2024-08-05 19:07:01
by npub185h…wrdp
Hardware Wallets are devices designed to hold bearer assets which can be trivially stolen if you leak the private key(s). There’s many, many people involved in the manufacture of each hardware wallet, each of which might wish to make free money by backdooring the hardware wallet. For every other hardware wallet, you’re blindly trusting Amazon/UPS/five factories in China/the webserver you got the firmware from/etc/etc. Sure, most hardware wallets have tried to be robust against these attacks, but there’s frankly just not that much that can be done.
Wouldn’t it be nice if you didn’t have to trust the device at all, but rather an attacker would have to compromise *both* your hardware wallet and your computer? Well, we’ve had the tech to do this for many, many years! The fact that only two hardware wallets bothered to implement this boggles my mind. It’s impressive incompetence, bordering on maliciousness, honestly. #note1674…l5y4
2024-08-05 18:56:03
by npub185h…wrdp
Stop using hardware wallets that don’t take security seriously (sadly, all of them except Jade and BitBox). This is a novel construction, but the class of attacks is very old.
A laptop purchased in person, immediately installing Linux without ever connecting it to the Internet is a much better way to store coin than hardware wallets. Which, frankly, is just embarrassing incompetence for the hardware wallet industry.
https://darkskippy.com/
2024-07-16 17:38:15
- reply
by npub185h…wrdp
They’re moaning about people having to make sure their site works with TLS? Seems like a weird complaint. My issue is that TLS is an overcomplicated beast of a protocol (okay somewhat better with 1.3, but even still), which is the enemy of security, we have like 100 “roots of trust” in the form of CAs, most of which have a long history of being terrible, it relies on too many pieces of an increasingly huge stack, etc….
2024-05-31 12:42:24
by npub185h…wrdp
If we want ecash to have any hope of working out, we need anonymous mints, but anonymous mints are likely to get stolen. Instead, we need anonymous mints that are operated by one of N well-known and trusted parties. Mint operator(s) should take N public keys known to be from N well-known and trusted persons in the bitcoin space, then create ring sig(s) across those N to reveal that they are one of those N parties, but not which one.
Given many long-timers at one point or another had public donation addresses or some other key that is known to be theirs, this should actually be relatively doable, just don’t put too much money in the mint :)
2024-05-29 13:23:51
- reply
by npub185h…wrdp
Fair enough. I guess I just hope we can get to a place where folks like Mutiny don’t have to ever consider leaving the US. And that means playing the game, both political lobbying (usually not money, to be clear, mostly just outreach, but also direct ad buys, etc) and using the courts to push back on overreach. I’m sadly not sure what other approach exists given the state will use force to get their way.
2024-05-10 19:22:06
- reply
by npub185h…wrdp
I dunno, which is the hard thing. We need (a) decentralized coinjoin in many wallets, but the protocol for that has to exist, (b) PayJoin/silent addresses/etc in many wallets, (c) LSPs for mobile lightning nodes (or many a compelling path to pleb LSPs?), (d) Sv2 adoption from miners and pools, (e) probably more?
All those things feel like uphill battles.
2024-05-03 19:27:37
by npub185h…wrdp
The issues raised by lipa in their post (that LDK is a complicated API and a lot to work with, that RGS had some stability issues, and that LDK’s pathfinding was sub-optimal) are things that were true a year ago, but are also things that have been largely addressed by LDK itself since -
The introduction of ldk-node has made it incredibly easy to get from zero to a full lightning node on a phone in minutes, RGS has seen a lot of debugging and improvements, and LDK’s pathfinding is now by far the most advanced in lightning (but, like with all lightning nodes, you need to be well connected or have sent a lot of payments to have data to use for pathfinding). #note1zsm…a33w
2024-04-29 12:36:09
by npub185h…wrdp
Let’s be clear, if no one steps up and decides to run LSPs because everyone is worried about regulatory concerns, every bitcoin L2 system is toast - every one that has a reasonable security model relies on some kind of centralized or federated party that has similar concerns, even if they can’t seize funds.
Without any L2 systems everyone using bitcoin will simply use custodial platforms because that’s the only way to get reasonable fees and payment latency.
