28 July 2022
Bitcoin.Review E3: A Review of Updates to Popular Bitcoin Projects with NVK and Justin Moon
show notes: https://github.com/nvk/bitcoin.review.episodes/issues/3
support the show: https://citadeldispatch.com/contribute
twitch: https://twitch.tv/citadeldispatch
youtube: https://www.youtube.com/channel/UCoA72saVAuQ8hYCnBO0Lymw
bitcointv: https://bitcointv.com/video-channels/citadeldispatch/videos
podcast: https://www.podpage.com/citadeldispatch
telegram: https://t.me/citadeldispatch
stream sats to the show: https://www.fountain.fm/
join the chat: https://matrix.to/#/#citadel:bitcoin.kyoto
[00:00:02]
Unknown:
Hey, Matt. Yo. Yo. Yo. I hear you. Justin?
[00:00:08] Unknown:
Testing 1, 2, 3.
[00:00:10] Unknown:
Okay. So I'm gonna mute the both of you. Alright. So the you did record. So, and now my waveform is showing. So I think I think we're in a good space. And if we see the error again, we'll pause, refresh the window, and then continue recording so that we don't lose Matt this time.
[00:00:28] Unknown:
Still pretty that. Still pretty sure that was the fault was on your side, but
[00:00:34] Unknown:
Yeah. No. It's it's very possible. But, so here's the thing. At the end of this, save the file.
[00:00:42] Unknown:
Yeah. That didn't help us last time.
[00:00:44] Unknown:
No. Well, you you should have for some reason. Then it was on your side because that's a local recording.
[00:00:50] Unknown:
Well, anyway anyway, I was the one who fixed I was the one who fixed the audio at the end of the day. So I can't hear you, Matt. I just muted you. At the end of the day, I was the one who fixed the audio. So I I can't hear you. I just muted you again.
[00:01:07] Unknown:
Alright. Okay. I'm gonna start recording. Okay? Hang on. Hello, and welcome to the episode 3 of the Bitcoin review podcast. We continue. This is the 3rd iteration of a 1, 2, 3 iterations of this podcast. Yay. We have, the idea of the show is to boringly go through the Bitcoin, products, updates, and we've been failing so far at being boring apparently. So and we also been failing at reserving our opinions. And so we hope to disappoint you again. I have, Matt and, Justin return to the podcast. They seem to be fixtures that don't go away, and I'm very appreciative of that. So, why don't we say hi to them?
[00:02:06] Unknown:
I just wanna thank,
[00:02:08] Unknown:
Justin and BJ. Great to be here.
[00:02:11] Unknown:
I love the enthusiasm. We could we could That's great enthusiasm. That's that's you. Exactly. That's racism. And then,
[00:02:21] Unknown:
Matt? Enrique figured out how to press the mute button so he can just mute me on demand, which I'm not enjoying, but I just wanted to thank Justin and him for joining me again. Matt, you're a dumber.
[00:02:33] Unknown:
I think it's his Internet, mate. His Internet's,
[00:02:37] Unknown:
just cutting edge a little bit. I no. Wait. I just unmuted you. Traveling. I'm still learning. I'm still learning. Fucking hate you. Go ahead, Matt. Fuck you. Go ahead, Matt. Sorry. You're muted again. No kitty.
[00:02:48] Unknown:
Fuck you.
[00:02:51] Unknown:
Okay. Well, we have to keep this show, clean. Otherwise, it's amazing how much fun an adult can have with one little button. You know, one little button. It's amazing. It reminds me of the Staples no button or yes button. I bought the no button on the Internet once. Anyways. Yeah. So Yeah. Let's start this baby. Let's go through a few vulnerability disclosures. Twitter had a data breach. He exposed the contact details for 5,400,000 accounts. It's on sale for only 30 grand. So about, a big way and a half right now, you can buy, 5,400,000 records.
You get, Twitter usernames, emails, phone numbers, and their underwear size. Why is Twitter keeping their underwear size?
[00:03:42] Unknown:
For Anyways, apparently, it was patched. Yeah. It was patched back it was disclosed and patched back in January. You know, this is a perfect example why it's it's it's pretty bad that Twitter basically forces you into providing a phone number. You don't have to provide a phone number, but if you don't, they tend to block your account and then try and get you to basically light KYC and be a phone number, which puts users at risk when these leaks inevitably happen. Consider using burner phone numbers. And also rumor is NVK is actually gonna buy the list, to send cold card propaganda to.
[00:04:21] Unknown:
That sounds more like a ledger move, but 30 k is cheap as fuck. Yeah. I mean, it must be really high quality. So what what's interesting is, I remember running sort of, like, web companies and services. Phone numbers are are surprisingly good way of removing the first layer of scammers and and spammers. It's like an unfortunate easy way out for web, suppliers. What, what I find unfortunate is that, you know, why don't they just charge people like $5 with their bird app, premium subscription and then don't do any of this k y c stupidity? Because somebody, like, scammers and and spammers are not gonna pay $5 per account. Absolutely won't, especially if you're recurrent.
So, that's kinda silly. But, you know, they don't learn. Right? They rather, spend all their money in, making sure that, none none will get blocked. Go ahead.
[00:05:26] Unknown:
I signed up a couple Twitter accounts recently, and, it was it was quite, pathetic. They they would allow you to sign up without a phone number, and then you'd show up a day later, and your account would be restricted. Right? So they wouldn't ask you, for the phone number initially, but, they just restrict your account. You show up, and then you have to reenter it. So you can and they wouldn't allow you to reuse it. So you had to so I was, like, you know, trying to get new phone numbers. Yep. One great thing I tried was silent link, silent dot link. It's a really cool tool to just buy a phone number with lightning. So if you ever need this problem, that's a fun way to solve it. Another good service is,
[00:06:03] Unknown:
text verified.com, which provides disposable phone numbers for these services. I mean, services like Twitter and other services that essentially force you to do this, like, light KYC to use the product, make it really hard to use anonymously, should get flack from their users. It's user hostile behavior. To MBK's point, I like the idea of paywalls to fighting spam. It's essentially, like, the same idea as proof of work. Obviously, if you use credit cards, that might as well be light KYC as well or heavy KYC depending on how you look at it. But if if they depends on who the processor is. Right? Showed up if they just showed, like, a lightning invoice for $5 when you make an account, they would cut down on probably 50 to 75% of bot activity on the platform.
Matt, your your microphone is, burning a little bit at the top there as it's peaking. You wanna probably drop it a little. Well, we could've voice checked if you didn't just mute me every fucking time I spoke.
[00:07:00] Unknown:
Well, that was a a very high quality
[00:07:04] Unknown:
mic check. Okay. I lowered it on my side a little bit. Yeah. No. It looks better now.
[00:07:10] Unknown:
So, yeah, I I mean, I think paywalls are the way to go for the people who want it. You know, to their benefit of doubt, let's put it this way. Like, the majority of users on Twitter are not gonna pay even 50¢, so they have that problem. It's not it's not an easy problem because users are, like, the biggest sort of, like, at like, guilty here. Like, they will not pay. So I think companies just take the the path of least resistance, which is this bullshit, lightweight KYC
[00:07:42] Unknown:
Right. That can cause a lot of problems. It's not either or they can always give you the option. Right?
[00:07:47] Unknown:
Yeah. But, you know, like this company is, you know, they employ 10,000 devs to create the form for you to report that doesn't report, but they don't put any devs or any people really to solve these problems. It's kind of annoying. Alright. Moving on to another one of these KYC leaks. Well, not really a KYC, but a form of it. ActiveCampaign database was leaked. You know, it's kind of a and I think, the was it? The our friends at Shift Shift Crypto, were affected. Name, aliases, email addresses, and IPs. And I think there were a few more Bitcoin companies that were affected. Right? Yeah. So this is
[00:08:34] Unknown:
there was a bunch of companies that got hit by ActiveCampaign leaks or compromises and HubSpot compromises. I I believe Nydig, Swan, Unchained, there were a bunch of them, but that was, like, 4 months ago. This is appears to be a separate compromise that was just targeted specifically at, Shift crypto.
[00:08:56] Unknown:
So, one thing that a lot of people don't know is that when hackers find a little door like this, they will keep on, attacking that door without being too overt and trying to take too much stuff out because they wanna just keep on draining out the stuff. Right? So, you know, even though they may have found the patch or may have found one problem with the thing, The guys are either still in there because they're probably using a dev admin key or, you know, like they managed to get away with some stuff without the company finding out on the first audit.
So, you know, always expect that everybody else in that same service is gonna probably be eventually releasing some information about how they also go up. What I what I don't understand is why Bitcoin companies are sending their customer information to this third party marketing shit, without customer permission. It's really annoying.
[00:10:03] Unknown:
Another thing in this week was IP addresses too, so that's another reason to use a VPN.
[00:10:07] Unknown:
Yes. It's, it's tragic. I mean, it's not like the the worst possible information, but it's pretty bad. A lot of people forget to use burner emails and and names and things for these things. You know, remember to always uncheck the box that says send me updates
[00:10:27] Unknown:
or subscribe me to the newsletter. I hate when it's auto checked. There is there is another aspect here, though. I mean, you said burner email addresses. It is to go back to the Twitter thing, it is come becoming harder and harder to have a, an email address that's not linked to your identity. I I mean, there are services, like, simple login and ProtonMail gives you, like, the ability to do aliases, but it doesn't really help that much, in terms of making it easy to have anonymous email addresses. How's my audio now?
[00:11:08] Unknown:
It's it's great. It's only when you get very close that has there there is no gate there, I assume. So I was just adjusting the gain while I was talking. That's why it was long winded. No. That was good. Yeah. I mean, I I totally understand, like, the the like, you you want a a a means of having a a direct channel to your customers. Right? So you want to have their emails, not just depend on Twitter or something else. So, I mean, my preference is you have your mailing list stuff separate from your your business logic. Right? So if the customer wants to subscribe to that, go there and subscribe to that. So we have a sub stack. Go in the sub stack and subscribe. Right? Or our dev mailing list or something like that. Just don't don't cross this stuff so that, you you know, you don't put customer risk.
Ledger had that vulnerability too on their store because of the CRM. Always the sales and marketing solutions that that do the leaking. It's not the actual, like, store database per se, most cases. Alright. Blue wallet, sends transaction data to their servers even when using your own node. That's not great, but at least people can disable it. I just wish it was disabled by
[00:12:43] Unknown:
Fake news on the Internet. Opt in to push notifications in the operating system.
[00:12:48] Unknown:
Right. Yeah. If you go you go if you go into BlueWallet settings, you can enable push notifications. And if you do that, then it, by default, hits their notification server. Yeah. But then they have no choice if you want Well, they they actually have to. Props to them. They do give you the option to run your own they they open source a notification server, so you could actually run your own notification server if you want. That's great. We should update that with the link and the correct story here.
[00:13:19] Unknown:
Alright. We're gonna now start with the software releases and project updates. So Nunchuk released 1.9.9. They edit support for NFC, the collaborative wallet recovery, so that's BSMS, and a bunch of, bug fixes and improvements. I happen to try this release because it does integrate the tap signer, which is a lot of fun. So, being pretty happy with their wallet actually. It's nice to be able to choose. So you import your keys similar to Sparrow and Spectre, and the keys are separate from the wallets, and then you choose what do you do with those keys. Those keys could be part of multi sigs. They could be part of single sigs. They they are part of how you log in if you want.
I I'm I'm really enjoying how this project is, is progressing.
[00:14:21] Unknown:
Yeah. They've had really low time preference. They've been working on this for 2 years, and they just, they built everything natively. They built, all a lot of their core logic for interacting with Bitcoin is pulled out of Bitcoin Core. You know, they That's they're also been inching closer and closer. Yeah. Yeah. So, I I I haven't tried it for a while. I'd like to try it again. I I remember, they were just, making some announcements also about their end to end encrypted chat,
[00:14:51] Unknown:
you know, to basically they made a multisig to pass signatures around.
[00:14:55] Unknown:
They use they use matrix underneath, which is pretty cool. So, you know, you got people coordinating multisig and it's like a chat interface, which could be which is pretty neat.
[00:15:03] Unknown:
Props to Hugo. I mean, you know, he also released a a a a nunchucks, rebuilt our Python, tap, NFC tap library in c plus plus and released it open as well. Are the apps open source yet? I mean, all the the the meat of it is on GitHub, the libnunchuck and all that stuff. I don't know if the apps themselves are.
[00:15:30] Unknown:
Because, If I recall correctly, I remember, like, the main way you interact with it is through the Android or iPhone app, and those aren't
[00:15:38] Unknown:
and when I say open source, I'm not saying false. I'm just saying source viewable. No. No. I know. I I think so. The the way that they build is all based on their c plus plus library, which is libnunchuck, and that's open. That's on GitHub. I don't I haven't seen if their apps, like, the app shell is there or not. You know, for Android, that's kind of that matters. Oh, but but But for desktop. For iOS, it's the same shit because you're trusting anywhere.
[00:16:07] Unknown:
Yeah. Because iOS, you can't side load the app. Right? So no matter what, you're trusting the app server version. Open source, but not
[00:16:14] Unknown:
Yes. And their desktop they also have desktop. I don't know, I really like it. It's like it really brings me back to that old tool called Kopay, which was a very good app that sort of, like, couldn't handle a lot of transactions because it was JavaScript, but, it, this is really nice. And, for collaborative multi sig without a third party, like, a paid third party kind of thing is nice. Yeah. I will say like a company wallet. I will say that,
[00:16:43] Unknown:
as someone who has been part of multiple collaborative, multisigs for various projects and bounties and whatnot. Even the most hardcore technical Bitcoiner struggles with communicating the partially signed Bitcoin transactions between keyholders to sign and all that coordination involved is a massive friction pain point that even very hardcore big corners fuck it up, and Nunchuk just kind of aims to to fill that gap really cleanly. So I'm very bullish on that project. I love the idea that you also have encrypted comms
[00:17:20] Unknown:
for the coordination of the multisig transaction. So you can, you know, you can sort of trust that the other party is the other party. And you can sort of have conversations around the transaction
[00:17:33] Unknown:
without sort of exposing the transaction to your email or other chats. Like, right now, you're, like, pasting long PSBT text files, like, in signal or fucking matrix or something like that. It's a pain in the ass. Yeah. This is I wonder if this will become a standard.
[00:17:48] Unknown:
We, maybe that's the next level. I will I will chat to Hugo about this. Maybe the next thing is for There's another aspect here too where
[00:18:00] Unknown:
sorry. Sorry. There's another aspect here too where the chat is useful. Like, if you set up a device, a lot of times you wanna do it on your desktop, but you wanna like, you might wanna get the keys onto your phone too. Right? Because they have a mobile phone. And I think this the the chat would also help, like, you know, syncing the configuration between the desktop and the mobile, which would be really nice. Yeah. They have a server for that. They they do multidevice syncing. It's it's still beta.
[00:18:28] Unknown:
Yeah. Yeah. No. This is, the the what I hope that demo made me realize that the, that Yeah. So so my hope is that this flag here, but, Yeah. No worries. Is that,
[00:18:42] Unknown:
I'm just saying that the the okay. I'm I'm just gonna I'm just gonna go, seamless demo, and a compliment you here, So seamless demo made me realize that these, these these NFC cards would be really nice for, for, for multisig. Because it's also you know, it's like a completely different software stack. And also it's like the just adding it is super super slick. You know? Like, it does like, I would like to add one of those to my setup. I mean
[00:19:09] Unknown:
Hey, Justin. If you're still hearing us, after you you you're done, try refreshing the page and reentering. We'll be here. I it might sync back. So, so so wallets to talk to each other. So, like, whichever p two p protocol they start using, maybe it's, maybe it's, whatever p two p, whatever p to p, solution that they use will be really nice if, if it becomes a standard because then, you know, you essentially share with each other x pubs and all of a sudden even the chat works. Right? Even though you're using different vendors. That that could be really, really cool.
[00:20:02] Unknown:
Yeah. I mean You're back, Justin. Open standards for the win. That would be fucking awesome. I'm back.
[00:20:08] Unknown:
Mhmm.
[00:20:10] Unknown:
And then, like, the the cool thing of this too as far as I understand, which is great.
[00:20:14] Unknown:
Yeah. The the cool thing with this is that, you know, like, now you can you cannot have your private key on the phone either with the the tap signer thing. So I can have encrypted comms with a private key that's not on the phone. I mean, it it starts to become very cool very fast. Anyways, I pretty blisters up. It's nice to see different stuff being developed. It's not just the plain wallet. Alright. Let's go to BDK. BDK 0.20 is out. Highlights for this release include bug fixes for electron blockchain, and descriptor templates, new transaction building features to discourage fee sniping, and new transaction signing options.
Also, with this release, MSRV is now 1.56.1 and address validator is deprecated. A big thanks to our contributors, they say. Do you guys have any, any comments about their, the fee sniping? I I I don't really see the point, but that might just be me.
[00:21:42] Unknown:
I mean, it seems like an altruistic thing you do to try to improve the incentives of mining a little bit. I think it's pretty niche. What I what I do think is that there's you could see BDK is actually starting to get used. It's had a lot of development, like, a year and a half now, sponsorship by Spiral. And you're starting to see actual companies use it now. Like, I think Unchained Capital was, playing around with it. I I saw Francis Puilio, was talking about it, doing some integration with it on verbal Bitcoin. So, like, it's it's nice to see that they're they're starting to get some, like, rural, usage.
[00:22:15] Unknown:
That that's great. It it's nice that the the the hot stuff of the wallet is sort of, like, more centrally not centrally, but more collaboratively worked on. So you gain a lot of security from that.
[00:22:29] Unknown:
BlueWallet, also has, LDK, and I oh, we're talking about BDK, but BlueWallet has LDK built in to the developer edition.
[00:22:40] Unknown:
I mean, that'd be nice. Maybe BlueWallet should move to BDK. They they will probably save a lot of development too.
[00:22:50] Unknown:
Alright.
[00:22:53] Unknown:
Okay. So on to COVID card number 4. Thing is it should get interesting if if blocks ever get sustained full, in a high fee environment. But I I'm kind of of the belief that, you know, if we see we can kinda wait till that type of situation kind of it's fee sniping is not really a, like, a deadly kind of issue. It's not something that's just, like, catastrophic failure or something like that.
[00:23:19] Unknown:
But that's also the market. Right? I mean, like, you know, like, they the miners can still choose how they wanna construct their transactions. Right? Exactly. So, like, I it's it's very similar to, like But you want Hashrate to go towards advancing the chain. Yeah. The the the problem with these things is that, like, they they try to fight natural market dynamics on Bitcoin that was still probably supersede it around somehow. You know? That's it's it's, you know, it's similar to trying to prevent double spend. You know? It's just it's just a natural sort of aspect of Bitcoin that's never gonna go away. It doesn't matter what he tried to do around it. Right? And because, you know, all the other actors may not even choose to to do that standard that is not really preventing anything on on protocol level.
[00:24:13] Unknown:
Particularly, like, if we enter, like, a sustained high fee market, there's a strong scenario where we see fee payments out of band as well. So, like, you're trying to, control something that you can't even control to begin with.
[00:24:27] Unknown:
Right. I mean, you know, let's let's not forget that, a zero confirmation Bitcoin is not your Bitcoin, so it is a nonissue. Okay. Moving on to code card mark 45.0.5. We, released finally the bib85 derived passwords. These are really cool, a 126 bits. If you it's a 136, but anyways, you know, what's cool about that is, you know, it's very similar to the bit 85 derived seeds. You have an index, and then you get a strong password, and then you can use that strong password for interesting things. Please use a different device, a a secondary code card to to do this for for computer stuff if you're gonna connect to a computer.
I would recommend that. We did release some docs on it. We hope, that maybe BIP 85 itself gets extended, for the passwords.
[00:25:39] Unknown:
It should be very useful. How does this how does this look in practice, Enrique? The the user is plugging in a cold card via USB. And what is there, like, a text file that lists all the passwords or something like that? No. It's a lot more interesting than that, Matt. I know you like the quick hacks.
[00:25:57] Unknown:
Yeah. So you can use, USB. You can use NFC or QR. But NFC and USB, we emulate a keyboard. So we push the password itself as a keyboard to the input field.
[00:26:12] Unknown:
So what are you picking on the cold card screen which password to push? Yes. Yes. You pick So you go to the password pushes. You go to the password field on your computer or your phone, and then Yep. On the cold card, you pick pick which password you're pushing. That's right. And does the cold card have built in labeling so it could be, like, this is to sign in to ledger.com, or this is to sign in to No. Maybe maybe on the on the next iteration of the feature. So how the fuck are we supposed to use it if we're supposed to remember, like, number 3 signs me into Yahoo.
[00:26:46] Unknown:
Yep.
[00:26:47] Unknown:
Yeah. But remember, right, like, this is not for your email. Right? It's it's silly to use this for email. You're gonna have just a handful of passwords you're gonna use this for. Say, your Cloudflare, your, your SSH password, that encrypts the key on your computer. You may use it for, like, you know, like a server here and there. Like, this is the way you use it for even. Exactly. I mean, remember. Right? Like, what's the point of having your email password being this secure when your browser can see it? Or or where, like, you know, just the the the bad guys already have access to the email if they want to.
[00:27:30] Unknown:
And by that, I mean the government. Well, I would say for a lot of people, their email password should be treated sacredly because they can reset all their other accounts if they get access to your email. For a lot of people, especially if they reuse email addresses, which most people do, the email password might be the most important password, period.
