X (formerly Twitter)

Michael Saylor (@saylor) on X

Yesterday at Bitcoin MENA, I presented my keynote on Digital Capital, Credit, Money, and Banking.

View quoted note →

In the early days of Bitcoin, a mysterious figure known as pirate@40 accumulated a hoard of over 700,000 BTC. He didn't just hold. He bamboozled the world with "First Bitcoin Savings and Trust," a mysterious product generating fantastic yields based on opaque market arbitrage. But the Pirate couldn't be bothered attending to the plebs himself. He eventually set a minimum buy-in of 50 BTC. Nature abhorring a vacuum, venturing entrepreneurs took up the task, creating "pass-throughs" to bundle retail capital for the Trust so the small fish could chase the same impossible returns. In unrelated news, Michael Saylor is now discussing the creation of "digital money", tax-deferred, interest-bearing stablecoins yielding 8% backed by MicroStrategy credit. He notes that "partners" could launch them, as the corporation won't deal with the masses directly. It seems the High Priest of Cyber Hornets now needs his own pass-throughs to channel "digital energy" from global retail. History might not be repeating, but the structural rhyme of a massive central hoard seeking retail liquidity through yield-bearing intermediaries is getting louder.

Attestation is a problem as it forces people to at least also have a non-open phone or soon desktop. How can we increase the number of open system users? Attestation isn't fundamentally bad but with on average one PC per person - your phone - with that PC being your attestation device we have a problem. View quoted note →

So @Viktor doesn't hide it's a bot, insta-replying to all I share and now I saw it's even marked as bot? Is this a custom field Viktor's author came up with or is @noStrudel detecting/recognizing this according to some standard? If the latter, please, please show me it's a bot with some bot icon on the avatar or something.

TIL: Bitcoin is the canary for more serious crypto systems like RSA-1024. If there comes a quantum computer capable of stealing your coins, RSA will still be secure for a year or three. And there is no real canary worth attacking with before attacking the real deal which is Bitcoin. secp160 is considered in reach of today's computers. secp192 protecting 100BTC would be a worthy canary and let us all sleep better. secp224 might be too close to our secp256 as a canary?

What's up with Andreas Schildbach's Bitcoin Wallet? On GitHub it has no issue tracker and on GitLab I just created issue #1 regarding dependency pinning which Schildbach cared a lot about many years ago but I can't find version pinning now?

Q-Day rescue for P2TR or otherwise exposed pubkeys from HD-wallets: Attacker has your private key (via QC), but they lack the BIP32 lineage. Child keys are derived by hashing a Parent xPub. Proposal: Soft-fork to require revealing that Parent xPub to spend. This proves you generated the key via the seed. QC attacks the curve, not the hash derivation. Of course, revealing Parent xPub + Broken Child Key mathematically leaks the Parent Private Key. You must sweep the entire account at that point.

Shout-out to MetaMask! At @WalletScrutiny we don't do shitcoin-only wallets but TIL they developed something any JS developer should know about: LavaMoat! This tool - if it works as advertised - can tame the dependency hell people think of when they hear JS and npm. LavaMoat can ensure that every library has only access to features it is supposed to access. If the math library tries to phone home, the app will crash. And to my knowledge something like that is not available for other programming languages like for example Java or Python.

LavaMoat

LavaMoat

Secure your JavaScript with LavaMoat.