Subscribe to our weekly newsletter

Get the latest updates on the community, upcoming topics, and new discussions in your inbox every week.

Summary

Dr. Craig S. Wrong introduced Swift Bitcoin, a project aimed at deepening the understanding of Bitcoin's mechanics through Swift programming, including improvements like elliptic curve cryptography and transaction verification features. The project, detailed on GitHub and its website, emphasizes data race safety through actors and non-blocking operations with SwiftNIO, aiming for broad applicability including on Linux and potential suitability for embedded systems.

Niklas Goegge highlighted critical security vulnerabilities in Bitcoin Core versions prior to 25.0, documenting their impact and the project's adoption of a new vulnerability disclosure policy to enhance security measures. The vulnerabilities and policy details can be found through links provided, with future disclosures planned to further secure the ecosystem against threats (Security Advisories).

AdamISZ/waxwing explored the potential of adaptor signatures to enable on-chain verification of statements beyond traditional limitations, proposing a protocol for verifying discrete logarithm equality statements. This exploration, available at Reyify, signifies a step towards expanding cryptographic protocols' application and understanding.

MishaKomarov introduced Bitcoin PIPEs, an innovative approach to implementing covenants on Bitcoin without a soft fork, enhancing scalability, performance, and transaction flexibility. This development paves the way for advanced financial applications by allowing complex transaction rules and the native verification of Zero-Knowledge Proofs without altering the core protocol, as detailed in the introduction.

Finally, the discovery of a significant flaw in Btcd software versions prior to 0.24.2 by Niklas Gögge and Antoine Poinsot emphasizes the importance of adherence to consensus rules, with their findings leading to a corrective release. This incident highlights the collaborative effort within the community to maintain security and integrity, as documented in the public disclosure.

New posts

October 10, 2024 12:56 UTC

delvingbitcoin

Bitcoin Inquisition 28.0
  • Bitcoin Inquisition 28.0 introduces TRUC, anchor relay, and full replace by fee.
  • It incorporates BIP 119, BIP 118's SIGHASH_ANYPREVOUT, and BIP 347's OP_CAT.
  • Transactions need supportive nodes, connect via `addnode=inquisition.bitcoin-signet.net` for mining.

October 10, 2024 09:02 UTC

delvingbitcoin

CVE-2024-38365 public disclosure (btcd `FindAndDelete` bug)

4 replies

  • Niklas Gögge and Antoine Poinsot discovered a critical flaw in Btcd versions before 0.24.2.
  • Their findings led to a bug bounty award, addressing a deviation in signature verification rules.
  • A covert fix was released in version 0.24.2 after CVE identifiers were reserved and disclosed.

October 9, 2024 19:30 UTC

bitcoin-dev

Public disclosure of three vulnerabilities affecting Bitcoin Core <v25.0
  • Significant security flaws were found in Bitcoin Core versions before 25.0.
  • A new disclosure policy for vulnerabilities enhances the Bitcoin Core community's security.
  • Future communications will disclose any vulnerabilities in versions before 26.0.

October 9, 2024 16:32 UTC

bitcoin-dev

Adaptor generalisation
  • The blog analyzes the expansion of adaptor signatures beyond their traditional scope.
  • It introduces a protocol enabling verification of a discrete logarithm equality via signatures.
  • The discussion moves from theoretical explorations to practical applications in transaction verification.

October 7, 2024 20:25 UTC

delvingbitcoin

Bitcoin PIPEs: Introducting Covenants without Soft Forks
  • Bitcoin PIPEs enable covenants on Bitcoin, allowing advanced spending rules without a soft fork.
  • PIPEs use cryptographic methods to emulate missing opcodes, enhancing Bitcoin's scalability and performance.
  • This innovation maintains Bitcoin's simplicity and security, offering advanced transaction capabilities and trustless operations.

October 7, 2024 12:16 UTC

bitcoin-dev

Pure Swift Bitcoin Protocol implementation (largely experimental)
  • Swift Bitcoin is a deep-dive project into Bitcoin by using Swift for various Bitcoin Improvement Proposals.
  • The project features Swift APIs for cryptography, transactions, and more, aiming for data race safety and non-blocking operations.
  • It encourages open contributions, especially in protocol development, aiming for broad applicability and educational value.

Ongoing Discussions

October 11, 2024 20:17 UTC

delvingbitcoin

Modeling (Social) Consensus About (Cryptographic) Consensus Change

3 replies

  • The email questions the effectiveness of current models in technological consensus.
  • It argues disagreements are not based on the newcomers' resistance to change.
  • It suggests reevaluating the real reasons behind stalled progress and consensus issues.

October 11, 2024 15:01 UTC

bitcoin-dev

Demonstrating Pinning Attacks under Real-World Conditions

5 replies

  • The email suggests creating a guide for volunteers setting up new project nodes.
  • It questions the specifics for node setup, like required channel amounts and types.
  • It highlights the need for clear guidelines due to the sender's limited technical knowledge.

October 10, 2024 22:36 UTC

delvingbitcoin

Unspendable keys in descriptors

25 replies

  • Not using hashing in chain codes and XPUBs creates security vulnerabilities.
  • Employing a dummy XPUB as a strategy to protect genuine data is debatable in effectiveness.
  • Operational transparency differences in protection methods impact susceptibility to malicious manipulation.

October 9, 2024 06:24 UTC

delvingbitcoin

Non-disclosure of a consensus bug in btcd

6 replies

  • Debate exists over timing for revealing software security flaws, notably in Bitcoin Core.
  • Google's Project Zero advocates a structured 90-day disclosure period, unlike Bitcoin Core's approach.
  • The open-source community grapples with balancing immediate transparency and user protection in disclosures.

October 7, 2024 18:44 UTC

delvingbitcoin

SuperScalar: Laddered Timeout-Tree-Structured Decker-Wattenhofer Factories

30 replies

  • The Decker-Wattenhofer delays extend HTLC locktimes in the Lightning Network due to `nSequence`.
  • Zero-fee commitment transactions with a P2A output for fee-bumping were adopted at a summit.
  • An asymmetric onchain fee scheme was proposed to align costs with clients' financial capacities.