Satoshi Scoop Weekly, 7 Feb 2025

Crypto Insights

Security Crisis Revealed by Bitcoin Mempool Clearance

Recently, several Bitcoin blocks went unfilled as mempools cleared out and transaction fees hit 11-month low. Reduced activity on the network led miners to nearly clear out Bitcoin's pool of unconfirmed transactions. This post pointed out that these events highlight a potential security crisis.

What Has Been Done to Make Bitcoin Quantum-Safe?

According to Murch's response, there is currently no dedicated team within the Bitcoin community working on quantum security. However, related proposals exist, such as BIP-360: Pay to Quantum Resistant Hash, which aims to introduce a quantum-resistant output type.

A Variant of Cycling Attacks on Bitcoin Miners' Block Templates Disclosed

Antoine Riard reported a variant of cycling attacks that can censor transaction flows in miners' block templates. This enables attackers to manipulate Bitcoin fee rewards, maximizing their chances of mining blocks on the longest valid chain at the expense of honest miners.

Hurricash: A Multi-Signature Tool for Shared UTXOs

Hurricash is a multi-signature tool that allows multiple users to lock funds in a single UTXO while enabling unilateral exit with their contribution. Any member can spend money from Hurricash on Lightning Network since Hurricash can be a channel factory, or on the base layer via an LN-to-base-layer swap. Similar to Coinpools, but Hurricash requires everyone to exit with the same amount as everyone else.

Hurricash aims to address two key issues of the Lightning Network:

• High cost of opening channels (sometimes)

• Privacy concerns of placing channel-opening transaction on the base layer

Advantages of Hurricash:

• No soft fork required

• Computational cost for pool creation grows at O(n^3) instead of O(n!)

• Users can exit at any time, in any order, without coordination

• Unlike Ark, Hurricash has no central coordinator

• Unlike Ark, funds in Hurricash pools are not time-locked, allowing indefinite participation

Check out its GitHub for the code.

Fake Channels Are Real: Why Client-Side-Validated Lightning Is Easier Than You Think

Peter Todd argues that intermediary channels in the Lightning Network don’t need to be real. When Alice makes a payment via Alice ↔ Bob ↔ Charlie ↔ David, she only cares if David receives the payment, not whether Bob and Charlie’s channel exists.

This flexibility is particularly useful when using client-side-validated tokens like RGB or Taproot assets. Lightning payments can route through virtual channels, requiring only Alice’s channel to be valid. This eliminates third-party verification and enables users to route transactions with just a few MB of data.

Implementation of Non-Interactive Single-Round T-of-N Threshold Signature Protocol NOIST

Burak successfully implemented a 550/999 NOIST threshold multisig transaction. Check it out on mempool and watch the demo video.

NOIST (GitHub) is a non-interactive, single-round t-of-n threshold signing protocol. It allows multiple untrusted entities to generate a group key and produce signatures in constant time, preventing malicious signers from forcing a re-do. Its output is a 64-byte BIP-340-compatible Schnorr signature. Read more about NOIST.

Blockstream’s 2024 Year in Review

Blockstream reviewed its major developments over the past year, including:

• Multiple Core Lightning updates: such as dual funding, BOLT12, along with improved performance and accessibility

• BlockStream’s Lightning-as-a-Service (LaaS) Greenlight integrating with Europe’s leading Bitcoin platform Relai

• Hardware wallet Jade adding Miniscript support and reintroducing Anti-Exfil to counter Dark Skippy attacks

• Revamped Bitcoin desktop wallet BlockStream Green 2.0

• Sidechain-based, Bitcoin layer-2 settlement network Liquid advancements, including: Liquid Wallet Kit, testnet deployment of High-Assurance Smart Contract Simplicity, and ELIP 200 reducing transaction fees by up to 90%

Rizful: A Disposable Lightning Node Setup Tool

Rizful provides a quick and easy way for users to run their own Lightning nodes in the cloud, enabling instant receipt of zaps and other Lightning payments. Rizful nodes are disposable and fully implement the Nostr Wallet Connect specification, as well as instant inbound and self-managed channels.

Ark’s Minimally Dependent Wallet SDK for Bitcoin Transactions

Ark released a TypeScript-powered Wallet SDK that simplifies building Bitcoin wallet for both on-chain and off-chain transactions. The SDK follows the Noble Cryptography approach, minimizing dependencies while supporting Bitcoin and Ark transactions in web applications and mobile wallets—without WebAssembly overhead.

QuantumLink: Air-Gap-Level Security Over Bluetooth

Foundation introduced QuantumLink, a Bluetooth-based protocol that encrypts all data entering or exiting the Bluetooth chip with a quantum-resistant encryption scheme. This achieves a comparable level of air-gap security while maintaining convenience and flexibility.

Why DeepSeek is a Game Changer for AI x Crypto

The author argues that DeepSeek is a major breakthrough for AI + Crypto due to:

• Breaking the hardware-dependent AI computing model, challenging NVIDIA’s monopoly

• Using reinforcement learning (RL) and reasoning optimization instead of brute-force pre-training paradigm by piling up hardware

• Enabling cost-efficient AI Agent applications

• DeepSeek's open-source approach aligns with the decentralization principles of Crypto.

Tracking Bitcoin Adoption in the U.S.

StackStates.com provides an overview of state-level legislation on strategic Bitcoin reserves, helping track Bitcoin adoption across the U.S.

Top Reads on Blockchain and Beyond

RGB++: A New Approach to Bitcoin Scaling

The article explains why RGB++ offers a holistic solution that aligns with Bitcoin's original ethos in a landscape where existing scaling efforts often involve significant trade-offs—be it in security, decentralization, or usability.

RGB++’s major advantages:

• Enhanced Bitcoin Utility: RGB++ extends Bitcoin beyond a store of value and payment network, enabling decentralized applications, financial instruments, and cross-chain interactions without bridges.

• Scalability & Efficiency: Isomorphic binding allows advanced smart contracts without third-party trust, while transaction folding and off-chain asset issuance solve state bloat and boost throughput.

• Proven & Growing: RGB++ is already live on mainnet, with increasing adoption among users and dApps.

How the Zero-Click Deanonymization Attack Works via Cloudflare

The author discovered a unique attack method called the "zero-click deanonymization attack." This exploit allows attackers to pinpoint a target’s location within a 250-mile radius—without any user interaction. If the target has a vulnerable app installed—whether a mobile app or a background service on a computer—the attacker can send a malicious payload to reveal the target’s identity within seconds—the victim does’t even know. He found that hundreds of apps, including Signal, Discord, and Twitter/X, are vulnerable to this attack.

This article explains how the attack works through Cloudflare.

The Dangers of Central Bank Digital Currencies and Their Impact on Financial Independence and Privacy

The article explores the risks of Central Bank Digital Currencies (CBDCs) and their implications for financial independence and privacy. Referring to the International Monetary Fund’s CBDC Virtual Handbook, the author explains how CBDCs grant governments unprecedented control over transactions, enabling surveillance, restrictions, and financial coercion. The piece contrasts government-issued digital currencies with decentralized alternatives like Bitcoin, highlighting stark differences in privacy and user freedom.