[00:27:49] Unknown:
By the way, props to Apple to have that, automatic, a non email for signing up for apps. I wish they would put that on the Mac as well. I mean, they might have it on Safari, but I don't use Safari. Anyways, so so that's a cool feature. I'm pretty excited about that because it does, it does help my life. Okay. What else? We did the the QR codes are now, readable on, bright light. When, was it? Ruseer, gave us a nice update that changes the the the scanning of the screen, which is really cool. So that does essentially better displaying of the screen. The scanning rate is different.
And, you know, then there were a few other little bug fixes and, and, other little things. And, oh, yeah. The OP return now is, you can have you can have anything you want on the operator and it'll sign essentially, so that we don't need to know. We don't check that anymore. Yeah. So that's it for code card. Robinhood
[00:29:14] Unknown:
supports back 32. About the one with us the foreign Sorry? You missed the one with the foreign UTXO. What's the is that the
[00:29:22] Unknown:
Yeah. I was trying to skip some because there's a lot yes. So we can now sign something about 4.92 xO because he yeah. Because cold card checks everything. Right? It doesn't wanna let you sign stuff and you get robbed, by sniping. So the there is an option now to sign stuff with foreign TXOs because we have a lot of advanced users that wanna do stuff that, you know, have fun. So we wanna support that properly. That also helps some of the That sounds that sounds useful. Yeah. It it helps a lot of the the the the complex multi sig things that people invent out there and and, yeah, or or the HSM functions that it's very useful.
Right. Robinhood supports back 32. Nobody should be using back Robinhood for Bitcoin, but if you do, now you can send it to your segued address. I am impressed, like really, like, you know, blockchain dot info took like, you know, like I don't know how many years to support BIP 32 hierarchical deterministic wallets. And then it took another world of time to support BIP 30 2. So, nice to see Robinhood, keeping up with the times. I didn't even know you could withdraw from Robinhood. Yeah. I mean It did happen recently.
[00:30:47] Unknown:
I will, no one should use Robinhood, but props are props are due. I specifically, am on the record saying they would never allow withdrawals, let alone deposits. Now they let you do withdrawals and deposits, across all their shitcoins too. I really did not see that happening.
[00:31:07] Unknown:
But, you know, this is Bitcoin incentives in my view sort of playing out. There's a lot less people who are gonna use Robinhood for Bitcoin and crypto, if they cannot withdraw. Right? Especially after the the the bullshit with GameStop. So, I I think they're essentially just being forced to do this to retain customers. Right. Next is seed tool. It's called it by Superfat Aero. Introducing predictive seed word input, single address tool, and multisig address derivation. My understanding is c 2 is, essentially like something like, was it Coleman?
What was the name of the guy who had another c 2? Ian Coleman. Ian Ian Coleman.
[00:32:06] Unknown:
I think that's the This one is more powerful, I would say. It's got a lot of features, but definitely do not play with a live seed in there unless it's on an offline computer. Audited? Like, is there, like, audits on this? I mean, there's a running on the browser. There's a repo, you can download it offline yourself. One
[00:32:27] Unknown:
like, it's No. No. I meant, like, cold review. Right? So Yeah. No. It is. A lot of times, the wallets wallets are things that that touch seeds tend to have, like, let's say, notable people from the the community who go and sort of, you know, give a thumbs up saying, hey. You know, I I did check this and things look reasonable.
[00:32:49] Unknown:
I'm just curious. There is not. It's relatively new. It's just a humble false project. Like I said, you can download it offline. And because it's just a powerful, simple tool, there are creative ways you can use it if you're a responsible user even without he set up a cold card, with dice rolls. And then on an offline computer, he confirmed the dice rolls with, the seed generation on the seed tool. So he knew that cold card wasn't lying to him about that, and then he wiped the cold card and then generated a new seed and felt more comfortable trusting the dice math on the cold card because the first one worked, but didn't use that seed because he was too paranoid to have it in the seed tool.
[00:33:44] Unknown:
Right. Yeah. That that's that's the way to go. Another way you can do this is, you know, you can just, run, Electrum on tails and load the the seed in there and see if it, matches. I guess you could also run this too on tails. Just please, people, be very careful with browser tools, not because the developers are nefarious. That's not the point. It's just because the browser is a absolute cluster fuck. That was not designed to have any security. So, just just watch out to this. Although if you are using a burner seed, I mean, that then there is really no harm. You can do that in any computer, really.
[00:34:30] Unknown:
Yeah. And I feel like it it helps. It getting getting hands on stuff really helps with the education process. So the fact that they Yes. Kind of make it very, clear what is happening behind the scenes as you're using it, you can really, like, start to learn, how these seeds are derived, how they're used in different ways. It's a nice way of just practicing and learning.
[00:34:53] Unknown:
Yeah. No. That that's a that's a very good point.
[00:34:56] Unknown:
Yeah. I think I I Go ahead, Justin. I learned what a derivation path was, like, when I was first getting started. I I learned what a, like, a derivation path was just using the Ian Coleman tool, which was great, you know. So if you if you wanna learn some of the basic stuff, like, what is a derivation path, use a tool like this.
[00:35:13] Unknown:
Yeah. I know. It's nice because you put in the seed or x priv. Right? And then, you know, you pick a few buttons. I don't know about this tool, but in the EANS, you pick a few buttons and then it sort of like it it deterministically derives everything. Right? So you can see, like, exactly all the types of of exports that Bitcoin use in most wallets and how they interact with each other. Right? That is pretty cool. Alright. Tor Browser v version 11.5, automatic censorship detection and certain convention, redesigned network settings including streamline bridge options, HTTPS only by default.
Finally. So, yeah, I mean, the Tor Browser is, is like 11 now, and it's amazing to see.
[00:36:14] Unknown:
So to be clear here, since you said finally, usually, Tor Browser gets, shipped with HTTPS everywhere extension, which basically in practice made it, HTTPS only, but now it's just built into the browser. So they removed the extension. The way it should be. Right? Yeah.
[00:36:34] Unknown:
Although one thing I hate about HTTPS by default, I don't I I don't know the behavior on the Tor browser, but the problem is, you know, TLS certificates are all essentially centralized. Right? You have you need a centralized authority, a CA, to issue those certificates or the browser essentially don't work. Self signed certificates don't work anymore on Chrome, for example. But to be clear with with tours specifically,
[00:37:02] Unknown:
the concern is if you're visiting the clear net, you have to go through an exit node. So if there's not if there's no HTTPS, they can swap out man in the middle of you on that, and we've seen them do that already. Now, I mean, if you wanted to go the real hardcore approach, it should just be no clear net websites, period. But the tour team has taken the trade off model that they think, you know, they get more user adoption if people are able to, also visit clear net sites. But if you're if you're really, if you if you really want, you know, the best privacy guarantees, the best security guarantees, you should be doing onion only websites, Tor only websites, and a lot of the good Bitcoin websites specifically, have those available.
[00:37:45] Unknown:
Yep. I mean, Tor is is pretty amazing. I mean, especially Tor v 3. You know, having having essentially a tunnel with a public key pair that is not centralized is is a very cool thing. And so, like, I I love Tor even just internally we use, you know, between servers and things just because, like, it's a tunnel we trust. We're not, like, using some some, server sort of VPN kind of thing or anything like that. You just, you know, you create a connection of towards between them and, like, boom. You have yourself a a very strong, tunnel system, an Internet system, for yourself.
One thing. And Yeah. Go on. Yeah. Sorry. It's just, you know, you clear net. Right? I mean, even if so so, like, I completely get a trade off. I mean, you want your users to be able to access clear NAT even if they are at risk of Yeah. Of some men in the middle there. I don't trust TLS, personally, especially against the doctors, like, the state actors going after tour.
[00:38:53] Unknown:
One thing I would add is a feature they added a couple months back is that if you are running a website, and you care about privacy, there is a way to set a flag, basically. So if someone accesses it via Tor browser, it automatically reroutes them to the onion site.
[00:39:12] Unknown:
Didn't know it was there was a script before I could put on your website, but that that's nice. Yeah.
[00:39:17] Unknown:
I'm not sure exactly how it works, but it's something that website admin has to set up. But once you have it set up, if someone puts your Clearnet address into Tor Browser, it goes to the onion address.
[00:39:27] Unknown:
Cool. I haven't followed much, but how's I2P working these days? Is it, like, catching on, or what's the what's the deal with that?
[00:39:40] Unknown:
Nobody? Justin, you have some insight here. I mean, I've been hearing ITP hype for, like, 10 years now, and it feels like it never gets off the ground. Yeah. I know. That's, it's not an easy problem. I've never seen anything with ITP. Never use it once.
[00:39:54] Unknown:
Yeah. I mean, to be fair though, if it wasn't for state actors needing Tor as well for themselves, everybody who runs a Tor exit node will probably already be it is essentially like a, it's similar incentives to Bitcoin in a way. Once state actors have Bitcoin,
[00:40:12] Unknown:
they don't wanna kill Bitcoin. Right? So, the company tore themselves. To a weaker sense, I would say the tore threat model the tore threat model assumes that the US will not actively attack it, while the Bitcoin threat model is fine with the US actively attacking it.
[00:40:28] Unknown:
That's correct. It's just it's a so it's an interesting, symbiotic relationship of that project. Okay. So joinster, it's a coin join implementation using nostr, uses the nostr protocol for coordination. This seems very interesting, you guys know I am a JM fan. I have not tried this yet. I have heard interesting things about Noster. Any of you are Noster, or knowledgeable about it?
[00:41:09] Unknown:
I have I tried, jv 55, William Kassering's, domicap. Yeah. I've tried his Domasap, which is it's really slick. Like, you know, it it, they're not allowed to be using it yet, but I could see this kinda catching on. But I guess the protocol is just really, really simple. It just relays messages. You have to say which relays you wanna send and receive messages to. So it's like the simplest possible version of something like this, and that was the design intention. Whereas well, other things like, you know, web 5 or whatever the the block thing is, They're just, like, kinda complicated.
[00:41:43] Unknown:
Yeah. I like simple. I yeah. I would reiterate that,
[00:41:47] Unknown:
the coolest part is that it's simple yet powerful. And I did have JB 55 on sit all dispatch, with with Fiat, Jeff, and we went pretty deep on it. It's it's it seems really promising. The number one use case that people keep talking about that people are excited about is a censorship resistant distributed Twitter clone. But really at its core, it's a simple communication platform, protocol. So so you can you can use it for a wide variety of things, including coin joint coordination. At the Twister.
[00:42:20] Unknown:
Remember Twister? Project from about, 2014 ish, I think. It was the only thing that I ever saw that would was actually a viable Twitter alternative p two p, and, it was some Brazilian guy, and somehow the project sort of like winded off. Who knows? Maybe Twitter just hired a guy or something, you know, like it had that vibe that like it got killed with an exit strategy there because it was clearly a viable solution. Anyways alright. Next is, bitcoin binary dot org. The bot was updated. Kyle Dunn, I believe is, his name. He contributed the the call to upgrade the bot so that, this site, which I am involved, it, it makes builds for reproducible build projects, which is a very good way for most people to gain some more confidence that the cold is kosher.
It's a very, very simple solution. You know? If you wanna go there and build other projects and submit, it doesn't matter if there's 10 submissions of the same project. That's actually just adds value. It just means that there is more people out there arriving at the same, binary. I think that's a very simple way of of finding more security for everybody.
[00:43:55] Unknown:
Love it. Alright.
[00:44:01] Unknown:
Let's skip that hiring part there for after. Let's talk about the noteworthy, noteworthy, projects. I heard this about this, Fady that we've brought up the last episode, but, it seems that, like, Fady is now, is now, funded. Maybe Justin has anything to do with that.
[00:44:26] Unknown:
Yeah. So, we formed a company, myself, Obi, and Eric, Sirion, to deploy Fedimintz, focusing on the developing world, global south, which we kinda discussed a little bit, maybe, on the Spaces the other week. And, yeah, the idea is, like, to actually take this kind of research proposal research project, which is now becoming you know, getting the point where it's usable and actually try to deploy them in the real world. And you sort of need a company to do that, in my opinion, because, you know, it's just not it's not enough to just have some nice code, or a nice UX. You actually actually go and, you know, meet people where they're at and, make it work for them.
So really excited about that. You know, bring this, like, you know, payment's great for scalability, for privacy, and, for p 2 in some use cases. So, I think it's exciting to try to actually bring that to people in the real world.
[00:45:22] Unknown:
Good. And you got a pile of cash to do so.
[00:45:25] Unknown:
So so, I mean, it would behoove me to state, that my venture fund 1031 VC, co led, this raise, with Ego Death Capital and Kingsway Capital. I'm extremely personally bullish on Fediments as a concept. I think they can help improve the status quo, of Bitcoin usage, both in terms of privacy and trust on the custodial side, because a lot of people just keep opting for using custodial options regardless of sovereign options out there, mostly because of convenience. So we can make that status quo convenient option, more private and require less trust than the current status quo. That's a massive win.
There are a lot of conspiracies out there about me being bullish on Fedimans because of a vested interest because we
[00:46:20] Unknown:
funded them. We did do it first the problem with that? What's the problem with being, like, excited about stuff and then you give people money because you're excited about the stuff, so they build it. Well, I appreciate that, MBK, but I'm gonna address the criticisms real quick.
[00:46:35] Unknown:
First of all, we've we first gave them a no strings attached open source grant, that we were very excited about, and then we funded their their, their actual company, FETI. Those are should be treated as separate in my opinion. And then, second of all, you know, Fedimint as a project, as an open source project is completely false MIT license code. So anyone can fork it, run their own Fedimint, do whatever they want independent of the company, which I'm I if anything, I'm more excited. I I love you I love you, Justin, and I I love Obi and Eric. You guys are a great team, but I I think I'm more excited about the FOSS project, than I am about the company specifically.
[00:47:19] Unknown:
You know, without companies and capitalization of things, it's very hard to find enough, work, and enough, like, you know, just just people willing to work to to build the things of consumer facing. Right? Protocols themselves or standard themselves should absolutely be open. But the the the business solutions on top of them, you know, like, you you need companies behind. Otherwise, they get nowhere. And, you know, this is a lesson that most people will always learn in in free open source. It's just that you need both. And and and people need to learn how to to like both playing with each other. You know?
There is no point in a a pact of poverty. You know, people people need to find a way of of making money, and and money helps you build even bigger things and get even more people to adopt it. I think it's great. There's a lot of projects that started that way. Right? You have essentially like a like a false protocol thing that is mostly developed by the company that's trying to monetize it separately. And I I think this model has a lot of legs. Good for you for funding it.
[00:48:43] Unknown:
But, anyway, now that they're funded, I think Justin is hiring on top of it too. You know? It's it is an open source. Yeah. Exactly. So I was just saying, you know, we we'd love to see more people building on it. We'd love to see, we'd love to see, a lot of experiments, a lot of, other deployments, a lot of apps on top of Edgemont. And, and, you know, there's opportunities on the open source project to get some funding currently. So if you are interested in that and the background, you know, Rust or distributed system, cryptography, something like that, do reach out to me or Eric, or anyone else in Discord. And, yeah, the company we're hiring, we're looking for a Rust like a systems engineer, and then a mobile developer most of all. So we're good at mobile. If you're, you've been using Slutter so far, we we could switch to something else with the right person. If you're a real pro, please, please reach out.
[00:49:40] Unknown:
Yeah. I know. When can I launch my ICO on, Fedimint?
[00:49:47] Unknown:
Unlike Liquid, the goal of Fedimint isn't to put your coins on Bitcoin.
[00:49:52] Unknown:
Yeah. So I I think the the the the challenge that Liquid had was not making the the HSM or or really the the federation code, open so that, you know, they could immediately have, competitors, using the same protocol and grow the protocol?
[00:50:13] Unknown:
I mean, that's a key point. Right? And it's it's what you were talking about how, to have an open protocol, but then have a company building on top of that to try and monetize separately is completely different than having a company that has basically put itself in there as a as, like, a point of control or
[00:50:32] Unknown:
a, a friction point. To me, that's a beautiful model. Right? I mean, you know, in a way that's how, like, Linux happened. Linux happened way more than than, than, Unix did because there were companies trying to build solutions on top of Linux as a company. Right? So like Red Hat or whatever while the kernel was open. With FreeBSD and all the other tools, I mean, you had Apple building Darwin, which was really the only company that continued Darwin, And, they they tried to close down a little too much, so it became their only thing, but they are behemoth, so they could just maintain it themselves. FreeBSD on the other hand, I mean, it's way better than Linux. There's not even a comparison.
But there's not as many companies that decided to build on top commercially, Except for now you're starting to see come back because you have pfSense that grew a lot. You know, real security stuff out there is all using, either netBSD, freeBSD, or or some other variation of it. But, yeah, this to me is the preferred model. You have the open protocol, ideally, an open implementation of the protocol, and then you have companies building their solutions on top of that protocol, either closed, viewable, or open, however they decide to do it. There's even a bigger difference here too where,
[00:52:05] Unknown:
I mean, I don't wanna speak for Justin too much, but of, like one of the key things is is FETI as a company doesn't intend to be a part of any federation, period. So it's not even like, oh, anyone can launch a competing federation. Fedi's just not even gonna be involved in the federation running process.
[00:52:25] Unknown:
Well, that's also hard to avoid jail. It's a great thing. Don't run the federations. Yeah. It's not completely altruistic. If you have a fad that interfere with the fad, it might be a problem. So, you you you definitely wanna be just a service provider, a technology provider as we like like to describe ourselves. I I think that's a that's a much more sound and sane, way of operating a business.
[00:52:55] Unknown:
If you're an expert mobile developer, please head over to Bitcoin or Jobs and apply for the FEDI mobile developer position. Thank you.
[00:53:03] Unknown:
Yes. But if you're a mobile developer engineer who is, who's a a great at Python and can build across application in Python, you should definitely hit, Quaintite because we we actually ship things. Yes. Alright.
[00:53:23] Unknown:
Next. Yeah. The Python, you go to MBK and then
[00:53:27] Unknown:
That's right. You you you can take those, those those guys of the other languages.
[00:53:34] Unknown:
Okay. I'll Yeah. We'll take the JavaScript.
[00:53:38] Unknown:
That's right. The c k top protocol got repeated here by Nunchuk. That's already been talked about. Tap Saturn is now shipping. It's $39. We'll probably decrease the price at some point, and Sats card shipping soon. So, go to the Koincard store and get your top signer. It works now. Yay. Sphinx Right now is VLS.
[00:54:08] Unknown:
Right now you can only use tap signer with, Nunchuck, or is there any other apps that support it?
[00:54:14] Unknown:
So there is a a few apps out there. They're sort of like not officially supporting yet, so I'm not gonna plug it in. Officially supporting is Nunchuk, and the guys from Hacksaw wallet, which is I think Keykeeper or something Keeper or something like that, they are releasing, I think, on their next release. Yeah. They're launching a separate they're launching a separate wallet.
[00:54:39] Unknown:
They're splitting up the 2 functions.
[00:54:42] Unknown:
That's right. TopSigner is essentially like a extremely simple Bitcoin hardware wallet. It but it works as a blind signer. So if you give anything to it, it'll just sign. What do you, what do you tell someone who
[00:54:57] Unknown:
you know, the status quo, for Bitcoin hardware signing devices has been to have a screen on the device so that you can confirm what it's signing directly on the device rather than the potentially compromised computer or phone. What do you say to someone in in that respect?
[00:55:15] Unknown:
I think it's just a different set of trade offs for a different value amount. So, you know, if you're gonna keep, you know, a couple grand on your phone, you know, use a tap signer. It's a lot safer than having trust on the app on the phone to have the private key. Right? And also if you lose your phone and somebody can get in for whatever reason, the private key is not there either. It's in your wallet and your tap signer. So you have that.
[00:55:39] Unknown:
And then Would you say it competes more with, like, a a mobile wallet rather than Yes. A cold card or something like that? I wouldn't say no. It doesn't compete with cold card at all.
[00:55:52] Unknown:
I I would say it's not a competition of the mobile the the mobile wallet is in addition to the mobile wallet. Right? Because you're still using the mobile wallet. You're just not trusting it with keys for a single SIG. So so there is like a monumental gain there in security. Right? Just by separating the the the transaction building device from the private key holding device. And remember, all phones are fully pound. Right? Like, a border agent can just extract everything from the phone. So, and then and then if you're gonna use it for large amounts of money, just use multisig. Right? If you're gonna do multisig with top signer, you're you're now, like, you know, back at that sort of high grade of security because you can use a different device to double check the transaction before you sign it.
So So you could have, like, 2 phones with 2 tap signers,
[00:56:43] Unknown:
and then both phones would have to get pwned
[00:56:46] Unknown:
for you to have a place to go. It could be a it could be a separate phone with a softer key on that phone itself, and then the top signer on the other phone. It's already exponentially more secure than than not. So because for example, here's the 3 the the challenge. Right? Say you have 3 people using Nunchuck for collaborative multisig. The 3 of you are trusting Nunchuck with private keys. Same implementation of wallet, right? So at least, you know, if 1 or 2 of those of those signers are using an external key device, you're gaining a lot more security there, right, in case there's a bug or whatever.
