Many people, myself included, tout the importance of software maintenance in the context of Bitcoin Core. It is easy to throw out "maintenance!" and most people will nod their head in agreement, but I think its helpful to have some examples to understand the depth of this work and risks of not doing it. There are many categories of maintenance work, today I am just going to zoom in on one: minimizing dependencies. Recently someone attempted to put in a backdoor into XZ, a library used by softwares in hundreds of millions of computers around the world. Even a couple weeks ago hackers slipped malicious code into dozens of NPM packages that receive millions of downloads each week. Bitcoin Core and other Bitcoin software are not immune to these kinds of attacks. While Bitcoin Core has a robust culture of code review and testing, Bitcoin Core uses third-party libraries as well. Code from these libraries is run, in addition to Bitcoin Core's code, when you are running your node. Any bug, vulnerability, or performance issue in these libraries (dependencies) can cause issues for Bitcoin Core. Updates to these dependencies of Bitcoin Core are a potential risk and need to be regularly tracked and reviewed. From a security perspective, these dependencies should also be minimized and eliminated where possible. Bitcoin Core developers have spent years minimizing the number of dependencies of the project. In some cases replacing them with minimal, in-house alternatives that achieve the same function in order to reduce attack surface. In this latest Brink blog, we outline the risks of using dependencies as well as several examples of Bitcoin Core removing problematic or unnecessary dependencies of the project.

The importance of minimizing dependencies in Bitcoin Core

Relying on external code is a risk. We look at the work in Bitcoin Core to minimize these kind of dependencies.

Russell O’Connor joined Brink to explain his work on formal verification of software, the process of mathematically proving that a program satisfies its specification. - Overview of formal verification of software - Walkthrough w/ libsecp256k1 - Coq, Rocq, Clightgen - SafeGCD - Q&A

Russell O

Russell O

Jameson Lopp and Tim Ruffing on quantum Steven Roose on the OP_TEMPLATEHASH soft fork bundle David Gumberg on compact block prefilling Lauren Shareshian from Block on mempool fee estimation View quoted note →

One year ago Marco De Leon embarked on a year long Brink fellowship in our London office. Today, after a year of progress and contributions, we’re happy to bring him on as a full-time Bitcoin Core engineer! "The idea of diving into a codebase as critical and complex as Bitcoin Core’s was intimidating, and frankly, I was a bit worried I didn’t have enough experience to contribute meaningfully. The fellowship provided the perfect bridge..."

Marco

Marco De Leon recounts his experiences and accomplishments during his year long fellowship.

Marco, with guidance from his mentor Niklas Gögge, focused his fellowship on fuzz testing, a technique for catching subtle bugs and security vulnerabilities.

Niklas Gögge on Fuzz Testing

Niklas Gögge on Fuzz Testing.

His work took him from improving existing fuzz tests, to removing the longstanding mainnet checkpoints, to improving type safety in the Bitcoin Core codebase. We are proud of Marco and Niklas for their efforts this past year. Bitcoin is more secure because of Marco's contributions and Bitcoin is stronger with another experienced engineer working on security into the future. If you're interested in fuzzing and a career as an open source Bitcoin engineer, like Marco, we are pleased to offer, in addition to the fellowship, a new Bitcoin Core Fuzzing Internship at Brink Join us and contribute to Bitcoin security through fuzzing!

Bitcoiner Jobs

Bitcoiner Jobs | Engineering Jobs

Find Engineering jobs working with Bitcoiners.

The CTV and CSFS open letter segment got a little spicy with some real talk We really dug in on Tadge's commit/reveal scheme for quantum as well View quoted note →

What is Bitcoin Core's release process for managing release candidates, minor releases, and major releases? Bitcoin Core's Release Process doc:

GitHub

bitcoin/doc/release-process.md at master · bitcoin/bitcoin

Bitcoin Core integration/staging tree. Contribute to bitcoin/bitcoin development by creating an account on GitHub.

Eric Voskuil joined Bitcoin engineers to discuss architectural and performance differences between libbitcoin and Bitcoin Core: - libbitcoin’s history/latest updates - libbitcoin architecture - Initial block download (IBD) performance - IBD workflow - SwiftSync - Q&A Watch the 90 minute discussion:

Eric Voskuil on Bitcoin Core

Eric Voskuil contrasts UTXO approaches in libbitcoin and Bitcoin Core.

