Connecting to Ride The Lightning on Android over Tor v3 Hidden Service with v3 Client Authentication... much progress... lots of kinks yet to work out, but pretty sick none the less.

That makes 4 medium/high severity security disclosures now to other projects in the space throughout the course of building what will be the mobile controller for your node.

Free (as in FREEDOM) Open Source Software will not only deprecate The State, but centralized proprietary software that shackles/enslaves everyone.

More to come, but just thought I'd share a preview of the @nvk level paranoia that is had when developing this app.

Show thread

Passing credentials for a service (LND, Bitcoin Core RPC, etc.) from Node to Mobile app in clear text?

It touches too many mobile interfaces that other Applications have access too (and thus, your connection information).

ToxicityConnect aims to solve that by not LARPing about security with regard to your _incredibly_ sensitive data which, if leaked, would leave you REKT.

Here's a Demo:

Bitcoin Mastodon

Bitcoin Maston Instance