Canโt they just print a 35 trillion dollar bill and call it a day?
August 15th, 1971
Write your seeds in a poem.
Harlem #Bitcoin Community Meetup!
Tuesday, August 13th
7โ9 PM
๐บ๐ธ AMERICAN STRATEGIC BITCOIN RESERVE? ๐บ๐ธ
What is it? Do we need it? What does it mean for bitcoin and the U.S. election?
Get your questions answered, and enjoy some great food and company.
Safari Restaurant
55 Saint Nicholas Ave
Harlem, NYC
This is a free event! ๐งก
https://events.humanitix.com/harlem-bitcoin-community-meetup-tuesday-august-13-7pm
Damn. I wonโt be in town for this one but Iโll be at one of these before the end of the year
It seems dead bodies are beginning to surface.
https://theminermag.com/news/2024-08-07/bitcoin-miner-rhodium-in-distress-amid-loan-defaults/
Bitcoin community banks are now here. Thank you nostr:npub1kp7jzme0qs3wcqjjmkq6v5fm359sclhc22glhadgtmerlr0h37nsn8487l!
nostr:note1hldd20rqpq8uvz05an0e90anqd0l3v6v0zk6yaaq9yxgu736qr0s2muq9c
Today we disclose Dark Skippy - a powerful new method for a malicious signing device to leak secret keys.
With a modified signing function, a device can efficiently and covertly exfiltrate a master secret seed by embedding it within transaction signatures
https://darkskippy.com/demo.mp4
If an attacker manages to corrupt a signing device, Dark Skippy can deliberately use weak & low entropy secret nonces to embed chunks of the seed words into transaction signatures.
It takes just two input signatures to leak a 12 word seedphrase onto the Bitcoin blockchain.
The attacker can watch on-chain until they spot an affected transaction, unblind and invert the low entropy nonces using an algorithm like Pollard's Kangaroo algorithm to learn the master secret seed.
Then the attacker can wait and steal the funds whenever they decide best.
Despite this attack vector not being new, we believe that Dark Skippy is now the best-in-class attack for malicious signing devices.
- The attack is impractical to detect
- Requires no additional communication channels
- Effective on stateless devices
- Exfils master secret
Beyond ensuring your device firmware is genuine and honest (opensource), mitigations include anti-exfil signing protocols and we present some new ideas for additions to PSBT specifications to disrupt this attack.
We encourage mitigation discussion and implementation exploration.
This attack highlights the importance of verifying and securing your device's firmware, and the danger of sharing stateless signing devices with other people.
We will be publicly releasing our code later this year.
Authors: nostr:npub1xh897wvhn93tda0zws94mdyc7eagc8qm0798clp7x48zh6kjwazq29gst6 (follow him so he gets onto nostr), Robin Linus, and myself.
If you have any concerns or questions we recommend checking out the FAQ page on our website:
This is scary.
Are the latest nostr:npub1s0vtkgej33n7ec4d7ycxmwt78up8hpfa30d0yfksrshq7t82mchqynpq6j devices (passport batch 2) spared from this running the latest firmware?
Has anyone used Blixt wallet?
Instead of doom scrolling, go touch grass or go to thesaifhouse.com!
nostr:note1j0u5j0dlznejpetcahgh4c8hkw5t7kvfzj3v8f4p29vluck24zfsnmcs2v
Hashprice <$40/PH/Day rn
I just tried nostr:npub18d4r6wanxkyrdfjdrjqzj2ukua5cas669ew2g5w7lf4a8te7awzqey6lt3โs Accelerator for the first time & I must say, itโs clutch!
I thought my tx was stuck in purgatory ๐
Hi everyone!
Iโm new in these Nostr streets. I work in Ops, ASIC research at MARA (no, I didnโt advise them to mine Kaspa).
Here to โฟoost the signal!
Looks like the Yen rallied rather than crashed vs the dollar