lontivero

In Argentina, it was prohibited to buy, sell, or exchange foreign currency. Whenever the "blue dollar" (the free/black market exchange rate) surged significantly, the government dispatched police to apprehend currency exchangers and intimidate potential participants. I struggle to see how this same pattern won't eventually replicate on a global scale. We may soon witness the emergence of a "bitcoin blue" rate that substantially diverges from the prices listed on regulated exchanges. As I have observed in my country, the incentive to arbitrage are an overwhelmingly powerful. Purchasing restricted, undervalued bitcoins and reselling them in unregulated markets at repetition is something that no government intervention can stop.

I've just published an article discribing how to integrate your software with LLMs: https://nostrudel.ninja/articles/naddr1qvzqqqr4gupzpx6cqnjzhe6n3m4p4gae2dum2calpksx56qp0cwxtvyfptauqz3cqy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qgwwaehxw309ahx7uewd3hkctcpzamhxue69uhhyetvv9ujuurjd9kkzmpwdejhgtcqxptkzumpvf5j64mpd3kx2apdv9hxgt2pwf6xjenfvd5kzmpdf9h8getvd35kwetwvdjj66ehwccr2wgjhy5vc

I've ported a small Scheme interpreter from F# to C#. This is for adding safe scripting capabilities to C# projects. https://github.com/lontivero/CScheme

https://www.epfweb.org/node/1147

My youngest son asked me what web3 is.

Cuba, Venezuela and Nicaragua show Latin American politicians that their totalitarian dreams are possible, that if they convince enough people that they can get an unlimited number of new rights—free stuff produced by somebody else's labor—that population can not only be enslaved but also that they deserve to be enslaved because that's what makes them happy. These examples are even worse than what they look like because while we can find cases in recent history where dictators were killed by the people (Nicolae Ceaușescu) cases like Fidel Castro and Hugo Chavez are examples of dictators who not only died in power but also named their own successors. That's not the right message, is it? It is unbelievable the level of support in favor of those regimes, and that's dangerous. I think all politicians would behave better if the peoples enslaved by those regimes took them down. That would be the best for all of us.

Ashigaru's Whirlpool can steal your money. This is something I mentioned in passing in a previous note, but it is important to develop in some detail. Basically, it is the Whirlpool server that tells the client how much it must pay, and the client trusts that blindly. This allows the server to instruct clients to pay as much as it wants. But why not simply check that the coordination fee is the promised 5%? Because Samourai had "discount codes" (scode) designed to allow some users to pay lower coordination fees. These codes were opaque to the client and only understandable by the server. This means that the client had no way to know how much it had to pay and it had to be the server the one that makes the math. As a side note, it seems these "discounts" were not verified and could even be negative. Fortunately, it seems the Ashigaru team removed the "discounts" functionality, which is the right thing to do. The next step should be to hardcode the 5% coordination fee on the client. It would also be good to clean the code and remove all what it is not being used anymore because all the variables and messages are still there making the auditting much harder.

There is a long chain of fake wasabi coinjoins. Here is just one: https://mempool.space/tx/050815847d660a22c251c15aabd994d3599b7bf827c3938690d9c46b4cae8a8a

If Bitcoin is inevitable, another 6102 is inevitable too. nostr:nevent1qqsqct2x8szpydfhzdarxp6myez7ndtq4yemgnjk3exyws695eq0k3gpr4mhxue69uhkummnw3ezucnfw33k76twv4ezuum0vd5kzmp0qy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qghwaehxw309aex2mrp0yh8qunfd4skctnwv46z7jcaf9m

"A lion doesn't concern himself with the opinions of a sheep". That stupid piece of "wisdom" made me commit one of the biggest mistake of my life. I believed that it made no sense to expose the lies of Samourai, I believe that entering in the drama was good for them, I tried to convince other from attacking Samourai and I didn't gave them technical arguments against them. I don't want to attack Ashigaru team, I think they are brave and I also think that we need more privacy solutions but I won't make the same mistake twice. I will combat the zombies, all of them even if that consumes a big part of my coding hours. Fucking retards!

There is not one single time where nostr:npub12aqfngts2xc0z0n47lyfx03p8prhz4kqcel29mukgwydeuatawqqg5dvgy makes an accurate comment about Wasabi. This is not by mistake --otherwise, he would occasionally say something correct even if just by pure chance. **First**: I removed the coordination fee not because a lawyer said so, it was because that's the right thing to do and because that is what I always wanted to do. Having a mechanism to take users' money is wrong. What prevent Ashigaru's Whirlpool coordinator from taking your money? Nothing. The coordinator is the one that tells the client how much it must pay for the service and the client doesn't make even a single check to see whether that is reasonable or not. If you trust anonymous random coordinators so so much to allow them to run with your money then okay, you are a fucking moron. Even in Wasabi where there were many mechanisms to prevent such a thing there was a coordinator that was able to exploting the coordination fee crap to take users money but that's over. **Second**: In Wasabi it doesn't matter how many coins you have because it is not possible to "fill" the coinjoin round simply because there is not a limit. In case the number of coins registered in a round reaches the maximum allowed, the round is distroyed and two new rounds are created, the process repeats again and again. Finally, in the worst case, if lets say only 10 users are in a round with 10 coins each and you enter to that round with 500 coins, the maximum damage that you can do it to create the illusion of a higher anonymity set in the other participants' wallets but you cannot deanonimize them and that won't be for free either. **Third**: About sybil attacks too, the whirlpool implementation is by far the easiert to sybil attack by the coordinator and it is almost for free because a coordinator can register 4 coins of its own, but you know what? That doesn't matter because there are endless ways in which the Whirlpool coordinator can deanonimize users. **Fourth**: Calling the coordination fee "anti-sybil fee" is a good joke, it is not that they want your money, it is that the only way for you to be safe is by giving them money otherwise someone could deanonymize you! **Fifth**: Wasabi coordinators don't have liquidity!? Are you fucking keeding me? In this month there were 30,710.36 BTC with 5,155.89 BTC Fresh Inputs according to http://liquisabi.com/ **Sixth**: Wasabi coinjoins almost never creates change (traceable outputs) while Whirlpool always creates traceable change. Ok, I stop listening here because I don't want to continue suffering this torture. Here is the link https://www.youtube.com/live/qbdDkguiX-w nostr:nevent1qqsqqqqsg7cmyshfjg4t4gtymru95uy596ta8d0zc337tjs5trtkxngppemhxue69uhkummn9ekx7mp0qywhwumn8ghj7mn0wd68ytnzd96xxmmfdejhytnnda3kjctv9uq3qamnwvaz7tmwdaehgu3wd4hk6tc09f8dl

