RT @[email protected]
An independent security researcher discovered a vulnerability in the OLED of hardware wallets in April 2019. Trezor Model T has a TFT display and is immune. Updating to the latest firmware v1.8.2 for Trezor One mitigates the issue. Read our disclosure: https://blog.trezor.io/details-of-the-oled-vulnerability-and-its-mitigation-d331c4e2001a
I've just realised how much of an incredible invariant there is in Bitcoin-I'm-here-to-fix-it condition. Just look at all the case studies:
R3-CEV because banks knew better.
Bcash because Bitmain knew better.
S2X because "important biznizmen" knew better.
ZuckBucks because big SV and payment companies know better.
Endless obscure and pointless shitcoins because top academic cryptographers know better.
Everyone knows better. Nobody just wants to take part.
We are proud to announce the public release and open sourcing of Samourai Dojo. You no longer need to make the trade off of providing Samourai with your public keys in order to access the most private Tx analysis busting tools. Have your cake and eat it.
Github Repo: https://github.com/Samourai-Wallet/samourai-dojo
Installation instructions: https://github.com/Samourai-Wallet/samourai-dojo/blob/master/doc/DOCKER_setup.md
Just did my first in-person trade where I signed a Bitcoin tx at home and sent it to my phone. I then connected to my full node over zerotier, my full node is connected to the network via Tor.
I was able to use @samourai_official to broadcast the transaction to my full node during the trade, worked flawlessly. Bonus that my full node watches my trezor accounts, and sends me an encrypted email on wallet activity, so I could see that it worked right away.
That was cool.
Back working on Joinmarket for a while, in particular cleaning up wallet and blockchain interfaces:
Also noticing activity on Joinmarket's pretty robust at the moment, I'm doing about 20 cjs/ 24 hrs (would have to do some block scanning to get global data, but, vague guess, could be 50-100 per day).
I will support any vendors who use BTCpay:
Part of my approach to security in Bitcoin is to hold X% as GBTC in my retirement account. Trusted 3rd Party, yes. But it helps me 'distribute' my coins and allows me to avoid capital gains while BTC is taxed as property.
Eventually, I'm looking at collateralized loans against my "physical" BTC as another method to divvy up keys/custody and avoid capital gains as well. (This should be in a multi-party, multi-sig set up ideally.)
Just got in a discussion on slack and realised that it'd really be worth itemising specifically that set of fungibility techniques in Bitcoin that could at least theoretically have as anonymity set the whole blockchain. This is what I came up with, any thoughts?
2. LN **
2. scriptless script swaps **
3. Coinjoin Unlimited (coinjoinxt + dual fund)
4. Pay-to-endpoint style coinjoin
5. Regular 'Coinswap' without scriptless script **
** all need either (1) or Schnorr for goal.
The following bitcoin addresses have been placed on a sanctions list by US authorities:
I wonder what will come of this? What happens if those addresses start spamming random active addresses on the blockchain with small amount of BTC? This sanction will be very messy and difficult to enforce lol.
My latest: "Sorry, Bitcoin is still Anarchist" https://medium.com/@zackvoell/sorry-bitcoin-is-still-anarchist-3e995d2fbbf1
I'd just like to interject for a moment. What you're referring to as Mastodon, is in fact, Fediverse/Mastodon, or as I've recently taken to calling it, Fediverse plus Mastodon. Mastodon is not a social network unto itself, but rather another free component of a fully functioning Fediverse made useful by the GNU Social interoperability, networking tools and vital system components comprising a full Fediverse as defined by the GNU Social standard.
Many users run a modified version of the Fedivers
@NicolasDorier it's independent of any vendor: the specification of RISC-V is free and open source, and so are some of the Verilog implementations.
(Also the current chips don't do any of the speculation magic that say, Intel does, which is good for security.)
anyhow for a full overview of the motivations see the introduction in chapter 1 of https://riscv.org/specifications/
Linux/Security/Crypto enthusiast. HPC/Systems Integration. Learning Machine Learning. Español, 日本語, Türkçe. $BTC $XMR.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!