I have updated this table although more technical things could be added here. Let me know if you see something important is missing.

**Security Update**

I've got some bad news for you guys. This morning, as I was adding error handling to flotilla, I discovered that Coracle has been sending user session objects to bugsnag when reporting errors.

Who is affected: Users who triggered an error in Coracle while signed in with their private key, since December 5th 2023.

What I've done:

- I immediately released a new version of Coracle, both to web and to zap.store

- I have deleted the affected apks from my releases

- I have deleted all my error data from bugsnag

- I have deleted my bugsnag project and rotated my api key, so lingering error reports will be dropped

- I have audited my code for use of the session object to ensure nothing else like this is happening

What you should do:

- If you're logged in with your private key, log out

- Hard refresh the page to ensure you have the latest version of Coracle

The bottom line is that if you signed in to Coracle with your private key, it has been shared with me and with bugsnag. In practical terms, your keys should still be secure, since they were sent over TLS, and have been deleted. But there is no guarantee I can offer that they are in fact gone.

I take my users' privacy seriously. My error reporting implementation doesn't record user IPs, it redacts identifying data, and it allows users to opt-out. I also warn the user when they attempt to enter an nsec into a text field. In this case, I simply screwed up, and I sincerely apologize. Reply to this note if you have any questions.

Might want to update the website then. Because the FAQ is out of date and the Google play and 'try it online' links are dead.

I tried apk on Android.. but it didn't work.. it has stopped when bootstrapping saying no VPN connection.. I didn't understand how it works..

Is there a testnet for trying #joinstr?

#asknostr

#Joinstr is dead on arrival. There's no way in hell any "paranoid crypto-anarchists" will turn off their own VPNs (or Orbot proxy), just to use the app.

Incredible.

I've been waiting to see this happen for so long (pic 1 is from an old presentation) – now suddenly there are two proof of concepts (pic 2) that use bitcoin-denominated ecash to incentivize onion-routing on nostr.

The future probably doesn't require shitcoins.

- it's not a tweet

- cool

- no it's not

LNURLw works if you're offline, but your internet gateway is online to redeem the payment. You can also use e-cash non custodially if you run your own mint

Custody clearly comes with risks, though I want to have e-cash if I must use a custodian, because standardizing the interaction with custodians allows me to leave the custodian frictionlessly and it happens to come with privacy.

Yesterday I witnessed atomic real time channel rebalancing involving mints. Users of lightning can benefit from the liquidity without using custodians themselves.

Cashu isn't an upgrade to or replacement of lightning. Mints are lighting nodes. The scenario calle described literally is not possible with LN alone.

One amazing thing I learned about (out of many) at the ecash conference

A router for sharing internet

Someone from India, living in a place with a lot of internet access problems, built a set-up where people can buy internet without having any internet in the first place. 1 sat per minute

He built a captive portal that you log into and the page says — I take ecash from this one mint, get ecash from there and paste it into this text box — you paste it in, hit enter, and you’re online

You’ve made an offline payment and voila, you're now online

There are many exciting Bitcoin developments happening but it's becoming more clear that ecash is a wholly different, complementary technology that does different things, including many things that Bitcoin can't do no matter how many upgrades it gets

nostr is boring without algorithms!