If you'd like a few ideas on where your path in bitcoin may lie, spend 2 minutes with Henro. After 10 questions, you will be presented with curated, inspiring resources in various formats.

Henro — Find your path in freedom tech

A contemplative survey to help you find your role in freedom tech.

I offended an open source maintainer with an @-mention on my PR. I got a stern response but his points were valid. I got thinking on how AI tools are creating a new "Eternal September" for open source with more contributions, but more noise for volunteer maintainers who are already stretched thin. What if AI could help their side too? Triage, first-pass review, quality gates, etc to protect volunteer time instead of just consuming it. A few already discussing this and putting it into practice. My reflections:

David Pinkerton

The Eternal September of Open Source

I recently submitted a small PR to SeedSigner — the multisig message signing fix I wrote about in my previous post. After opening it, I tagged tw...

SeedSigner doesn't support message signing for multisig keys — it throws "Not implemented" for any m/48' derivation path. I raised this as an issue two years ago, no fix came, so I patched it myself. The change is small (21 lines) and the actual signing function already worked — it was just the path parser blocking multisig paths unnecessarily. I use message signing for key ownership and control verification in multisig SMSF custody setups via Gatekeeper (https://gatekeeper.dpinkerton.com). Coldcard handles this fine, but SeedSigner users were stuck. Blog post:

David Pinkerton

Patching SeedSigner to Support Multisig Message Signing

I run CertainKey, a service that provides ownership and control verification reports for self-managed super funds (SMSFs) holding bitcoin. Part of ...

PR:

GitHub

Support BIP48 multisig derivation paths for message signing by AusDavo · Pull Request #874 · SeedSigner/seedsigner

Summary Removes the raise Exception("Not implemented") block for m/48' paths in parse_derivation_path() Adds BIP48 path parsing: rea...

Patched image (Pi Zero):

GitHub

Release v0.8.6 + BIP48 Multisig Message Signing · AusDavo/seedsigner

What is this? This is SeedSigner v0.8.6 with a single patch to enable message signing for BIP48 multisig derivation paths (e.g. m/48'/0'/0'/2'/0/0)...

#seedsigner #bitcoin #multisig #opensource

Wrote up how my homelab proxying strategy evolved over four phases — from port forwarding with DDNS to a VPS running nothing but HAProxy for L4 passthrough. The key insight: keep the VPS dumb. SNI inspection, encrypted passthrough, nothing else. TLS termination belongs on hardware you control. Comparison table of L7-on-VPS vs L4-passthrough vs direct port forwarding, plus thoughts on Traefik for automatic Docker service discovery.

David Pinkerton

How I Evolved My Homelab Reverse Proxy Strategy (And Why L4 Passthrough Won)

Over the past few years, my approach to exposing homelab services to the internet has gone through four distinct phases. Each one solved a real pro...

#selfhosting #homelab #haproxy #caddy #traefik #reverseproxy

Most bot/notification setups use Telegram or Signal. Both require trusting someone else with your metadata. I set up SimpleX CLI in Docker with my own relay. E2E encrypted, no phone numbers, no accounts, infrastructure I control. Wrote up the setup including the gotchas (expect scripts for headless user creation, socat to work around localhost binding). Blog:

David Pinkerton

Self-Hosted SimpleX CLI in Docker: Private Notifications Without Big Tech

Most bot and notification setups rely on Telegram or Signal. Both are fine, but they require trusting third-party infrastructure with your metadata...

Repo:

GitHub

GitHub - AusDavo/simplex-cli-docker: SimpleX CLI running in Docker with WebSocket API

SimpleX CLI running in Docker with WebSocket API. Contribute to AusDavo/simplex-cli-docker development by creating an account on GitHub.

