Sparrow Wallet v2.1.3 includes BIP329 wallet labels export to include additional fields. 🚀 @DETERMINISTIC OPTIMISM 🌞 , @Rob Hamilton and @Seardsalmon discuss the update... and why bullying is an indispensible tool for getting devs like @craigraw to implement your desired features! [BR093]

BDK abstracts wallet dev complexity, making it accessible for all. @DETERMINISTIC OPTIMISM 🌞 : "It'll be the default in a few years." @Rob Hamilton : "Even a left curve like me can build safely." With v1.1.0, the future of wallet development is more promising than ever. 🦾

Bitcoin Safe v1.1.0 is here: ✅ Jade wallet support ✅ Deb build ✅ Xpub import @DETERMINISTIC OPTIMISM 🌞 and @Rob Hamilton discuss the project's progress, whilst also highlighting privacy concerns over using #nostr for multisig coordination. [BR093]

Multisig backup, rethought. 🔐 By encrypting & inscribing your k-of-n descriptor, you can recover with any k seeds—no need for redundant backups. @DETERMINISTIC OPTIMISM 🌞 & @Rob Hamilton discuss the recently released (and open source) multisig-backup project in BR093.

Is ESP32 really safe for securing #Bitcoin? Undocumented commands in ESP32 Bluetooth chip have recently raised security concerns, adding to existing risks. 🚨 @DETERMINISTIC OPTIMISM 🌞 , @Rob Hamilton , and @Seardsalmon sound the alarm in BR093.

Block explorers are evolving. 🚀 Blockstream now offers dedicated API endpoints. Should devs embrace managed infrastructure, or is self-hosting still king? @DETERMINISTIC OPTIMISM 🌞 , @Rob Hamilton & @Seardsalmon weigh in on BR093.

The latest @nunchuk_io for desktop & Android is here 🚀 ✅ Standard & taproot multisig ✅ Single-file recovery using wallet descriptors ✅ E2E encrypted chats All written in native C - (no JavaScript touching your keys!) @DETERMINISTIC OPTIMISM 🌞 , @Seardsalmon & @Rob Hamilton break it down in BR093.

DNS hacking. A good or bad idea? TwelveCash attempts to encode #Bitcoin payment instructions in DNS, avoiding web servers. @DETERMINISTIC OPTIMISM 🌞 & @Paul debate the trade-offs, and discuss nostr applications in BR077.

Jam: A web interface for JoinMarket. @DETERMINISTIC OPTIMISM 🌞 , @Rob Hamilton and @Paul discuss the project, and why it is: ✅ The best way to mix coins ✅ Free from centralized control ✅ Less likely to be a point of capture [BR077]

Are dice rolls the answer to bad entropy? @DETERMINISTIC OPTIMISM 🌞 breaks down why secure elements use TRNGs, why mixing entropy matters, and why relying on a camera for randomness is pure “camera theater.” 🎲 Humans are bad at entropy. 🔐 Trust, verify, XOR. [BR077]

🚀 BR093 - ECDSA Key Extraction, ESP32 Security Concerns, COLDCARD, Cove Wallet, Krux, Nunchuk, Invalid Mining Jobs, Javascript Injection Attack, CTV Back on the table? + MORE ft. @Rob Hamilton , @Seardsalmon & @DETERMINISTIC OPTIMISM 🌞 Listen to the episode: ➡️ Fountain:

Fountain

Bitcoin.Review Podcast with NVK & Guests • BR093 - ECDSA Key Extraction, ESP32 Security Concerns, COLDCARD, Cove Wallet, Krux, Nunchuk, Invalid Mining Jobs, Javascript Injection Attack, CTV Back on the table? + MORE ft. Rob & Vivek • Listen on Fountain

I'm joined by guests Rob Hamilton & Vivek to go through the list.Housekeeping (00:01:18) Unleashed.chat rebrands to dataMachineUrgent Vulnerability...

