Please note the meeting location at 4801 Glenwood Ave suite 200 in Raleigh, right above Fifth Third Bank.
Please note the meeting location at 4801 Glenwood Ave suite 200 in Raleigh, right above Fifth Third Bank.
Noted bitcoin contributor and Spiral grantee Matt Corallo proposed a BIP to render human readable names into payment info using only the DNS protocol for improved privacy and simplicity when compared to existing schemes. The proposal has been well received with active discussion continuing on the pull request.
BIP Land is a flippant flow chart of the process of getting a bitcoin soft fork activated. The site examines the activation process from the perspective of the OP_CAT proposal. It links to tons of informative and cautionary historical events, with a healthy dose of snark. The site is best experienced in first person.
Cluster Mempool is a proposed mempool redesign that aims to solve a few problems with the existing mempool design, including suboptimal transaction eviction, a complicated block construction algorithm, and incentive-incompatible RBF rules. The proposal introduces the concept of a cluster: a group of unconfirmed transactions connected by parent-child links. Clusters are sorted by fee rate in order to easily calculate their chunks, or the portion of a cluster above or below a certain fee rate. This makes block construction and transaction eviction extremely simple (and opposite) calculations. The proposal drops ancestor and descendent limits in favor of a cluster size limit. It also makes the CPFP carve-out infeasible, which, we hope, can be replaced by v3 transactions.
This paper by famed economist George Selgin introduces a new categorization scheme for forms of money. The novel application of this scheme highlights a previously unexamined category of money that Selgin calls a synthetic commodity money. He defines a synthetic commodity as one which has a combination of absolute scarcity and no non-monetary use. Selgin examines the Iraqi Swiss Dinar as a historical example and bitcoin as an ‘almost ideal synthetic commodity money’.
Please note the meeting location at 4801 Glenwood Ave suite 200 in Raleigh, right above Fifth Third Bank.
Brandon Black aka reardencode published a historical review of changes to bitcoin’s carefully balanced incentive model. He explains the witness discount, how it works, and why a weighted combined byte limit was chosen. Black also addresses a common talking points by pointing out that the taproot upgrade was not an incentive change, did not unlock inscriptions, and how inscription data has an extremely low computational cost for node runners. He concludes that the solution to high fees is not to undo changes to the incentive model but instead to increase the economic density of bitcoin transactions with technologies like lightning, off-chain signature aggregation, ark, and DLCs.
Ben Carman wrote a thorough and realistic stacker news post examining the shortcomings of the lightning network. He points his finger squarely at offline receiving and channel liquidity as the biggest hurdles to mass adoption but also dives deep on the proposed solutions to these problems and the problems with the solutions. Are you still with me? Great, because at the end of the article it gets really good. Carman explains that the fundamental scaling problem with lightning is that it only scales payments but not UTXO ownership. We can work around the edges of this problem with various federated solutions like fedimint or Liquid but in order to scale self-sovereign bitcoin access to the masses of humanity we will need better tools for shared UTXO ownership. Those tools are broadly categorized as covenants.
Brandon Black opened a draft PR to the bitcoin repository proposing a collection of three BIPs that Black is calling LNHANCE. The three BIPs were chosen to enable output restricting covenants and LN-symmetry. The proposal has garnered a lot of discussion on the pull request as well as on the Delving Bitcoin post. Perhaps the best concise explanation was from this twitter thread, copied below:
OP_CHECKTEMPLATEVERIFY (CTV, BIP119) lets a recipient of bitcoin restrict the next outputs that bitcoin can be sent to (possibly combined with a time lock or other restriction). This can be use to build a some types of vaults, also Timeout Trees and Ark.
OP_CHECKSIGFROMSTACK(VERIFY) (CSFS) allows for owners of bitcoin to delegate control to another key, or make specific parts of their locking script signature-dynamic (e.g. a lock time which can be changed by signature). When combined with CTV, enables LN-Symmetry and simplified PTLCs.
OP_INTERNALKEY (IKEY) makes certain Tapscript constructions more efficient, and allows users of Taproot key paths to enable additional ways of signing with their root key. This can be used in lightning and other protocols to reduce on chain costs.
