mr_gas
- Security Alert: DoS Risk via HTLC in CashuMay 11, 2025
CVE-2025-65548 is reserved for this vulnerability.
- Security Alert: DoS Risk via HTLC in CashuMay 11, 2025
I don't know who keeps moving this post in different boards. It was initially posted in 'Development & Technical Discussion' for Bitcoin, moved to Altcoin Discussion, next 'Project Development' in Bitcoin and again…
- Security Alert: DoS Risk via HTLC in CashuMay 11, 2025
Vulnerability So, there was a glitch where the preimage size wasn't checked in nutshell versions before 0.18.0. This basically lets an attacker saturate the mint's database and hard drive with random data. You can use…
I think we will see more such implementations based on the consensus code used in core, through the libbitcoinkernel library.
Bitcoin Knots is a codebase fork of Bitcoin Core (since December 2011) that recently gained adoption (17% of nodes) because of its mempool policies. A development fund for its contributors was also created recently.
- how to check if a BIP got merged?Dec 12, 2023
These are BIPs implemented in bitcoin core. Its not necessary that you will find all the BIPs in this list. BIPs are just documents that describe improvement proposals. They don't need to get merged in a specific…
Not sure if this emulates CHECKSIGFROMSTACK in the way you are trying to achieve it. I found this thread interesting and wanted to share this idea: 1. CHECKSIGFROMSTACK requires 3 parameters: signature, message and…
Ecash interoperability sounds complete nonsense. Why would a trustless and self custodial swap protocol need to be interoperable with a custodial solution?
Lucas has shared another method that can be used by the coordinator to link inputs and outputs::…
I am not associated with Wasabi. This is a free review and testing unlike others who trust the anonymous developers or not competent enough to review. Denying the bugs based on an announcement to use suboptimal tools…
1. The coordinator can link input-outputs even with the hardcoded key The client doesn't verify that the unblinded signature is actually a valid RSA signature for the hardcoded public key. The coordinator can still do…
It seems they aren't using code from whirlpool-client repository in the terminal. Instead hardcoded a public key for signing: This introduces other issues in the coinjoin process. I will add more details after doing…
So, Ashigaru just dropped this announcement: https://ashigaru.rs/news/announcement-whirlpool/ Here's the scoop: back in December 2024, someone pointed out a security issue with whirlpool:…
Related IRC conversation: https://bitcoin-irc.chaincode.com/bitcoin-core-dev/2025-05-08#1119190;
- v30 removed?Jun 21, 2022
Not just legacy wallets. It deletes the wallets directory. The version in the top download link on bitcointalk should be updated and the torrent link needs to be fixed.
https://en.wikipedia.org/wiki/Bandwidth
The goal of free relay is to keep the transaction in mempool and never get included in a block. It can be used by an attacker to waste bandwidth, memory etc. for nodes in the p2p network. SIGHASH_ALL |…
So, it looks like a lot of mining pools are starting to include transactions that are under 1 sat/vB in their blocks, and some nodes have dropped their minrelaytxfee down to 0.1 sat/vB. Bitcoin core also updated the…
Can you scan it on https://www.virustotal.com/gui/home/upload and share the results link?
- walletnotify parameters explainedJan 2, 2020
Correct link: https://bitcoinwiki.org/wiki/running-bitcoin