Still don't get why most VPS providers don't offer Alpine Linux as the host choice. Are they afraid to find out this is the only Linux they actually need?

Because everything else can be dockerized if one desperately needs Ubuntu/Debian/Alma/other bloatware for a particular package.

Yet they prefer to dockerize Alpine and keep the bloatware permanently on each VM for some reason.

OK, managed to build monero-wallet-cli, still no success with GUI.

The intention does make a difference. Honest people must not suffer for this.

Besides, I don't know the full scale of the problem yet to make any bold statements. What I'm saying right now is merely this: clueless devs are not to work in any critical areas (aerospace, military, medicine, financial, *including* crypto), or else we're about to have Therac-25 all over again, but much more globally.

Any working #Monero setup for #OpenBSD? Despite numerous claims of people doing this, I haven't been able to build either the official or the Feather wallet on OpenBSD 7.4-current.

Totally. On the other hand though, there are plenty of things hiding in plain sight (on already existing infrastructure). Just have to look at them from a bit different angle than everyone else.

But the more I live, the less I keep believing in the Hanlon's razor ("Never attribute to malice that which is adequately explained by stupidity"). It is ENTIRELY plausible that these "child mistakes" might be deliberately left in their code to facilitate some automated shadow fund distribution by request in the form of invalid transactions...

Am I a conspiracy theorist or are they really THAT stupid?

As a total noob with those blockchains, I find it scary that even such a noob can find such security holes in some services using them within a few days. Yes, it's not a single one anymore.

Nice to see someone still is on Gopher too! My hole is gopher://hoi.st

Found a way to suppress that warning.

My kisstron project is now proven to work on OpenBSD, being the second non-browser-based Tron wallet that works here.

Here, dependency installation is like this:

```

doas pkg_add autogen autoconf automake libtool py3-cffi

export AUTOMAKE_VERSION=1.16 # replace with yours

export AUTOCONF_VERSION=2.71 # replace with yours

pip install -r requirements.txt

```

The only inconvenience is the warning that urllib3 is giving about not supporting LibreSSL. Doesn't seem to affect the functionality though.

Of course. Didn't like it at all. The zig cc compiler is a nice cross-toolchain alternative for clang though.

Ok, I have taken a look at ATS and suspect that it's the same as Nim in terms of using an intermediate C source. Myrddin looks more self-sufficient. But thanks, good to have another option in the arsenal.

Myrddin looks OK, doesn't depend on glibc, compiles static binaries out of the box, still a stripped fizzbuzz from the readme takes 181800 bytes on Linux x86_64.

Importing (just importing, not using) http and regex modules increases the (stripped) size to 356392 bytes.

So, basically, it might be easier for my usecases than OCaml, but the same problem remains. And the development is pretty much stalled. Alas.

But I might give it a try for some small project in the future.

I need something like OCaml, but that doesn't generate such a huge binary when statically linking with musl because it tries to put the entire runtime, even the unused functions, in there.

What should I try? Myrddin or something else? #asknostr

Ksh rocks. Even on Linuxes, I use oksh wherever I can, except one single machine.

Just checked — indeed, the vulnerability I discovered yesterday is not on the particular merchant's side, but on the entire crypto payment provider.

Of course I won't tell which provider it is, but I wonder which other shops are using it now...

And its main dev hates cryptocurrencies and bans any project related to them on SourceHut.

Actually, Xen allows to put hard CPU quotas for the VM to only use several cores out of many. For KVM, I'm not sure.

Any bare metal servers one can buy for crypto out there?

Interesting how the ToS of many (if not all) VPS and cloud instance services, even the anonymous ones, explicitly prohibit their usage for mining crypto.

Guys, I'm paying you for the computing resources, what I do with them should be none of your fucking business, at least as long as I'm not congesting your network or sending out spam.

Does anyone know of a VPS service that doesn't put any restrictions on mining? #asknostr

But the main phenomenon is: it's 2024 out there, there is a horde of devs saying they are "into crypto" yet having no slightest clue about how to _properly_ validate the transactions on the blockchain of their choice.

This phenomenon is primarily driven by the fact that customer wallets offer too little control over the transactions. The aforementioned devs, who use the same wallets (because the proper ones with fine-grained control usually have too complicated UI), don't even expect atypical scenarios to happen because they think no wallet will let them happen. They also seem to have missed all information security courses, otherwise they would know this: validation always must happen on what theoretically can be sent, not on what usually is sent.

Yet they want us to use browser extensions and other inherently insecure bollocks. Good luck...