So so that's the idea. It's just it's just adding another layer and really removing the key from the phone, especially on an app that allows you to have encrypted comms. You don't you don't want that key there. So yeah. So that's that's the idea. I mean, you can use it in conjunction of a cold card for for multisig and stuff in the same idea. But, I think it's just right now, there is no economically viable solution to people who cannot afford a $100 plus device. Right? Because even even Ledger, once you put in the euro cost and the tax and the shipping and stuff, it's like it's still essentially a $100. Right? So if you are, you know, in a country where, you know, your economical capacity is lower, $39 shipped by standard mail is pretty cheap.
And we hope to to bring the price down more soon too. And and who knows, maybe we even find a way of subsidizing the cost in in countries that people can't afford it. Because again, right, it's like it's just a much simpler, cheaper form factor. So the economics of this are a lot better for people in in countries where they can't really afford the next level security because they also have less money. So there's less money to protect. Right?
[00:58:53] Unknown:
I mean, to combine to combine, the 2 topics we just had together, I mean, you can you could foresee in a world, where the the tap signer holds, a private key, public key pair. That's your backup for your Fedimint wallet. You use the Fedimint wallet, and then if your phone gets lost or stolen, you can just restore by tapping the tap signer on it.
[00:59:19] Unknown:
Yeah. I mean, you can use it. It's just a BitBoy message digest signing. Right? So it could be authentication, it could be just proof of presence really too, right? You can tap it and not even sort of like login login, right, with the pin and stuff, that's like that's already good enough for most cases, so if somebody finds your phone on top of a desk unlocked or whatever, they can't just go and spend your money, right? I think, you know, I am mister tinfoil hat when it comes to to real money in Bitcoin, but like as we as we expand the Bitcoin pie, right, then we start to include people who have less means and less technical capacity, right, I think we need solutions that have substantially different sets of trade offs for ideally an economical gain, in terms of being cheaper for them. Right?
I think that's gonna be a game changer. And reality is in BRIC and and, economically below that, it's mobile first. Right? People don't have computers. They probably have better Internet on their phones than in Canada, but that's a different problem. Yeah. I mean, I I
[01:00:33] Unknown:
remember I'll always remember, I had a fantastic conversation on sale dispatch, with Waxwing and Belcher about Bitcoin privacy. And, I said to them I was like, have you guys considered joining market on a mobile phone? And waxwing just immediate responses, well, if you want privacy, you shouldn't use a mobile phone. And I was like That he's not wrong. Yeah. But, also, like, 6,000,000,000 people will probably be using Bitcoin using their mobile phone only. So, we probably should have tools for them. Like
[01:01:06] Unknown:
Yeah. But then what's the alternative? Right? They're gonna go and immediately docks all their keys with, one of the other CoinJoin wallets because they're not gonna be running their own node? It's complicated, And and the the privacy folk all seem to have a different opinion that is very divergent. I like the security people who all disagree, but seem to tend to go in the same direction.
[01:01:30] Unknown:
I think, I think that was a cheap shot for someone who's threatened to mute me if I talk about, CoinJoin or privacy. I'm muted. But, Kidding. But my point is is is just because a mobile phone does not offer perfection, from an engineer point of view, doesn't mean we shouldn't have tools that provide the best possible experience in terms of privacy and security, attainable on a mobile phone because that's the reality of the situation. The reality pragmatic way of looking at this is that the overwhelming majority of people are gonna be using Bitcoin on their mobile phones. So we need mobile first
[01:02:10] Unknown:
tools. The the Bitcoin on the phone, I agree. I just I just wish the the CoinJoin implementations on phones would find an alternative to doxing people's coins to their servers. That's that's all by default. The problem the main problem that I have is that default part. It's just it's just it's just something I personally cannot get over, but I I'm sure there is, like, a large enough market out there of people who who don't mind that that part. Well, I was Because it it's not you know, there there's like, the doxing is not like a full dock. I mean, you're doxing your coins to them, but, you know, if if you're using a VPN or whatever, at least you're getting another layer there. It's not like they know who you are. Well But still I mean well, first of all, the wallet in question
[01:02:58] Unknown:
has Tor enabled by default. So they do not know your IP address. The second thing is the first thing the wallet does is tell you that you should use your own node and gives you the steps to use your own node, which is just scanning a QR code, which is as simple as a process as ever gonna get to It won't go. Connect to your own node. And then, you know, most mobile wallets have this issue in general. One thing that people keep pointing out is why don't you use Neutrino? Why don't you use block filters for this? I haven't seen a single wallet that has been able to to do that in a performant way on mobile yet. It's much more doable on desktop.
[01:03:37] Unknown:
My understanding is Well, I I don't I don't disagree. I'm not it it it's that I I'm not trying to be, like, like pedantic about it. It it's more just like it's a set of trade off that that deeply bothers me, but it but I also understand there's challenges around it. It's not like, a I'm not trying cheap shot on on on SadWallet aside from their wonderful, wonderful personality online. I mean, I like
[01:04:03] Unknown:
my my happy place in the Bitcoin world is to have as many people angry at me as possible. So right now, my current situation is, I think, that the trade offs that samurai has chosen has has has positive benefits, and that it is a it is a trade off model with trade offs. And I also think that, you know, the trade offs that Fediments are making, are very compelling trade off balance. And it turns out that a lot of the people that don't like me for or are concerned about me thinking that the trade offs of samurai are compelling, Think the trade offs of Fediments are compelling, and then the people on the opposite side think I'm ridiculous for liking the trade offs that Fediments are making. So I'm I've been pissing off people on both sides, which is exactly where I like it, but the one thing I will leave it at is, you know, building on Bitcoin is permissionless. It is an open network, and I hope to see a world where there's so many different Bitcoin options that have various different trade off methods, trade off balances, and, you know, not everyone's gonna be happy with them. Like people are gonna be upset about different trade offs and that's their prerogative. They can choose the tools they wanna use. As long as the trade offs are clear. It it gets to a scammy territory. It gets to a bullshit territory if the trade offs aren't made clear to the end user.
[01:05:31] Unknown:
Yeah. I I I I think, you know, more options, the better. I I don't I don't disagree with that. I think that's a it's a good way of moving on from coin join up points. You made some great points there. And it must be must be fun to to be you and that's is Matt. Alright. We are moving on to the Sphinx analysis GLS. 2 weeks in a row. Yeah. That's right. VLS signing device. The same announced hardware signing device interfacing with validating lightning signer. I am not super familiar with VLS. Do you guys have some VLS, points? No? No?
[01:06:19] Unknown:
I mean, I have some experience with this. Like, I so the first thing I ever did in went to a hackathon. We built, we built the lightning hardware wallet. So we just took an Arduino and stuck a private key on there. It took it took, like, one file off of c lightning. It would do the signing and stuck it on the Arduino hard or wallet. Yeah. So it's it's it's something I had for a while. And, so this, lightning verifying signer project or validating lightning signer project is is supposed to be able to, like, basically make a lightning hardware wallet. And it's it's an interesting thing to see discussions around it because from what I've seen, like, they have to take tons of logic and put it on the device itself to actually make it work. Yep. So I still wonder if it's gonna work because that it sounds, and it's almost like you damn near half of the node running this thing. It seems like sometimes, in order to actually thinks thinks that it's gonna work, and they seem to be, you know, lightning experts. So, excited to actually play with it. Looks like they'll ship point view of your company.
Little note at the bottom. So anybody's interested, you know, try it out. Let us know how it
[01:07:35] Unknown:
goes. Very cool. Sorry, guys. I turned off all the cameras so that maybe the connection for Justin gets a little better. So so VLS then sounds to me similar to parts of what LDK wants to do, where he wants to to also be the policy HSM. I had a conversation with Steve, and, they they were interested in maybe getting LDK into a Java card or something like that at some point. I I don't know what the status of this is, but, it's, it's major work to get something like this written, for hardware in a secure proper way, especially if the hardware is hot. Not a not an easy problem, but it's a problem that needs to be solved.
[01:08:25] Unknown:
So props to them. Yeah. I think they're kinda companion projects. They're they're trying to work together.
[01:08:32] Unknown:
Cool. That, that's, yeah. I I mean, this this is a hard problem, so it's nice to to know that they're trying to sort of coordinate with more people, especially people who have some harder experience as well. All right, Border Wallet. I saw this project the other day. I think I was listening to the Legacy Weekly podcast about the news, and, it's a it's a very cool one. It's a way for people to to memorize their their seeds.
[01:09:07] Unknown:
If you want to go ahead. If you wanna listen to that podcast you just mentioned, search rabbit hole recap in your favorite podcast app and click subscribe.
[01:09:15] Unknown:
For for the people that don't know, I'm just trying to create some drama here, but, Matt actually releases,
[01:09:22] Unknown:
this podcast on on, on his syndication. Yeah. So Border Wallets On the yeah. Border Wallets is a very cool project. MBK is a little bit salty about it because it obsoletes, sticking an open dime up your nature's pocket.
[01:09:39] Unknown:
But, one of the It's not either or, Matt. It's not either or. 1 of the You can still choose to do it. One of the lead maintainers. Put a cold number in your pocket if you want to. Don't do that.
[01:09:50] Unknown:
Not not health advice. The the the the one of the guys behind this is also one of the guys, Superfat Arrow, with a pH, superfatarrow, is one of the guys behind that seed tool we're talking about. And, basically, the general premise is, okay, how can we make it as easy as possible for you to generate a a seed on a regular computer and, memorize it for a short period of time if you're crossing a hostile border and you're and you're concerned about carrying hardware across? So it shouldn't be used as, your standard savings method or, I mean, memorizing things is always dangerous. I've lost so many passwords that I thought I had memorized until I didn't.
But if you're crossing a hostile border specifically and you're afraid that they're gonna confiscate any hardware you have on you, this could be a compelling option.
[01:10:41] Unknown:
Yeah. The he was telling me on Twitter that, he got, he got some, some inspiration from the the CDX or, like, table. Right? So for you to reconstitute CDX or, we have a PDF so you can redo the CDXOR by hand with a little table and pen and pencil, essentially. So he was telling me that that he took some, some inspiration from that, which is kinda cool. I think that old school ways of handling cryptography related topics by hand are greatly underappreciated. You know, let's let's not we forget that, one time pad still the most the the the most hardcore way of encrypting something and also one of the simplest ways of encrypting something.
Justin, how about that one time pad app?
[01:11:45] Unknown:
Don't know what you speak of.
[01:11:50] Unknown:
Alright. Now we go to Keith, p2pcomsbybitfinexintether, which I think I misspelled. This seems promising, it's nice. The quality of the video seems to be great, and it seems to be something that might catch on. I don't know, The All this p two p solution seem to to, to fizzle away and not get a lot of traffic eventually. But The
[01:12:20] Unknown:
the video quality is only limited by their peers, individual bandwidth, obviously, because you're connecting directly to each other without a centralized server. I would agree that with MBK that it's a compelling project. One thing to keep in mind is as it's currently set up, you are doxing your IP address to any participants in the video chat, which can give away your your general location or with a sophisticated actor, more, more precise location and browsing activity. So, consider using it with a VPN, if you're gonna use it. I assume if you use it with Tor, it would just be complete garbage. So, a VPN it is if you want to protect that IP address.
[01:13:00] Unknown:
Yeah. It's, you know, as it reminds me, Skype used to be like that until Microsoft bought them and created backdoors and centralized services. Yeah. That was part of the government conspiracy to get into our Skype calls.
[01:13:13] Unknown:
Yeah. There's absolutely no way that that's true. Right? Microsoft buys it, makes it completely useless. Oh, yeah. I mean, I don't mean I don't mean conspiracy as in unlikely. Like, it a 100% was the reason it happened. Oh, I know. I know. I'm just yeah. But, yeah, Skype had that Skype had that, like, what, like, 10 years ago? And then we everything moved over to a centralized model so we could surveil everything. And now we're finally going back to the basics. Impervious is gonna have something similar out soon.
I'm sure a bunch of them are kicking themselves because they've been advertising Zoom without Zoom, for months now, and it seems that, Keith beat them to the punch by maybe a couple weeks. But, what's interesting about Impervious' model is Impervious' model is gonna be directly integrated, with decentralized identifiers, which I think could be pretty cool, in terms of doing file transfer, encrypted chat, and encrypted video all at the same time.
[01:14:16] Unknown:
What I found very cool about this, this Keith project is that, like, you know, the people behind it have some very, very, very deep pockets. Right? I mean, we're talking about Tether and Bitfinax. I mean, they're extremely capitalized entities, who have very little incentive is in building something like this. So I imagine that things are changing. Right? These are companies that probably see harm in having doing their everyday business through the standard comms, and they're probably investing heavily in having their own comms developed in an open way so that they can't be easily, co opted. But, I think we'll see a lot more of that. I mean, this is it's not like a like Tether is on the right side of the US, the US, cheek.
[01:15:05] Unknown:
This is something that we've been talking about in Bitcoin land for a while, which is just this idea that ideologically aligned, freedom oriented individuals and corporations will get so so wealthy and so profitable that they'll do things, for the greater good that aren't don't necessarily have financial gain. And, I mean, in this case, the incentive seem to be that that Tether and Finnex and the guys behind it, want this tool for themselves. Right? So why not open source it and provide it to everyone else, without direct monetization on this specific project?
[01:15:41] Unknown:
I mean, it'll say for example, you're talking like your Bitfinnex. Right? And you're talking to your securities lawyers. Right? You can't trust that, you know, people that shouldn't have access to that call say the other side, right, of the litigation is not listening to you talking to your lawyers, which is a perfectly legal application of something, right? We don't even need to go into the the weeds with like what is right and what's wrong, but like this is something that the state deems legal, right, for you to have the client attorney privilege. So, it's just it's just really, really nice to be able to have your own comms that you trust to do standard legal business.
I think I think in the future, we're gonna see a lot more of that because we all know that all the comms are compromised. Alright. So Justin, I think that Yeah. I tried this thing. Yep. I tried this thing the first day.
[01:16:43] Unknown:
Yeah. I tried this thing the first day it came out, and, I was really impressed by the audio and the video quality. Like, it was it was, like it felt as, like, better than Zoom, honestly. I was pretty impressed. And, so far, it's not open source. So far, and and I don't I don't think the app is open source. And there's a a protocol underneath it called Hole Punch, which they've been sort of advertising. I think this is how they get over, like, the natural resource issues. There's, like, some relay servers involved or something like that. They're not relay servers, but there's some there's this is how they just get around having relay servers, I think. And I said they didn't open source it, but they're going to by the end of the year. And their excuse was that they didn't want some shitcoiners coming in and throwing a token on top of it. So hopefully That's a perfectly reasonable thing to do. There will be more apps
[01:17:28] Unknown:
on top of it. Yeah. I mean, as you all know, when you release your cold open, you will get scammers and cloners taking all your code and then trying to spin up another company on top of it. Right? We all know how this works.
[01:17:45] Unknown:
I'm not sure what you're referring to.
[01:17:51] Unknown:
Oh, by the way, like a quick review on the Cloners project. It seems that they greatly increased weaknesses on the cold as they continue between quotes innovating on that cold base. Fascinating. But anyways, moving on. Justin, you have submitted this story for us here. James O'Byrne summarizing mempoolresearch. To mempool.work. Very curious about, about this.
[01:18:25] Unknown:
Yeah. So it's, I guess it's a little off topic. This is, not really a product. But, James has been doing some research on the mempool. There's there's, like, only a handful of people that really understand the Bitcoin mempool even though we all use it. And, it's it's kind of a sensitive issue for a lot of these second layer application things like, or protocols like like Lightning. You know, you don't wanna get into scenarios where you can't, publish your justice transaction, or it gets delayed, or, like, you just lock funds up. And so there's on the mailing list for last year, you know, there's more and more proposals, and a lot of them just get kinda more more complicated.
And, I think one of James's so James sort of mempool.work on his GitHub. Just search James ob mempool.work. He's gonna make a website out of it eventually. But, he's he's trying to, like, kinda summarize the state of the art. So if you're if you've heard of some of this but would like just a summary, it's, he does a great job of it. And he he's kinda has, like, an interesting point of view that some of these problems might be kind of intractable. And, one of the big risks is that if if if the validation logic in full notes gets too complex, maybe miners just say, like, screw it. Just, like, give give, give us transactions directly. And then all of a sudden, you can't really do fee estimation anymore, because your mempool and the miner's mempool aren't don't resemble each other. So that's kind of like a a risk that's on the horizon that he's kinda Oh, that's always
[01:19:48] Unknown:
interesting stuff. That's always kinda happened. Right? I mean, there's plenty of entities out there that submit their own transactions to the miners. Right, with, like, some some sort of off chain, agreements. Let's put it this way. And it's only gonna
[01:20:04] Unknown:
Seems kinda unavoidable if we if we hit a sustained high fee market where where mempools are packed, filled with transactions. It seems almost unavoidable.
[01:20:14] Unknown:
I my my suspicion is the so let me call it intuition. My intuition is that I don't think we'll ever see a saturated free market as we saw way back, on the block wars, because, back then, the biggest actors were miss were misusing, or or miss, or ignorantly, incompetently managing their UTXOs, really mainly talk about Coinbase, and, to their own detriment. There is the incentive is the opposite, and then we had other actors trying to make a bigger problem out of that by sandbagging the mempool even further, at their own detrimental, economic detriment as well. They're all lost. So I think going forward, people will treat the Bamboo with more respect.
The block size did essentially double since then, and and now we have layer twos, right? Remember, lightning was not around back then, and and it I mean, if you look at the lightning volume of transactions, you can really see or at least extrapolate how much impact they would have these mempools. I mean, you would probably have made the mempool now full. MBK. If you were trying to make what When is, the CoinKite store gonna accept lightning payments? First, we need to do back 32.
[01:21:56] Unknown:
So what? Like, 2 months?
[01:22:00] Unknown:
Yeah. I don't know. I think I think it's important for some nodes out there who are economically, viable to be using old node software that is very restrictive, I think it helps defend the network. We want many many nodes out there that are using very restrictive old stuff. I think it shows the network you cannot deprecate things, and also we're lazy and don't wanna put in the time to, change the store. Would you would you agree with me that,
[01:22:43] Unknown:
probably you don't integrate Lightning unless there's a sustained high fee market that pushes your hand?
[01:22:50] Unknown:
Yes. It's it's very, very unlikely, and I'll explain why. You know, we're we're not selling, like, you know, $5 things or $1 things. Right? We have, like, invoices that average between 500 to a $1,000 and to be an inbound receiver of all that, it will get tricky. And we don't wanna be sort of babying, that and maintaining all that or paying a third party to provide us liquidity. Right? When I can still provide that one legacy address
[01:23:25] Unknown:
and people can pay for it. But you're kinda entering that range with the Sats card and the TapCigner, though.
[01:23:33] Unknown:
Yeah. Yeah. But but realistically speaking, knowing my customers, I think they're all gonna just buy a pile of Sats cards cause they're gonna want different colors and different things. So I I doubt, maybe, maybe we could at some point come up with a separate solution that just handles the cards for single card orders, right? So there's like a blended system there somehow. Another thing people can do is they can go right now, and buy CoinKite gift cards with lightning in one of the 10 platforms that do it, and then just,
[01:24:15] Unknown:
go with the discounted gift card and buy on the CoinKite store. That's true. That also works. I mean, do you see the do you see the hypocrisy a little bit, though, that yours that you don't think we're gonna have a sustained high fee market like we saw previously because services are integrating lightning, but meanwhile, CoinKite has credit cards integrated, but not lightning?
[01:24:36] Unknown:
Yeah. So I don't see that as a hypocrisy. I see it as the opposite. The incentives and and the economic sort of size model of our transactions does not require it, right? But when you have people trying to do, you know, like, set streaming or, buying porn subscription or, feeding chickens or, in game stuff, that that makes complete sense for lightning, and those transactions that have been economically stupid to be on main chain. Right? You don't want that stuff to be on base layer because those transactions are economically nearly irrelevant, like, versus block size.
While our transactions are not, not at, say, the next few years, you know, eventually, everybody's gonna have to be on lightning. But then by that time, I don't think we're gonna have the same issues with liquidity issues on Lightning for transactions of our size.
[01:25:41] Unknown:
Yeah. That makes sense to me. I was just playing devil's advocate. I like the idea of the gift cards as a stopgap.
[01:25:49] Unknown:
It's a stablecoin. Yeah. No. I I find it it's like you know, especially with all the the the the FUD about the the the block reward, I find the the conversations and the economics of, the block space and, Equine's supply cap to be very, like, a lot of fun. Like, these are my preferred things to argue about, in Bitcoin. I think they're valid things to talk about, and they're very interesting because they're also very novel. Right? The the Fiat system has never had to encounter these issues. They have their own sets of of trade offs. So, there's a lot to be talked about and tried to figure out so that people can prepare their businesses to to continue.
Alright. Bitcoin core updates from Bitcoin OpTech. The Bitcoin core is adding, watch only support for output descriptors, retaining mini script. That's interesting mini scripts are getting used. And, we can get into details of that, and also they are updating their GUI to be able to restore a backup. Before you had to use the CLI, but now you're gonna be able to use the GUI. So so that's nice. Two little updates to Bitcoin core. Do you guys have any opinions about that?
