Forwarded from AQUA Updates
There’s been some concern about the recent NPM supply-chain attack.
AQUA Wallet is not affected. 🚫🐛
AQUA is built with Flutter & Dart, not NPM/JavaScript, so this incident does not impact our users.
Both AQUA and your funds remain safe. ✅⚡
Regardless, please be vigilant in checking addresses when sending On-chain #Bitcoin or USDt from altcoin chains to AQUA.
The attack swaps out the intended send address with the attacker's address, so if you send from a compromised wallet to AQUA, you could still be affected.
AQUA Wallet is not affected. 🚫🐛
AQUA is built with Flutter & Dart, not NPM/JavaScript, so this incident does not impact our users.
Both AQUA and your funds remain safe. ✅⚡
Regardless, please be vigilant in checking addresses when sending On-chain #Bitcoin or USDt from altcoin chains to AQUA.
The attack swaps out the intended send address with the attacker's address, so if you send from a compromised wallet to AQUA, you could still be affected.
#Depix #BTCPAY
https://fxtwitter.com/thgO_O/status/1963649535411880112
https://blog.btcpayserver.org/depix-plugin/
https://fxtwitter.com/thgO_O/status/1963649535411880112
https://blog.btcpayserver.org/depix-plugin/
FxTwitter - Media 2 / 2
thgO.O ₿ (@thgO_O)
🚀 Shipped my first @BtcpayServer plugin: DePix.
Pix at checkout, settlement in DePix (BRL on Liquid).
Opening Bitcoin-native stores to millions of Brazilian users - especially those who won't/can't pay with BTC.
Would love your feedback!
Pix at checkout, settlement in DePix (BRL on Liquid).
Opening Bitcoin-native stores to millions of Brazilian users - especially those who won't/can't pay with BTC.
Would love your feedback!
BitcoinMechanic:
Daily Fear Mongering
Daily Fear Mongering
Branta:
On Third Parties
https://branta.pro/ | Nostr
Corrige o problema #npm@TutorialBTC para comerciantes online
https://brantaops.substack.com/p/verify-anywhere
https://brantaops.substack.com/p/unlocking-triangulated-security
#P2P@TutorialBTC
On Third Parties
https://branta.pro/ | Nostr
Corrige o problema #npm@TutorialBTC para comerciantes online
https://brantaops.substack.com/p/verify-anywhere
https://brantaops.substack.com/p/unlocking-triangulated-security
#P2P@TutorialBTC
www.branta.pro
Branta | Pre-Payment Verification
Guardrails for Bitcoin & Lightning
Elber Domingos | Impactus AI:
Economize mais e 60k por ano automatizando e organizando sua empresa
Economize mais e 60k por ano automatizando e organizando sua empresa
This media is not supported in your browser
VIEW IN TELEGRAM
PaulsCode - Latest posts:
Bitcoin Wallet Applications Potentially Compromised
Bitcoin Wallet Applications Potentially Compromised
Criptografar tudo: um guia para iniciantes sobre como bloquear arquivos – Dissidente Digital Indetectável
https://untraceabledigitaldissident.com/encrypt-everything-a-beginners-guide-to-locking-down-local-files/ | Nostr
https://untraceabledigitaldissident.com/encrypt-everything-a-beginners-guide-to-locking-down-local-files/ | Nostr
Untraceable Digital Dissident
Encrypt Everything: A Beginner’s Guide to Locking Down Files – Untraceable Digital Dissident
Encryption isn’t paranoia. It’s preparation. You don’t wait for the fire to buy the extinguisher. You have it ready.
#REVIEW: Bolsas #Faraday #SLNT: Testadas em Campo, Sinal Eliminado – Dissidente Digital Indetectável
https://untraceabledigitaldissident.com/review-slnt-faraday-bags-field-tested-signal-killed/ | Nostr
#Phone@TutorialBTC
#Faraday@TutorialBTC
https://untraceabledigitaldissident.com/review-slnt-faraday-bags-field-tested-signal-killed/ | Nostr
#Phone@TutorialBTC
#Faraday@TutorialBTC
Untraceable Digital Dissident
REVIEW: SLNT Faraday Bags: Field Tested, Signal Killed – Untraceable Digital Dissident
Your phone is betraying your location. Here's how I tested the gear that claims to stop it.
