, WabiSabi Deanonymization, Core Txn Broadcast, Better Wallet Migration, Scaling Bitcoin, Bullish Sentiments + MORE ft. nostr:npub1hea99yd4xt5tjx8jmjvpfz2g5v7nurdqw7ydwst0ww6vw520prnq6fg9v2 , nostr:npub1emdtsxly9m68m00x206t574jttp65vk0c2m89ms038q047yz7ylqcac9aw & nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8
Listen to the episode:
➡️ Fountain: https://fountain.fm/episode/tE59LQcb8ZrV6RRizTWN
➡️ Spotify: https://open.spotify.com/episode/2z5y5npFquDVZZoNV9ogRE
➡️ YouTube: https://youtu.be/WmVFUJ1JPxk
Shownotes:
➡️ Website: https://bitcoin.review/podcast/episode-89/
➡️ Substack: https://substack.bitcoin.review/p/br089-lark-security-tradeoffs-masterclass
Craig talks through the complexities of working with all the various protocols and systems used by different hardware wallets when building Lark. 👇🏼
Nostr's low barrier to entry stands in sharp contrast to Bitcoin’s early days, where trades happened at Starbucks with IRC price checks.
nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 highlights how #nostr's design simplifies adoption AND revolutionizes payments in BR083.
#Nostr removes the need for accounts - just generate a key and you're good to go.
@nvk and nostr:npub1v0lxxxxutpvrelsksy8cdhgfux9l6a42hsj2qzquu2zk7vc9qnkszrqj49 of nostr:npub1eaz6dwsnvwkha5sn5puwwyxjgy26uusundrm684lg3vw4ma5c2jsqarcgz dive into the benefits of this on live content in BR082.
Google Wave. Google Circles. Dead products, but not bad ones.
Could #nostr revive selective content visibility with MLS?
nostr:npub1jlrs53pkdfjnts29kveljul2sm0actt6n8dxrrzqcersttvcuv3qdjynqn discusses the potential in BR079.
What’s the difference between nostr script and DVMs?
nostr:npub1xtscya34g58tk0z605fvr788k263gsu6cy9x0mhnm87echrgufzsevkk5s of nostr:npub18m76awca3y37hkvuneavuw6pjj4525fw90necxmadrvjg0sdy6qsngq955 shares his view on this, and how they can both serve to supercharge nostr feeds, in BR078.
Spam-resistant communication is vital, but complex for decentralized networks like #nostr.
Rotating group IDs might counter spam, but what if bots leak new IDs to spammers? nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 , nostr:npub180cvv07tjdrrgpa0j7j7tmnyl2yr6yr7l8j4s3evf6u64th6gkwsyjh6w6 , nostr:npub1jlrs53pkdfjnts29kveljul2sm0actt6n8dxrrzqcersttvcuv3qdjynqn and nostr:npub1zuuajd7u3sx8xu92yav9jwxpr839cs0kc3q6t56vd5u9q033xmhsk6c2uc discuss the problem, and possible solutions, in BR081.
Unlike X, where you're force-fed chaos, #nostr's relay system offers choice.
Subscribe to curated feeds that align with your interests - recipes, regional events, or even ideologies.
nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 and nostr:npub180cvv07tjdrrgpa0j7j7tmnyl2yr6yr7l8j4s3evf6u64th6gkwsyjh6w6 discuss the freedom nostr offers to opt out of the noise in BR080.
The beauty of #Nostr's chronological feed? No manipulation.
The downside? Time zone mismatches and weekly gems being drowned out by the 100-posts-a-day crowd.
nostr:npub1jlrs53pkdfjnts29kveljul2sm0actt6n8dxrrzqcersttvcuv3qdjynqn discusses nostr feed pros and cons in BR078.
Bootstrapping a #Bitcoin node just got easier.
Import a UTXO snapshot, sync to chain tip quickly, then verify from Genesis - all thanks to AssumeUTXO.
To learn more more, nostr:npub1mxrssnzg8y9zjr6a9g6xqwhxfa23xlvmftluakxqatsrp6ez9gjssu0htc recommends nostr:npub17u5dneh8qjp43ecfxr6u5e9sjamsmxyuekrg2nlxrrk6nj9rsyrqywt4tp ‘s blog post. [BR088] 👇
https://blog.lopp.net/bitcoin-node-sync-with-utxo-snapshots/
Bitcoin Core PR #30239: Introduces a standard for ephemeral dust outputs, enabling zero-fee transactions with dust outputs to be included in the mempool.
nostr:npub1mxrssnzg8y9zjr6a9g6xqwhxfa23xlvmftluakxqatsrp6ez9gjssu0htc plugs the PR in BR088.
If you can't afford a hardware wallet, do you really need one?
Below a certain threshold, software wallets may be a simpler and smarter approach.
nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 and nostr:npub1mxrssnzg8y9zjr6a9g6xqwhxfa23xlvmftluakxqatsrp6ez9gjssu0htc talk stack-size-based security in BR088.
bitcoin-script-hints: A magical neovim plugin for #Bitcoin Script by Taproot Wizards
Bitcoin tooling just got a whole lot better! 🚀💻
nostr:npub1mxrssnzg8y9zjr6a9g6xqwhxfa23xlvmftluakxqatsrp6ez9gjssu0htc gives the scoop in BR088.
Private, ad-free pay-per-query search engine nostr:npub1lmzc2834vuk9f2ug4gklyu2n4du9p9nwhaugtzak7l464drmdvvs38jfdp is now on #nostr! A big win for privacy-first tools embracing decentralized networks.
nostr:npub1r8l06leee9kjlam0slmky7h8j9zme9ca32erypgqtyu6t2gnhshs3jx5dk highlights its summarizer for AI-driven insights on long content. Perfect when you need info fast and private. [BR088]
Q: Can the COLDCARD Q export and encrypt notes for decryption on another Q with the same seed?
A: Yes, via the backup clone feature
nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 gives his response to this audience question from Chris in BR088.
Proton Wallet adds RBF to speed up the confirmation time of transactions. 🎉
But is the new self-custody wallet for non-techies a hit or a miss?
nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 , nostr:npub1mxrssnzg8y9zjr6a9g6xqwhxfa23xlvmftluakxqatsrp6ez9gjssu0htc and nostr:npub1u8lnhlw5usp3t9vmpz60ejpyt649z33hu82wc2hpv6m5xdqmuxhs46turz give their take in BR088.
The Krux AES-CBC flaw that weakened encryption for backups on flash drives and SD cards is a reminder: cryptographic security is only as good as its implementation.
nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 & nostr:npub1mxrssnzg8y9zjr6a9g6xqwhxfa23xlvmftluakxqatsrp6ez9gjssu0htc discuss the vulnerability and caution against DIY signers for single sig in BR088.