[01:27:40] Unknown:
It'd be interesting to see if people actually use the mini script stuff. It's it's like a powerful tool both for, like, composing a script, but also if you, yeah, like, also interpreting a script. So I I just wonder what like like, taking a script and figuring out, like, what the spending conditions are there. Like, I wonder if, yeah, I wonder if people actually use this. Because, like, you know, BDK has been doing a lot of mini script stuff, and, like, I'm not sure how much how many, like, exotic use cases have been drummed up yet. Like, not really aware of any exotic use cases yet, that that like, that's basically what people use it for right now. Like, mini script is like a extension of descriptors, and it's mostly used as a backup format right now, which is useful, but it's not, it's it wasn't the, like, the original intention. The original intention was to be able to produce wallets that had more, more complex spending conditions.
[01:28:42] Unknown:
Yeah. I mean, you know, the output descriptors for multisig is very useful. You know, it does help with a lot of the the the the backup especially. I think the mini script stuff is really gonna shine once you get into Schnorr and all that stuff and very complex, scripts.
[01:29:05] Unknown:
Wait. Is it true here that you couldn't restore a Bitcoin core backup from the GUI until now? Yep.
[01:29:14] Unknown:
Yep.
[01:29:15] Unknown:
Wow. That just goes to show how early we are still.
[01:29:20] Unknown:
No. I mean no. The problem is, like you know, technically speaking, unless you are a developer, you should not be using Bitcoin Core as your wallet. You really shouldn't. It was not like I mean, you know, it it's it's a product of its time. It's a product of its sort of, like, intent at the time, but, you know, there's a reason why Electrum came right after that. You know, I mean, and got, like, huge market share. You know, one thing that people may not know is that the name Bitcoin Core came really from Gavin, who was, was going to split I don't know if it was his idea. I can't remember whose idea was at the time, but there's always been this this intent to split the consensus, the the all the Bitcoin logic stuff from the web GUI, right? And that essentially never happened. And there is many reasons why that shouldn't happen either, just because it's gonna cause a cluster fuck and just simply don't use Bitcoin Core as a wallet.
But if you're trying to validate some more complex stuff you're trying to do, maybe having the funds on Bitcoin Core is not a bad idea either. So I'd say the Bitcoin Core Wallet should only be used by devs. Everybody else should just use some other wallet. It it in my view, it's actually unsafe just because not because the code quality is not amazing, but just because the the UX of it, and its particularities are are unsafe for the average user.
[01:31:00] Unknown:
I'm I mean, a good example of this is one thing that I noticed. I'm not sure if it changed, but I noticed this, like, 5 months ago. Like, the standard for showing fee rate in the Bitcoin ecosystem has pretty much coalesced on sats per byte. But Bitcoin core GUI, defaulted to bits per kilobyte, which is just confusing. Yeah.
[01:31:26] Unknown:
Exactly. It's like the the problem with it's the UX of it really is the the the the very, very last mile of the GUI there is is not meant for average people, if we're like. Alright. Next is Bitcoin Treasury's update. It was a small update. Elon has Lettuce Hands. I don't have a lot of commentary on this, but I just wanted to point it out that we have updated the bitcoin treasuries.net website. And now it reflects Tesla reflects its, its capacity of holding bitcoin with, 2 emojis. I highly recommend checking those emojis out. Next here is Bitcoin Meshnets, an article By the way, have you noticed
[01:32:24] Unknown:
have you have you noticed a lot of selling from the miners recently?
[01:32:31] Unknown:
I think they stopped. I think the like, some of the biggest ones, were over leveraged, so they they dumped to deleveraged to deleverage, and I think it stopped. I was talking to a a minor friend who has a a sizable mine, and he told me that because he had a nice strong cash position, he's been buying a lot of small miners out, for cheap. So he's having a great ball of a time. Hi, Marshall.
[01:33:05] Unknown:
I mean, we we see we see that every cycle where where during the bear markets, miners consolidate and only the strong survive. I will say that this cycle has been a little bit more extreme because we have not seen, the kind of leverage at play on the minor side as we have this cycle. This cycle was was completely dominated by specifically American based miners that were able to get cheap debt to buy more miners, and a lot of times that debt was collateralized by ASICs themselves. So the machines were the collateral, which we've never really seen before in previous cycles.
[01:33:42] Unknown:
You know, generally speaking, this cycle was the first cycle that there were mature Bitcoin back lending, generally speaking, right, and I think a lot of Bitcoiners got caught off guard with their margins. I think people learn how to handle, margins and leverage a little better. Not that I don't believe most people were seeking leverage for leverage sake. I think people were just sort of trying to find ways to not sell Bitcoin and find fiat. Cost of capital was very low last year, so the interest rates were very low for this Bitcoin backed loans as well, and a lot of those went to miners, on top of the ASIC backed my backed loans as well. But that's all part of the same bundle of, extremely low collateral, capital cost, that that has sort of, like, increased substantially in the last few months.
You know, I I think the space is sort of like learning the lessons as it goes. Right? I mean, it's it's not easy to break new ground, especially in economics. It's not it's not easy for people to learn how to to manage, these extremely volatile savings accounts that they have, which is Bitcoin. It takes time and it takes some mistakes, but, people will, people will figure it out. You know, running a Bitcoin company, running a mining company, so essentially Bitcoin company, it's the equivalent of having a directional trade. That means, you know, when things go good, you do extra good, and when thing goes bad, you go extra bad.
That is that is the biggest issue with having a directional trade. Right? So if you, if you're earning bitcoin and you also sell things for Bitcoin, I mean, you're double fucked when the Bitcoin price goes down and you do, you know, incredibly well when the price goes up. So trying to find a balance of a USD cash position or or how you hedge that is not easy. And small businesses are also not, you know, they're just simply not sophisticated enough to the trading, and they shouldn't be. Right? Or or to to figure out just how to to to hedge things even if it's not directly trading. It's not an easy problem, and it's a problem that every single Bitcoin company will have.
Alright. So the the Bitcoin mesh nets article by Lola. Matt, I imagine, you probably seen this one.
[01:36:32] Unknown:
Yeah. It was believe it was in the print magazine as well. That's right. The print magazine, by the way, this this month has, this quarter, their quarterly magazines is absolutely phenomenal. It's called the censorship resistant up, edition, and, the Canadian truckers are on the front, This is really good to see.
[01:36:56] Unknown:
Yeah. So, I mean, Bitcoin Magazine has been killing it with being Bitcoin only with the right ethos in the last sort of couple years now. Right? I mean, they really turned the magazine around. Props to to David Bailey and, CK and and all the folks there. They they've been a power of good in the Bitcoin space, I I gotta say. So yeah. So they're running a conference in, in Amsterdam. Go buy tickets. I'm sure they would appreciate, ticket sales. It's b.tc/it'sb.tc/conference,
[01:37:32] Unknown:
if you wanna buy tickets. But just go back to Lola's, piece. It's not it's not just a theoretical piece. Her and the RGB folks have been working in Ukraine to get mesh nets up because, the Russians have cut a lot of their Internet over there. And and the general premise of mesh nets is a super promising premise, which is this idea that you have distributed nodes that are communicating directly with each other, to set up basically these ad hoc networks that don't require, existing Internet infrastructure. And then if one of them is able to connect out to the the global Internet, whether that's through a hard line or something like Starlink, then the whole mesh net, also has that Internet access through that, gateway.
[01:38:22] Unknown:
So, here's an interesting thing that most people may not know. With standard power Wi Fi with a directional antenna that you could go and buy or build it yourself, you can get almost 10 kilometers in line of sight, with decent bandwidth, and and, reliability. So, Wi Fi itself as is, is available in every device and is extremely powerful, if you just sort of use it in the right way. Meshnets themselves, are not an easy problem, finding that that doing the packet redirecting and management is not a simple problem. Is also one of those projects that because there isn't, or at least till now, maybe coming soon there will be, but there just isn't enough, economic incentive for somebody to go and build out.
All the solutions are not easy solutions, and and then you bump into state actor problems based on licensing for the radios, even for Wi Fi. If you you know, the way licensing works in most, western world is, it's type approved. So that means when you create a a radio device, that device is licensed for that specific purpose, at that specific power, at that specific everything. And if you change just a single parameter on it or you tweak the antenna or whatever, the license is lost. Right? So it's very difficult for a professional manufacturer, to sell a device that is that goes against what the state wants, really.
And that's for many reasons, good and bad. Right? Like, radio is kind of a a common good. Let's put it this way. The the the spectrum is freely available in the universe, a a dickhead with a a a an amp, completely disturbing, everybody else's transmission. Right? So it's complicated that way. That's why they're so hardcore about Spectrum as well. And then there is all the issues of monopolies and blah blah blah. But my point, generally speaking on this, is just that, it's gonna be hard for you to see meshnet quality professional radio solutions out in the market that don't require, at a minimum, a ham radio license just because manufacturers don't wanna go to jail.
But, but I have I have a good sort of optimism in the fact that you will see better home brew solutions that are very, very
[01:41:11] Unknown:
usable in a in a situation in which you need it. Well, I mean, you don't really have that issue in failed states or war zones, which Well, you do because the manufacturers are not creating that amazing plug and play solution. Right. Right. Right. Of course. Yeah. That makes sense. But And then it's not out of the box. Exactly. You're building it yourself for the most part.
[01:41:35] Unknown:
Yeah. And then when you go below 30 megahertz where stuff gets lower bandwidth but way more interesting distance and power wise, then it's internationally, managed by ITU. So for example, you know, one thing that I'd love Bitcoiners to do in the next bull cycle is go to failed states, and buy their AM, stations, that are licensed for that country or whatever, and then just broadcast blocks. And then, maybe even we we find a way of getting, an AM station in North America that can do that with the correct license. Right? You would find a lot a lot of, interesting things possible that way because if you are broadcasting on AM, on an AM band, for example, you could have a device that costs, say, like, maybe $3, $5 receiving blocks with minimum power.
And, and then that's it, really. I mean, like, you're really at next level decentralization.
[01:42:44] Unknown:
But everything in time, and and I find that this kind of things only come when the screws really get twisted in, in developing world. Well, m v you may not see. M v k. I mean, you have a lot of knowledge on this topic. You have a successful Bitcoin business, and you live in a failed state. So I look forward to the CoinKite radio tower.
[01:43:05] Unknown:
Canada is becoming a failed state, isn't it? So so, you know, I am I am set up for for HF here. I can I can definitely broadcast my blocks if I need to? And, the law on Ham Radio is very clear. In an emergency. I mean, technically you are entitled to do it if that would save somebody's life. And, we are working on a radio, but that would not be for Bitcoin. That would be for general purpose digital use, and, that that could be interesting as well. Yeah. I mean, Fedimint should look into doing some of that stuff because you guys are gonna go straight to, to 3rd world. Right? So maybe maybe you guys find a country that's friendly towards that and you can do the development there.
[01:44:04] Unknown:
Right. An interesting thought. An interesting thought. Yeah.
[01:44:08] Unknown:
Exactly. Gloria Zhao added as a Bitcoin core maintainer, I just felt like we should just mention it. She now has commit access to a Bitcoin repo. Reminder everybody, Bitcoin core is not Bitcoin, it's just a group of people who tend to be accepted as the main implementation. There is no formal process for picking who's the next person, probably a good thing too because if you have a proper process it means people have a proper loophole. So I like I like that this thing is messy, and it should stay messy for a little longer. And then eventually I'm sure we'll come up with some
[01:44:53] Unknown:
some method I think madness to making people. I think I disagree with that. I mean, I do agree with the fact that Bitcoin Core is not Bitcoin, and the the number one thing Bitcoiners have on our side is we do not have auto updates. So, ultimately, it's up to you whether or not you update, Bitcoin that you are running on your on your computers and on your nodes. But and and I I will say that Gloria is just absolutely awesome. She's a great person. She has a really good understanding of Bitcoin, and she's just I have I have a ton of respect for her. So I I think she's a great great choice here, to to jump into that maintainer role.
But I I will say that where I disagree with you is it'd be nice if there was a little bit more, I don't know, objectivity or transparency in in the selection process. It was kinda like, Peter Peter stepped down, and then within, like, the same day, it was like, okay. Gloria's in. Bam. Bam. Bam. Yeah. And, like, you know what happened in, like, private chats were was where they were discussing it. Exactly. Everything happens in private. Right? But
[01:46:01] Unknown:
but, you know, like, I see this more as a quality defense because I think if this was open, people would start, like, you know, like an unwanted sort of war over this for no reason, where just simply snuffing things off and just like, hey, well, here's a new contributor. It makes it unimportant and being unimportant is a feature, it's a nice defense.
[01:46:34] Unknown:
Justin, I'm curious on your opinion on this.
[01:46:37] Unknown:
Yeah. Go ahead, Justin.
[01:46:40] Unknown:
I mean, there was a bit of a process. You do have, you know, you're proposed as a contributor, and then people can act it or knack it like anything else. And, I know in Gloria's case, there was there was at least one NAC that I saw, but it was largely, you know, positive. You know, and there every once in a while, there's a MAC. MAC just means, like, no. MAC means yes. There's there was, you know, almost everybody was okay with it who was, like, an actual contributor. So there is a bit you know, there's a at least there there's, like, a sort of a confirmation process where, like, if if somebody in a in a chat got proposed that, you know, wouldn't be popular with the people contributing to the project, where the where the contribution disagree with it, that just wouldn't, they wouldn't get, like, kinda confirmed, so to speak.
[01:47:30] Unknown:
Yeah. I I you know, I it's such a tankless job that it'll probably be hard to find somebody who wants to do it to begin with.
[01:47:46] Unknown:
And quick news It is a getting to know so many people over the years, you you realize a lot of you people are. Yeah. It is a very painful job.
[01:47:58] Unknown:
It's an understatement, right, how brutal it is. So congrats Gloria. And now the well, I have some links there to the to the OphTech, newsletters. I highly recommend people, subscribe to them. They have way more meat than this podcast. And, I I'm still not capable of looking at the Bitcoin dev mailing list because the long term block reward discussion is an absolute no. And, oh, it was pretty funny. Maxwell, Greg Maxwell did write a big piece on the I don't think he ever wrote anything small, but, you know, like a nice wall of text, about the the tail the tail emissions on the Bitcoin talk. If you're new to Bitcoin, you may not know that Bitcoin talk is where is a PHPBB forum where, everything Bitcoin was talked back in the day, and it's still being used by many who are into that format of discussion.
And you'll find many, fun nuggets by, Maxwell there. So he recently decided to to tear at Todd's suggestion. Remember when we paid
[01:49:31] Unknown:
Themos a shit ton of money, to to create a new Bitcoin talk for him, and he decided he was gonna make a completely new forum stack, and then we're still on the same Bitcoin talk that we've had for the last
[01:49:44] Unknown:
12 years, 10 years, or whatever? I was I was not a contributor, but I've heard that, Teamazoo still released the new forums. How can I do now? 2 weeks. 2 weeks. And I heard that they're partnering up with, BFL and Obelisk to deliver the miners.
[01:50:03] Unknown:
Well, needless to say I mean, I don't know if it's needless to say, but I never I never donated any Bitcoin to that, Bitcoin talk fund, but a lot of people did. There was a lot of Bitcoin in there.
[01:50:13] Unknown:
It was about, was it 4,000, 10000 Bitcoin? Insane. Well, at the time, it was not that much money, but still. Can't build new forum software.
[01:50:23] Unknown:
That, what are you gonna fucking do?
[01:50:26] Unknown:
And then I think they had a demo using Discord. Anyways
[01:50:33] Unknown:
alright. So the next part here is the next and get into the forum building business.
[01:50:38] Unknown:
Yeah. Okay. So I was going to talk about the the hiring part after the noteworthy, but we already mentioned that FETI and Coinkite are hiring some people. But there is more Bitcoin companies hiring a lot of people, and these are great companies to work for. There is this great place to look for Bitcoin jobs, which is bitcoinerjobs.com. I think it's worth filling their website. They don't charge for people to list jobs, and, there's a lot of great positions there and fun companies to work for. So if you wanna if you wanna work for people, if you're looking for a job, if you're looking to get out of your shitty job or your great job for a shitty job, check out bitcoinerjobs.com.
They don't pay me for this ad. Alright. Bitcoin events. Matt was sending me a list of a bunch of Bitcoin Park Nashville events. Do you wanna mention some of them, Matt? Yeah. So, I mean, we have a big August at Bitcoin Park,
[01:51:42] Unknown:
our Bitcoin and community focused campus in Nashville. In August, we have, our meetup, which is focused on digital footprint and privacy is on August 10th. Right before that so that's open to the public. You can find all these events at nash bitcoiners.com. And then right before that, we have a builders in Bitcoin workshop, which is focused on different projects in the Bitcoin space. Basically, do demos for a smaller group of people. The following day, we have a digital identity workshop, on August 11th. And then we have Rockstar has decided, prolific Bitcoin developer, a contributor to BTC pay server, and one of the leads at strike, rock star dev, has decided he's gonna kill his NIM.
So he's having a funeral at Bitcoin Park on Saturday, August 13th. A lot of people are flying in for that. And then this one is farther off, in the distance, but I wanna put on everyone's radar. We are doing the Nashville Energy and Mining Summit on January 12th, to start off the new year. We've had 2 previous meetups that were focused on mining that we've had over 250 people. Very strong people in the mining community and the energy community come from around the world to attend, so we're gonna do a bigger event, in January that is a 2 day event.
[01:53:14] Unknown:
Very cool.
[01:53:16] Unknown:
I wanted to plug in, TabConf. Michael, does a great job with this conference. It's a more technical conference, that is friendly to people that are not technical, which is kinda cool. He is looking for more sponsors. This is a a product of passion. It's not like a big commercial enterprise sort of running it. So if you're a Bitcoin company that have some bucks to spare, do, go and sponsor TabConf.
[01:53:47] Unknown:
Bitblock Boom is happening Before you go to Bitblock Boom, Tab Conf is awesome. That's tabconf.com, and that stands for the Atlanta Bitcoin Conference that's happening in October. It's at Great conference. Yeah.
[01:54:01] Unknown:
Tabc0nf.com. So, yeah, I wish I could attend, but the timing is not gonna it's not gonna work for me. But we are we are helping them with sponsorship. And, so yeah. So Bitblock Boom is happening next month in August. So, that is that is an awesome, awesome conference. Highly recommend people go. And, what else what else is happening anytime soon for for events?
[01:54:35] Unknown:
Riga. Riga. Riga.
[01:54:37] Unknown:
Yeah. There is Riga, but that's that's later in the year. Right? No. No. Riga is before all these events except the
[01:54:44] Unknown:
the national events. It's September 4th through 6th, I think, or something like that. September 3rd through 5th. There you go. Latvia. Beautiful city. Great people. Everyone speaks English. Super cheap. Awesome conference. Really great conference run by the Huddl Huddl guys. I think that's, baltichoneybadger.com. I just if you duck duck go or Google or whatever, Baltic Honey Badger, it'll come up. I think we have a link on the previous episode notes as well.
[01:55:14] Unknown:
Yeah. That's I I mean, the the the bit devs, meetups, and all the other meetups are picking up a lot now. They're doing a very good job at sort of advertising themselves, so I don't have a list of them here. If you are a meet up organizer and you want us to mention your show sorry, your show, your event, just, just just please let me know. You know? Go to bitcoin dot review, and submit your event story or whatever, or go to the Telegram that you created for this and let us know there or email me, whatever. Just do let us know so we can mention it, because like there's a lot of people out there that don't know how to find these things.
Yeah. So with that, I think we've, successfully read the list. I think we successfully did it boringly, but I think, I think we've reached we've reached the point of the show now where, we say our goodbyes unless you guys have any other updates that I may have missed.
[01:56:29] Unknown:
I got nothing.
[01:56:31] Unknown:
Perfect. I'll work on my Internet connection for next for next time.
[01:56:35] Unknown:
There you go. With, with that, I, I say goodbye.
[01:56:41] Unknown:
Oh, actually, I do have something. Yeah. Go ahead. Sorry, NVK. Sorry, listeners. Sorry, Justin. I spent the last weekend, in Crawford, Colorado at a Bitcorners family ranch. His name is Jason Reich. That was for the beef initiative, beef initiative dot com. It was a really special experience. Him and his family treated us like family, hosted us on their ranch. There was about a 100 of us. We talked about ranching. We talked about food. We talked about child raising. We talked about Bitcoin. We talked about proof of work. It was just a fantastic experience. They're gonna have another event in Georgia at White Oak Pastures, in September. That's coming up.
But in general, this is a really great initiative, that Bitcoiners should pay attention to. I think, the topics are broad, but they're intimately aligned, with each other in in terms of of the new world we're trying to empower or make possible. So shout out to everyone who was involved with that. It was a really truly humbling experience, and I just wanna say that I did a Bitcoin 101. In 15 minutes, I onboarded, 50 ranchers, which was a pretty, impressive feat.
[01:58:08] Unknown:
Very cool. I saw a lot of the the, like, some buzz about it on on Twitter and stuff, and it seems like, people were having a great time there. Alright. So I think, I think we've covered, we we did good. I think the last episode was about 2 weeks ago. So, maybe maybe we do this in another couple weeks depending on the on the volume of stuff. I wanted to I did a little bit early instead of 3 weeks because there was there was enough stuff, and I wanted us to be able to give enough time for for each thing. Thank you so much for for you guys helping with this. It's a pleasure having you guys as guests, and, for anywhere else, thanks for listening.
[01:58:59] Unknown:
Thanks, MBK. Always a pleasure. I'll see you all next time we record. Cheers.
[01:59:07] Unknown:
See you next time.