Some guy does it again! Another inscription whitepaper drop describing a novel technique to upload encrypted files to the bitcoin blockchain using recursive inscriptions. The file can be broken up into multiple chunks spread across multiple bitcoin blocks and decrypted once the corresponding private key is revealed in a later transaction. This technique can be used in combination with a timelock to create a dead man’s switch. It’s good to see cypherpunks leveraging bitcoin’s native file storage protocol to do cypherpunk things. Rock on! 🤘
In a totally unrelated development some other guy details the technical design enabling a collection of evolving inscriptions called Quantum Cats.
Please note the meeting location at 4801 Glenwood Ave suite 200 in Raleigh, right above Fifth Third Bank.
Bitcoin Core 26.0 was released! This is the first release to enable BIP324 opportunistic encrypted peer-to-peer messaging. It is off by default so be sure to set v2transport=1 in your bitcoin.conf file to get up with the new hotness. Side loading the UTXO set is also available using the new loadtxoutset RPC, along with a slew of other changes. Don’t forget to verify those binaries!
Ethan Heilman and Armin Sabouri have written a BIP to reenable OP_CAT, a deviously simple opcode that enables covenants and lots of other unexpected behavior. This opcode enables the bitcoin script interpreter to concatenate, or join together, two values from the stack into a single value that is pushed back onto the stack. OP_CAT was disabled by Satoshi along with a number of other dangerous opcodes before he disappeared forever. Read the BIP here. Andrew Poelstra shared more context in this mailing list post.
Steven Roose has been working on a proposal for OP_TXHASH, a generalization of OP_CHECK_TEMPLATE_VERIFY that allows the user to specify which fields of the transaction are committed to. It uses the same amount of bytes as OP_CTV but provides much greater flexibility.
Bitcoin developer 0xB10C posted a highly detailed blog post showing that F2Pool excluded four transactions spending to an OFAC sanctioned address. F2Pool cofounder Chun Wang acknowledged the censorship and later backed down in a series of now-deleted tweets.
DEMAND announced they were launching a new solo mining pool that will support Stratum v2 at launch. If they are successful, this will mark the second mining pool to support Stratum v2 after Braiins Pool.
Long time Bitcoin Core developer Luke DashJr also threw his hat into the ring with the relaunch of his defunct mining pool, Eligius, renamed OCEAN. Ocean offers account-free non-KYC mining, a slightly tweaked PPLNS payout scheme they call TIDES, public block templates, and coinbase payouts for any miner who hashes above a payout threshold. They have received a lot of criticism for choosing to use different mempool policies from bitcoin core. To date, Ocean has been pretty lucky, mining two blocks already. So far, neither of the new pools has commented on the decision to stylize their name with all caps.
A mempool sniper bot named The Sophon has been front running new BRC-20 tokens by stealing their namespace, likely leading to a ~85% decline in mempool fees in 24 hours. As of this writing, it appears that the sophon is no longer running.
Robin Linus dropped BitStream, a proposal for decentralized file hosting built on bitcoin. This one uses HTLCs, verifiable encryption, and a bond/slashing mechanism to punish cheating. Unlike Durabit, which we covered last month, it doesn’t require (but does support) ecash. BitStream does require OP_CAT, however.
]]>Please note the meeting location at 4801 Glenwood Ave suite 200 in Raleigh, right above Fifth Third Bank.
Mastering Bitcoin is the quintessential guide for understanding bitcoin at a technical level. In the 3rd Edition, coauthored by David Harding, it receives a much needed update to include missing topics both old and new. All technologies that went into taproot are described, as well as a rewritten address section, fee management, compact blocks, soft fork activation methods, client-side validation protocols, and too many other awesome things to list them all. You should stop reading this and go put it in your shopping cart already.
In this bitcoin-dev mailing list post, Bryan Bishop discusses why the mailing list needs to move and the possible future home for this community. The mailing list has moved before from Sourceforge.net to the Linux Foundation. Bishop discusses the importance of decentralized archiving using a service called “Public Inbox” which can be hosted by anyone and invites the community to offer feedback and propose solutions.
In this article Triangle BitDevs host vnprc writes about a new strategy initiative for Bitcoin Core in 2023. A group of core developers have agreed to prioritize a short list of “big rock” projects that are both highly impactful and difficult to get merged. With two of the four big rocks merged into master in the last month it seems like this initiative has been very successful!
Mailing list contributor John Law proposes a new way to batch open lightning channels using a simple covenant (CTV or APO) from a lightning service provider with a timeout expiration. This design allows the LSP to open a large number of channels for their users in a single on-chain transaction. Near the end of the channel’s life the users can simply drain their channel balance into a new channel opened with a timeout tree. Bitcoin Magazine contributor Shinobi published a more accessible treatment of the topic here.
