For taproot, multisig key path spends would work but no script path spends.

Show thread

From what I understand, AOPP doesn't work for general BTC addresses. It requires a single key address. Exchanges thus force users into certain wallet policies. Have they even looked at BIP322?

IRC/VPN issue: Why can't I connect to libera using HexChat on debian 11 when connected to @mullvadnet VPN? The following cycles every 10s. It works fine if I disconnect from Mullvad. Is it "Couldn't look up your hostname"? If so, what can I do about it?

Just two more pandemics, then back to normal guys 🤡

I solved @robot__dreams first Bitcoin-flavored cryptography challenge ( with the help of @kalle Schnorr Basics explainer (

Here's a write-up (and spoiler).

As a follow-up on my Schnorr Basics post, I just published a walk-through of the MuSig2 protocol for Schnorr multi-signatures.

With illustrations to make it look less intimidating!

Today, James Webb telescope switched on camera to acquire 1st image from deep space.

More moronic behaviour from the Binance casino:

Give them a taproot withdrawal address, they *literally change the address*, just changing the segwit version from 1 to 0, (valid because P2WSH length) because ... lol?

People sometimes say 'why do you care if the exchange does shitcoins?'. This is why. They just burned ~7.5K of this guy's money. He'll probably get it back because they're so rich they don't care, but he'll have to argue with them first.


Customer "support":

Address where the permanently destroyed money went:

In 2017/2018 I got very militant about calling Coinbase traitors and incompetent and scumbags and so on; they all out attacked Bitcoin.
This kind of behaviour is a bit different: it only indicates they care so little that one dumbass decision from one noob backend engineer ('oh, if I replace p with q, it works!!') is the level of attention they pay to Bitcoin.

Show thread

What's the purpose of having the nonce commitment, R, in the challenge of of a Schnorr signature?

The only reason I can come up with is malleability. if R isn't part of the challenge and (R,s) is valid for a message m and key P, then (R+xG,s+x) is also valid for m and P.

Are there other issues than this?

ping @waxwing

Just published: Schnorr Basics.

* How Schnorr signatures work
* Why use a nonce?
* Why is the nonce private?
* Why is nonce reuse bad?

Thoroughly unreviewed by experts, please comment with corrections.

What's the current status of threshold (t-of-n) signatures in Bitcoin? Most material I've found is about musig2 for multisignatures (n-on-n).

Is actual threshold sigs possible, and with what limitations?

I know you can "cheat" by using key-path multisignature for the most common set of t signers, and separate multisignature script paths for each of the other sets.

I hate NFTs

They mess up my web searches when I configure my firewall.

Covidians are pretty much the undefeated world champions at goal post shifting

In #Bash, to edit the last three commands in your favorite EDITOR type:

fc -3 0

When leaving the editor, commands are executed

andrew lee just seized over 700 channels on freenode because they mentioned in their topic.

This includes projects like openbsd, wikimedia, FOSDEM, etc. shows 720 channels that match what is being checked.

here's an example log:

boost this if you care about foss in any way.

Selling my GA and Afterparty tickets for @TheBitcoinConf

GA: You pay $299 (now costs $900)
Afterparty: You pay $199
Bundle: You pay $450

BTC on-chain and lightning works

Show older
Bitcoin Mastodon

Bitcoin Maston Instance