[01:59:12] Unknown:
Alright.
Hey, Matt. Yo. Yo. Yo. I hear you. Justin?
[00:00:08] Unknown:
Testing 1, 2, 3.
[00:00:10] Unknown:
Okay. So I'm gonna mute the both of you. Alright. So the you did record. So, and now my waveform is showing. So I think I think we're in a good space. And if we see the error again, we'll pause, refresh the window, and then continue recording so that we don't lose Matt this time.
[00:00:28] Unknown:
Still pretty that. Still pretty sure that was the fault was on your side, but
[00:00:34] Unknown:
Yeah. No. It's it's very possible. But, so here's the thing. At the end of this, save the file.
[00:00:42] Unknown:
Yeah. That didn't help us last time.
[00:00:44] Unknown:
No. Well, you you should have for some reason. Then it was on your side because that's a local recording.
[00:00:50] Unknown:
Well, anyway anyway, I was the one who fixed I was the one who fixed the audio at the end of the day. So I can't hear you, Matt. I just muted you. At the end of the day, I was the one who fixed the audio. So I I can't hear you. I just muted you again.
[00:01:07] Unknown:
Alright. Okay. I'm gonna start recording. Okay? Hang on. Hello, and welcome to the episode 3 of the Bitcoin review podcast. We continue. This is the 3rd iteration of a 1, 2, 3 iterations of this podcast. Yay. We have, the idea of the show is to boringly go through the Bitcoin, products, updates, and we've been failing so far at being boring apparently. So and we also been failing at reserving our opinions. And so we hope to disappoint you again. I have, Matt and, Justin return to the podcast. They seem to be fixtures that don't go away, and I'm very appreciative of that. So, why don't we say hi to them?
[00:02:06] Unknown:
I just wanna thank,
[00:02:08] Unknown:
Justin and BJ. Great to be here.
[00:02:11] Unknown:
I love the enthusiasm. We could we could That's great enthusiasm. That's that's you. Exactly. That's racism. And then,
[00:02:21] Unknown:
Matt? Enrique figured out how to press the mute button so he can just mute me on demand, which I'm not enjoying, but I just wanted to thank Justin and him for joining me again. Matt, you're a dumber.
[00:02:33] Unknown:
I think it's his Internet, mate. His Internet's,
[00:02:37] Unknown:
just cutting edge a little bit. I no. Wait. I just unmuted you. Traveling. I'm still learning. I'm still learning. Fucking hate you. Go ahead, Matt. Fuck you. Go ahead, Matt. Sorry. You're muted again. No kitty.
[00:02:48] Unknown:
Fuck you.
[00:02:51] Unknown:
Okay. Well, we have to keep this show, clean. Otherwise, it's amazing how much fun an adult can have with one little button. You know, one little button. It's amazing. It reminds me of the Staples no button or yes button. I bought the no button on the Internet once. Anyways. Yeah. So Yeah. Let's start this baby. Let's go through a few vulnerability disclosures. Twitter had a data breach. He exposed the contact details for 5,400,000 accounts. It's on sale for only 30 grand. So about, a big way and a half right now, you can buy, 5,400,000 records.
You get, Twitter usernames, emails, phone numbers, and their underwear size. Why is Twitter keeping their underwear size?
[00:03:42] Unknown:
For Anyways, apparently, it was patched. Yeah. It was patched back it was disclosed and patched back in January. You know, this is a perfect example why it's it's it's pretty bad that Twitter basically forces you into providing a phone number. You don't have to provide a phone number, but if you don't, they tend to block your account and then try and get you to basically light KYC and be a phone number, which puts users at risk when these leaks inevitably happen. Consider using burner phone numbers. And also rumor is NVK is actually gonna buy the list, to send cold card propaganda to.
[00:04:21] Unknown:
That sounds more like a ledger move, but 30 k is cheap as fuck. Yeah. I mean, it must be really high quality. So what what's interesting is, I remember running sort of, like, web companies and services. Phone numbers are are surprisingly good way of removing the first layer of scammers and and spammers. It's like an unfortunate easy way out for web, suppliers. What, what I find unfortunate is that, you know, why don't they just charge people like $5 with their bird app, premium subscription and then don't do any of this k y c stupidity? Because somebody, like, scammers and and spammers are not gonna pay $5 per account. Absolutely won't, especially if you're recurrent.
So, that's kinda silly. But, you know, they don't learn. Right? They rather, spend all their money in, making sure that, none none will get blocked. Go ahead.
[00:05:26] Unknown:
I signed up a couple Twitter accounts recently, and, it was it was quite, pathetic. They they would allow you to sign up without a phone number, and then you'd show up a day later, and your account would be restricted. Right? So they wouldn't ask you, for the phone number initially, but, they just restrict your account. You show up, and then you have to reenter it. So you can and they wouldn't allow you to reuse it. So you had to so I was, like, you know, trying to get new phone numbers. Yep. One great thing I tried was silent link, silent dot link. It's a really cool tool to just buy a phone number with lightning. So if you ever need this problem, that's a fun way to solve it. Another good service is,
[00:06:03] Unknown:
text verified.com, which provides disposable phone numbers for these services. I mean, services like Twitter and other services that essentially force you to do this, like, light KYC to use the product, make it really hard to use anonymously, should get flack from their users. It's user hostile behavior. To MBK's point, I like the idea of paywalls to fighting spam. It's essentially, like, the same idea as proof of work. Obviously, if you use credit cards, that might as well be light KYC as well or heavy KYC depending on how you look at it. But if if they depends on who the processor is. Right? Showed up if they just showed, like, a lightning invoice for $5 when you make an account, they would cut down on probably 50 to 75% of bot activity on the platform.
Matt, your your microphone is, burning a little bit at the top there as it's peaking. You wanna probably drop it a little. Well, we could've voice checked if you didn't just mute me every fucking time I spoke.
[00:07:00] Unknown:
Well, that was a a very high quality
[00:07:04] Unknown:
mic check. Okay. I lowered it on my side a little bit. Yeah. No. It looks better now.
[00:07:10] Unknown:
So, yeah, I I mean, I think paywalls are the way to go for the people who want it. You know, to their benefit of doubt, let's put it this way. Like, the majority of users on Twitter are not gonna pay even 50¢, so they have that problem. It's not it's not an easy problem because users are, like, the biggest sort of, like, at like, guilty here. Like, they will not pay. So I think companies just take the the path of least resistance, which is this bullshit, lightweight KYC
[00:07:42] Unknown:
Right. That can cause a lot of problems. It's not either or they can always give you the option. Right?
[00:07:47] Unknown:
Yeah. But, you know, like this company is, you know, they employ 10,000 devs to create the form for you to report that doesn't report, but they don't put any devs or any people really to solve these problems. It's kind of annoying. Alright. Moving on to another one of these KYC leaks. Well, not really a KYC, but a form of it. ActiveCampaign database was leaked. You know, it's kind of a and I think, the was it? The our friends at Shift Shift Crypto, were affected. Name, aliases, email addresses, and IPs. And I think there were a few more Bitcoin companies that were affected. Right? Yeah. So this is
[00:08:34] Unknown:
there was a bunch of companies that got hit by ActiveCampaign leaks or compromises and HubSpot compromises. I I believe Nydig, Swan, Unchained, there were a bunch of them, but that was, like, 4 months ago. This is appears to be a separate compromise that was just targeted specifically at, Shift crypto.
[00:08:56] Unknown:
So, one thing that a lot of people don't know is that when hackers find a little door like this, they will keep on, attacking that door without being too overt and trying to take too much stuff out because they wanna just keep on draining out the stuff. Right? So, you know, even though they may have found the patch or may have found one problem with the thing, The guys are either still in there because they're probably using a dev admin key or, you know, like they managed to get away with some stuff without the company finding out on the first audit.
So, you know, always expect that everybody else in that same service is gonna probably be eventually releasing some information about how they also go up. What I what I don't understand is why Bitcoin companies are sending their customer information to this third party marketing shit, without customer permission. It's really annoying.
[00:10:03] Unknown:
Another thing in this week was IP addresses too, so that's another reason to use a VPN.
[00:10:07] Unknown:
Yes. It's, it's tragic. I mean, it's not like the the worst possible information, but it's pretty bad. A lot of people forget to use burner emails and and names and things for these things. You know, remember to always uncheck the box that says send me updates
[00:10:27] Unknown:
or subscribe me to the newsletter. I hate when it's auto checked. There is there is another aspect here, though. I mean, you said burner email addresses. It is to go back to the Twitter thing, it is come becoming harder and harder to have a, an email address that's not linked to your identity. I I mean, there are services, like, simple login and ProtonMail gives you, like, the ability to do aliases, but it doesn't really help that much, in terms of making it easy to have anonymous email addresses. How's my audio now?
[00:11:08] Unknown:
It's it's great. It's only when you get very close that has there there is no gate there, I assume. So I was just adjusting the gain while I was talking. That's why it was long winded. No. That was good. Yeah. I mean, I I totally understand, like, the the like, you you want a a a means of having a a direct channel to your customers. Right? So you want to have their emails, not just depend on Twitter or something else. So, I mean, my preference is you have your mailing list stuff separate from your your business logic. Right? So if the customer wants to subscribe to that, go there and subscribe to that. So we have a sub stack. Go in the sub stack and subscribe. Right? Or our dev mailing list or something like that. Just don't don't cross this stuff so that, you you know, you don't put customer risk.
Ledger had that vulnerability too on their store because of the CRM. Always the sales and marketing solutions that that do the leaking. It's not the actual, like, store database per se, most cases. Alright. Blue wallet, sends transaction data to their servers even when using your own node. That's not great, but at least people can disable it. I just wish it was disabled by
[00:12:43] Unknown:
Fake news on the Internet. Opt in to push notifications in the operating system.
[00:12:48] Unknown:
Right. Yeah. If you go you go if you go into BlueWallet settings, you can enable push notifications. And if you do that, then it, by default, hits their notification server. Yeah. But then they have no choice if you want Well, they they actually have to. Props to them. They do give you the option to run your own they they open source a notification server, so you could actually run your own notification server if you want. That's great. We should update that with the link and the correct story here.
[00:13:19] Unknown:
Alright. We're gonna now start with the software releases and project updates. So Nunchuk released 1.9.9. They edit support for NFC, the collaborative wallet recovery, so that's BSMS, and a bunch of, bug fixes and improvements. I happen to try this release because it does integrate the tap signer, which is a lot of fun. So, being pretty happy with their wallet actually. It's nice to be able to choose. So you import your keys similar to Sparrow and Spectre, and the keys are separate from the wallets, and then you choose what do you do with those keys. Those keys could be part of multi sigs. They could be part of single sigs. They they are part of how you log in if you want.
I I'm I'm really enjoying how this project is, is progressing.
[00:14:21] Unknown:
Yeah. They've had really low time preference. They've been working on this for 2 years, and they just, they built everything natively. They built, all a lot of their core logic for interacting with Bitcoin is pulled out of Bitcoin Core. You know, they That's they're also been inching closer and closer. Yeah. Yeah. So, I I I haven't tried it for a while. I'd like to try it again. I I remember, they were just, making some announcements also about their end to end encrypted chat,
[00:14:51] Unknown:
you know, to basically they made a multisig to pass signatures around.
[00:14:55] Unknown:
They use they use matrix underneath, which is pretty cool. So, you know, you got people coordinating multisig and it's like a chat interface, which could be which is pretty neat.
[00:15:03] Unknown:
Props to Hugo. I mean, you know, he also released a a a a nunchucks, rebuilt our Python, tap, NFC tap library in c plus plus and released it open as well. Are the apps open source yet? I mean, all the the the meat of it is on GitHub, the libnunchuck and all that stuff. I don't know if the apps themselves are.
[00:15:30] Unknown:
Because, If I recall correctly, I remember, like, the main way you interact with it is through the Android or iPhone app, and those aren't
[00:15:38] Unknown:
and when I say open source, I'm not saying false. I'm just saying source viewable. No. No. I know. I I think so. The the way that they build is all based on their c plus plus library, which is libnunchuck, and that's open. That's on GitHub. I don't I haven't seen if their apps, like, the app shell is there or not. You know, for Android, that's kind of that matters. Oh, but but But for desktop. For iOS, it's the same shit because you're trusting anywhere.
[00:16:07] Unknown:
Yeah. Because iOS, you can't side load the app. Right? So no matter what, you're trusting the app server version. Open source, but not
[00:16:14] Unknown:
Yes. And their desktop they also have desktop. I don't know, I really like it. It's like it really brings me back to that old tool called Kopay, which was a very good app that sort of, like, couldn't handle a lot of transactions because it was JavaScript, but, it, this is really nice. And, for collaborative multi sig without a third party, like, a paid third party kind of thing is nice. Yeah. I will say like a company wallet. I will say that,
[00:16:43] Unknown:
as someone who has been part of multiple collaborative, multisigs for various projects and bounties and whatnot. Even the most hardcore technical Bitcoiner struggles with communicating the partially signed Bitcoin transactions between keyholders to sign and all that coordination involved is a massive friction pain point that even very hardcore big corners fuck it up, and Nunchuk just kind of aims to to fill that gap really cleanly. So I'm very bullish on that project. I love the idea that you also have encrypted comms
[00:17:20] Unknown:
for the coordination of the multisig transaction. So you can, you know, you can sort of trust that the other party is the other party. And you can sort of have conversations around the transaction
[00:17:33] Unknown:
without sort of exposing the transaction to your email or other chats. Like, right now, you're, like, pasting long PSBT text files, like, in signal or fucking matrix or something like that. It's a pain in the ass. Yeah. This is I wonder if this will become a standard.
[00:17:48] Unknown:
We, maybe that's the next level. I will I will chat to Hugo about this. Maybe the next thing is for There's another aspect here too where
[00:18:00] Unknown:
sorry. Sorry. There's another aspect here too where the chat is useful. Like, if you set up a device, a lot of times you wanna do it on your desktop, but you wanna like, you might wanna get the keys onto your phone too. Right? Because they have a mobile phone. And I think this the the chat would also help, like, you know, syncing the configuration between the desktop and the mobile, which would be really nice. Yeah. They have a server for that. They they do multidevice syncing. It's it's still beta.
[00:18:28] Unknown:
Yeah. Yeah. No. This is, the the what I hope that demo made me realize that the, that Yeah. So so my hope is that this flag here, but, Yeah. No worries. Is that,
[00:18:42] Unknown:
I'm just saying that the the okay. I'm I'm just gonna I'm just gonna go, seamless demo, and a compliment you here, So seamless demo made me realize that these, these these NFC cards would be really nice for, for, for multisig. Because it's also you know, it's like a completely different software stack. And also it's like the just adding it is super super slick. You know? Like, it does like, I would like to add one of those to my setup. I mean
[00:19:09] Unknown:
Hey, Justin. If you're still hearing us, after you you you're done, try refreshing the page and reentering. We'll be here. I it might sync back. So, so so wallets to talk to each other. So, like, whichever p two p protocol they start using, maybe it's, maybe it's, whatever p two p, whatever p to p, solution that they use will be really nice if, if it becomes a standard because then, you know, you essentially share with each other x pubs and all of a sudden even the chat works. Right? Even though you're using different vendors. That that could be really, really cool.
[00:20:02] Unknown:
Yeah. I mean You're back, Justin. Open standards for the win. That would be fucking awesome. I'm back.
[00:20:08] Unknown:
Mhmm.
[00:20:10] Unknown:
And then, like, the the cool thing of this too as far as I understand, which is great.
[00:20:14] Unknown:
Yeah. The the cool thing with this is that, you know, like, now you can you cannot have your private key on the phone either with the the tap signer thing. So I can have encrypted comms with a private key that's not on the phone. I mean, it it starts to become very cool very fast. Anyways, I pretty blisters up. It's nice to see different stuff being developed. It's not just the plain wallet. Alright. Let's go to BDK. BDK 0.20 is out. Highlights for this release include bug fixes for electron blockchain, and descriptor templates, new transaction building features to discourage fee sniping, and new transaction signing options.
Also, with this release, MSRV is now 1.56.1 and address validator is deprecated. A big thanks to our contributors, they say. Do you guys have any, any comments about their, the fee sniping? I I I don't really see the point, but that might just be me.
[00:21:42] Unknown:
I mean, it seems like an altruistic thing you do to try to improve the incentives of mining a little bit. I think it's pretty niche. What I what I do think is that there's you could see BDK is actually starting to get used. It's had a lot of development, like, a year and a half now, sponsorship by Spiral. And you're starting to see actual companies use it now. Like, I think Unchained Capital was, playing around with it. I I saw Francis Puilio, was talking about it, doing some integration with it on verbal Bitcoin. So, like, it's it's nice to see that they're they're starting to get some, like, rural, usage.
[00:22:15] Unknown:
That that's great. It it's nice that the the the hot stuff of the wallet is sort of, like, more centrally not centrally, but more collaboratively worked on. So you gain a lot of security from that.
[00:22:29] Unknown:
BlueWallet, also has, LDK, and I oh, we're talking about BDK, but BlueWallet has LDK built in to the developer edition.
[00:22:40] Unknown:
I mean, that'd be nice. Maybe BlueWallet should move to BDK. They they will probably save a lot of development too.
[00:22:50] Unknown:
Alright.
[00:22:53] Unknown:
Okay. So on to COVID card number 4. Thing is it should get interesting if if blocks ever get sustained full, in a high fee environment. But I I'm kind of of the belief that, you know, if we see we can kinda wait till that type of situation kind of it's fee sniping is not really a, like, a deadly kind of issue. It's not something that's just, like, catastrophic failure or something like that.
[00:23:19] Unknown:
But that's also the market. Right? I mean, like, you know, like, they the miners can still choose how they wanna construct their transactions. Right? Exactly. So, like, I it's it's very similar to, like But you want Hashrate to go towards advancing the chain. Yeah. The the the problem with these things is that, like, they they try to fight natural market dynamics on Bitcoin that was still probably supersede it around somehow. You know? That's it's it's, you know, it's similar to trying to prevent double spend. You know? It's just it's just a natural sort of aspect of Bitcoin that's never gonna go away. It doesn't matter what he tried to do around it. Right? And because, you know, all the other actors may not even choose to to do that standard that is not really preventing anything on on protocol level.
[00:24:13] Unknown:
Particularly, like, if we enter, like, a sustained high fee market, there's a strong scenario where we see fee payments out of band as well. So, like, you're trying to, control something that you can't even control to begin with.
[00:24:27] Unknown:
Right. I mean, you know, let's let's not forget that, a zero confirmation Bitcoin is not your Bitcoin, so it is a nonissue. Okay. Moving on to code card mark 45.0.5. We, released finally the bib85 derived passwords. These are really cool, a 126 bits. If you it's a 136, but anyways, you know, what's cool about that is, you know, it's very similar to the bit 85 derived seeds. You have an index, and then you get a strong password, and then you can use that strong password for interesting things. Please use a different device, a a secondary code card to to do this for for computer stuff if you're gonna connect to a computer.
I would recommend that. We did release some docs on it. We hope, that maybe BIP 85 itself gets extended, for the passwords.
[00:25:39] Unknown:
It should be very useful. How does this how does this look in practice, Enrique? The the user is plugging in a cold card via USB. And what is there, like, a text file that lists all the passwords or something like that? No. It's a lot more interesting than that, Matt. I know you like the quick hacks.
[00:25:57] Unknown:
Yeah. So you can use, USB. You can use NFC or QR. But NFC and USB, we emulate a keyboard. So we push the password itself as a keyboard to the input field.
[00:26:12] Unknown:
So what are you picking on the cold card screen which password to push? Yes. Yes. You pick So you go to the password pushes. You go to the password field on your computer or your phone, and then Yep. On the cold card, you pick pick which password you're pushing. That's right. And does the cold card have built in labeling so it could be, like, this is to sign in to ledger.com, or this is to sign in to No. Maybe maybe on the on the next iteration of the feature. So how the fuck are we supposed to use it if we're supposed to remember, like, number 3 signs me into Yahoo.
[00:26:46] Unknown:
Yep.
[00:26:47] Unknown:
Yeah. But remember, right, like, this is not for your email. Right? It's it's silly to use this for email. You're gonna have just a handful of passwords you're gonna use this for. Say, your Cloudflare, your, your SSH password, that encrypts the key on your computer. You may use it for, like, you know, like a server here and there. Like, this is the way you use it for even. Exactly. I mean, remember. Right? Like, what's the point of having your email password being this secure when your browser can see it? Or or where, like, you know, just the the the bad guys already have access to the email if they want to.
[00:27:30] Unknown:
And by that, I mean the government. Well, I would say for a lot of people, their email password should be treated sacredly because they can reset all their other accounts if they get access to your email. For a lot of people, especially if they reuse email addresses, which most people do, the email password might be the most important password, period.
[00:27:49] Unknown:
By the way, props to Apple to have that, automatic, a non email for signing up for apps. I wish they would put that on the Mac as well. I mean, they might have it on Safari, but I don't use Safari. Anyways, so so that's a cool feature. I'm pretty excited about that because it does, it does help my life. Okay. What else? We did the the QR codes are now, readable on, bright light. When, was it? Ruseer, gave us a nice update that changes the the the scanning of the screen, which is really cool. So that does essentially better displaying of the screen. The scanning rate is different.
