most people have no clue how fucking hard it is to build secure bitcoin applications. i’m not criticizing @Francis Mars. i would never attack an open source bitcoin dev for actually doing the work. indeed, i haven’t met a single productive person in my life with that attitude. not a single one. only the “outcasts” or “misunderstood geniuses” exhibit antisocial behavior like this. anyone productive knows that you need the support of others to build anything meaningful. its a self-organizing system. assholes get sorted out automatically. these accidents can happen and they will continue to happen. they happened since the fist day of bitcoin’s existence. those who have never built anything with actual users have absolute no idea what they’re talking about. it’s an actually hard problem to build secure apps. it requires years of work and xp, tons of eyes on the core, and lots of users to test it. i’m sorry this happened to you francis. you will recover and the next thing you build will be better than this. you can reach out to a whole community of other bitcoin devs for support if you need it, including me. View quoted note →

met a bitcoin podcaster last night who identifies as a cashu maxi. he said he's always onboarding tons of noobs to bitcoin due to his educational work. his default used to be wallet of satoshi but he switched to cashu bc it's not a single custodian and has privacy. this is the way. 🧡🥜

ultra brief post mortem on recent nutshell denial-of-service bug for those who have missed it. what: cashu has htlcs. the spec says the preimage must be 32 bytes. nutshell, one of multiple mint implementations, didn't check the size of the htlc preimage before validation. it violated the spec. why: the preimage is stored for some smart contracts where bob doesn't want to rely on alice to actually provide it. like how lightning channel fore-closes don't rely on alice being nice but on on-chain data. we fixed it instantly in nutshell 0.18.0. unfortunately attacker disclosed irresponsibly without respecting industry standard time frames (2 weeks lol) or any other collaboration. cashu got better as a result.

A curated, collaborative list of awesome Cashu resources. Tons of projects for reference. 100% open-source.

GitHub

GitHub - cashubtc/awesome-cashu: A curated, collaborative list of awesome Cashu resources

A curated, collaborative list of awesome Cashu resources - cashubtc/awesome-cashu

scan with a cashu wallet that supports nostr payment requests and send me some ecash cashu.me, @Minibits