🚫 SaaS bloat ✅ Vibe-coded precision @Paul and @BLUESKY make the case for ditching multi-tenant SaaS complexity in favor of simple, self-hosted tools tailored to real needs - which can now be quickly built with the help of AI. [BR094]

From building Lightning interfaces to coding backend agents, LLMs are evolving fast. The challenge is no longer compute—it’s control. @BLUESKY , @npub1emdt...c9aw & @Paul unpack vibe coding, prompting limits, and where AI tools are ready in BR094.

Mining decentralization is gaining momentum. 🧱 With Stratum .work showing live template timing and Stratum V2 adoption on the rise, a shift toward hasher-led block building could arrive within the next few years. @BLUESKY shares his take in BR094.

@mempool now flags address poisoning attempts. These attacks spoof wallet addresses to fool users into sending to the wrong address. @npub1emdt...c9aw outlines the importance of Mempool space’s update in BR094.

🚨 Trezor Safe 3 vulnerability Ledger Donjon demonstrated they could bypass firmware checks and run malicious code — enabling remote recovery of user funds. Why? Critical ops still run on the MCU, not the Secure Element. @BLUESKY & @npub1emdt...c9aw break it down in BR094.

Change verification is a must for wallet security. If you send 1 BTC from a 100 BTC UTXO, that 99 BTC needs to come back to you. Many wallets ignore this. @npub1emdt...c9aw & @BLUESKY highlight this critical security oversight in BR093.

🛡️COLDCARD v5.4.1: ✍️ Message signing from secure notes 🛡️ Delta Mode: Hide/wipe seed vault, notes & p'words 👓 Enhanced address display 🔐 Verify BBQr Signed RFC messages + more! @BLUESKY gives a rundown of the latest COLDCARD updates in BR093.

BDK abstracts wallet dev complexity, making it accessible for all. @BLUESKY : "It'll be the default in a few years." @npub1emdt...c9aw : "Even a left curve like me can build safely." With v1.1.0, the future of wallet development is more promising than ever. 🦾

Bitcoin Safe v1.1.0 is here: ✅ Jade wallet support ✅ Deb build ✅ Xpub import @BLUESKY and @npub1emdt...c9aw discuss the project's progress, whilst also highlighting privacy concerns over using #nostr for multisig coordination. [BR093]

Is ESP32 really safe for securing #Bitcoin? Undocumented commands in ESP32 Bluetooth chip have recently raised security concerns, adding to existing risks. 🚨 @BLUESKY , @npub1emdt...c9aw , and @npub1a7ay...t00e sound the alarm in BR093.

🚀 BR093 - ECDSA Key Extraction, ESP32 Security Concerns, COLDCARD, Cove Wallet, Krux, Nunchuk, Invalid Mining Jobs, Javascript Injection Attack, CTV Back on the table? + MORE ft. @npub1emdt...c9aw , @npub1a7ay...t00e & @BLUESKY Listen to the episode: ➡️ Fountain: https://fountain.fm/episode/as8n9iw9VbKhMCyrjjjv ➡️ Spotify:

Spotify

BR093 - ECDSA Key Extraction, ESP32 Security Concerns, COLDCARD, Cove Wallet, Krux, Nunchuk, Invalid Mining Jobs, Javascript Injection Attack, CTV Back on the table? + MORE ft. Rob & Vivek

Bitcoin.Review Podcast with NVK & Guests · Episode

➡️ Amazon:

BR093 - ECDSA Key Extraction, ESP32 Security Concerns, COLDCARD, Cove Wallet, Krux, Nunchuk, Invalid Mining Jobs, Javascript Injection Attack, CTV Back on the table? + MORE ft. Rob & Vivek | Bitcoin.Review Podcast with NVK & Guests Episode on Amazon Music

I'm joined by guests Rob Hamilton & Vivek to go through the list.Housekeeping (00:01:18) Unleashed.chat rebrands to dataMachineUrgent Vulnerability...

➡️ Apple:

Apple Podcasts

BR093 - ECDSA Key Extraction, ESP32 Security Concerns, COLDCARD, Cove Wallet, Krux, Nunchuk, Invalid Mining Jobs, Javascript Injection Attack, CTV Back on the table? + MORE ft. Rob & Vivek

Podcast Episode · Bitcoin.Review Podcast with NVK & Guests · 13 March 2025 · 1hr 28min

➡️ YouTube: Shownotes: ➡️ Website:

🎙Bitcoin.Review Podcast

Bitcoin Review Podcast BR093 - ECDSA Key Extraction, ESP32 Security Concerns, COLDCARD, Cove Wallet, Krux, Nunchuk, Invalid Mining Jobs, Javascript Injection Attack, CTV Back on the table? + MORE ft. Rob & Vivek

I’m joined by guests Rob Hamilton & Vivek to go through the list.

➡️ Substack:

BR093 - ECDSA Key Extraction, ESP32 Security Concerns, COLDCARD, Cove Wallet, Krux, Nunchuk, Invalid Mining Jobs, Javascript Injection Attack, CTV Back on the table? + MORE ft. Rob & Vivek

I’m joined by guests Rob Hamilton & Vivek to go through the list.