And, you know, then there were a few other little bug fixes and, and, other little things. And, oh, yeah. The OP return now is, you can have you can have anything you want on the operator and it'll sign essentially, so that we don't need to know. We don't check that anymore. Yeah. So that's it for code card. Robinhood
[00:29:14] Unknown:
supports back 32. About the one with us the foreign Sorry? You missed the one with the foreign UTXO. What's the is that the
[00:29:22] Unknown:
Yeah. I was trying to skip some because there's a lot yes. So we can now sign something about 4.92 xO because he yeah. Because cold card checks everything. Right? It doesn't wanna let you sign stuff and you get robbed, by sniping. So the there is an option now to sign stuff with foreign TXOs because we have a lot of advanced users that wanna do stuff that, you know, have fun. So we wanna support that properly. That also helps some of the That sounds that sounds useful. Yeah. It it helps a lot of the the the the complex multi sig things that people invent out there and and, yeah, or or the HSM functions that it's very useful.
Right. Robinhood supports back 32. Nobody should be using back Robinhood for Bitcoin, but if you do, now you can send it to your segued address. I am impressed, like really, like, you know, blockchain dot info took like, you know, like I don't know how many years to support BIP 32 hierarchical deterministic wallets. And then it took another world of time to support BIP 30 2. So, nice to see Robinhood, keeping up with the times. I didn't even know you could withdraw from Robinhood. Yeah. I mean It did happen recently.
[00:30:47] Unknown:
I will, no one should use Robinhood, but props are props are due. I specifically, am on the record saying they would never allow withdrawals, let alone deposits. Now they let you do withdrawals and deposits, across all their shitcoins too. I really did not see that happening.
[00:31:07] Unknown:
But, you know, this is Bitcoin incentives in my view sort of playing out. There's a lot less people who are gonna use Robinhood for Bitcoin and crypto, if they cannot withdraw. Right? Especially after the the the bullshit with GameStop. So, I I think they're essentially just being forced to do this to retain customers. Right. Next is seed tool. It's called it by Superfat Aero. Introducing predictive seed word input, single address tool, and multisig address derivation. My understanding is c 2 is, essentially like something like, was it Coleman?
What was the name of the guy who had another c 2? Ian Coleman. Ian Ian Coleman.
[00:32:06] Unknown:
I think that's the This one is more powerful, I would say. It's got a lot of features, but definitely do not play with a live seed in there unless it's on an offline computer. Audited? Like, is there, like, audits on this? I mean, there's a running on the browser. There's a repo, you can download it offline yourself. One
[00:32:27] Unknown:
like, it's No. No. I meant, like, cold review. Right? So Yeah. No. It is. A lot of times, the wallets wallets are things that that touch seeds tend to have, like, let's say, notable people from the the community who go and sort of, you know, give a thumbs up saying, hey. You know, I I did check this and things look reasonable.
[00:32:49] Unknown:
I'm just curious. There is not. It's relatively new. It's just a humble false project. Like I said, you can download it offline. And because it's just a powerful, simple tool, there are creative ways you can use it if you're a responsible user even without he set up a cold card, with dice rolls. And then on an offline computer, he confirmed the dice rolls with, the seed generation on the seed tool. So he knew that cold card wasn't lying to him about that, and then he wiped the cold card and then generated a new seed and felt more comfortable trusting the dice math on the cold card because the first one worked, but didn't use that seed because he was too paranoid to have it in the seed tool.
[00:33:44] Unknown:
Right. Yeah. That that's that's the way to go. Another way you can do this is, you know, you can just, run, Electrum on tails and load the the seed in there and see if it, matches. I guess you could also run this too on tails. Just please, people, be very careful with browser tools, not because the developers are nefarious. That's not the point. It's just because the browser is a absolute cluster fuck. That was not designed to have any security. So, just just watch out to this. Although if you are using a burner seed, I mean, that then there is really no harm. You can do that in any computer, really.
[00:34:30] Unknown:
Yeah. And I feel like it it helps. It getting getting hands on stuff really helps with the education process. So the fact that they Yes. Kind of make it very, clear what is happening behind the scenes as you're using it, you can really, like, start to learn, how these seeds are derived, how they're used in different ways. It's a nice way of just practicing and learning.
[00:34:53] Unknown:
Yeah. No. That that's a that's a very good point.
[00:34:56] Unknown:
Yeah. I think I I Go ahead, Justin. I learned what a derivation path was, like, when I was first getting started. I I learned what a, like, a derivation path was just using the Ian Coleman tool, which was great, you know. So if you if you wanna learn some of the basic stuff, like, what is a derivation path, use a tool like this.
[00:35:13] Unknown:
Yeah. I know. It's nice because you put in the seed or x priv. Right? And then, you know, you pick a few buttons. I don't know about this tool, but in the EANS, you pick a few buttons and then it sort of like it it deterministically derives everything. Right? So you can see, like, exactly all the types of of exports that Bitcoin use in most wallets and how they interact with each other. Right? That is pretty cool. Alright. Tor Browser v version 11.5, automatic censorship detection and certain convention, redesigned network settings including streamline bridge options, HTTPS only by default.
Finally. So, yeah, I mean, the Tor Browser is, is like 11 now, and it's amazing to see.
[00:36:14] Unknown:
So to be clear here, since you said finally, usually, Tor Browser gets, shipped with HTTPS everywhere extension, which basically in practice made it, HTTPS only, but now it's just built into the browser. So they removed the extension. The way it should be. Right? Yeah.
[00:36:34] Unknown:
Although one thing I hate about HTTPS by default, I don't I I don't know the behavior on the Tor browser, but the problem is, you know, TLS certificates are all essentially centralized. Right? You have you need a centralized authority, a CA, to issue those certificates or the browser essentially don't work. Self signed certificates don't work anymore on Chrome, for example. But to be clear with with tours specifically,
[00:37:02] Unknown:
the concern is if you're visiting the clear net, you have to go through an exit node. So if there's not if there's no HTTPS, they can swap out man in the middle of you on that, and we've seen them do that already. Now, I mean, if you wanted to go the real hardcore approach, it should just be no clear net websites, period. But the tour team has taken the trade off model that they think, you know, they get more user adoption if people are able to, also visit clear net sites. But if you're if you're really, if you if you really want, you know, the best privacy guarantees, the best security guarantees, you should be doing onion only websites, Tor only websites, and a lot of the good Bitcoin websites specifically, have those available.
[00:37:45] Unknown:
Yep. I mean, Tor is is pretty amazing. I mean, especially Tor v 3. You know, having having essentially a tunnel with a public key pair that is not centralized is is a very cool thing. And so, like, I I love Tor even just internally we use, you know, between servers and things just because, like, it's a tunnel we trust. We're not, like, using some some, server sort of VPN kind of thing or anything like that. You just, you know, you create a connection of towards between them and, like, boom. You have yourself a a very strong, tunnel system, an Internet system, for yourself.
One thing. And Yeah. Go on. Yeah. Sorry. It's just, you know, you clear net. Right? I mean, even if so so, like, I completely get a trade off. I mean, you want your users to be able to access clear NAT even if they are at risk of Yeah. Of some men in the middle there. I don't trust TLS, personally, especially against the doctors, like, the state actors going after tour.
[00:38:53] Unknown:
One thing I would add is a feature they added a couple months back is that if you are running a website, and you care about privacy, there is a way to set a flag, basically. So if someone accesses it via Tor browser, it automatically reroutes them to the onion site.
[00:39:12] Unknown:
Didn't know it was there was a script before I could put on your website, but that that's nice. Yeah.
[00:39:17] Unknown:
I'm not sure exactly how it works, but it's something that website admin has to set up. But once you have it set up, if someone puts your Clearnet address into Tor Browser, it goes to the onion address.
[00:39:27] Unknown:
Cool. I haven't followed much, but how's I2P working these days? Is it, like, catching on, or what's the what's the deal with that?
[00:39:40] Unknown:
Nobody? Justin, you have some insight here. I mean, I've been hearing ITP hype for, like, 10 years now, and it feels like it never gets off the ground. Yeah. I know. That's, it's not an easy problem. I've never seen anything with ITP. Never use it once.
[00:39:54] Unknown:
Yeah. I mean, to be fair though, if it wasn't for state actors needing Tor as well for themselves, everybody who runs a Tor exit node will probably already be it is essentially like a, it's similar incentives to Bitcoin in a way. Once state actors have Bitcoin,
[00:40:12] Unknown:
they don't wanna kill Bitcoin. Right? So, the company tore themselves. To a weaker sense, I would say the tore threat model the tore threat model assumes that the US will not actively attack it, while the Bitcoin threat model is fine with the US actively attacking it.
[00:40:28] Unknown:
That's correct. It's just it's a so it's an interesting, symbiotic relationship of that project. Okay. So joinster, it's a coin join implementation using nostr, uses the nostr protocol for coordination. This seems very interesting, you guys know I am a JM fan. I have not tried this yet. I have heard interesting things about Noster. Any of you are Noster, or knowledgeable about it?
[00:41:09] Unknown:
I have I tried, jv 55, William Kassering's, domicap. Yeah. I've tried his Domasap, which is it's really slick. Like, you know, it it, they're not allowed to be using it yet, but I could see this kinda catching on. But I guess the protocol is just really, really simple. It just relays messages. You have to say which relays you wanna send and receive messages to. So it's like the simplest possible version of something like this, and that was the design intention. Whereas well, other things like, you know, web 5 or whatever the the block thing is, They're just, like, kinda complicated.
[00:41:43] Unknown:
Yeah. I like simple. I yeah. I would reiterate that,
[00:41:47] Unknown:
the coolest part is that it's simple yet powerful. And I did have JB 55 on sit all dispatch, with with Fiat, Jeff, and we went pretty deep on it. It's it's it seems really promising. The number one use case that people keep talking about that people are excited about is a censorship resistant distributed Twitter clone. But really at its core, it's a simple communication platform, protocol. So so you can you can use it for a wide variety of things, including coin joint coordination. At the Twister.
[00:42:20] Unknown:
Remember Twister? Project from about, 2014 ish, I think. It was the only thing that I ever saw that would was actually a viable Twitter alternative p two p, and, it was some Brazilian guy, and somehow the project sort of like winded off. Who knows? Maybe Twitter just hired a guy or something, you know, like it had that vibe that like it got killed with an exit strategy there because it was clearly a viable solution. Anyways alright. Next is, bitcoin binary dot org. The bot was updated. Kyle Dunn, I believe is, his name. He contributed the the call to upgrade the bot so that, this site, which I am involved, it, it makes builds for reproducible build projects, which is a very good way for most people to gain some more confidence that the cold is kosher.
It's a very, very simple solution. You know? If you wanna go there and build other projects and submit, it doesn't matter if there's 10 submissions of the same project. That's actually just adds value. It just means that there is more people out there arriving at the same, binary. I think that's a very simple way of of finding more security for everybody.
[00:43:55] Unknown:
Love it. Alright.
[00:44:01] Unknown:
Let's skip that hiring part there for after. Let's talk about the noteworthy, noteworthy, projects. I heard this about this, Fady that we've brought up the last episode, but, it seems that, like, Fady is now, is now, funded. Maybe Justin has anything to do with that.
[00:44:26] Unknown:
Yeah. So, we formed a company, myself, Obi, and Eric, Sirion, to deploy Fedimintz, focusing on the developing world, global south, which we kinda discussed a little bit, maybe, on the Spaces the other week. And, yeah, the idea is, like, to actually take this kind of research proposal research project, which is now becoming you know, getting the point where it's usable and actually try to deploy them in the real world. And you sort of need a company to do that, in my opinion, because, you know, it's just not it's not enough to just have some nice code, or a nice UX. You actually actually go and, you know, meet people where they're at and, make it work for them.
So really excited about that. You know, bring this, like, you know, payment's great for scalability, for privacy, and, for p 2 in some use cases. So, I think it's exciting to try to actually bring that to people in the real world.
[00:45:22] Unknown:
Good. And you got a pile of cash to do so.
[00:45:25] Unknown:
So so, I mean, it would behoove me to state, that my venture fund 1031 VC, co led, this raise, with Ego Death Capital and Kingsway Capital. I'm extremely personally bullish on Fediments as a concept. I think they can help improve the status quo, of Bitcoin usage, both in terms of privacy and trust on the custodial side, because a lot of people just keep opting for using custodial options regardless of sovereign options out there, mostly because of convenience. So we can make that status quo convenient option, more private and require less trust than the current status quo. That's a massive win.
There are a lot of conspiracies out there about me being bullish on Fedimans because of a vested interest because we
[00:46:20] Unknown:
funded them. We did do it first the problem with that? What's the problem with being, like, excited about stuff and then you give people money because you're excited about the stuff, so they build it. Well, I appreciate that, MBK, but I'm gonna address the criticisms real quick.
[00:46:35] Unknown:
First of all, we've we first gave them a no strings attached open source grant, that we were very excited about, and then we funded their their, their actual company, FETI. Those are should be treated as separate in my opinion. And then, second of all, you know, Fedimint as a project, as an open source project is completely false MIT license code. So anyone can fork it, run their own Fedimint, do whatever they want independent of the company, which I'm I if anything, I'm more excited. I I love you I love you, Justin, and I I love Obi and Eric. You guys are a great team, but I I think I'm more excited about the FOSS project, than I am about the company specifically.
[00:47:19] Unknown:
You know, without companies and capitalization of things, it's very hard to find enough, work, and enough, like, you know, just just people willing to work to to build the things of consumer facing. Right? Protocols themselves or standard themselves should absolutely be open. But the the the business solutions on top of them, you know, like, you you need companies behind. Otherwise, they get nowhere. And, you know, this is a lesson that most people will always learn in in free open source. It's just that you need both. And and and people need to learn how to to like both playing with each other. You know?
There is no point in a a pact of poverty. You know, people people need to find a way of of making money, and and money helps you build even bigger things and get even more people to adopt it. I think it's great. There's a lot of projects that started that way. Right? You have essentially like a like a false protocol thing that is mostly developed by the company that's trying to monetize it separately. And I I think this model has a lot of legs. Good for you for funding it.
[00:48:43] Unknown:
But, anyway, now that they're funded, I think Justin is hiring on top of it too. You know? It's it is an open source. Yeah. Exactly. So I was just saying, you know, we we'd love to see more people building on it. We'd love to see, we'd love to see, a lot of experiments, a lot of, other deployments, a lot of apps on top of Edgemont. And, and, you know, there's opportunities on the open source project to get some funding currently. So if you are interested in that and the background, you know, Rust or distributed system, cryptography, something like that, do reach out to me or Eric, or anyone else in Discord. And, yeah, the company we're hiring, we're looking for a Rust like a systems engineer, and then a mobile developer most of all. So we're good at mobile. If you're, you've been using Slutter so far, we we could switch to something else with the right person. If you're a real pro, please, please reach out.
[00:49:40] Unknown:
Yeah. I know. When can I launch my ICO on, Fedimint?
[00:49:47] Unknown:
Unlike Liquid, the goal of Fedimint isn't to put your coins on Bitcoin.
[00:49:52] Unknown:
Yeah. So I I think the the the the challenge that Liquid had was not making the the HSM or or really the the federation code, open so that, you know, they could immediately have, competitors, using the same protocol and grow the protocol?
[00:50:13] Unknown:
I mean, that's a key point. Right? And it's it's what you were talking about how, to have an open protocol, but then have a company building on top of that to try and monetize separately is completely different than having a company that has basically put itself in there as a as, like, a point of control or
[00:50:32] Unknown:
a, a friction point. To me, that's a beautiful model. Right? I mean, you know, in a way that's how, like, Linux happened. Linux happened way more than than, than, Unix did because there were companies trying to build solutions on top of Linux as a company. Right? So like Red Hat or whatever while the kernel was open. With FreeBSD and all the other tools, I mean, you had Apple building Darwin, which was really the only company that continued Darwin, And, they they tried to close down a little too much, so it became their only thing, but they are behemoth, so they could just maintain it themselves. FreeBSD on the other hand, I mean, it's way better than Linux. There's not even a comparison.
But there's not as many companies that decided to build on top commercially, Except for now you're starting to see come back because you have pfSense that grew a lot. You know, real security stuff out there is all using, either netBSD, freeBSD, or or some other variation of it. But, yeah, this to me is the preferred model. You have the open protocol, ideally, an open implementation of the protocol, and then you have companies building their solutions on top of that protocol, either closed, viewable, or open, however they decide to do it. There's even a bigger difference here too where,
[00:52:05] Unknown:
I mean, I don't wanna speak for Justin too much, but of, like one of the key things is is FETI as a company doesn't intend to be a part of any federation, period. So it's not even like, oh, anyone can launch a competing federation. Fedi's just not even gonna be involved in the federation running process.
[00:52:25] Unknown:
Well, that's also hard to avoid jail. It's a great thing. Don't run the federations. Yeah. It's not completely altruistic. If you have a fad that interfere with the fad, it might be a problem. So, you you you definitely wanna be just a service provider, a technology provider as we like like to describe ourselves. I I think that's a that's a much more sound and sane, way of operating a business.
[00:52:55] Unknown:
If you're an expert mobile developer, please head over to Bitcoin or Jobs and apply for the FEDI mobile developer position. Thank you.
[00:53:03] Unknown:
Yes. But if you're a mobile developer engineer who is, who's a a great at Python and can build across application in Python, you should definitely hit, Quaintite because we we actually ship things. Yes. Alright.
[00:53:23] Unknown:
Next. Yeah. The Python, you go to MBK and then
[00:53:27] Unknown:
That's right. You you you can take those, those those guys of the other languages.
[00:53:34] Unknown:
Okay. I'll Yeah. We'll take the JavaScript.
[00:53:38] Unknown:
That's right. The c k top protocol got repeated here by Nunchuk. That's already been talked about. Tap Saturn is now shipping. It's $39. We'll probably decrease the price at some point, and Sats card shipping soon. So, go to the Koincard store and get your top signer. It works now. Yay. Sphinx Right now is VLS.
[00:54:08] Unknown:
Right now you can only use tap signer with, Nunchuck, or is there any other apps that support it?
[00:54:14] Unknown:
So there is a a few apps out there. They're sort of like not officially supporting yet, so I'm not gonna plug it in. Officially supporting is Nunchuk, and the guys from Hacksaw wallet, which is I think Keykeeper or something Keeper or something like that, they are releasing, I think, on their next release. Yeah. They're launching a separate they're launching a separate wallet.
[00:54:39] Unknown:
They're splitting up the 2 functions.
[00:54:42] Unknown:
That's right. TopSigner is essentially like a extremely simple Bitcoin hardware wallet. It but it works as a blind signer. So if you give anything to it, it'll just sign. What do you, what do you tell someone who
[00:54:57] Unknown:
you know, the status quo, for Bitcoin hardware signing devices has been to have a screen on the device so that you can confirm what it's signing directly on the device rather than the potentially compromised computer or phone. What do you say to someone in in that respect?
[00:55:15] Unknown:
I think it's just a different set of trade offs for a different value amount. So, you know, if you're gonna keep, you know, a couple grand on your phone, you know, use a tap signer. It's a lot safer than having trust on the app on the phone to have the private key. Right? And also if you lose your phone and somebody can get in for whatever reason, the private key is not there either. It's in your wallet and your tap signer. So you have that.
[00:55:39] Unknown:
And then Would you say it competes more with, like, a a mobile wallet rather than Yes. A cold card or something like that? I wouldn't say no. It doesn't compete with cold card at all.
[00:55:52] Unknown:
I I would say it's not a competition of the mobile the the mobile wallet is in addition to the mobile wallet. Right? Because you're still using the mobile wallet. You're just not trusting it with keys for a single SIG. So so there is like a monumental gain there in security. Right? Just by separating the the the transaction building device from the private key holding device. And remember, all phones are fully pound. Right? Like, a border agent can just extract everything from the phone. So, and then and then if you're gonna use it for large amounts of money, just use multisig. Right? If you're gonna do multisig with top signer, you're you're now, like, you know, back at that sort of high grade of security because you can use a different device to double check the transaction before you sign it.
So So you could have, like, 2 phones with 2 tap signers,
[00:56:43] Unknown:
and then both phones would have to get pwned
[00:56:46] Unknown:
for you to have a place to go. It could be a it could be a separate phone with a softer key on that phone itself, and then the top signer on the other phone. It's already exponentially more secure than than not. So because for example, here's the 3 the the challenge. Right? Say you have 3 people using Nunchuck for collaborative multisig. The 3 of you are trusting Nunchuck with private keys. Same implementation of wallet, right? So at least, you know, if 1 or 2 of those of those signers are using an external key device, you're gaining a lot more security there, right, in case there's a bug or whatever.
So so that's the idea. It's just it's just adding another layer and really removing the key from the phone, especially on an app that allows you to have encrypted comms. You don't you don't want that key there. So yeah. So that's that's the idea. I mean, you can use it in conjunction of a cold card for for multisig and stuff in the same idea. But, I think it's just right now, there is no economically viable solution to people who cannot afford a $100 plus device. Right? Because even even Ledger, once you put in the euro cost and the tax and the shipping and stuff, it's like it's still essentially a $100. Right? So if you are, you know, in a country where, you know, your economical capacity is lower, $39 shipped by standard mail is pretty cheap.
And we hope to to bring the price down more soon too. And and who knows, maybe we even find a way of subsidizing the cost in in countries that people can't afford it. Because again, right, it's like it's just a much simpler, cheaper form factor. So the economics of this are a lot better for people in in countries where they can't really afford the next level security because they also have less money. So there's less money to protect. Right?