Bitcoin and Lightning protocol researcher Antoine Riard dropped a new lightning attack on the mailing list. The attack requires two malicious LN nodes on either side of a routing node to withhold the HTLC preimage from the victim node and continually replace the victim’s channel close transaction in the mempool until the timelock expires. Every LN node implementation has implemented fixes to mitigate the attack, but there is currently no way to completely eliminate the risk. SatsBridge has published an article explaining the attack with lots of helpful diagrams.
Dan Gould has opened a draft PR to add payjoin receive to Mutiny Wallet. This exciting development has the potential to improve the best lightning privacy wallet with payjoin, an opportunistic privacy technique that obfuscates the on-chain transaction graph with every payment.
Some guy released a white paper describing Durabit, an incentive-compatible decentralized solution to the data availability problem. It uses a bitcoin bond to reward participants for seeding a bittorrent file. The protocol relies on two distinct parties to accomplish this: the bond issuer creates a series of presigned CSV timelocked bitcoin transactions payable to a chaumian ecash mint, which is in charge of compensating torrent seeders using the bond funds. The bond issuer encodes the bittorrent magnet link into an OP_RETURN output and is capable of revoking the bond by double spending the next presigned transaction. Not only is the author an anonymous nym, but they dropped the whitepaper via an ordinal inscription. Cypherpunk af. 🤘
Opcode Explained is a new site by BDK contributor Thunderbiscuit that explains every opcode. Or aims to, it is 80% complete. You can expect to see many more links to this site from ours in the future!
]]>Please note the meeting location at 4801 Glenwood Ave suite 200 in Raleigh, right above Fifth Third Bank.
BitVM is a new paper from Robin Linus detailing a way to express turing-complete bitcoin contracts. BitVM is based on a challenge-response protocol using fraud proofs and it can be built on bitcoin as it is today without any change to bitcoin consensus rules. Super Testnet, of course, has a proof of concept implementation. For those of us who don’t already know what “arbitrary computation using only NAND gate circuits” means, Shinobi has published has a nice high-level explainer in Bitcoin Magazine.
Bitcoin Core contributor Ishaana Misra dropped a report detailing her efforts to automate wallet fingerprinting. The report details ways to identify bitcoin wallets only from their on-chain footprint. Ishaana defines four categories of fingerprints, a methodology for identifying them, and describes the results of her attempt to automate wallet detection. This seems like an excellent foundation for future wallet privacy research.
After 4 long years AssumeUTXO has been merged into the Bitcoin Core main repo. If that wasn’t exciting enough, BIP 324, encrypted P2P transport, was merged one day later. The sound of nerds rejoicing was reportedly heard reverberating for days throughout the secret citadel of the Bitcoin Core cabal.
Andrew Chow proposed two BIPs to add Musig2 support to wallet descriptors and PSBTs. The Musig2 PSBT BIP proposes new fields and has a brief description of the new concepts and additional rounds of communication entailed with Musig2. The MuSig2 descriptor BIP adds a new key expression musig()
usable only inside of a tr()
expression.
SimLN is a new project to simulate a realistic ligntning network on any test network. It creates random activity based on the network topology. Additionally, developers can specify specific payment patterns to test. SimLN supports LND and CLN. Work is ongoing to add Eclair and LDK-node support.
Sam Wouters dropped another Lightning Research Report showing the impressive growth of the network in terms of users, transactions, and volume despite flat numbers for node count, channels, and capacity. The report is chock full of graphs and statistics compiled from River and other companies who elected to share their data. These nodes represent 29% of network capacity and 10% of channels. It’s safe to say that River remains bullish on lightning.
]]>Please note the meeting location at 4801 Glenwood Ave suite 200 in Raleigh, right above Fifth Third Bank.
Package relay is a proposed feature to allow bitcoin nodes to evaluate multiple transactions together (a package) for inclusion or rejection from the mempool. This feature is motivated by off-chain protocols such as lightning and DLCs with a security model that assumes the ability for a user to get a transaction confirmed using CPFP fee bumping within a specific timeframe. The current mempool design evaluates each transaction individually which makes these protocols inherently vulnerable to pinning attacks. The main challenge of development is insuring that the new set of mempool acceptance rules do not open new vectors of DoS attack.