And don’t go yelling at ACINQ for deciding not to operate Phoenix in the US, the software required to run an LSP is open source, with only relatively minimal liquidity allocation logic required to get started. We need new entrants, and that means new companies who think the risk is manageable (I’m confident it is, but I can’t fault anyone for not wanting to take that risk).
If you see someone suggesting ACINQ should just keep running, the correct response is “well why aren’t you running an LSP”.
2024-04-24 19:14:32
- reply
by npub185h…wrdp
lol this is just the Wikipedia fallacy in reverse - “Wikipedia is wrong”, complained the person who doesn’t bother to edit it…”Bitcoin is anti fragile”, exclaimed the person who didn’t lift a finger to pressure miners to change behavior while others did that work.
Bitcoin only survives if you fight for it, miners have no incentive to care, we have to create the incentive, not just me, you too!
2024-04-13 18:13:44
- reply
by npub185h…wrdp
DEMAND is currently the only Sv2 pool. Ocean has said they want to add it eventually, but afaik don’t have a timeline.
But, more generally, go talk to miners! Explain why this is critical for bitcoin, and, thus, their business. Harass them on Twitter, make sure they hear it.
2024-03-14 01:05:34
- reply
by npub185h…wrdp
Huh? The things I mention (except splicing) are broadly available and have been for several years!
In terms of “major improvements”, I’m not really sure what you’re looking for - lighting isn’t going to be rewritten to be a totally different system, liquidity constraints isn’t a solvable problem with lighting, and someone has to pay fees in channel transactions. If you want a fully trusted/custodial system you’re welcome to use one, but I’m not really sure how much different lightning can get. Do you have specific ideas or issues you have in mind here?
In terms of the personal attacks, I’m happy to respond to any specific points or cases you want to discuss but blanket ad hominem isn’t really a thing to respond to (and if you think I’ve told people they’re “wrong” about Lightning’s limitations, I dunno if you’ve been paying attention).
2024-03-13 21:44:55
- reply
by npub185h…wrdp
I strongly disagree. Lightning hasn’t seen a fundamental overhaul, sure, but tons is iterative improvements have been made to address the largest user-facing issues.
Whether it’s better interop and bug fixing to (substantially) reduce spurious force closures, slicing to ensure liquidity fragmentation isn’t an issue, BOLT12 to provide stateless payment instructions and recipient privacy, anchors to address some pinning vulnerabilities and fee spikes preventing payments, etc, there’s been a ton of changes!
In net, spurious force-closures have probably dropped by 5-10x, surprise payment failures by 50% and a ton of other features.
2024-01-15 22:23:26
- reply
by npub185h…wrdp
Dunno, I’m absolutely sure there are some developers who were very rude to Jeremy, there’s a million developers who work on bitcoin in one way or another (though in context at Scaling Bitcoin it may not have been a relevant topic?). The discussion seems to heavily imply that all, most, or core developers are all rude or somehow stonewalling, which I find to be absurd.
2023-11-29 19:17:46
- reply
by npub185h…wrdp
1) not sure how, I mean they can just change the website and remove miners they don’t want to pay and pretend they were never there. Or add some fictitious miners with huge hashrate to siphon money off to themselves.
2) yea, dunno, obviously they’re custodial for smaller miners. I’m dubious “custodial” is the right way to think about a pool. More like “liability” - the pool has some liabilities to their users which build up over time, and the user can withdraw at some points. They aren’t depositing and don’t really hold custody, they just build up liabilities.
2023-09-19 15:09:22
- reply
by npub185h…wrdp
Problem is you have a device that you cannot realistically audit the supply chain of, and which is at incredibly high risk of supply chain attacks. Deterministic nonces are great but they’re not auditable - there’s high risk of the machine telling you its doing a deterministic nonce when it is instead leaking your private key with an attacker-derivable nonce!
The point of deterministic nonces is “include a hash of the private key and message in the nonce so that you know you didn’t screw up”, that’s great, but you can also build on top. The computer driving the hardware wallet can input randomness which the hardware wallet can prove was incorporated into the selected nonce. This allows the device to prove to the computer its not leaking your private key, requiring an attacker to compromise *both* your computer and the device, not just the device!
Hardware wallets that don’t use such a protocol should absolutely be considered, at best, incompetent, maybe malicious.
2023-05-27 05:36:41
- reply
by npub185h…wrdp
Minor point, no ad hominem here, I don’t know nor bother to look up the author and didn’t make any claims relating to the author at all :).