[00:58:53] Unknown:
I mean, to combine to combine, the 2 topics we just had together, I mean, you can you could foresee in a world, where the the tap signer holds, a private key, public key pair. That's your backup for your Fedimint wallet. You use the Fedimint wallet, and then if your phone gets lost or stolen, you can just restore by tapping the tap signer on it.
[00:59:19] Unknown:
Yeah. I mean, you can use it. It's just a BitBoy message digest signing. Right? So it could be authentication, it could be just proof of presence really too, right? You can tap it and not even sort of like login login, right, with the pin and stuff, that's like that's already good enough for most cases, so if somebody finds your phone on top of a desk unlocked or whatever, they can't just go and spend your money, right? I think, you know, I am mister tinfoil hat when it comes to to real money in Bitcoin, but like as we as we expand the Bitcoin pie, right, then we start to include people who have less means and less technical capacity, right, I think we need solutions that have substantially different sets of trade offs for ideally an economical gain, in terms of being cheaper for them. Right?
I think that's gonna be a game changer. And reality is in BRIC and and, economically below that, it's mobile first. Right? People don't have computers. They probably have better Internet on their phones than in Canada, but that's a different problem. Yeah. I mean, I I
[01:00:33] Unknown:
remember I'll always remember, I had a fantastic conversation on sale dispatch, with Waxwing and Belcher about Bitcoin privacy. And, I said to them I was like, have you guys considered joining market on a mobile phone? And waxwing just immediate responses, well, if you want privacy, you shouldn't use a mobile phone. And I was like That he's not wrong. Yeah. But, also, like, 6,000,000,000 people will probably be using Bitcoin using their mobile phone only. So, we probably should have tools for them. Like
[01:01:06] Unknown:
Yeah. But then what's the alternative? Right? They're gonna go and immediately docks all their keys with, one of the other CoinJoin wallets because they're not gonna be running their own node? It's complicated, And and the the privacy folk all seem to have a different opinion that is very divergent. I like the security people who all disagree, but seem to tend to go in the same direction.
[01:01:30] Unknown:
I think, I think that was a cheap shot for someone who's threatened to mute me if I talk about, CoinJoin or privacy. I'm muted. But, Kidding. But my point is is is just because a mobile phone does not offer perfection, from an engineer point of view, doesn't mean we shouldn't have tools that provide the best possible experience in terms of privacy and security, attainable on a mobile phone because that's the reality of the situation. The reality pragmatic way of looking at this is that the overwhelming majority of people are gonna be using Bitcoin on their mobile phones. So we need mobile first
[01:02:10] Unknown:
tools. The the Bitcoin on the phone, I agree. I just I just wish the the CoinJoin implementations on phones would find an alternative to doxing people's coins to their servers. That's that's all by default. The problem the main problem that I have is that default part. It's just it's just it's just something I personally cannot get over, but I I'm sure there is, like, a large enough market out there of people who who don't mind that that part. Well, I was Because it it's not you know, there there's like, the doxing is not like a full dock. I mean, you're doxing your coins to them, but, you know, if if you're using a VPN or whatever, at least you're getting another layer there. It's not like they know who you are. Well But still I mean well, first of all, the wallet in question
[01:02:58] Unknown:
has Tor enabled by default. So they do not know your IP address. The second thing is the first thing the wallet does is tell you that you should use your own node and gives you the steps to use your own node, which is just scanning a QR code, which is as simple as a process as ever gonna get to It won't go. Connect to your own node. And then, you know, most mobile wallets have this issue in general. One thing that people keep pointing out is why don't you use Neutrino? Why don't you use block filters for this? I haven't seen a single wallet that has been able to to do that in a performant way on mobile yet. It's much more doable on desktop.
[01:03:37] Unknown:
My understanding is Well, I I don't I don't disagree. I'm not it it it's that I I'm not trying to be, like, like pedantic about it. It it's more just like it's a set of trade off that that deeply bothers me, but it but I also understand there's challenges around it. It's not like, a I'm not trying cheap shot on on on SadWallet aside from their wonderful, wonderful personality online. I mean, I like
[01:04:03] Unknown:
my my happy place in the Bitcoin world is to have as many people angry at me as possible. So right now, my current situation is, I think, that the trade offs that samurai has chosen has has has positive benefits, and that it is a it is a trade off model with trade offs. And I also think that, you know, the trade offs that Fediments are making, are very compelling trade off balance. And it turns out that a lot of the people that don't like me for or are concerned about me thinking that the trade offs of samurai are compelling, Think the trade offs of Fediments are compelling, and then the people on the opposite side think I'm ridiculous for liking the trade offs that Fediments are making. So I'm I've been pissing off people on both sides, which is exactly where I like it, but the one thing I will leave it at is, you know, building on Bitcoin is permissionless. It is an open network, and I hope to see a world where there's so many different Bitcoin options that have various different trade off methods, trade off balances, and, you know, not everyone's gonna be happy with them. Like people are gonna be upset about different trade offs and that's their prerogative. They can choose the tools they wanna use. As long as the trade offs are clear. It it gets to a scammy territory. It gets to a bullshit territory if the trade offs aren't made clear to the end user.
[01:05:31] Unknown:
Yeah. I I I I think, you know, more options, the better. I I don't I don't disagree with that. I think that's a it's a good way of moving on from coin join up points. You made some great points there. And it must be must be fun to to be you and that's is Matt. Alright. We are moving on to the Sphinx analysis GLS. 2 weeks in a row. Yeah. That's right. VLS signing device. The same announced hardware signing device interfacing with validating lightning signer. I am not super familiar with VLS. Do you guys have some VLS, points? No? No?
[01:06:19] Unknown:
I mean, I have some experience with this. Like, I so the first thing I ever did in went to a hackathon. We built, we built the lightning hardware wallet. So we just took an Arduino and stuck a private key on there. It took it took, like, one file off of c lightning. It would do the signing and stuck it on the Arduino hard or wallet. Yeah. So it's it's it's something I had for a while. And, so this, lightning verifying signer project or validating lightning signer project is is supposed to be able to, like, basically make a lightning hardware wallet. And it's it's an interesting thing to see discussions around it because from what I've seen, like, they have to take tons of logic and put it on the device itself to actually make it work. Yep. So I still wonder if it's gonna work because that it sounds, and it's almost like you damn near half of the node running this thing. It seems like sometimes, in order to actually thinks thinks that it's gonna work, and they seem to be, you know, lightning experts. So, excited to actually play with it. Looks like they'll ship point view of your company.
Little note at the bottom. So anybody's interested, you know, try it out. Let us know how it
[01:07:35] Unknown:
goes. Very cool. Sorry, guys. I turned off all the cameras so that maybe the connection for Justin gets a little better. So so VLS then sounds to me similar to parts of what LDK wants to do, where he wants to to also be the policy HSM. I had a conversation with Steve, and, they they were interested in maybe getting LDK into a Java card or something like that at some point. I I don't know what the status of this is, but, it's, it's major work to get something like this written, for hardware in a secure proper way, especially if the hardware is hot. Not a not an easy problem, but it's a problem that needs to be solved.
[01:08:25] Unknown:
So props to them. Yeah. I think they're kinda companion projects. They're they're trying to work together.
[01:08:32] Unknown:
Cool. That, that's, yeah. I I mean, this this is a hard problem, so it's nice to to know that they're trying to sort of coordinate with more people, especially people who have some harder experience as well. All right, Border Wallet. I saw this project the other day. I think I was listening to the Legacy Weekly podcast about the news, and, it's a it's a very cool one. It's a way for people to to memorize their their seeds.
[01:09:07] Unknown:
If you want to go ahead. If you wanna listen to that podcast you just mentioned, search rabbit hole recap in your favorite podcast app and click subscribe.
[01:09:15] Unknown:
For for the people that don't know, I'm just trying to create some drama here, but, Matt actually releases,
[01:09:22] Unknown:
this podcast on on, on his syndication. Yeah. So Border Wallets On the yeah. Border Wallets is a very cool project. MBK is a little bit salty about it because it obsoletes, sticking an open dime up your nature's pocket.
[01:09:39] Unknown:
But, one of the It's not either or, Matt. It's not either or. 1 of the You can still choose to do it. One of the lead maintainers. Put a cold number in your pocket if you want to. Don't do that.
[01:09:50] Unknown:
Not not health advice. The the the the one of the guys behind this is also one of the guys, Superfat Arrow, with a pH, superfatarrow, is one of the guys behind that seed tool we're talking about. And, basically, the general premise is, okay, how can we make it as easy as possible for you to generate a a seed on a regular computer and, memorize it for a short period of time if you're crossing a hostile border and you're and you're concerned about carrying hardware across? So it shouldn't be used as, your standard savings method or, I mean, memorizing things is always dangerous. I've lost so many passwords that I thought I had memorized until I didn't.
But if you're crossing a hostile border specifically and you're afraid that they're gonna confiscate any hardware you have on you, this could be a compelling option.
[01:10:41] Unknown:
Yeah. The he was telling me on Twitter that, he got, he got some, some inspiration from the the CDX or, like, table. Right? So for you to reconstitute CDX or, we have a PDF so you can redo the CDXOR by hand with a little table and pen and pencil, essentially. So he was telling me that that he took some, some inspiration from that, which is kinda cool. I think that old school ways of handling cryptography related topics by hand are greatly underappreciated. You know, let's let's not we forget that, one time pad still the most the the the most hardcore way of encrypting something and also one of the simplest ways of encrypting something.
Justin, how about that one time pad app?
[01:11:45] Unknown:
Don't know what you speak of.
[01:11:50] Unknown:
Alright. Now we go to Keith, p2pcomsbybitfinexintether, which I think I misspelled. This seems promising, it's nice. The quality of the video seems to be great, and it seems to be something that might catch on. I don't know, The All this p two p solution seem to to, to fizzle away and not get a lot of traffic eventually. But The
[01:12:20] Unknown:
the video quality is only limited by their peers, individual bandwidth, obviously, because you're connecting directly to each other without a centralized server. I would agree that with MBK that it's a compelling project. One thing to keep in mind is as it's currently set up, you are doxing your IP address to any participants in the video chat, which can give away your your general location or with a sophisticated actor, more, more precise location and browsing activity. So, consider using it with a VPN, if you're gonna use it. I assume if you use it with Tor, it would just be complete garbage. So, a VPN it is if you want to protect that IP address.
[01:13:00] Unknown:
Yeah. It's, you know, as it reminds me, Skype used to be like that until Microsoft bought them and created backdoors and centralized services. Yeah. That was part of the government conspiracy to get into our Skype calls.
[01:13:13] Unknown:
Yeah. There's absolutely no way that that's true. Right? Microsoft buys it, makes it completely useless. Oh, yeah. I mean, I don't mean I don't mean conspiracy as in unlikely. Like, it a 100% was the reason it happened. Oh, I know. I know. I'm just yeah. But, yeah, Skype had that Skype had that, like, what, like, 10 years ago? And then we everything moved over to a centralized model so we could surveil everything. And now we're finally going back to the basics. Impervious is gonna have something similar out soon.
I'm sure a bunch of them are kicking themselves because they've been advertising Zoom without Zoom, for months now, and it seems that, Keith beat them to the punch by maybe a couple weeks. But, what's interesting about Impervious' model is Impervious' model is gonna be directly integrated, with decentralized identifiers, which I think could be pretty cool, in terms of doing file transfer, encrypted chat, and encrypted video all at the same time.
[01:14:16] Unknown:
What I found very cool about this, this Keith project is that, like, you know, the people behind it have some very, very, very deep pockets. Right? I mean, we're talking about Tether and Bitfinax. I mean, they're extremely capitalized entities, who have very little incentive is in building something like this. So I imagine that things are changing. Right? These are companies that probably see harm in having doing their everyday business through the standard comms, and they're probably investing heavily in having their own comms developed in an open way so that they can't be easily, co opted. But, I think we'll see a lot more of that. I mean, this is it's not like a like Tether is on the right side of the US, the US, cheek.
[01:15:05] Unknown:
This is something that we've been talking about in Bitcoin land for a while, which is just this idea that ideologically aligned, freedom oriented individuals and corporations will get so so wealthy and so profitable that they'll do things, for the greater good that aren't don't necessarily have financial gain. And, I mean, in this case, the incentive seem to be that that Tether and Finnex and the guys behind it, want this tool for themselves. Right? So why not open source it and provide it to everyone else, without direct monetization on this specific project?
[01:15:41] Unknown:
I mean, it'll say for example, you're talking like your Bitfinnex. Right? And you're talking to your securities lawyers. Right? You can't trust that, you know, people that shouldn't have access to that call say the other side, right, of the litigation is not listening to you talking to your lawyers, which is a perfectly legal application of something, right? We don't even need to go into the the weeds with like what is right and what's wrong, but like this is something that the state deems legal, right, for you to have the client attorney privilege. So, it's just it's just really, really nice to be able to have your own comms that you trust to do standard legal business.
I think I think in the future, we're gonna see a lot more of that because we all know that all the comms are compromised. Alright. So Justin, I think that Yeah. I tried this thing. Yep. I tried this thing the first day.
[01:16:43] Unknown:
Yeah. I tried this thing the first day it came out, and, I was really impressed by the audio and the video quality. Like, it was it was, like it felt as, like, better than Zoom, honestly. I was pretty impressed. And, so far, it's not open source. So far, and and I don't I don't think the app is open source. And there's a a protocol underneath it called Hole Punch, which they've been sort of advertising. I think this is how they get over, like, the natural resource issues. There's, like, some relay servers involved or something like that. They're not relay servers, but there's some there's this is how they just get around having relay servers, I think. And I said they didn't open source it, but they're going to by the end of the year. And their excuse was that they didn't want some shitcoiners coming in and throwing a token on top of it. So hopefully That's a perfectly reasonable thing to do. There will be more apps
[01:17:28] Unknown:
on top of it. Yeah. I mean, as you all know, when you release your cold open, you will get scammers and cloners taking all your code and then trying to spin up another company on top of it. Right? We all know how this works.
[01:17:45] Unknown:
I'm not sure what you're referring to.
[01:17:51] Unknown:
Oh, by the way, like a quick review on the Cloners project. It seems that they greatly increased weaknesses on the cold as they continue between quotes innovating on that cold base. Fascinating. But anyways, moving on. Justin, you have submitted this story for us here. James O'Byrne summarizing mempoolresearch. To mempool.work. Very curious about, about this.
[01:18:25] Unknown:
Yeah. So it's, I guess it's a little off topic. This is, not really a product. But, James has been doing some research on the mempool. There's there's, like, only a handful of people that really understand the Bitcoin mempool even though we all use it. And, it's it's kind of a sensitive issue for a lot of these second layer application things like, or protocols like like Lightning. You know, you don't wanna get into scenarios where you can't, publish your justice transaction, or it gets delayed, or, like, you just lock funds up. And so there's on the mailing list for last year, you know, there's more and more proposals, and a lot of them just get kinda more more complicated.
And, I think one of James's so James sort of mempool.work on his GitHub. Just search James ob mempool.work. He's gonna make a website out of it eventually. But, he's he's trying to, like, kinda summarize the state of the art. So if you're if you've heard of some of this but would like just a summary, it's, he does a great job of it. And he he's kinda has, like, an interesting point of view that some of these problems might be kind of intractable. And, one of the big risks is that if if if the validation logic in full notes gets too complex, maybe miners just say, like, screw it. Just, like, give give, give us transactions directly. And then all of a sudden, you can't really do fee estimation anymore, because your mempool and the miner's mempool aren't don't resemble each other. So that's kind of like a a risk that's on the horizon that he's kinda Oh, that's always
[01:19:48] Unknown:
interesting stuff. That's always kinda happened. Right? I mean, there's plenty of entities out there that submit their own transactions to the miners. Right, with, like, some some sort of off chain, agreements. Let's put it this way. And it's only gonna
[01:20:04] Unknown:
Seems kinda unavoidable if we if we hit a sustained high fee market where where mempools are packed, filled with transactions. It seems almost unavoidable.
[01:20:14] Unknown:
I my my suspicion is the so let me call it intuition. My intuition is that I don't think we'll ever see a saturated free market as we saw way back, on the block wars, because, back then, the biggest actors were miss were misusing, or or miss, or ignorantly, incompetently managing their UTXOs, really mainly talk about Coinbase, and, to their own detriment. There is the incentive is the opposite, and then we had other actors trying to make a bigger problem out of that by sandbagging the mempool even further, at their own detrimental, economic detriment as well. They're all lost. So I think going forward, people will treat the Bamboo with more respect.
The block size did essentially double since then, and and now we have layer twos, right? Remember, lightning was not around back then, and and it I mean, if you look at the lightning volume of transactions, you can really see or at least extrapolate how much impact they would have these mempools. I mean, you would probably have made the mempool now full. MBK. If you were trying to make what When is, the CoinKite store gonna accept lightning payments? First, we need to do back 32.
[01:21:56] Unknown:
So what? Like, 2 months?
[01:22:00] Unknown:
Yeah. I don't know. I think I think it's important for some nodes out there who are economically, viable to be using old node software that is very restrictive, I think it helps defend the network. We want many many nodes out there that are using very restrictive old stuff. I think it shows the network you cannot deprecate things, and also we're lazy and don't wanna put in the time to, change the store. Would you would you agree with me that,
[01:22:43] Unknown:
probably you don't integrate Lightning unless there's a sustained high fee market that pushes your hand?
[01:22:50] Unknown:
Yes. It's it's very, very unlikely, and I'll explain why. You know, we're we're not selling, like, you know, $5 things or $1 things. Right? We have, like, invoices that average between 500 to a $1,000 and to be an inbound receiver of all that, it will get tricky. And we don't wanna be sort of babying, that and maintaining all that or paying a third party to provide us liquidity. Right? When I can still provide that one legacy address
[01:23:25] Unknown:
and people can pay for it. But you're kinda entering that range with the Sats card and the TapCigner, though.
[01:23:33] Unknown:
Yeah. Yeah. But but realistically speaking, knowing my customers, I think they're all gonna just buy a pile of Sats cards cause they're gonna want different colors and different things. So I I doubt, maybe, maybe we could at some point come up with a separate solution that just handles the cards for single card orders, right? So there's like a blended system there somehow. Another thing people can do is they can go right now, and buy CoinKite gift cards with lightning in one of the 10 platforms that do it, and then just,
[01:24:15] Unknown:
go with the discounted gift card and buy on the CoinKite store. That's true. That also works. I mean, do you see the do you see the hypocrisy a little bit, though, that yours that you don't think we're gonna have a sustained high fee market like we saw previously because services are integrating lightning, but meanwhile, CoinKite has credit cards integrated, but not lightning?
[01:24:36] Unknown:
Yeah. So I don't see that as a hypocrisy. I see it as the opposite. The incentives and and the economic sort of size model of our transactions does not require it, right? But when you have people trying to do, you know, like, set streaming or, buying porn subscription or, feeding chickens or, in game stuff, that that makes complete sense for lightning, and those transactions that have been economically stupid to be on main chain. Right? You don't want that stuff to be on base layer because those transactions are economically nearly irrelevant, like, versus block size.
While our transactions are not, not at, say, the next few years, you know, eventually, everybody's gonna have to be on lightning. But then by that time, I don't think we're gonna have the same issues with liquidity issues on Lightning for transactions of our size.
[01:25:41] Unknown:
Yeah. That makes sense to me. I was just playing devil's advocate. I like the idea of the gift cards as a stopgap.
[01:25:49] Unknown:
It's a stablecoin. Yeah. No. I I find it it's like you know, especially with all the the the the FUD about the the the block reward, I find the the conversations and the economics of, the block space and, Equine's supply cap to be very, like, a lot of fun. Like, these are my preferred things to argue about, in Bitcoin. I think they're valid things to talk about, and they're very interesting because they're also very novel. Right? The the Fiat system has never had to encounter these issues. They have their own sets of of trade offs. So, there's a lot to be talked about and tried to figure out so that people can prepare their businesses to to continue.
Alright. Bitcoin core updates from Bitcoin OpTech. The Bitcoin core is adding, watch only support for output descriptors, retaining mini script. That's interesting mini scripts are getting used. And, we can get into details of that, and also they are updating their GUI to be able to restore a backup. Before you had to use the CLI, but now you're gonna be able to use the GUI. So so that's nice. Two little updates to Bitcoin core. Do you guys have any opinions about that?
[01:27:40] Unknown:
It'd be interesting to see if people actually use the mini script stuff. It's it's like a powerful tool both for, like, composing a script, but also if you, yeah, like, also interpreting a script. So I I just wonder what like like, taking a script and figuring out, like, what the spending conditions are there. Like, I wonder if, yeah, I wonder if people actually use this. Because, like, you know, BDK has been doing a lot of mini script stuff, and, like, I'm not sure how much how many, like, exotic use cases have been drummed up yet. Like, not really aware of any exotic use cases yet, that that like, that's basically what people use it for right now. Like, mini script is like a extension of descriptors, and it's mostly used as a backup format right now, which is useful, but it's not, it's it wasn't the, like, the original intention. The original intention was to be able to produce wallets that had more, more complex spending conditions.
[01:28:42] Unknown:
Yeah. I mean, you know, the output descriptors for multisig is very useful. You know, it does help with a lot of the the the the backup especially. I think the mini script stuff is really gonna shine once you get into Schnorr and all that stuff and very complex, scripts.
