FYI the ### headings only work in posts. for comments using boldface is the replacement, or maybe nesting bullets

localprobelocalprobe

Team:Team:

• b10c – https://github.com/0xb10c

What We Built:What We Built:

If your browser (Firefox does; Chrome/Brave/Edge are ok) leaks that are running a Bitcoin node (mainnet/testnets) on the same machine as your browser, localprobe alerts you about it by showing a privacy alert when you visit a website. Currently, https://b10c.me does (test by running bitcoind -regtest and visiting https://b10c.me). This leak might be used by e.g. advertisers to show you Bitcoin related ads.

Stack:Stack:

plain JS

Submission:Submission:

https://loot.fund/hackathons/bitcoin-exploits-edition/applications/13

Repo:Repo:

https://gist.github.com/0xB10C/4e6b3d8394bb375323e887945091ead5

Next Steps:Next Steps:

Using the same technique, we can actually harm remote Bitcoin nodes by DDoSing them from the browser. I've been working on a demo of this.

Signal21Signal21

Team:Team:

• murdawkmedia – github.com/murdawkmedia

What We Built:What We Built:

The exploit at bitcoin++ isn't code — it's your calendar. The 40HPW meme exists because the Bitcoin rabbit hole is real: podcasts, YouTube channels, meetup streams, RSS feeds. Signal21 exploits that exploit back. Configure your sources and topics once, pay 21 sats, and get a single AI-synthesized audio briefing — deduplicated, filtered to what you actually care about, streaming to your browser before it's even done generating. Time is the only non-renewable resource. We built the reclaim button.

Stack:Stack:

• Backend: Python / FastAPI, async parallel feed fetching
• Transcription: yt-dlp + Gemini 2.5 Flash fallback (handles missing captions automatically)
• Script synthesis: Gemini 2.5 Flash via OpenRouter (reads thousands of lines, writes one broadcast-ready narrative)
• TTS: ElevenLabs streaming (zero-latency, audio starts before generation ends)
• Paywall: LNURL-pay via coinos.io — 21 sats to unlock a generation
• Frontend: Pure HTML/JS + Tailwind, cyberpunk aesthetic

Submission:Submission:

https://loot.fund/hackathons/bitcoin-exploits-edition/application/create/new

Repo:Repo:

https://github.com/murdawkmedia/signal21

Next Steps:Next Steps:

• Persistent user feeds (save your sources, not just one-shot)
• Nostr integration — zap the clips you liked back to the original creator
• Mobile PWA
• Looking for: beta testers willing to pay 21 sats and tell us what sucks

Stealth — Bitcoin Wallet Privacy AnalyzerStealth — Bitcoin Wallet Privacy Analyzer

Team:Team:

•	Breno Brito 
- https://github.com/brenorb 
- https://twitter.com/brenorb 
- brenorb@zaps.lol
•	LordBabuino 
- npub1dkpmrtcuqlngclt27ftd8yec3vrmmxsehkvq2l6uns64w4q656rqapwlwd
- jorge.x7@gmail.com
- x.com/JorgeSantanaDev
•	Miranda
- https://x.com/_hsmiranda
- https://github.com/hsmiranda 
- https://nosta.me/35f80bdae3821a833935fa43c4bdc41d34ff9e5695f6ae3fbb35d0d2406855c0
•	Renato Britto
- x.com/natobritto

What We Built (1–3 sentences):What We Built (1–3 sentences):

Stealth is a local, read-only privacy auditor for Bitcoin wallets that analyzes UTXOs and detects privacy vulnerabilities such as address reuse, clustering signals, dust linkage, and exchange-origin fingerprints. It surfaces institutional-grade privacy insights directly to users without requiring private keys or sending data to third parties. Users can import a descriptor and immediately see where and how their privacy is exposed, along with actionable recommendations on how to improve their privacy.

Stack:Stack:

Bitcoin primitives: descriptors, UTXOs, transaction graph analysis
Backend: Java, Python, Quartus
Frontend: React, TypeScript
Node integration: Bitcoin node backend
Architecture: local-first, read-only privacy analysis engine
Landing page: Shakespeare

Submission:Submission:

https://loot.fund/hackathons/bitcoin-exploits-edition/applications/8

Repo:Repo:

https://github.com/LORDBABUINO/stealth

Next Steps:Next Steps:

• Mainnet support
• Expanded privacy heuristics (amount and timing fingerprinting)
• Interactive cluster visualization
• Wallet integrations for real-time privacy monitoring
• Transaction simulation to preview privacy impact before spending
• Mobile support
• Open-source release and ecosystem integrations

MinesploitMinesploit

Team:Team:

• Johnny – GitHub / Nostr
• Jayr – GitHub
• Lucas – GitHub

What We Built:What We Built:

Security research framework for Bitcoin mining infrastructure. Hypothesis-first design: spin up a Stratum server, connect a real CPU miner, test your attack.

Example: pool = StratumServer().start(); miner = CPUMiner(pool=pool).start(); — now you're mining with real hashrate, ready to test your hypothesis.

While stress-testing Stratum V2 we found an interesting bug regarding share accounting (responsible disclosure in progress 👀).

Stack:Stack:

• Python 3.10+ (async/await, type hints, uv)
• Exploits: 18 CVEs (Bitcoin Core, Stratum, cgminer)
• Protocols: Stratum V1 client/server/MITM proxy/sniffer, Stratum V2 (translator), P2Pool scanner
• Utilities: TCP/SSL, JSON-RPC & mining message parsers, crypto (hash256/hash160/merkle), port scanner
• REPL: Interactive shell with check/run/verify, tab completion, scriptable
• CPUMiner: Docker-wrapped mujina for real hashrate testing

Repo:Repo:

https://github.com/johnnyasantoss/minesploit

Next Steps:Next Steps:

• More protocol implementations
• Stratum V2 bindings for easier testing
• Contributions welcome

EnergySatsEnergySats

Team:Team:

•	majoal0 – @majoal0

What We Built (1–3 sentences):What We Built (1–3 sentences):

I built functional prototype that turns hotel and Airbnb energy savings into real Bitcoin. Guests earn satoshis for every appliance they keep off during their stay — paid out instantly via Lightning Network at check-out.

When a guest checks in through the app, a real-time energy savings meter starts running. Every appliance they choose to keep off — air conditioner, electric shower, TV, refrigerator — generates satoshis credited to their in-app balance.

At check-out, the guest withdraws their earned satoshis instantly via a Lightning Network payment — either by scanning a QR code from their wallet or pasting a BOLT11 invoice.

Stack:Stack:

• Lightning Network
• React/ NextJS
• WebSockets

Submission:Submission:

https://loot.fund/hackathons/bitcoin-exploits-edition/applications/24

Repo:Repo:

https://github.com/majoal0/EnergySats/

Next Steps:Next Steps:

I'm planning to support native Airbnb integration and IAMMETER. This way I'll have a scalable solution and production-ready product.