Bitcoin is no longer legal tender in El Salvador

We use the Flutter framework, so we should be able to build a Linux version.

Old Nostr DM (NIP-4) integrates four capabilities into a single Nostr key—it serves as an ID, an encryption key, a receiving address, and a sending address.

The encryption key in NIP-4 does not change, so NIP-4 messages lack both forward secrecy and backward secrecy.

Consequently, if the private key is compromised, both historical and future messages can be exposed.

The receiving and sending addresses remain constant, which poses a severe issue for metadata privacy in NIP-4 messages;

Everyone can see who (ID) is sending messages to whom (ID).

Currently, most Nostr apps use NIP-4 for DM functionalities, such as Damus and Primal.

——————————————————————————————————————

New Nostr DM (NIP-17) integrates three capabilities into a single Nostr key—it serves as an ID, an encryption key, and a receiving address.

Kind-17 separates the sending address from the ID, making the sending address random and concealing the sender's real ID, thus improving metadata privacy.

The encryption key in NIP-17 does not change, so NIP-17 messages also lack forward secrecy and backward secrecy. Once the private key is leaked, both historical and future messages will be compromised.

The receiving address remains constant, so there is still a slight issue with metadata privacy in NIP-17 messages; everyone can see who (ID) is receiving messages.

Apps like 0xchat and Amethyst use NIP-17 to implement DM functionalities.

——————————————————————————————————————

In Keychat, the ID, encryption key, receiving address, and sending address are separated.

The encryption key, the receiving address, and the sending address are updated independently and continuously.

Keychat's encryption key is derived using the Signal protocol, and each message uses a unique encryption key, which is deleted after use.

Thus, Keychat messages have both forward secrecy and backward secrecy. Even if an encryption key is compromised, only the current message can be leaked, and historical and future messages remain secure.

Keychat's sending address is randomly generated for each message.

Therefore, external parties do not know the sender's ID.

Keychat's receiving address is derived using the Signal protocol, with almost every message using a unique receiving address.

Thus, external parties do not know the receiver's ID.

——————————————————————————————————————

However, it's important to emphasize that NIP-4 and NIP-17 offer superior multi-device synchronization capabilities because they integrate three capabilities into a single Nostr key—it serves as an ID, an encryption key, and a receiving address.

TL;DR:

Foundry’s dominance in Bitcoin mining isn’t about reducing variance, as most of its large-scale clients don’t need that. Instead, miners use Foundry because it helps them comply with regulations, making Bitcoin mining more palatable to lawyers, accountants, and shareholders. This “compliance by proxy” comes at a high cost, centralizing mining power and creating risks for Bitcoin’s decentralized nature. As Foundry’s share of the network grows, it raises concerns about censorship and control, yet miners stick with it because it simplifies their operations in a regulatory-heavy environment—even at the expense of Bitcoin’s core values of decentralization and resilience.

How do we fix this my brother?

So we're regularly noticing how unacceptably large Foundry has gotten and it would be good if Bitcoiners in general understand why we are where we are.

First, let's talk about what it is pools actually do, starting from the theoretical going all the way the practical.

In theory they make no difference to anything - they simply reduce variance.

Instead of earning $.X per year, you earn $.X/365 per day.

This is far more consistent and makes day to day operations easier and it's clear why someone would want to do this - assuming they're a smaller miner who is not capable of finding block frequently enough without pooling and splitting rewards with others.

This might be desirable to the point where you'd even pay a split to the coordinator (pool) because it's that valuable of a service.

To take it further, the absolute hands-down most common payout model for a pool to use is FPPS - this doubles down on the supposed benefit that is so compelling here. It stands for Full Pay Pay Share which -in theory - means that miners get paid on a share to share basis (something they're submitting multiple times a minute) a highly predictable amount.

This means you not only have you abandoned dealing with lotto-variance (waiting until you find a block) or even standard pool variance (waiting until someone on the pool finds a block) but instead you're mining with a pool that grants you earnings multiple times per minute regardless of if the pool is finding any blocks or not.