[01:29:05] Unknown:
Wait. Is it true here that you couldn't restore a Bitcoin core backup from the GUI until now? Yep.
[01:29:14] Unknown:
Yep.
[01:29:15] Unknown:
Wow. That just goes to show how early we are still.
[01:29:20] Unknown:
No. I mean no. The problem is, like you know, technically speaking, unless you are a developer, you should not be using Bitcoin Core as your wallet. You really shouldn't. It was not like I mean, you know, it it's it's a product of its time. It's a product of its sort of, like, intent at the time, but, you know, there's a reason why Electrum came right after that. You know, I mean, and got, like, huge market share. You know, one thing that people may not know is that the name Bitcoin Core came really from Gavin, who was, was going to split I don't know if it was his idea. I can't remember whose idea was at the time, but there's always been this this intent to split the consensus, the the all the Bitcoin logic stuff from the web GUI, right? And that essentially never happened. And there is many reasons why that shouldn't happen either, just because it's gonna cause a cluster fuck and just simply don't use Bitcoin Core as a wallet.
But if you're trying to validate some more complex stuff you're trying to do, maybe having the funds on Bitcoin Core is not a bad idea either. So I'd say the Bitcoin Core Wallet should only be used by devs. Everybody else should just use some other wallet. It it in my view, it's actually unsafe just because not because the code quality is not amazing, but just because the the UX of it, and its particularities are are unsafe for the average user.
[01:31:00] Unknown:
I'm I mean, a good example of this is one thing that I noticed. I'm not sure if it changed, but I noticed this, like, 5 months ago. Like, the standard for showing fee rate in the Bitcoin ecosystem has pretty much coalesced on sats per byte. But Bitcoin core GUI, defaulted to bits per kilobyte, which is just confusing. Yeah.
[01:31:26] Unknown:
Exactly. It's like the the problem with it's the UX of it really is the the the the very, very last mile of the GUI there is is not meant for average people, if we're like. Alright. Next is Bitcoin Treasury's update. It was a small update. Elon has Lettuce Hands. I don't have a lot of commentary on this, but I just wanted to point it out that we have updated the bitcoin treasuries.net website. And now it reflects Tesla reflects its, its capacity of holding bitcoin with, 2 emojis. I highly recommend checking those emojis out. Next here is Bitcoin Meshnets, an article By the way, have you noticed
[01:32:24] Unknown:
have you have you noticed a lot of selling from the miners recently?
[01:32:31] Unknown:
I think they stopped. I think the like, some of the biggest ones, were over leveraged, so they they dumped to deleveraged to deleverage, and I think it stopped. I was talking to a a minor friend who has a a sizable mine, and he told me that because he had a nice strong cash position, he's been buying a lot of small miners out, for cheap. So he's having a great ball of a time. Hi, Marshall.
[01:33:05] Unknown:
I mean, we we see we see that every cycle where where during the bear markets, miners consolidate and only the strong survive. I will say that this cycle has been a little bit more extreme because we have not seen, the kind of leverage at play on the minor side as we have this cycle. This cycle was was completely dominated by specifically American based miners that were able to get cheap debt to buy more miners, and a lot of times that debt was collateralized by ASICs themselves. So the machines were the collateral, which we've never really seen before in previous cycles.
[01:33:42] Unknown:
You know, generally speaking, this cycle was the first cycle that there were mature Bitcoin back lending, generally speaking, right, and I think a lot of Bitcoiners got caught off guard with their margins. I think people learn how to handle, margins and leverage a little better. Not that I don't believe most people were seeking leverage for leverage sake. I think people were just sort of trying to find ways to not sell Bitcoin and find fiat. Cost of capital was very low last year, so the interest rates were very low for this Bitcoin backed loans as well, and a lot of those went to miners, on top of the ASIC backed my backed loans as well. But that's all part of the same bundle of, extremely low collateral, capital cost, that that has sort of, like, increased substantially in the last few months.
You know, I I think the space is sort of like learning the lessons as it goes. Right? I mean, it's it's not easy to break new ground, especially in economics. It's not it's not easy for people to learn how to to manage, these extremely volatile savings accounts that they have, which is Bitcoin. It takes time and it takes some mistakes, but, people will, people will figure it out. You know, running a Bitcoin company, running a mining company, so essentially Bitcoin company, it's the equivalent of having a directional trade. That means, you know, when things go good, you do extra good, and when thing goes bad, you go extra bad.
That is that is the biggest issue with having a directional trade. Right? So if you, if you're earning bitcoin and you also sell things for Bitcoin, I mean, you're double fucked when the Bitcoin price goes down and you do, you know, incredibly well when the price goes up. So trying to find a balance of a USD cash position or or how you hedge that is not easy. And small businesses are also not, you know, they're just simply not sophisticated enough to the trading, and they shouldn't be. Right? Or or to to figure out just how to to to hedge things even if it's not directly trading. It's not an easy problem, and it's a problem that every single Bitcoin company will have.
Alright. So the the Bitcoin mesh nets article by Lola. Matt, I imagine, you probably seen this one.
[01:36:32] Unknown:
Yeah. It was believe it was in the print magazine as well. That's right. The print magazine, by the way, this this month has, this quarter, their quarterly magazines is absolutely phenomenal. It's called the censorship resistant up, edition, and, the Canadian truckers are on the front, This is really good to see.
[01:36:56] Unknown:
Yeah. So, I mean, Bitcoin Magazine has been killing it with being Bitcoin only with the right ethos in the last sort of couple years now. Right? I mean, they really turned the magazine around. Props to to David Bailey and, CK and and all the folks there. They they've been a power of good in the Bitcoin space, I I gotta say. So yeah. So they're running a conference in, in Amsterdam. Go buy tickets. I'm sure they would appreciate, ticket sales. It's b.tc/it'sb.tc/conference,
[01:37:32] Unknown:
if you wanna buy tickets. But just go back to Lola's, piece. It's not it's not just a theoretical piece. Her and the RGB folks have been working in Ukraine to get mesh nets up because, the Russians have cut a lot of their Internet over there. And and the general premise of mesh nets is a super promising premise, which is this idea that you have distributed nodes that are communicating directly with each other, to set up basically these ad hoc networks that don't require, existing Internet infrastructure. And then if one of them is able to connect out to the the global Internet, whether that's through a hard line or something like Starlink, then the whole mesh net, also has that Internet access through that, gateway.
[01:38:22] Unknown:
So, here's an interesting thing that most people may not know. With standard power Wi Fi with a directional antenna that you could go and buy or build it yourself, you can get almost 10 kilometers in line of sight, with decent bandwidth, and and, reliability. So, Wi Fi itself as is, is available in every device and is extremely powerful, if you just sort of use it in the right way. Meshnets themselves, are not an easy problem, finding that that doing the packet redirecting and management is not a simple problem. Is also one of those projects that because there isn't, or at least till now, maybe coming soon there will be, but there just isn't enough, economic incentive for somebody to go and build out.
All the solutions are not easy solutions, and and then you bump into state actor problems based on licensing for the radios, even for Wi Fi. If you you know, the way licensing works in most, western world is, it's type approved. So that means when you create a a radio device, that device is licensed for that specific purpose, at that specific power, at that specific everything. And if you change just a single parameter on it or you tweak the antenna or whatever, the license is lost. Right? So it's very difficult for a professional manufacturer, to sell a device that is that goes against what the state wants, really.
And that's for many reasons, good and bad. Right? Like, radio is kind of a a common good. Let's put it this way. The the the spectrum is freely available in the universe, a a dickhead with a a a an amp, completely disturbing, everybody else's transmission. Right? So it's complicated that way. That's why they're so hardcore about Spectrum as well. And then there is all the issues of monopolies and blah blah blah. But my point, generally speaking on this, is just that, it's gonna be hard for you to see meshnet quality professional radio solutions out in the market that don't require, at a minimum, a ham radio license just because manufacturers don't wanna go to jail.
But, but I have I have a good sort of optimism in the fact that you will see better home brew solutions that are very, very
[01:41:11] Unknown:
usable in a in a situation in which you need it. Well, I mean, you don't really have that issue in failed states or war zones, which Well, you do because the manufacturers are not creating that amazing plug and play solution. Right. Right. Right. Of course. Yeah. That makes sense. But And then it's not out of the box. Exactly. You're building it yourself for the most part.
[01:41:35] Unknown:
Yeah. And then when you go below 30 megahertz where stuff gets lower bandwidth but way more interesting distance and power wise, then it's internationally, managed by ITU. So for example, you know, one thing that I'd love Bitcoiners to do in the next bull cycle is go to failed states, and buy their AM, stations, that are licensed for that country or whatever, and then just broadcast blocks. And then, maybe even we we find a way of getting, an AM station in North America that can do that with the correct license. Right? You would find a lot a lot of, interesting things possible that way because if you are broadcasting on AM, on an AM band, for example, you could have a device that costs, say, like, maybe $3, $5 receiving blocks with minimum power.
And, and then that's it, really. I mean, like, you're really at next level decentralization.
[01:42:44] Unknown:
But everything in time, and and I find that this kind of things only come when the screws really get twisted in, in developing world. Well, m v you may not see. M v k. I mean, you have a lot of knowledge on this topic. You have a successful Bitcoin business, and you live in a failed state. So I look forward to the CoinKite radio tower.
[01:43:05] Unknown:
Canada is becoming a failed state, isn't it? So so, you know, I am I am set up for for HF here. I can I can definitely broadcast my blocks if I need to? And, the law on Ham Radio is very clear. In an emergency. I mean, technically you are entitled to do it if that would save somebody's life. And, we are working on a radio, but that would not be for Bitcoin. That would be for general purpose digital use, and, that that could be interesting as well. Yeah. I mean, Fedimint should look into doing some of that stuff because you guys are gonna go straight to, to 3rd world. Right? So maybe maybe you guys find a country that's friendly towards that and you can do the development there.
[01:44:04] Unknown:
Right. An interesting thought. An interesting thought. Yeah.
[01:44:08] Unknown:
Exactly. Gloria Zhao added as a Bitcoin core maintainer, I just felt like we should just mention it. She now has commit access to a Bitcoin repo. Reminder everybody, Bitcoin core is not Bitcoin, it's just a group of people who tend to be accepted as the main implementation. There is no formal process for picking who's the next person, probably a good thing too because if you have a proper process it means people have a proper loophole. So I like I like that this thing is messy, and it should stay messy for a little longer. And then eventually I'm sure we'll come up with some
[01:44:53] Unknown:
some method I think madness to making people. I think I disagree with that. I mean, I do agree with the fact that Bitcoin Core is not Bitcoin, and the the number one thing Bitcoiners have on our side is we do not have auto updates. So, ultimately, it's up to you whether or not you update, Bitcoin that you are running on your on your computers and on your nodes. But and and I I will say that Gloria is just absolutely awesome. She's a great person. She has a really good understanding of Bitcoin, and she's just I have I have a ton of respect for her. So I I think she's a great great choice here, to to jump into that maintainer role.
But I I will say that where I disagree with you is it'd be nice if there was a little bit more, I don't know, objectivity or transparency in in the selection process. It was kinda like, Peter Peter stepped down, and then within, like, the same day, it was like, okay. Gloria's in. Bam. Bam. Bam. Yeah. And, like, you know what happened in, like, private chats were was where they were discussing it. Exactly. Everything happens in private. Right? But
[01:46:01] Unknown:
but, you know, like, I see this more as a quality defense because I think if this was open, people would start, like, you know, like an unwanted sort of war over this for no reason, where just simply snuffing things off and just like, hey, well, here's a new contributor. It makes it unimportant and being unimportant is a feature, it's a nice defense.
[01:46:34] Unknown:
Justin, I'm curious on your opinion on this.
[01:46:37] Unknown:
Yeah. Go ahead, Justin.
[01:46:40] Unknown:
I mean, there was a bit of a process. You do have, you know, you're proposed as a contributor, and then people can act it or knack it like anything else. And, I know in Gloria's case, there was there was at least one NAC that I saw, but it was largely, you know, positive. You know, and there every once in a while, there's a MAC. MAC just means, like, no. MAC means yes. There's there was, you know, almost everybody was okay with it who was, like, an actual contributor. So there is a bit you know, there's a at least there there's, like, a sort of a confirmation process where, like, if if somebody in a in a chat got proposed that, you know, wouldn't be popular with the people contributing to the project, where the where the contribution disagree with it, that just wouldn't, they wouldn't get, like, kinda confirmed, so to speak.
[01:47:30] Unknown:
Yeah. I I you know, I it's such a tankless job that it'll probably be hard to find somebody who wants to do it to begin with.
[01:47:46] Unknown:
And quick news It is a getting to know so many people over the years, you you realize a lot of you people are. Yeah. It is a very painful job.
[01:47:58] Unknown:
It's an understatement, right, how brutal it is. So congrats Gloria. And now the well, I have some links there to the to the OphTech, newsletters. I highly recommend people, subscribe to them. They have way more meat than this podcast. And, I I'm still not capable of looking at the Bitcoin dev mailing list because the long term block reward discussion is an absolute no. And, oh, it was pretty funny. Maxwell, Greg Maxwell did write a big piece on the I don't think he ever wrote anything small, but, you know, like a nice wall of text, about the the tail the tail emissions on the Bitcoin talk. If you're new to Bitcoin, you may not know that Bitcoin talk is where is a PHPBB forum where, everything Bitcoin was talked back in the day, and it's still being used by many who are into that format of discussion.
And you'll find many, fun nuggets by, Maxwell there. So he recently decided to to tear at Todd's suggestion. Remember when we paid
[01:49:31] Unknown:
Themos a shit ton of money, to to create a new Bitcoin talk for him, and he decided he was gonna make a completely new forum stack, and then we're still on the same Bitcoin talk that we've had for the last
[01:49:44] Unknown:
12 years, 10 years, or whatever? I was I was not a contributor, but I've heard that, Teamazoo still released the new forums. How can I do now? 2 weeks. 2 weeks. And I heard that they're partnering up with, BFL and Obelisk to deliver the miners.
[01:50:03] Unknown:
Well, needless to say I mean, I don't know if it's needless to say, but I never I never donated any Bitcoin to that, Bitcoin talk fund, but a lot of people did. There was a lot of Bitcoin in there.
[01:50:13] Unknown:
It was about, was it 4,000, 10000 Bitcoin? Insane. Well, at the time, it was not that much money, but still. Can't build new forum software.
[01:50:23] Unknown:
That, what are you gonna fucking do?
[01:50:26] Unknown:
And then I think they had a demo using Discord. Anyways
[01:50:33] Unknown:
alright. So the next part here is the next and get into the forum building business.
[01:50:38] Unknown:
Yeah. Okay. So I was going to talk about the the hiring part after the noteworthy, but we already mentioned that FETI and Coinkite are hiring some people. But there is more Bitcoin companies hiring a lot of people, and these are great companies to work for. There is this great place to look for Bitcoin jobs, which is bitcoinerjobs.com. I think it's worth filling their website. They don't charge for people to list jobs, and, there's a lot of great positions there and fun companies to work for. So if you wanna if you wanna work for people, if you're looking for a job, if you're looking to get out of your shitty job or your great job for a shitty job, check out bitcoinerjobs.com.
They don't pay me for this ad. Alright. Bitcoin events. Matt was sending me a list of a bunch of Bitcoin Park Nashville events. Do you wanna mention some of them, Matt? Yeah. So, I mean, we have a big August at Bitcoin Park,
[01:51:42] Unknown:
our Bitcoin and community focused campus in Nashville. In August, we have, our meetup, which is focused on digital footprint and privacy is on August 10th. Right before that so that's open to the public. You can find all these events at nash bitcoiners.com. And then right before that, we have a builders in Bitcoin workshop, which is focused on different projects in the Bitcoin space. Basically, do demos for a smaller group of people. The following day, we have a digital identity workshop, on August 11th. And then we have Rockstar has decided, prolific Bitcoin developer, a contributor to BTC pay server, and one of the leads at strike, rock star dev, has decided he's gonna kill his NIM.
So he's having a funeral at Bitcoin Park on Saturday, August 13th. A lot of people are flying in for that. And then this one is farther off, in the distance, but I wanna put on everyone's radar. We are doing the Nashville Energy and Mining Summit on January 12th, to start off the new year. We've had 2 previous meetups that were focused on mining that we've had over 250 people. Very strong people in the mining community and the energy community come from around the world to attend, so we're gonna do a bigger event, in January that is a 2 day event.
[01:53:14] Unknown:
Very cool.
[01:53:16] Unknown:
I wanted to plug in, TabConf. Michael, does a great job with this conference. It's a more technical conference, that is friendly to people that are not technical, which is kinda cool. He is looking for more sponsors. This is a a product of passion. It's not like a big commercial enterprise sort of running it. So if you're a Bitcoin company that have some bucks to spare, do, go and sponsor TabConf.
[01:53:47] Unknown:
Bitblock Boom is happening Before you go to Bitblock Boom, Tab Conf is awesome. That's tabconf.com, and that stands for the Atlanta Bitcoin Conference that's happening in October. It's at Great conference. Yeah.
[01:54:01] Unknown:
Tabc0nf.com. So, yeah, I wish I could attend, but the timing is not gonna it's not gonna work for me. But we are we are helping them with sponsorship. And, so yeah. So Bitblock Boom is happening next month in August. So, that is that is an awesome, awesome conference. Highly recommend people go. And, what else what else is happening anytime soon for for events?
[01:54:35] Unknown:
Riga. Riga. Riga.
[01:54:37] Unknown:
Yeah. There is Riga, but that's that's later in the year. Right? No. No. Riga is before all these events except the
[01:54:44] Unknown:
the national events. It's September 4th through 6th, I think, or something like that. September 3rd through 5th. There you go. Latvia. Beautiful city. Great people. Everyone speaks English. Super cheap. Awesome conference. Really great conference run by the Huddl Huddl guys. I think that's, baltichoneybadger.com. I just if you duck duck go or Google or whatever, Baltic Honey Badger, it'll come up. I think we have a link on the previous episode notes as well.
[01:55:14] Unknown:
Yeah. That's I I mean, the the the bit devs, meetups, and all the other meetups are picking up a lot now. They're doing a very good job at sort of advertising themselves, so I don't have a list of them here. If you are a meet up organizer and you want us to mention your show sorry, your show, your event, just, just just please let me know. You know? Go to bitcoin dot review, and submit your event story or whatever, or go to the Telegram that you created for this and let us know there or email me, whatever. Just do let us know so we can mention it, because like there's a lot of people out there that don't know how to find these things.
Yeah. So with that, I think we've, successfully read the list. I think we successfully did it boringly, but I think, I think we've reached we've reached the point of the show now where, we say our goodbyes unless you guys have any other updates that I may have missed.
[01:56:29] Unknown:
I got nothing.
[01:56:31] Unknown:
Perfect. I'll work on my Internet connection for next for next time.
[01:56:35] Unknown:
There you go. With, with that, I, I say goodbye.
[01:56:41] Unknown:
Oh, actually, I do have something. Yeah. Go ahead. Sorry, NVK. Sorry, listeners. Sorry, Justin. I spent the last weekend, in Crawford, Colorado at a Bitcorners family ranch. His name is Jason Reich. That was for the beef initiative, beef initiative dot com. It was a really special experience. Him and his family treated us like family, hosted us on their ranch. There was about a 100 of us. We talked about ranching. We talked about food. We talked about child raising. We talked about Bitcoin. We talked about proof of work. It was just a fantastic experience. They're gonna have another event in Georgia at White Oak Pastures, in September. That's coming up.
But in general, this is a really great initiative, that Bitcoiners should pay attention to. I think, the topics are broad, but they're intimately aligned, with each other in in terms of of the new world we're trying to empower or make possible. So shout out to everyone who was involved with that. It was a really truly humbling experience, and I just wanna say that I did a Bitcoin 101. In 15 minutes, I onboarded, 50 ranchers, which was a pretty, impressive feat.
[01:58:08] Unknown:
Very cool. I saw a lot of the the, like, some buzz about it on on Twitter and stuff, and it seems like, people were having a great time there. Alright. So I think, I think we've covered, we we did good. I think the last episode was about 2 weeks ago. So, maybe maybe we do this in another couple weeks depending on the on the volume of stuff. I wanted to I did a little bit early instead of 3 weeks because there was there was enough stuff, and I wanted us to be able to give enough time for for each thing. Thank you so much for for you guys helping with this. It's a pleasure having you guys as guests, and, for anywhere else, thanks for listening.
[01:58:59] Unknown:
Thanks, MBK. Always a pleasure. I'll see you all next time we record. Cheers.
[01:59:07] Unknown:
See you next time.
[01:59:12] Unknown:
Alright.
Introduction and technical difficulties
Twitter data breach and the importance of privacy
Blue Wallet's transaction data and paywalls to fight spam
Coldcard updates and improvements
Seed Tool and its features
Tor Browser updates and improvements
JoinMarket and its use cases
Bitcoin Binary and its reproducible builds
Funding for Fidelity
Venture funding for Fediments
Importance of companies in open source projects
P2P communication project by Bitfinex and Tether
Border Wallets for memorizing seeds
VLS signing device for Lightning
Bitcoin Core updates
Bitcoin Treasury updates
Bitcoin Meshnets
The challenges of earning and selling Bitcoin
Bitcoin Magazine's impact in the Bitcoin space
The concept and potential of mesh nets
