BR090 - COLDCARD, BullBitcoin, Bitcoin Safe, miningpool-observer, Zero Fee/P2PK Playgrounds, Tangem Private Keys Exposed, Proton Wallet Vuln, Signatures Explained, "Not Enough UTXOs!" + MORE ft. Rob
Update: 2025-01-03
Description
I'm joined by guest Rob Hamilton to go through the list.
Housekeeping
(00:01:37 ) Verify-address over NFC using a Coldcard Q and BDK iOS example wallet
Vulnerability Disclosures
(00:18:57 ) New fake Ledger data breach emails try to steal crypto wallets
(00:20:51 ) Cryptocurrency hardware wallet Tangem fixes app bug
(00:26:03 ) Irrevocable fees—stealing from LN using revoked commitment transactions
(00:27:13 ) Zellic identified a vulnerability in Proton Wallet's preview version
Bitcoin
• Software Releases & Project Updates
(00:28:29 ) Coldcard Edge
(00:33:00 ) BLOCKCLOCK
(00:33:36 ) BDK
(00:33:50 ) Nunchuk
(00:34:19 ) BullBitcoin Mobile
(00:36:59 ) Bitcoin Keeper
(00:37:21 ) Electrs
(00:39:20 ) BTCPayServer
(00:39:36 ) rust-payjoin
(00:39:45 ) Krux installer
(00:39:55 ) Frostsnap
(00:40:42 ) Bitcoin Safe
(00:42:03 ) Blockstream Satellite
(00:42:28 ) Raspiblitz
(00:42:39 ) Ashigaru
(00:45:02 ) BoltzExchange
(00:45:04 ) Mempal
(00:45:11 ) Zaprite
(00:45:13 ) ESP-Miner
• Project Spotlight
(00:45:18 ) Satoshi
(00:45:28 ) Joinstr
(00:45:33 ) miningpool-observer
(00:46:51 ) Dojo Bay
(00:46:56 ) Nightly Bitcoin Core Tests
(00:47:04 ) Nigiri
(00:47:15 ) Run Litd
(00:47:28 ) bllsh
(00:48:05 ) Btceed
(00:48:12 ) Zero Fee Playground
(00:49:17 ) P2PK Playground
(00:50:51 ) Bitcoin Testnet4 Faucet
(00:50:58 ) Hashteroids
(00:51:07 ) Community Hub by My First Bitcoin
Major/Urgent Vulnerability Disclosures
(00:51:39 ) Oasis discovers a critical flaw in Microsoft's Multi-Factor Authentication system
(00:51:53 ) Five dollar wrench attacks
(00:52:40 ) Two men fall victim to phishing scams, in May 2024
(00:55:28 ) Apache MINA's CVE-2024-52046 flaw
(00:55:37 ) WPA3 vulnerability
(00:56:07 ) Hackers compromise 16 Chrome extensions
(00:56:54 ) Symlink exploit
Audience Questions
(00:57:32 ) Can you explain how signatures work for spending Bitcoin?
(01:01:04 ) When people say "there's not enough UTXOs for everyone to have one". How do you quantify that?
(01:06:20 ) I have a legacy address that starts with 1 wirh some BTC Should I be worried about CC?
(01:07:16 ) Why should anyone, except maybe millionaires, self custody?
(01:10:20 ) If BTC must be essentially be held in custody, then why use BTC over gold?
Boosts
(01:13:47 ) Shoutout to top boosters @Ape Mithrandir, @shadowysuperbadger, @user40113771, @btconboard, @Leurico8 & @Juan.
News & Noteworthy
• Encryption
(01:16:45 ) NIST proposes to standardize wider variant of AES
• Funding
(01:17:40 ) OpenSats Ninth Wave of Nostr Grants
(01:17:47 ) Spiral renews its grant to BTCPayServer
(01:17:49 ) HFR donates 7 bitcoin to fund Bitcoin development and projects
(01:17:53 ) Btrust its Q4 2024 Btrust grant recipients
• Mining
(01:18:12 ) GreenpeaceUSA's campaign to modify Bitcoin's proof-of-work likely ended
• Privacy
(01:18:29 ) Samourai Wallet pretrial hearing postponed to March 12, 2025
(01:19:59 ) Russian government directs ISPs to identify users accessing blocked content via VPNs
• Government & Political
(01:20:14 ) Craig Wright is handed a one-year suspended sentence in the UK
Links & Contacts:
Website: https://bitcoin.review/
Substack: https://substack.bitcoin.review/
Twitter: https://twitter.com/bitcoinreviewhq
NVK Twitter: https://twitter.com/nvk
Telegram: https://t.me/BitcoinReviewPod
Email: producer@coinkite.com
Nostr & LN: ⚡nvk@nvk.org (not an email!)