This is variance reduction to such an extreme that the product becomes unbelievably expensive because pools have now put themselves in a position where they must pay miners for blocks that might - and very often don't - happen.

This was demonstrated beyond doubt when OCEAN (non-FPPS) released its numbers and they outperformed FPPS by over 30% in some cases during its first year of operation.

*Note: This is NOT a "You should mine on OCEAN" post. I am simply trying to explain why miners are making the decisions they are because it seems to be eluding almost everyone.

So miners are apparently opting for variance reduction to the point where they want to get paid no matter what for blocks that may or may not even exist with resolution all the way down to the share level.

But here's the part where the disconnect between theory and reality comes in.

Nearly all the miners on Foundry have absolutely zero need for this kind of variance reduction - or indeed any at all.

The publicly traded miners that make use of Foundry all have the ability to find multiple blocks a day without any third party whatsoever which is way more than enough.

As mentioned already, FPPS is an extremely expensive product that logically would only be required by a miner faced with 24 hourly energy bills who only has 100 Petahash or so. Again, the typical Foundry miner is 100 times the size of this coming in at almost 10 Exahash at the smaller end.

So if Foundry solves a particular issue - variance - and charges a fortune to do it, and its main customer is miners that could lotto-mine and find multiple blocks a day without incurring the costs of FPPS then what on Earth are they doing?

The naive answer is that they haven't done the maths. In some cases I actually know this to be true. You're an enormous miner and you do a deal with Foundry - they charge you 0.1% fee and you think that's equivalent to if you cut out the middle man entirely pretty much so it becomes worth it.

But with FPPS the fee is never the fee. That is the airport currency exchange sign that says "0% COMMISSION" and gives you something about 14% worse than market rate. Where is the money going?

I don't think most miners are actually making that mistake, at least not all of them.

It's time to explain the real reason here.

Compliance by proxy.

And this is what's key to understand.

History: Once upon a time a pool called GHash(.)io got above 40% of the hashrate (which Foundry is doing repeatedly at this point) and the miners all fled out of instinct to protect the network. You simply cannot have any single entity making 50% of the blocks that get added to the chain or anything approaching that.

So why aren't miners doing it today? Are they that addicted to variance reduction when the calibre of miner that uses Foundry is perfectly capable of reducing their own variance anyway even though it's costing them a fortune?

Again the entire space needs to understand why history will not be repeating itself here and this where I find the greatest amount of self-delusion and dishonesty in this space.

Compliance by proxy was not a thing in 2016. At least not for miners.

Since then, someone has come along and turned what is completely unacceptable to the powers that be - Bitcoin mining - and turned it into a completely sanitized, censorship prone shell of its former self - and *that* is the true motivation for "miners" paying these exorbitant fees.

Compliance is new. And it isn't a factor people are taking into consideration.

Whenever we point out how precarious the situation has become, there is the typical response - "If Foundry ever do then their miners will just leave".

It's time to put this cope-strategy to bed.

If a miner is perfectly capable of reducing their own variance to the tune of reliably finding multiple blocks per day themselves - why are they using a pool at all? Especially if that pool costs a fortune?

Or more crudely - If losing a tonne of money for no apparent reason isn't compelling enough to leave Foundry, then jeopardizing Bitcoin isn't going to be either.

The true motivation is all that matters, and its overwhelmingly just compliance. "Miners" of substantial size increasingly do not want anything to do with Bitcoin and want all their hashrate transformed from raw Bitcoins coming fresh out of the blockchain into a nice clean product that their accountants and lawyers can tolerate regardless of the cost.

To take the counter position to my argument here, there are of course costs to rough-housing it and grappling with Bitcoin directly as MARA does and I don't want to pretend otherwise but I don't think they come anything like close to justifying the enormity of the revenue lost due to the extreme over-kill that is FPPS.

This is the only area in which I will take pushback from someone in one of the relevant companies as it's possible I am just wrong.