Version 3 transaction relay is a proposal to create an opt-in superset of transaction relay rules that limit all pinning vectors while allowing CPFP fee bumping via package RBF. This proposal builds on package relay to create a new type of transaction that can always be fee bumped even when an adversarial party controls one or more inputs and outputs, i.e. lightning channel force closes.
Ephemeral anchors are yet another proposal that builds on package relay and V3 outputs in order to cover the case of symmetric commitment transactions for protocols such as LN-symmetry. An ephemeral output is a 0-sat transaction output that must be spent by another transaction in the same package. Under these rules an ephemeral anchor output cannot be pinned in the mempool and can be fee-bumped by anyone.
In their latest blog post Eclair walks us through the security architecture of the ACINQ node, among the largest and most connected nodes on the network. The article is a well-written and thorough high level examination of the security issues and design space of this fascinating problem.
A new company called 10101 (pronounced ten-ten-one) is building DLC capability into lightning. In this three part blog series they explain what DLCs are, how they are enabled on lightning, and how they use virtual channels to accomplish this in practice.
In this blog post Tony Giorgio explains how Mutiny Wallet leverages the Voltage LSP to enhance the privacy of their wallet users using just-in-time lightning channels to enable a VPN-like architecture for lightning payments.
The good folks at Voltage have published this well written and accessible blog post discussing Taproot Assets–how they work, how they leverage lightning’s network effects, and introduce new liquidity management requirements and business use cases for node runners.
Fedimint has cut their first official release. Plebs rejoice! Free and open source privacy-preserving bitcoin-backed federated private banking is one step closer to reality. Fuck yeah!
Cashu has nearly completed their implementation of Discreet Log Equality Proofs (DLEQ). This is a cryptographic protocol that can be used to prove the validity of a mint’s signature without knowing the private key used to create the signature. This is an important capability that will unlock offline ecash payments. It also carries improved privacy assurances that the mint is not using distinct private keys to deanonymize users.
]]>This event will take place at TABConf in Atlanta.
As a reminder, the ground rules of BitDevs are as follow:
These rules exist so that BitDevs participants can speak freely within the event.
Dusty Daemon’s year long PR to enable channel splicing in CLN has finally been merged into master! Hopefully this means users will soon be able to resize lightning channels with no channel downtime or disruption in payment flows. Holla! 🙌
A new company called 10101 (pronounced ten-ten-one) is building DLC capability into lightning. In this three part blog series they explain what DLCs are, how they are enabled on lightning, and how they use virtual channels to accomplish this in practice.
Greenlight, a new non-custodial lightning hosting infrastructure project, has entered closed beta! Greenlight is differentiated from other cloud lightning solutions thanks to the very low resource footprint of CLN, enabling multiple front ends to share access to a node, simplified recovery, an an off-boarding flow to export your node to a different hosting provider.
Binance, probably the largest cryptocurrency exchange in the world, now supports the lightning network! To our knowledge, Coinbase has not released a statement on this developing story.
In this blog post Tony Giorgio explains how Mutiny Wallet leverages the Voltage LSP to enhance the privacy of their wallet users using just-in-time lightning channels to enable a VPN-like architecture for lightning payments.
Greg Sanders, aka @theinstagibbs wrote a mailing list post with an initial proposal for a PTLC implementation. In the gist he considers many potential use cases: single-sig adaptors vs MuSig2, async updates vs sync aka “simplified updates”, amount of message re-ordering, and futuristic updates to mempool/consensus (including APO).
LND v0.17.0-beta.rc2 is a release candidate for the next major version of this popular LN node implementation. A major new experimental feature planned for this release, which could likely benefit from testing, is support for “simple taproot channels”.
LDK #2468 allows users to provide a payment_id which is encrypted in an invoice request’s metadata field. LDK checks the metadata in received invoices and will only pay if it recognizes the id and hasn’t already paid another invoice for it. This PR is part of LDK’s work toward implementing BOLT12.
Arik Sosman wrote up a gist explaining a novel technique proposed by Rusty Russell that may be useful in revoking the channel state of a channel controlled by a 2/3 threshold multisig.
The good folks at Voltage have published this well written and accessible blog post discussing Taproot Assets–how they work, how they leverage lightning’s network effects, and introduce new liquidity management requirements and business use cases for node runners.