Full show notes: https://bitcoin.review/podcast/episode-90
Housekeeping
(00:01:37 ) Verify-address over NFC using a Coldcard Q and BDK iOS example wallet
Vulnerability Disclosures
(00:18:57 ) New fake Ledger data breach emails try to steal crypto wallets
(00:20:51 ) Cryptocurrency hardware wallet Tangem fixes app bug
(00:26:03 ) Irrevocable fees—stealing from LN using revoked commitment transactions
(00:27:13 ) Zellic identified a vulnerability in Proton Wallet's preview version
Bitcoin
• Software Releases & Project Updates
(00:28:29 ) Coldcard Edge
(00:33:00 ) BLOCKCLOCK
(00:33:36 ) BDK
(00:33:50 ) Nunchuk
(00:34:19 ) BullBitcoin Mobile
(00:36:59 ) Bitcoin Keeper
(00:37:21 ) Electrs
(00:39:20 ) BTCPayServer
(00:39:36 ) rust-payjoin
(00:39:45 ) Krux installer
(00:39:55 ) Frostsnap
(00:40:42 ) Bitcoin Safe
(00:42:03 ) Blockstream Satellite
(00:42:28 ) Raspiblitz
(00:42:39 ) Ashigaru
(00:45:02 ) BoltzExchange
(00:45:04 ) Mempal
(00:45:11 ) Zaprite
(00:45:13 ) ESP-Miner
• Project Spotlight
(00:45:18 ) Satoshi
(00:45:28 ) Joinstr
(00:45:33 ) miningpool-observer
(00:46:51 ) Dojo Bay
(00:46:56 ) Nightly Bitcoin Core Tests
(00:47:04 ) Nigiri
(00:47:15 ) Run Litd
(00:47:28 ) bllsh
(00:48:05 ) Btceed
(00:48:12 ) Zero Fee Playground
(00:49:17 ) P2PK Playground
(00:50:51 ) Bitcoin Testnet4 Faucet
(00:50:58 ) Hashteroids
(00:51:07 ) Community Hub by My First Bitcoin
Major/Urgent Vulnerability Disclosures
(00:51:39 ) Oasis discovers a critical flaw in Microsoft's Multi-Factor Authentication system
(00:51:53 ) Five dollar wrench attacks
(00:52:40 ) Two men fall victim to phishing scams, in May 2024
(00:55:28 ) Apache MINA's CVE-2024-52046 flaw
(00:55:37 ) WPA3 vulnerability
(00:56:07 ) Hackers compromise 16 Chrome extensions
(00:56:54 ) Symlink exploit
Audience Questions
(00:57:32 ) Can you explain how signatures work for spending Bitcoin?
(01:01:04 ) When people say "there's not enough UTXOs for everyone to have one". How do you quantify that?
(01:06:20 ) I have a legacy address that starts with 1 wirh some BTC Should I be worried about CC?
(01:07:16 ) Why should anyone, except maybe millionaires, self custody?
(01:10:20 ) If BTC must be essentially be held in custody, then why use BTC over gold?
Boosts
(01:13:47 ) Shoutout to top boosters @Ape Mithrandir, @shadowysuperbadger, @user40113771, @btconboard, @Leurico8 & @Juan.
News & Noteworthy
• Encryption
(01:16:45 ) NIST proposes to standardize wider variant of AES
• Funding
(01:17:40 ) OpenSats Ninth Wave of Nostr Grants
(01:17:47 ) Spiral renews its grant to BTCPayServer
(01:17:49 ) HFR donates 7 bitcoin to fund Bitcoin development and projects
(01:17:53 ) Btrust its Q4 2024 Btrust grant recipients
• Mining
(01:18:12 ) GreenpeaceUSA's campaign to modify Bitcoin's proof-of-work likely ended
• Privacy
(01:18:29 ) Samourai Wallet pretrial hearing postponed to March 12, 2025
(01:19:59 ) Russian government directs ISPs to identify users accessing blocked content via VPNs
• Government & Political
(01:20:14 ) Craig Wright is handed a one-year suspended sentence in the UK
Links & Contacts:
Website: https://bitcoin.review/
Substack: https://substack.bitcoin.review/
Twitter: https://twitter.com/bitcoinreviewhq
NVK Twitter: https://twitter.com/nvk
Telegram: https://t.me/BitcoinReviewPod
Email: producer@coinkite.com
Nostr & LN: ⚡nvk@nvk.org (not an email!)
Full show notes: https://bitcoin.review/podcast/episode-90
Comments
In Channel
Download from Google Play
Download from App Store
United States00:00
00:00
x