The following companies - BitFarms, Hut8, RIOT, WULF, HIVE, Cleanspark and a couple of handfuls of others are all - to the best of my knowledge - paying a fortune for the combined benefit of variance reduction (which they absolutely have no need of) and compliance by proxy.

If anyone from any of those companies can explain to me why I am wrong and that if/when Foundry's size results in them engaging in censorship or any other abuse of the network (heck, already requiring KYC and regular inspections of mining facilities is unacceptable and that's already been the case for Foundry miners for years) then why should anyone believe you would move to another pool or go the Mara route?

At present I believe that Foundry could continue its inexorable ascent to the 51% magic number we're all afraid of and the new cope will be "Well they haven't done yet" and we'll just keep moving the goal posts about what constitutes a bad thing.

At the moment "It's just KYC", "It's just mandatory inspections" and "It's just lost revenue."

All of that is unacceptable. "It's just transactions associated with Russia/Iran" comes next and the shareholders of publicly traded Bitcoin miners are unlikely to view censorship based on that criteria as being anything to worry about. "Why do you hate America??"

The old cope of "another miner will just include them and their business will survive while the censoring miners die" is complete and utter delusion.

Almost 100% of revenue from the chain is subsidy. Transaction fees are neither here nor there. And if we think the US Pubcos are all going to voluntarily go admit bankruptcy because they lost a few hundred bucks a week from mining blocks that censored blacklisted UTXOs then we are deluding ourselves.

I reiterate - miners are with Foundry because compliance is increasingly all that matters. This has resulted in enormous centralization of template construction that becomes a genuine attack vector at ~30% and has been consistently way above that for a long time now. 51% is a meme, and imo not a powerful enough one to inspire change if it actually comes to that. The frogs are already boiling and no one cares.

Let's be honest. None of the miners on Foundry are leaving any time soon but the variance reducing product they offer that can be so trivially replicated elsewhere is not why any of them are doing what they are doing.

Foundry is the sole occupant within the regulatory moat that is Bitcoin mining in America and I don't see that as trivial to replicate at all.

And the reason I wish to sound the alarm 10,000 louder than I have been before this point is that the current US administration has run a campaign that specifically talks about centralizing Bitcoin in the US.

The phrase "We will make all the Bitcoins in America" is exactly the worst possible thing you could want to hear given everything I've talked about in this post and not only is it not being rejected by Bitcoiners, it is being celebrated as a good thing.

i feel that but also think the throw away fiat economy has resulted in lower quality standards. bitcoin will fix this

Not sure what this means to you but to me it means we are losing

This very well could be a white elephant for stripe — and I probably think it is — but btc solutions for payments are not top of mind for anyone right now

I truly believe internet native value transfer NEEDS to be using btc rails as it’s the most decentralized and censorship resistant.

The rails here are neither and that makes anyone using them — or seeing their utility and choosing them — vulnerable.

We aren’t top of mind and introspectively we need to do a better job reaching the masses with our solutions

Privacy apps built on NOSTR might be better later, but SimpleX might be better later as well. 😄

But on 0xChat we can share posts privately among friends, so now we have a messenger that does well with networking mutual friends etc., something I wish Signal did, but nah (I suggested, they didn't listen). 0xChat is an alternative to FB.

Savings in Bitcoin compounds very fast relative to the value of other things. Thus, we have a higher threshold for quality before spending it.

It's an organic, decentralized way of improving civilization.

I picked up my new computer and now have linux installed.

My first security measure was to encrypted the home folder and setup a new user account to run bitcoin core. What other security measures do I need to implement?

#asknostr

Shocking Revelation 🤯👇

A top #Bitcoin  developer recently announced his departure from the project after discovering a massive security risk in the Lightning Network.

He claims there are intentional backdoors in the code that allow attackers to easily get full control of the network.

The real question is: who created that backdoor❓

SimpleX integration

Bitcoin wallets and other bitcoin related products should seriously consider moving away from traditional email and instead adopt Nostr.

Not only does centralized email defeat the whole purpose of anonymity, but it is also incompatible with freedom tech.