I repeat: the comeback of Whirlpool is something to celebrate. I have rushed to audit the code, reported the findings and propused solutions to fix the problems while it is still cheap to do. nostr:nevent1qqsqqq9sewqh4t8y785azzy8hxk028hm6ygg4cj7kekwhh8pdru7f3gprpmhxue69uhkv6tvw3jhytnwdaehgu3wwa5kuef0qy88wumn8ghj7mn0wvhxcmmv9uq3uamnwvaz7tmwdaehgu3dwp6kytnhv4kxcmmjv3jhytnwv46z7s3nzlh However, this have resurrected all the mindless zombies that were hibernating for more than a year. In this case nostr:npub12aqfngts2xc0z0n47lyfx03p8prhz4kqcel29mukgwydeuatawqqg5dvgy the Spanish "influencers" restarted the train of lies about Wasabi. Stop lying man!

The Marxist idea of historical materialism, which states that history advances through classes struggle with opposing interests, has colonized the minds of the entire West and has ossified in the laws and institutions of civil society. Something similar occurs with the theory of exploitation that separates people between oppressors and oppressed classes. Since an oppressor cannot be equal to an oppressed person, as the former must necessarily possess an advantage over the latter, it is not possible to treat them equally. Thus the system must discard the concept of equality before the law and implement compensatory mechanisms to equalize them. Labor legislation, trade union regulations, and social organizations emerged as products of this supposed class struggle and power imbalance. Other State institutions such as the "the people's defender" (ombudsman) suggest that there exist "aggressors of the people" who do not belong as such to the people. The "consumer protection agency" suggests the existence of "consumer antagonists" (lobbying groups, regulatory capture agencies and groups that push for govermental favours) and so on. These ideas, once defeated, do not disappear but rather settle like sediments, accumulating year after year, creating a kind of eternal damage. Let us consider, for instance, the abuse of minors whose own parents attempt to twist their sexuality, the "gender identity" laws, and the patent hatred of men that reigns in family courts of so many countries. How long do you think it will take to make them disappear? Nothing changes when nothing is done. It is necessary not only to defeat perverse ideas but once victory is achieved, one must clean the battlefield to reverse the damage.

How could I have lived without **git absorb**? https://github.com/tummychow/git-absorb

The government forces us to use its governmental applications, which never work. Do you need to renew your driver's license? The app doesn't work. Have you been the victim of a robbery and need to file a police report? The app doesn't work. Have you suffered a heart attack and need an ambulance? Thank God we don't need to use a government app for that yet, otherwise we would all be dead.

Whirlpool client proves ownership of the registered input by signing always the same message, which is the pool denomination (e.g., "0.025btc"). This means that a coordinator can use the received ownership proofs to attack every other coordinator. To prevent this and also prevent the same signature from being used to prove ownership of a different UTXO with the same scriptPubKey, a simple solution could be to commit to the outpoint, the mix ID, and the coordinator URI in addition to the poolId.

Whirlpool uses WebSocket for communication, which means that the client is connected to the server and all communication --except the output registration-- is done using the same connection. The communication consists of messages sent by the client to the server and notifications sent by the server to the client. The server knows which WebSockets were used to register/confirm which inputs, and it is the server that notifies the client when to register the output. So, a malicious coordinator can notify the client in WebSocket A to register the output, wait for it, and then do the same for the client in WebSocket B, and so on. Even if WebSockets were not used and a short pooling mechanism were used to get the status of the mix process, the server still provides a **mixId** identifier that the client has no way to verify and the coordinator could provide a different one for each client. The latter problem is not critical because it is very easy to verify and by sure many users, tools and robots will be checking that everybody receives the same mixId. However, the former requires a protocol change. nostr:nevent1qqsqqq9sewqh4t8y785azzy8hxk028hm6ygg4cj7kekwhh8pdru7f3gprpmhxue69uhkv6tvw3jhytnwdaehgu3wwa5kuef0qy88wumn8ghj7mn0wvhxcmmv9uq3uamnwvaz7tmwdaehgu3dwp6kytnhv4kxcmmjv3jhytnwv46z7s3nzlh