ExploreTrendingAnalytics
Nostr Archives
ExploreTrendingAnalytics
k3tan267d ago
Whirlpool is back! You can read my summary here, it also includes links to official resources and a video tutorial on using the new interface. https://k3tan.com/ashigaru-whirlpool/
💬 26 replies

Replies (26)

/dev/fd0267d ago
- Still using the centralized coordinator - Increased coordinator fee - Only 2 pool size available Remains vulnerable to https://groups.google.com/g/bitcoindev/c/CbfbEGozG7c/m/w2…
0000 sats
SPA (Super Phat Arrow)267d ago
- Huge mistake. They should have launched without centralized coordinator - 5% is crazy. - I'm actually OK with this. It just seems a waste of all that unspent capacity. I do understand the reasons why though. I'm out.
0000 sats
Hanshan267d ago
Its the same fee as it used to be and it's important for Sybil protection.
0000 sats
modulo267d ago
Yeah I was wondering about that. Coordinator needs decentralisation.
0000 sats
Dan Gould266d ago
i appreciate your investigation here floppy
0000 sats
bjorn266d ago
/dev/fud
0000 sats
DDeleted Account267d ago
#winning
0000 sats
Bitter21267d ago
Thx for the video K3tan! That is fantastic news!
0000 sats
IrrelevantBoB267d ago
JoinMarket
0000 sats
GameBoyBTC267d ago
✍️👀
0000 sats
🥷pirate🏴‍☠️266d ago
btc pumping too. coincidence? nah
0000 sats
Dan Gould266d ago
Appears to require trust in both other clients and servers for liveness and privacy respectively. Disappointing because these problems are solvable. Makes you think.
0000 sats
.266d ago
Terminal connects to an electrum server the same as most wallets like Sparrow. There is a coordinator but it isn't tied to a single local node. Decentralization of the coordinator has always been the goal. What does it make you think?
0000 sats
Meister Eder265d ago
What makes you think...
0000 sats
bjorn266d ago
What's the minimum amount required to test this?
0000 sats
bjorn266d ago
0.025BTC it looks like
0000 sats
Flowers4Sovereignty258d ago
💐💐💐
0000 sats
modulo267d ago
…glad to see progress.
0000 sats
Hanshan266d ago
he apparently missed that they have a RSA key hardcoded into the client now so... 😕
0000 sats
Dan Gould266d ago
Seems like clients don’t verify that signatures actually come from that hardcoded key (which they are definitely able to do). Until that is done clients are still vulnerable to a coordinator tagging attack.
0000 sats
Hanshan266d ago
have you also verified about the signatures or are you just taking floppy's word for it?
0000 sats
Dan Gould265d ago
https://primal.net/e/nevent1qqspqjdh5uf4uuastsd0hzlx9gwn4…
0000 sats
.265d ago
That note provides no details
0000 sats
Dan Gould265d ago
The fact that these vulns have been known for months and only plastered over makes you think privacy and ‘can’t be evil’ are not the priority
0000 sats
Dan Gould266d ago
Ya `unblind` is called w/o signature verification. Easy fix http://ashicodepbnpvslzsl2bz7l2pwrjvajgumgac423pp3y2deprb…
0000 sats
Hanshan266d ago
Gotcha thanks for the link
0000 sats