Kalle Rosenbaum @[email protected]

@ZmnSCPxj Coindesk [1] says this and I'm wondering if the quote is correct. I just want to make sure I'm not propagating invalid blocks of text.

Background: I'm writing a few paragraphs about pseudonymous development at https://rosenbaum.se/btcphil/ and I think you're an interesting example.

[1] https://www.coindesk.com/markets/2020/06/29/many-bitcoin-developers-are-choosing-to-use-pseudonyms-for-good-reason/

Looking for the code fix for this bug (CVE-2010-5141), but can't find version 0.3.5 which is stated to be the version with the fix.

What commit represents 0.3.5?

There's no tag for it, nor are there any traces of that version in the history of setup.nsi or serialize.h.

https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2010-5141

Looking for interesting/funny examples of Bitcoin Core PRs where submitter gets frustrated/angry because it's (rightfully, for any reason) not being merged.

Any pointers?

@harding But this only applies if there are enough txs in the mempool. If mempool is empty, fee-sniping always makes sense. On the other hand, if mempool is empty, fees are probably so low that sniping doesn't matter and it's better to turn the miner off anyway.

Reading about two countermeasures against fee sniping in this great article by @harding https://bitcoinops.org/en/topics/fee-sniping/

Couldn't a third measure be for wallets to discourage fee overpaying? If the fees are more homogeneous, fee sniping makes less sense.

Eg: "You're trying to pay 10x more in fees than what's required to get into the next two blocks. Should I change the fee to 3x to discourage miner misbehavior"

Trying to sort out the terms: security

-assumption
-guarantee
-model

@lopp writes "Every security model has two main parts: assumptions and guarantees. If the assumptions used as inputs hold true, then so should the guarantees that are output by the model."

y'all agree?

Lopp's article: https://blog.lopp.net/bitcoins-security-model-a-deep-dive/

For taproot, multisig key path spends would work but no script path spends.

From what I understand, AOPP doesn't work for general BTC addresses. It requires a single key address. Exchanges thus force users into certain wallet policies. Have they even looked at BIP322?

https://gitlab.com/aopp/address-ownership-proof-protocol/-/tree/master
https://github.com/bitcoin/bips/blob/master/bip-0322.mediawiki

@mullvadnet Got help on Twitter from ajtowns https://twitter.com/ajtowns/status/1484238854995742725?s=20

IRC/VPN issue: Why can't I connect to libera using HexChat on debian 11 when connected to @mullvadnet VPN? The following cycles every 10s. It works fine if I disconnect from Mullvad. Is it "Couldn't look up your hostname"? If so, what can I do about it?

As a follow-up on my Schnorr Basics post, I just published a walk-through of the MuSig2 protocol for Schnorr multi-signatures.

With illustrations to make it look less intimidating!

https://popeller.io/schnorr-musig2