Spent an afternoon debugging why Caddy's forward_auth wasn't passing group headers from oauth2-proxy when calling it over HTTPS across networks. The fix was one line: header_up Host oauth2-proxy.example.com Without it, Caddy sends the original request's Host header, oauth2-proxy's cookie validation gets confused, and X-Auth-Request-Groups silently disappears. Wrote it up:

David Pinkerton

Caddy forward_auth to an External oauth2-proxy: The Host Header Gotcha

I run multiple Caddy instances across separate networks, all using a shared oauth2-proxy for authentication. The setup worked fine when Caddy and o...

Wanted to spin up a new VPS tonight. Prompted for password + SMS 2FA. Phone was already off. Didn't bother. Started thinking about how much simpler passkeys are and how infrastructure providers should've adopted them years ago. So I built a demo and pitched the VPS provider on adding them. WebAuthn is cleaner than passwords done properly. No secrets cross the network. Your DB only stores public keys. The main barrier is just inertia, I think. Wrote up the implementation details:

David Pinkerton

I Built a Demo to Pitch My VPS Provider on Passkeys

I wanted to spin up a VPS this evening. My provider, Binary Lane, has a password-based login with SMS 2FA. My phone was already off and across the ...

If I follow you, you now have a home relay. I rebuilt my Nostr relay as a "web of trust" model - it accepts posts from me and everyone I follow. Your content, replies to you, all stored. Add it as a backup: wss://nostr.dpinkerton.com Full writeup on what I did and why:

David Pinkerton

Building a Web of Trust Nostr Relay

How I turned a misconfigured relay into a curated community resource using a simple web of trust model. The Problem with Open Relays I’ve been ru...

#nostr #relay

Trying negative inbound fees for passive rebalancing Depleted channels: -1 sat, -300ppm inbound discount, 500ppm outbound Heavy channels: 0.25 sat, 25ppm outbound The idea: create arbitrage so routers move liquidity where I need it. Every route through me is a rebalance. Seems better than manual rebalancing since you're earning fees instead of paying them, and it only happens when there's actual demand. Using charge-lnd to auto-adjust as balances shift. LND 0.18+ required. We'll see how it goes. #lightning #bitcoin #lnd

Some mates and I play darts and update the group on results using a group chat. I read about people vibing up apps and put Claude onto making a web app for us to use. Blown away that it works! I host it in Docker and authentication is solely passkeys or nostr keys if you've got 'em. There's as crown for each style of play that needs to be defended. Results are verified by all participants. Members can be raised to admins and send invitation links, etc. Tuning this up with Claude's help is kinda addictive. The next features that I am thinking of adding are comments on games, the option to add photos to game results, and the ability to add and remove additional passkeys. Real-time score entry has been requested so maybe that'll be coming too.

Tired of blindly trusting collaborators in multisig setups? Gatekeeper is still here and lets you validate Bitcoin keys & signatures right in your browser, offline if preferred, and fully secure. New: Address formats, custom derivation paths, & more sig verification options. Try it:

Gatekeeper - Bitcoin Signature Validation

Verify Bitcoin multisig wallet collaborators by validating cryptographic signatures

Open-source on GitHub - fork & improve! ⚡ #Bitcoin #Multisig #NostrTools

WORD5 #452 6/6 ⬛⬛⬛⬛⬛ ⬛⬛🟧⬛⬛ ⬛🟪⬛⬛🟧 ⬛🟪⬛⬛⬛ ⬛🟪⬛⬛🟪 🟪🟪🟪🟪🟪

WORD5

WORD5 #452 6/6 ⬛⬛⬛⬛⬛ ⬛⬛🟧⬛⬛ ⬛🟪⬛⬛🟧 ⬛🟪⬛⬛⬛ ⬛🟪⬛⬛🟪 🟪🟪🟪🟪🟪

WORD5

WORD5 #447 5/6 ⬛⬛⬛⬛⬛ 🟧⬛🟧⬛🟧 🟪🟧🟧🟧⬛ 🟪🟪🟪⬛🟪 🟪🟪🟪🟪🟪

WORD5