Last Notes
Block 950426
1 - high priority
1 - medium priority
1 - low priority
1 - no priority
1 - purging
#bitcoinfees #mempool
Yes
https://media1.tenor.com/m/MWAwgYqK1aUAAAAd/issou-risitas.gif
https://i.nostr.build/a4XVqkJCtstr6Ya1.jpg
Block 950423
3 - high priority
1 - medium priority
1 - low priority
1 - no priority
1 - purging
#bitcoinfees #mempool
He was arrested in Eastern Europe on suspicion about human trafficking if I remember correctly
Cause the dorks were all trained in a software industry that developed before Bitcoin existed.
Meaning that the concept of discipline is completely unknown to them.
It's the same set of compromises and tradeoffs that govern how you secure your private key on a hardware device in the real world.
You are only sovereign over that key insofar as you can physically defend it. And that's never a sure thing even if you're the king of the world.
One more thing - let's assume for a split second that hardware manufacturers make ideal HSMs with no flaws. Whole popluation uses attested passkeys, no corporation cheats nor do metadata mining on them. Everyone is happy. And out of the blue, the government decides, the HSMs have to generate TWO keys, and the second key allows for government to decrypt everything and access everything.
Because no one can make their own HSMs, as they would have to be signed, everyone is fucked.
Big corpos making HSMs will comply in an instant. Other big companies where passkeys are used will also comply and won't fallback to passwords.
It already happened - Apple complies with ANY government request by removing apps from appstore, removing cloud encryption and other things. That's how a "single point of control" ends. And signed CAs of HSMs are exactly that point. Btw. TPMs can also have CA attestation.
It is now 1 minute past midnight. I thought I'd try the new Word5.
Oh no you fucking won't, there's still 59mins to go.
Well I'm sorry @nprofile…us89, we work on BST now, not GMT🤷🏻♂️.
Block 950422
3 - high priority
1 - medium priority
1 - low priority
1 - no priority
1 - purging
#bitcoinfees #mempool
Block 950422
3 - high priority
1 - medium priority
1 - low priority
1 - no priority
1 - purging
#bitcoinfees #mempool
Block 950422
3 - high priority
1 - medium priority
1 - low priority
1 - no priority
1 - purging
#bitcoinfees #mempool
Block 950422
3 - high priority
1 - medium priority
1 - low priority
1 - no priority
1 - purging
#bitcoinfees #mempool
I think once NWC came around and one click zaps became standard, the UX didn't offer the anon or private zap. Maybe I'm setting your default zap perhaps could be changed, not sure.
If you one click zap you don't see anything about making it anon.
Block 950422
3 - high priority
1 - medium priority
1 - low priority
1 - no priority
1 - purging
#bitcoinfees #mempool
If only event was visible or existed, I have no idea what the original thread is/was 😂
Hmmmm wonder if there's an existing structure like that 🤔
TVtropes comes to mind for that
"we don't need compromises and we don't need trade offs"
When it comes to Bitcoin, there entire field is made up of compromises and tradeoffs because it is the real world barging into cyberspace.
In the rest of the digital world, the sentiment is accurate. But calling it engineering is a stretch.
#nevent1q…am0s
Nah yeah. Totally get you. I should probably do the same 🤣🤣😅
Block 950422
3 - high priority
1 - medium priority
1 - low priority
1 - no priority
1 - purging
#bitcoinfees #mempool
The road to hell is paved with good intentions, they say
#nevent1q…9nvc
counterpoint
ive already send more money via payment targets in two days than I've zapped all year.
#nevent1q…ezg6
Testing
https://i.nostr.build/gWmc6IGjIqrz1XSu.gif
#music
https://www.youtube.com/watch?v=_jZdQO7FNnc
Block 950422
2 - high priority
1 - medium priority
1 - low priority
1 - no priority
1 - purging
#bitcoinfees #mempool
Block 950422
2 - high priority
1 - medium priority
1 - low priority
1 - no priority
1 - purging
#bitcoinfees #mempool
Does any mobile wallets support bip 47 paynyms?
Does ashigaru?
It’s murda!
#nevent1q…egjd
RHR 410: SILENT BITCOIN PAYMENTS WITH @nprofile…cd8v AND @nprofile…l2yj
https://blossom.primal.net/b198dbe39a82aadaa74766b0d34f9ac4180e42e6966b3e31594c1620eb3eed7f.mp4
Absence of headwear elevated lock-unlocker
Block 950422
1 - high priority
1 - medium priority
1 - low priority
1 - no priority
1 - purging
#bitcoinfees #mempool
https://blossom.smartflow.social/d127b3059186312c23bca532a4c4269e942f0b72df92c1bdcbe35024b1828809.jpg
#meme #memes #memestr #plebchain
Fragile people demand certainty.
Capable people build margins.
That is so bootiful!!! And the water is so still :D
Block 950421
2 - high priority
1 - medium priority
1 - low priority
1 - no priority
1 - purging
#bitcoinfees #mempool
https://blossom.primal.net/42bab2824d1911353fd46b1b2686e83f2919e3fb95de06ad27b49fc59ff4279a.jpg
https://blossom.primal.net/dff93dba9712df21a28fc5b64afda45ab522297a73813f4b9a46ab8ab0ebe3cf.jpg
Block 950420
3 - high priority
3 - medium priority
1 - low priority
1 - no priority
1 - purging
#bitcoinfees #mempool
Block 950420
3 - high priority
3 - medium priority
1 - low priority
1 - no priority
1 - purging
#bitcoinfees #mempool
Ok, so I get it, your implementation is great. But this is the culprit: "PRF secret derivation — Your authenticator returns a 32-byte secret that's released only to your browser".
If I choose to use a software based authenticator then ok, I can check the RNG source code no problem. But to use a hardware bound passkey I have to trust the hardware to generate the key for me, because that key never leaves that hardware.
But there is another issue. Hardware based key storages are not cryptographically protected. Those are physically protected. To be clear, a private key encrypted by a long password with a strong KDF is vastly superior to any physically protected storage in which a properly done laser function interruption can lead to key exposure. There are 31337 attack types on hsms which could leak data.
But going back to passkeys - passkey implementation can allow the service to force an "attestation". This is something I don't like. It's my choice if I want to use a software or hardware solution, not the service which I use. But that's not all. CAs of attested HSMs, can be revoked rendering my hsm useless. If it's a phone internal enclave, my whole authentication is gone. Also the service may request information about my hsm, which is stated in the attestation documentation, what could lead to profiling and deanonymisation.
Passkeys are not dangerous per se, and would be a great idea. But because of the possible FORCED "attestation", can become dangerous for our digital freedom. Some portability was introduced on the FIDO, but it's not mandatory for device-bound passkeys. Se we're back at square one.
I'm sure there are righteous religious people out there.
But man it shit like this that give em all a bad look.
Reminds me of the megachurch in Houston who wouldn't allow evacuees from a hurricane to stay inside for safety, until they caught wreck from the local community.
I grew up in a religious household, catholic, I think? I should know better. But the one thing that I did say religion helped provide is a decent moral compass. An attitude for compassion and others.
These fools take your money, then park their fucking bentley IN the church, just to rub it in.
Block 950420
3 - high priority
1 - medium priority
1 - low priority
1 - no priority
1 - purging
#bitcoinfees #mempool
I think you should have more realistic expectations
Block 950420
3 - high priority
1 - medium priority
1 - low priority
1 - no priority
1 - purging
#bitcoinfees #mempool
https://youtu.be/LJcUKpAn9R0