Optech's "Changing Consensus" monthly segment always makes for an interesting recap podcast View quoted note →

There is a lot going on in the OP_RETURN debate, but I definitely agree with this: "What the OP_RETURN debate has demonstrated is that Bitcoin Core and the Bitcoin technical community have not done a good job communicating their value – not to mention the rationale behind their decisions – to the average bitcoin user." https://blockspace.media/insight/op_return-debate-the-influencers-vs-the-devs/ The Bitcoin Core developers have produced artifacts and content on these matters already, but those of us closely observing need to do a better job of disseminating that information to a broader set of Bitcoin ecosystem participants. "The single biggest problem in communication is the illusion that it has taken place." I need to do better.

Is there a way to stream video via RTMP to nostr?

Which way, quantum Bitcoiner?

After years of contributing to Bitcoin on nights and weekends, Sebastian Falbesoner has left his job to focus 100% of his time on Bitcoin open source development. "After years of contributing part-time, I'm thrilled to fully commit myself to improving the Bitcoin ecosystem. A big thanks to Brink for providing the ideal environment to make this dream a reality! 🫡 " - Sebastian Brink is proud to enable Sebastian's move to full time, but the credit goes to our supporters. Thank you Samara Asset Group, Lightspark, Stakwork, Ledger, Bitwise, VanEck, and Jack Dorsey whose multi-year pledges show engineers that open source development can be a sustainable career!

Brink just received our first donation from a Bitcoin Donor-Advised Fund. The donation was in BTC and made using a multisig onchain transaction. This donation was made through Unchained's Bitcoin DAF and will be held in our reserves to fund Bitcoin development into the future. 🚀

Brink is excited to announce that Eugene Siegel has joined us as an open source engineer working on fuzz testing and Bitcoin Core development! With a background as a security engineer working on Lightning and already disclosing multiple Bitcoin Core security vulnerabilities, we're excited for Eugene to help ensure the long-term security, resilience & decentralization of Bitcoin. Welcome Eugene!

Welcoming Eugene Siegel

Eugene Siegel has joined Brink as an engineer to work on fuzz testing and Bitcoin Core development.

Today we celebrate Hennadii Stepanov's 4 year anniversary as a Bitcoin Core engineer at Brink 🎉 From a simple fixup because of an old laptop, to one of the most prolific contributors to Bitcoin Core today...

Celebrating Hennadii’s First Brink Epoch

This month, we’re excited to celebrate a significant milestone—Hennadii Stepanov’s (hebasto) four-year anniversary as an open source Bitcoin ...

Whether that is the build system, operating system compatibility, the GUI, or language translations, hebasto’s efforts have been aimed at making Bitcoin secure, accessible, and user-friendly. Hebasto led a project to migrate the build system to a modern, CMake-based one, enhancing efficiency and paving the way for future development. The migration to CMake took nearly 300 pull requests, a dozen people, and two years of review and testing.

Bitcoin Optech

Bitcoin Optech Newsletter #319

This week’s newsletter summarizes a proposal for allowing Stratum v2 pool miners to receive compensation for the transaction fees contained in th...

Since his initial contribution, hebasto has 1800+ (!) commits to his name. But it isn't just his own work...in the last year alone hebasto also provided nearly 1,700 review comments.

GitHub

Contributors to bitcoin/bitcoin

Bitcoin Core integration/staging tree. Contribute to bitcoin/bitcoin development by creating an account on GitHub.

Brink and the Bitcoin community are lucky to have hebasto on our team. Thank you for your open source #Bitcoin contributions, Hennadii 🚀

Moisturized. Unbothered. In his lane. Flourishing.

Consensus Cleanup soft fork BIP draft dropped

GitHub

BIP 54: Consensus Cleanup by darosior · Pull Request #1800 · bitcoin/bips

This is a BIP draft for a Consensus Cleanup soft fork. This proposal builds upon Matt Corallo's 2019 proposal, which i set to revive at the end...

What is coming in Bitcoin Core 29.0? Demand Pool is deploying Cluster Mempool to production soon? What happens with no checkpoints in Bitcoin Core? View quoted note →

Podcast platforms used by Bitcoin Optech listeners. Pretty unusual stats, I'd think

Making the Presidio Bitcoin Pilgrimage this week. Come say hi if you're there on Thursday or for SF Bitdevs!