]]>Please note the meeting location at 4801 Glenwood Ave suite 200 in Raleigh, right above Fifth Third Bank.
Hash timelocked contracts (HTLCs) are a class of smart contract that enable atomic payments between two participants. HTLCs use a hash preimage as a bit of secret knowledge that enables one party to claim the funds secured by the contract. If the preimage is not revealed to the correct party the funds can be claimed by the contract counterparty after a timeout. HTLCs are integral to the lightning network, atomic swaps, and other contract protocols.
Bitcoin core developers Suhas Daftuar and Pieter Wuille have proposed a new mempool design that aims to solve eviction and RBF problems with the current mempool. The new design introduces concepts of transaction clusters, linearizations, and chunks that may allow for a more incentive compatible mempool that maximizes miner profits when evicting transactions due to memory limits and RBF.
CLN lead developer Rusty Russell dropped a thoughtful blog post reviewing a few covenant proposals. He lays out a spectrum of simplest to most complete covenants and describes a theoretical new taproot covenant design that could start out very restrictive and be extended with more powerful capabilities in future soft forks. He concludes by shilling LN-symmetry, exactly as one would expect from a lightning developer opining on L1 soft forks.
In their latest blog post Eclair walks us through the security architecture of the ACINQ node, among the largest and most connected nodes on the network. The article is a well-written and thorough high level examination of the security issues and design space of this fascinating problem.
Security researchers have uncovered a critical vulnerability in the Libbitcoin Explorer wallet tool, bx. 3.x versions of the library use an insufficient source of entropy to generate new wallet private keys. The vulnerability was discovered following a string of mysterious wallet thefts. This tool was highlighted in Appendix A of Mastering Bitcoin. Libbitcoin developer Eric Voskuil has fired back, blaming reckless wallet development.
Please note the meeting location at 4801 Glenwood Ave suite 200 in Raleigh, right above Fifth Third Bank.
Bitcoin Core developer Josie and Bitcoin Sorcerer Ruben Somsen have announced a proposed BIP for Silent Payments, which is a way to privately and securely send bitcoin to a publicly announced address. The proposal offers to solve many of the gaps and privacy footguns inherent in BIP47 Reusable Payment Codes proposal. There’s no free lunch, though. The payment recipient must scan every bitcoin transaction to identify incoming payments. This BIP proposal also shipped with a working implementation in bitcoin core!
Eclair v0.9.0 shipped with support for dual-funded channels, splicing, and bolt12. This ACINQ blog post nicely explains how this benefits Phoenix users. It is unclear at this time whether the lightning network will be able to scale enough to accomodate such high levels of unadulterated magnificence. 🫠
Calle has released a Proof of Liabilities proposal for ecash mints. It is a trustless way to prove that a mint has not issued more ecash tokens than it has in on-chain bitcoin. The proposal relies on the need for an ecash mint to periodically rotate the private key it uses to create new ecash tokens. Each key rotation period is called an “epoch” and Calle describes a “periodic bank run” where users of the mint can compare their burned ecash tokens against a list that the mint publishes for all past epochs on a regular schedule.
Calle has stated on twitter that he intends to develop this protocol for use in Cashu.
The most popular Android nostr client, Amethyst has added support to redeem cashu tokens from within the app. It seems like maybe ecash season is approaching. Meanwhile, Ben Arc of LNBits fame has proposed NIP-88 a protocol for non-blinded nostr cash tokens. Discussion on this PR has been limited but judging from the emoji responses, this is not a popular proposal.
ZeroSync is a new project that aims to bring zero knowledge proofs to bitcoin. Zerosync promises to enable extremely fast full node syncing with three new state proofs: headers chain, consensus rules (except witness data), and the full consensus rules (including witness data). They also plan to build a developer toolkit to enable a ton of new scaling and privacy improvements to many areas of bitcoin, including lightning. Zerosync has received sponsorship from StarkWare Industries, a software company building Ethereum ZK rollup system StarkNet. Bitcoin stands to benefit a great deal thanks to the cutting edge research performed on Ethereum.
Payjoin Dev Kit is a new project by bitgould to make integrating payjoin a much easier proposition for wallet developers. Payjoin is a technique where a payment sender and recipient collaborate to construct a transaction spending inputs owned by both parties in order to confound chain analysis attempts that rely on the common input hueristic. This privacy technique is superior to coinjoin in many ways due to the lack of an on-chain footprint and reduced fees.