#XChat Não tão secreto: o novo recurso de bate-papo criptografado do X coloca os usuários em risco, dizem especialistas
https://san.com/cc/not-so-secret-xs-new-encrypted-chat-feature-puts-users-at-risk-experts-say/ | Nostr
https://san.com/cc/not-so-secret-xs-new-encrypted-chat-feature-puts-users-at-risk-experts-say/ | Nostr
Straight Arrow News
Not so secret: X’s new encrypted chat feature puts users at risk, experts say
X's new XChat feature does not remove sensitive metadata from images, which could lead to the exposure of GPS coordinates.
I see way too many people on Nostr that are still confused about the #BitcoinCore vs #Knots debate. This is a tl;dr for them. If a longer explanation is needed, they should go over the website below.
tl;dr:
SegWit introduced the witness discount, that ended up making junk data up to 75% cheaper, which opened the door for arbitrary data-carrying transactions to directly compete with monetary transactions for blockspace. In practice, that ended up being an unintended de facto subsidy for spam.
Taproot then provided a way for inscriptions to sidestep the old datacarriersize filter, which is why the UTXO set exploded from around 4 GB in 2023 to nearly 12 GB by 2025, putting real strain on low-end node hardware.
Meanwhile, the Core devs’ reaction has been pathetic — hand-waving it away for two whole years as “free market dynamics” or saying that fixing the exploit is considered “controversial”. At the same time they did a stealth documentation change to pretend the broken filter is “working as intended”. Unhosted Marcellus caught them red handed, but instead of apologising for hiding it, they claimed that changing the documentation is a valid way for fixing bugs.
Now they’re doubling down their efforts “to fight spam” they willingly allowed by gutting another spam filter (OP_RETURN) that has worked for 11 years, and helped keep 99.9% of all OP_RETURNs at or under 80 bytes. Larger payloads were possible, but never at the absurd size of 100 KB in a single output.
Core v30, due in early October, will raise the default limit to 100 KB (an 1200x increase), which makes it trivial to upload entire malware files or worse straight into the chain. This isn’t hypothetical — when BSV made the same change in 2019, it was immediately hit with child p[]rn.
The legal and practical fallout for Bitcoin node operators, especially those on cloud infrastructure, hasn’t even begun to be fully grasped.
All these absurd and rushed decisions raise the obvious questions: why push this change through despite massive pushback; who stands to profit from it; and why are the real risks of this happening being ignored or swept under the rug?
https://wtfhappenedinfeb2023.com
https://primal.net/e/nevent1qqszgqshk9nqjfc3vxpg32m92pnyykt00smlh3a02kyqfnu5qygxmlg3cdhmx
tl;dr:
SegWit introduced the witness discount, that ended up making junk data up to 75% cheaper, which opened the door for arbitrary data-carrying transactions to directly compete with monetary transactions for blockspace. In practice, that ended up being an unintended de facto subsidy for spam.
Taproot then provided a way for inscriptions to sidestep the old datacarriersize filter, which is why the UTXO set exploded from around 4 GB in 2023 to nearly 12 GB by 2025, putting real strain on low-end node hardware.
Meanwhile, the Core devs’ reaction has been pathetic — hand-waving it away for two whole years as “free market dynamics” or saying that fixing the exploit is considered “controversial”. At the same time they did a stealth documentation change to pretend the broken filter is “working as intended”. Unhosted Marcellus caught them red handed, but instead of apologising for hiding it, they claimed that changing the documentation is a valid way for fixing bugs.
Now they’re doubling down their efforts “to fight spam” they willingly allowed by gutting another spam filter (OP_RETURN) that has worked for 11 years, and helped keep 99.9% of all OP_RETURNs at or under 80 bytes. Larger payloads were possible, but never at the absurd size of 100 KB in a single output.
Core v30, due in early October, will raise the default limit to 100 KB (an 1200x increase), which makes it trivial to upload entire malware files or worse straight into the chain. This isn’t hypothetical — when BSV made the same change in 2019, it was immediately hit with child p[]rn.
The legal and practical fallout for Bitcoin node operators, especially those on cloud infrastructure, hasn’t even begun to be fully grasped.
All these absurd and rushed decisions raise the obvious questions: why push this change through despite massive pushback; who stands to profit from it; and why are the real risks of this happening being ignored or swept under the rug?
https://wtfhappenedinfeb2023.com
https://primal.net/e/nevent1qqszgqshk9nqjfc3vxpg32m92pnyykt00smlh3a02kyqfnu5qygxmlg3cdhmx
Wtfhappenedinfeb2023
WTF Happened in Feb 2023?
A website dedicated to mitigating spam on Bitcoin.