Anal OS is Solana backwards. Go figure.

Can we collectively agree to replace Docker with Podman please? I prefer my containers without root access and a required daemon.

#Bitcoin is software and can’t be controlled. Open networks beat closed networks. The Lightning network will provide a superior payment user experience. Pawn to E4. Integrate or die.

I am seriously 5x more productive on #Linux than on Windows or MacOS. Why? The ability to run a tiling WM such as Sway, a comprehensive package management system and overall customization.

Just listened to the #Ledger Recover episode on WhatBitcoinDid and found it mildly frustrating. Both NYK and Ledger’s CEO made inaccurate claims. Here are some general notes on #Bitcoin wallets and security as it relates to the episode. - Ledger’s CEO claimed that we would know whether a vulnerability exists and has been discovered due to responsible disclosure agreements or widespread loss of customer funds. That’s simply not true. 0-day vulnerabilities must always be presumed to exist in any system and it was scary to me that he brushed off the issue. - Software wallets are actually not terrible when done well. They’re perfectly fine for smaller amounts imo. Open source wallets that properly store your seed backed by Android’s keystore of the Secure Enclave in iOS is still relatively secure (though nowhere near a hardware wallet) - My biggest concern is that Ledger feels confident about verifying a large number of customer recovery claims online in a time where deepfakes and AI image video generation has recently taken leaps forward. How long until we see customer funds recovered by malicious actors if Ledger’s recovery service sees any sort of large scale adoption? However, in the end I’m not very concerned. This will be a nische feature due to its $10 a month cost (which nobody seems to be talking about) and the target audience it’s aimed at. Ledger has one of the most respected security teams in the space but the company sucks at PR.

So verifying the Coldcard #Bitcoin wallet firmware was a bit more complicated than I first assumed. The hashes won’t match due to signatures being different so you have to strip out the signature bytes. There are still a few bytes that differ which I can’t explain but it’s starting to make sense. This also helps:

GitHub

firmware/docs/notes-on-repro.md at b51652f146182e47da493c388eeb4645d7ff78dd · Coldcard/firmware

❄️ Firmware and simulator for Coldcard Hardware Wallet - Coldcard/firmware

Tried to reproduce the Coldcard #Bitcoin hardware wallet v5.1.2 firmware. The build process claims I’ve built a bit-for-bit copy but a quick manual diff tells me otherwise. Anyone get a different result?

Good morning plebs! May our nodes and the Lightning Network continue to prosper. Thanks for everything you do!

Ja vi elsker dette landet! Happy Norwegian national day! #17mai

FINALLY got VSCode devcontainers working in Fedora Silverblue with Podman. Can’t wait for official Podman support from Microsoft.

Jack Mallers is my hero:

Fiat mining = credit creation.

a great watch!

Had a temporary network issue earlier today. Apologies for the force closures.

Your Lightning network node contains many secrets that are important to protect. One of them are your revocation keys. One fundamental vulnerability of the Lightning Network is the possibility of losing or leaking the secret revocation keys. If a malicious actor gains access to the revocation key, they can use it to steal all the funds in the payment channel, making this a highly sensitive secret. Similarly, if a revocation key is lost, it can result in the loss of funds that could have been recovered in case of a revoked transaction.