Good Morning, Bitcoin - Thursday, October 10th, 2024

Good Morning, Bitcoin is your daily news roundup delivering key stories, project updates, new releases, guides, research, and all things related to Bitcoin and freedom tech.

Good Morning, Bitcoin - Thursday, October 10th, 2024

What's new

  • New security advisories affecting Bitcoin Core versions before v25.0. Bitcoin Core developer Niklas Gögge posted to the Bitcoin Dev mailing list to announce public disclosure of three vulnerabilities affecting Bitcoin Core clients prior to v25.0.
    • Disclosed vulnerabilities include a blocktxn remote node crash (CVE-2024-35202), an issue with mutated blocks hindering block propagation, and a node communication issue due to inv-to-send sets growing too large. Read more about them here.
  • Public disclosure of btcd FindAndDelete bug (CVE-2024-38365). Antoine Poinsot posted to Delving Bitcoin to disclose a critical vulnerability affecting btcd bitcoin full node implementation clients prior to version 0.24.2. It allows virtually anyone to fork off vulnerable btcd nodes at virtually no cost with a standard transaction due to incorrectly implemented consensus rules for legacy signature verification.
    • The issue was patched in btcd v0.24.2, released in June earlier this year. Btcd node runners should update to this version ASAP.
  • Coinbase enables sending to Taproot addresses. The platform's users can now make bitcoin payments to Taproot addresses. The update addresses a long-standing gap since Taproot's activation in November 2021.
  • Ethiopian hashrate goes brrr. "Ethiopian Electric Power (EEP) confirmed their support for the industry and noted that there are currently 600MW of operational miners, with several hundred more MW expected to be energized this year," wrote Ethan Vera of Luxor Tehnology.
  • WEF: 'Tough' US regulation is "positive for the industry." The latest World Economic Forum report reviews digital asset regulation in nine regions, noting varied perceptions of the US's strict anti-illicit finance measures, reports The Rage.
  • X resumes services in Brazil after complying with court orders. Brazil's Supreme Court allowed X to operate again in the country after the social media platform started adhering to court decisions, a stark reversal from the stance its owner Elon Musk had initially promised to defy.
  • Archive.org hack reveals data on roughly 31 million users. Have I Been Pwnd reports that archive.org was hacked last month, exposing 31 million records including email addresses, screen names, and bcrypt-hashed passwords.
  • Bitcoin 2024 Amsterdam Day 2 took place today. You can rewatch the talks here.

Use the tools

  • Samourai Dojo v1.26.0 has been released with a variety of dependency updates and optimizations. It updates Bitcoin Core to v28, thus supporting testnet4. This version also adds support for Snowflake bridges in Tor.
  • BitKit Wallet v1.0.5 now allows users to open channels to nodes beyond Synonym's LSP Blocktank. This also enables BitKit users in the USA and Canada to enjoy seamless Lightning Network transactions by connecting to alternative nodes.
  • Blitz Wallet Android v0.3.0-beta is here. It adds support for push notifications, as well as bug fixes for issues introduced with Liquid Wallet Kit (LWK) integration.
    • Blitz Wallet iOS (beta) is now available for testing, too. Find the TestFlight download link here.
  • CLBOSS v0.14.0 is the latest update for the automated Core Lightning (CLN) node manager.
  • Alby Hub v1.10.2 is a hotfix release that introduces app store detail pages to improve instructions on connecting your hub, as well as several other bug fixes.
  • Super Testnet made an NWC Tester for testing NWC strings to identify what they are and what they can do.
  • Lume v4.3.0, a Nostr client for macOS and Windows 11, adds support for multiple follow and interest sets (NIP-51), allows event deletion (NIP-09), improves search performance, and more.
  • hodlbod introduced Flotilla, a WIP nostr client modeled after Discord. Check out the developer preview here.
  • Nostr media management app Nostr.build now comes with a Flux text-image generator for Creator and Advanced accounts, introduces Credits-based referral system, and increased free upload size to 69 MB.
  • Mostro project has added project documentation to its site. It is available in English and Spanish.
  • CalyxOS v5.12.0 is a partial October security update for Pixel 6 and newer devices.
  • Tor Browser v13.5.7 is now available from the Tor Browser download page and distribution directory. Users are urged to update immediately.

Other stuff

  • Check out this piece on how geopolitics can alter digital infrastructure by Gareth Edwards.
  • Vincenzo Palazzo published an article on the importance of lnprototest, a Lightning BOLT Protocol Test Framework.
  • ODELL shared a talk on Why Nostr Matters in Ten Minutes. Watch it here.