Snowden is gonna be replaced with Rainden soon, and then with Sunden. But remember that in 10 months, Snowden returns. Always.

Still don't get why most VPS providers don't offer Alpine Linux as the host choice. Are they afraid to find out this is the only Linux they actually need? Because everything else can be dockerized if one desperately needs Ubuntu/Debian/Alma/other bloatware for a particular package. Yet they prefer to dockerize Alpine and keep the bloatware permanently on each VM for some reason.

Any working #Monero setup for #OpenBSD? Despite numerous claims of people doing this, I haven't been able to build either the official or the Feather wallet on OpenBSD 7.4-current.

But the more I live, the less I keep believing in the Hanlon's razor ("Never attribute to malice that which is adequately explained by stupidity"). It is ENTIRELY plausible that these "child mistakes" might be deliberately left in their code to facilitate some automated shadow fund distribution by request in the form of invalid transactions... Am I a conspiracy theorist or are they really THAT stupid?

As a total noob with those blockchains, I find it scary that even such a noob can find such security holes in some services using them within a few days. Yes, it's not a single one anymore.

My kisstron project is now proven to work on OpenBSD, being the second non-browser-based Tron wallet that works here. Here, dependency installation is like this: ``` doas pkg_add autogen autoconf automake libtool py3-cffi export AUTOMAKE_VERSION=1.16 # replace with yours export AUTOCONF_VERSION=2.71 # replace with yours pip install -r requirements.txt ``` The only inconvenience is the warning that urllib3 is giving about not supporting LibreSSL. Doesn't seem to affect the functionality though.

I need something like OCaml, but that doesn't generate such a huge binary when statically linking with musl because it tries to put the entire runtime, even the unused functions, in there. What should I try? Myrddin or something else? #asknostr

Just checked — indeed, the vulnerability I discovered yesterday is not on the particular merchant's side, but on the entire crypto payment provider. Of course I won't tell which provider it is, but I wonder which other shops are using it now...

Interesting how the ToS of many (if not all) VPS and cloud instance services, even the anonymous ones, explicitly prohibit their usage for mining crypto. Guys, I'm paying you for the computing resources, what I do with them should be none of your fucking business, at least as long as I'm not congesting your network or sending out spam. Does anyone know of a VPS service that doesn't put any restrictions on mining? #asknostr

But the main phenomenon is: it's 2024 out there, there is a horde of devs saying they are "into crypto" yet having no slightest clue about how to _properly_ validate the transactions on the blockchain of their choice. This phenomenon is primarily driven by the fact that customer wallets offer too little control over the transactions. The aforementioned devs, who use the same wallets (because the proper ones with fine-grained control usually have too complicated UI), don't even expect atypical scenarios to happen because they think no wallet will let them happen. They also seem to have missed all information security courses, otherwise they would know this: validation always must happen on what theoretically can be sent, not on what usually is sent. Yet they want us to use browser extensions and other inherently insecure bollocks. Good luck...

I was going to post another Tron-related thing I accidentally found but I already predict the reactions like "Told ya, Tron is a shitcoin!" and I don't want to keep explaining why it isn't. I will share this story in one of my weekly phlog entries though. Maybe in the same post as the one about kisstron. You'll like it.

Just did the first transaction on the Tron mainnet using my own CLI wallet written within 2 days: kisstron. 423 SLOC. Public domain. BIP-39 mnemonic and offline transaction support. Wrote it purely for myself but decided to share the knowledge.

README - kisstron - KISS-friendly Tron CLI wallet

A large flock of rooks has arrived to the village. Local magpies are visibly concerned.

On a side note, hosting "censorship-resistant" platform docs on GitHub, the most censorhip-friendly Git hosting out there, is peak stupidity. My path was: GitHub -> GitLab -> SourceHut -> standalone Git node with stagit on a static Web server. Still need to migrate some important stuff out of GitLab though.

Ok, so I found out that tronpy does allow to export transactions to JSON, before or after signing. And it also supports importing such JSONs to broadcast elsewhere. As much as I hate JSON, I think this use case gets a pass from me.

Given: 1) tronpy library, (relatively) lightweight and straightforward to use. 2) Fast Tron testnets like Nileex. 3) Memo field that can optionally be attached to each transaction. Question: blockchain-based forum anyone?