But, indeed, I didn’t back it to because I don’t understand it at all - my point is that the writing here doesn’t make a cohesive argument, I can’t understand what this “algorithm” is nor what it does, and the author doesn’t actually seem to have any conclusion in that respect either (and algorithm isn’t really the right word here anyway). More importantly even if there’s an “algorithm” (aka pattern), there’s plenty of reasons why ID numbers would follow a pattern which are process based rather than nefarious. They talk about skipped numbers in the statewide database but don’t argue what that implies (and it could mean any number of things - partitioning by area, updates causing fresh ids to be issued, etc).
If theres something here, the author is pretty bad at communicating it, and absent an argument I can understand I’m not really motivated to go try to replicate their results…I don’t have time.
2023-05-16 17:00:31
- reply
by npub185h…wrdp
Indeed, there’s definitely a need, but doing it via a remote RPC isnt really a good approach if you want to support noncustodial wallets and we don’t need something so general for a payments platform. We’re not designing a “world computer”, we can build something for payments :).
More generally, use intents! We’re talking about an app talking to another app, there’s a whole suite of APIs built exactly for this purpose.
2023-05-16 16:32:19
- reply
by npub185h…wrdp
But it’s not because you don’t talk directly to the recipient and don’t know if it received your message without an ACK, and only if you also handwave away the “needs to be on the same relay” issue, which isn’t really a trivial problem without a lot of coordination around relay selection, or, more likely, a dedicated proxy run by the wallet vendor….. which you might as well just use directly with HTTP :)
2023-05-01 05:38:25
by npub185h…wrdp
“Don’t ever spend your bitcoin, just HODL” culture is really annoying. We’re trying to build a money, y’all, not a shiny rock you buy and stare at on a shelf!
Sure, most of us don’t have a ton of reason to spend bitcoin, but don’t shit on people who spend it! I guess I don’t have to tell nostriches this much cause y’all love the zaps.
2023-04-27 04:32:49
- reply
by npub185h…wrdp
Yea, fair enough. I suppose I could self host too but (a) would also have to manage macOS and Windows, which is pretty tough, and (b) the LDK build pipelines are huge, so I’d have to have a dedicated machine or two, plus (c) security running code third parties PR’d is really not something I want to think about.
Sadly GitHub just gives us a ton for free that even good OSS can’t replicate, needs lots of manual work to self host.
2023-04-03 15:07:51
- reply
by npub185h…wrdp
I will always miss peak Twitter, but I’m not sure how much demand there is for such a platform today - as long as there are fragmented communities that feel much “friendlier” (because more folks think the same) people will prefer that. Maybe you can emulate that feeling with platform design, but that seems to have tradeoffs that make the virality of peak Twitter impossible/very rare.
I could just be over-indexing on today, but I also think a more decentralized Internet is good, and not just decentralized protocols, but many different platforms and protocols available to people.
(You might argue that there will be many platforms built on nostr, which is far, and insofar as they’re sufficiently siloed I think that would still be my point, even if they share a common backend)
2023-04-03 03:28:10
by npub185h…wrdp
I’m not convinced any single platform will eclipse Twitter at its peak (for intellectual/issues discussions), but I think that’s a good thing.
Forums were always topic focused - you could get together with other folks interested in the same thing as you and chat.
Communities should be communities, not one huge pot where everyone’s shoved together - that’s just a recipe for people to dunk on each other instead of actually sharing ideas. Short posts in social-media-byte-sized takes don’t convince anyone of anything, you need a primed audience and long form posts.
Not having An Algorithm helps - you follow who you want to see and create your own community, but that leaves something lacking - missing a broader narrative.
Reddit tried it with subreddits, but the format wasn’t conducive to great discussion either.
With Telegram (and discord) we’ve seen a return to small communities (via Group Chats, which I’m told are especially popular with The Youths).
nostr/mastodon have strongly self-selected for certain communities, and to some extent those still active on Twitter have as well.
I dunno the future or what to do with it, but there seems to be a real trend towards smaller communities, it means more groupthink but also much more relaxed environment where ideas can be shared with less friction.
2023-04-02 19:09:19
- reply
by npub185h…wrdp
That’s great in theory, and honestly I’m only here because of that, but, again, lots of people don’t, and when there’s things like soft forks being proposed you can’t - the bitcoin user base has to agree. That drove good people away, just telling them “ignore Twitter” isn’t helpful when they’re getting harassed everywhere.