➡️ Spotify:

Spotify

BR093 - ECDSA Key Extraction, ESP32 Security Concerns, COLDCARD, Cove Wallet, Krux, Nunchuk, Invalid Mining Jobs, Javascript Injection Attack, CTV Back on the table? + MORE ft. Rob & Vivek

Bitcoin.Review Podcast with NVK & Guests · Episode

➡️ Amazon:

BR093 - ECDSA Key Extraction, ESP32 Security Concerns, COLDCARD, Cove Wallet, Krux, Nunchuk, Invalid Mining Jobs, Javascript Injection Attack, CTV Back on the table? + MORE ft. Rob & Vivek | Bitcoin.Review Podcast with NVK & Guests Episode on Amazon Music

I'm joined by guests Rob Hamilton & Vivek to go through the list.Housekeeping (00:01:18) Unleashed.chat rebrands to dataMachineUrgent Vulnerability...

➡️ Apple:

Apple Podcasts

BR093 - ECDSA Key Extraction, ESP32 Security Concerns, COLDCARD, Cove Wallet, Krux, Nunchuk, Invalid Mining Jobs, Javascript Injection Attack, CTV Back on the table? + MORE ft. Rob & Vivek

Podcast Episode · Bitcoin.Review Podcast with NVK & Guests · 13/03/2025 · 1h 28m

➡️ YouTube: Shownotes: ➡️ Website:

🎙Bitcoin.Review Podcast

Bitcoin Review Podcast BR093 - ECDSA Key Extraction, ESP32 Security Concerns, COLDCARD, Cove Wallet, Krux, Nunchuk, Invalid Mining Jobs, Javascript Injection Attack, CTV Back on the table? + MORE ft. Rob & Vivek

I’m joined by guests Rob Hamilton & Vivek to go through the list.

➡️ Substack:

BR093 - ECDSA Key Extraction, ESP32 Security Concerns, COLDCARD, Cove Wallet, Krux, Nunchuk, Invalid Mining Jobs, Javascript Injection Attack, CTV Back on the table? + MORE ft. Rob & Vivek

I’m joined by guests Rob Hamilton & Vivek to go through the list.

🚨 ESP32 and Bluetooth security concerns. Is there a place for these technologies when it comes to #Bitcoin? NVK and Rob tackle this question. 👇

From emergency comms to #cashu Over MeshTastic 🥜 @DETERMINISTIC OPTIMISM 🌞 , @Rob Hamilton & @Paul discuss using MeshTastic for off-grid communication. Find out how in BR077.

"Hardware wallets are the best thing since sliced bread" 🍞 Although some try to trivialise hardware wallets, they offer asymmetric power for #Bitcoin security. @Rob Hamilton and @DETERMINISTIC OPTIMISM 🌞 discuss the risks of underestimating these tools in BR076.

Bitcoin’s security depends on one of the most reviewed cryptographic libraries: LibSec256k1. 🔐 @DETERMINISTIC OPTIMISM 🌞 & @Paul break down the importance for non-cryptographers; avoiding bad math, preventing side-channel leaks, and ensuring everyone speaks the same mathematical language.

Bitcoin security is at military levels - available to everyone. 🛡️🔐 Unfortunately, FUDsters still try to scare users away. @DETERMINISTIC OPTIMISM 🌞 & @Rob Hamilton discuss the rapid evolution of multisig, UX leaps in security, and why hardware wallets (even bad ones) are a massive net positive. [BR076]

Yahoo Pipes was ahead of its time—letting users visually connect data streams. Time for a #nostr equivalent? @DETERMINISTIC OPTIMISM 🌞 , @fiatjaf & @JeffG discuss some ideas for nostr tooling to mature in BR081.

Spam is a real problem on open #nostr relays. Should relays take responsibility for filtering spam, or should clients handle it locally with a web of trust? @fiatjaf , @DETERMINISTIC OPTIMISM 🌞 & @rabble explore different approaches to mitigating spam in BR080.

From gaming the system to true discovery 🎯 Some creators struggle with #nostr’s lack of an algorithm - no easy way to game the system. But in return, it offers true organic virality. Could this model outperform today's platforms? @jb55 shares his take in BR078.

Zaps are a game-changer. ⚡️ Public payments with built-in social signaling—something we've never had before. Could this be the catalyst that onboards the world to #Bitcoin? @miljan explains why every app is about to be Bitcoin-enabled in BR083.

Zaps on nostr have yet to reach their final form. @PABLOF7z sees Zaps as just the start—unlocking new use cases and infinite possibilities. Cashu-based Zaps? More speed, more verification, more potential. ⚡ [BR083]