🚨 ESP32 and Bluetooth security concerns. Is there a place for these technologies when it comes to #Bitcoin? NVK and Rob tackle this question. 👇

"Hardware wallets are the best thing since sliced bread" 🍞 Although some try to trivialise hardware wallets, they offer asymmetric power for #Bitcoin security. @npub1emdt...c9aw and @BLUESKY discuss the risks of underestimating these tools in BR076.

Zaps on nostr have yet to reach their final form. @PABLOF7z sees Zaps as just the start—unlocking new use cases and infinite possibilities. Cashu-based Zaps? More speed, more verification, more potential. ⚡ [BR083]

Should every #nostr idea start as a NIP? 🤔 @jb55 of @Damus argues that trying to make every new idea a NIP before testing it slows progress. Instead, experiment, get real adoption, and let standards emerge naturally. [BR078]

👉 Own Your Distribution 👈 Platforms like Substack & Medium learned the hard way—your traffic isn’t yours if it relies on centralized platforms. On #nostr, your identity & content are truly yours. @BLUESKY on the shift to uncensorable publishing. [BR084]

Losing Electrum in Tails OS means fewer secure recovery options for #Bitcoin users. The fix? 🛠️ Get Sparrow added to Debian 🚧 Overcome resistance from maintainers @BLUESKY & @Paul brainstorm solutions in BR092.

Tails remains the best read-only OS for security, but is it hostile to #Bitcoin? Electrum’s hardware wallet support is gone, and adding alternatives isn’t easy. @craigraw & @BLUESKY discuss the hurdles, Debian’s red tape, and possible solutions in BR091.

BlueWallet v7.0.7 improves xpub handling, avoiding mismatches with Sparrow Wallet & reducing fund losses. ✅ @BLUESKY and @craigraw discuss how this critical update benefits users in BR091.

🚀 BR091 - AnchorWatch Trident Vault, Ledger Co-founder Kidnapped, Blue Wallet, M17, The Case for Multi-vendor Setups, Tails removes HWW Support + MORE ft. @craigraw , @npub1emdt...c9aw & @BLUESKY Listen to the episode: ➡️ Fountain: https://fountain.fm/episode/qfhj3otn3dd2BUmYceYw ➡️ Spotify:

Spotify

BR091 - AnchorWatch Trident Vault, Ledger Co-founder Kidnapped, Blue Wallet, M17, The Case for Multi-vendor Setups, Tails removes HWW Support + MORE ft. Craig & Rob

Bitcoin.Review Podcast with NVK & Guests · Episode

➡️ Amazon:

BR091 - AnchorWatch Trident Vault, Ledger Co-founder Kidnapped, Blue Wallet, M17, The Case for Multi-vendor Setups, Tails removes HWW Support + MORE ft. Craig & Rob | Bitcoin.Review Podcast with NVK & Guests Episode on Amazon Music

I'm joined by guests Craig Raw and Rob Hamilton to go through the list.Housekeeping (00:01:11) Ross Ulbricht receives a pardon from President Trump...

➡️ Apple:

Apple Podcasts

BR091 - AnchorWatch Trident Vault, Ledger Co-founder Kidnapped, Blue Wallet, M17, The Case for Multi-vendor Setups, Tails removes HWW Support + MORE ft. Craig & Rob

Podcast Episode · Bitcoin.Review Podcast with NVK & Guests · January 24, 2025 · 1h 16m

➡️ YouTube: Shownotes: ➡️ Website:

🎙Bitcoin.Review Podcast

Bitcoin Review Podcast BR091 - AnchorWatch Trident Vault, Ledger Co-founder Kidnapped, Blue Wallet, M17, The Case for Multi-vendor Setups, Tails removes HWW Support + MORE ft. Craig & Rob

I’m joined by guests Craig Raw and Rob Hamilton to go through the list.

➡️ Substack:

BR091 - AnchorWatch Trident Vault, Ledger Co-founder Kidnapped, Blue Wallet, M17, The Case for Multi-vendor Setups, Tails removes HWW Support + MORE ft. Craig & Rob

I’m joined by guests Craig Raw and Rob Hamilton to go through the list.

Craig, Rob and NVK discuss #Bitcoin wallet standards and the features they must have to ensure compatibility, user independence, and long-term usability. 👇

.@npub1reez...9ty4 ‘s @Bitcoin Dev Kit based app delivers address verification over NFC with COLDCARD Q! 🚀 @BLUESKY & @npub1emdt...c9aw share insights in BR090. Demo: https://njump.me/nevent1qqs8qjzkcdtzp93tkckekezeevvlnh6rjugc5a6wk4urdncn4080sjcpzemhxue69uhhyetvv9ujumn0wd68ytnzv9hxgq3qreezn2ctrrg736uqj7mva9lsuwv0kr5asj4vvkwxnrwlhvxf98tscetek9