2023-04-02 18:51:05
- reply
by npub185h…wrdp
I think maybe our disagreement here is whether the “Bitcoin puritans” were just “fuck your scams” or more. As loop argued in his recent piece, they seem to be way way more - spending time attacking people who contribute to core for perceived slights, seeking out targets to attack who didn’t do anything related to bitcoin, etc etc. sure, there are reasonable folks who didn’t, but they also accepted plenty of trash under the same banner without batting an eye.
2023-04-02 18:42:01
- reply
by npub185h…wrdp
I’m not even talking about people who think bitcoin is dumb, but people who saw it, thought it was awesome, then just moved on cause it was a waste of their mental health and time.
This doesn’t even consider the bitcoin core contributors who did the same over the years, folks who worked on non-core projects, and the folks who stuck with it but feel unmotivated to even bother proposing important bug-fix soft forks because of drama.
2023-04-02 05:54:00
by npub185h…wrdp
(Allegedly) From the movie Garden State, by Zach Braff:
"You know that point in your life when you realize that the house that you grew up in, isn't really your home anymore? All of the sudden even though you have some place where you can put your stuff, that idea of home is gone.
You'll see when you move out - it just sort of happens one day - and it's gone. And you can never get it back. It's like you get homesick for a place that doesn't exist. I mean, it's like this rite of passage, you know.
You won't have this feeling again until you create a new idea of home for yourself, you know - for your kids, for the family you start, it's like a cycle or something. I miss the idea of it. Maybe that's all family really is.
A group of people who miss the same imaginary place."
2023-03-30 23:44:45
- reply
by npub185h…wrdp
I’m well aware of how they work - they use every iPhone in the country to find lost tags, all privately so that the phone involved doesn’t learn about the tag’s owner.
I really struggle to see a company selling a privacy-first product to consumers as “the problem”. Yes, technologies have uses you may not agree with, this goes double for bitcoin, too, that doesn’t make the technology wrong.
2023-03-04 05:57:24
by npub185h…wrdp
Americans, now that lnurl is getting some adoption, if you host your own lnurl server make sure you're blocking Iranian, Cuban, North Korean, Russian, and Syrian IP addresses so that you don't wittingly accept a payment from users in those countries! Not worth jail time or fines.
Just got around to setting it up on mine, luckily nginx makes it easy.
2023-02-04 17:36:32
by npub185h…wrdp
It’s difficult to correctly state the importance of the Craig Wright case - on one hand the case is absurd, there’s so many good defenses[1] that it doesn’t make sense to contemplate the what-if-we-lose scenario. On the other hand the fact that there’s a lawsuit burning millions of (luckily other people’s - we have generous donors in the form of the Bitcoin Legal Defense Fund) pounds has the potential to drive away contributors (it already has to some extent) from bitcoin core, which is a terrible outcome.
[1] obviously the coins were never his, obviously even Bitcoin developers releasing a fork wouldn’t do anything to change bitcoin to steal coins, but more importantly that remedy isn’t even available in the US (where it’s compelled speech because software is speech) and, more generally the software is converted by the MIT license - the very bedrock of the modern open source software ecosystem is that developers have no liability. Without that, open source (and in fact most) software simply would not exist.
2023-01-24 21:59:12
- reply
by npub185h…wrdp
It’s not just about risk, though - Personally, my job is to reduce the gap between the UX of custodial and non-custodial services, but custodial services will always win.
For those who can afford the cost, custodial is great, but we have to make sure those who can’t aren’t iced out of using popular technologies entirely.
note1q6kaw2z30w97ehju5vteu7vgwzydlqfmt08hmu7kulzs8hmu9ycseq5cgg
2023-01-18 22:52:43
- reply
by npub185h…wrdp
Define “ban” - outright “you cannot accept, hold, or transact in bitcoin” ban? No, sure, not in my lifetime. Not impossible in the EU, but also not likely.
“You may not withdraw from a centralized exchange in amounts over $10k without the recipient also being a centralized, kyc, regulated exchange”, very possible. Not so likely in the us, sure, but very likely in EU.
We’re failing miserably to educate EU policymakers in the way we have US ones.