bitcoin

https://www.youtube.com/watch?v=9s3EbSKDA3o

That excellent video is by an analyst who attempts to debunk the thesis that monero and coinjoin offer decent privacy. He claims they do not pass the “sniff test” because with a “little bit” of thought you can easily identify 3 ways to attack their privacy and identify: (1) what exchange a monero or coinjoin user got their coins from (“overseer attack” discussed at 11:24—12:15) (2) the owner of a static monero or coinjoin address to which coins are frequently sent (“flashlight attack” discussed at 12:15—14:02) (3) where a monero or coinjoin user makes repeated purchases (“tainted dust attack” discussed in 14:15—16:00). The analysis relies heavily on analyzing “taint trees” and the human tendency to engage in repetitive behavior.

In the overseer attack, the analyst observes that monero and coinjoin both try to obscure the origin and destination of coins by hiding them in a set of possible decoys. E.g. if 30 senders are in your coinjoin, and you’re only one of them, it’s hard to identify – for a single transaction – which one was you. But he observes that the following repetitive behavior leaks data: if, every week, you buy your coins from coinbase, coinjoin them, and send some of them to bitrefill, bitrefill can see the coinjoins you were in, and they can see that in all of them, at least one sender bought their coins from coinbase. Coinbase may be popular, but even if 1 in 10 bitcoiners are coinbase customers (which is a very generous assumption), how likely is it that 20 randomly selected coinjoins would all have at least one sender who bought their coins from coinbase? Exceedingly unlikely. They must not be random, there must be a common thread: the same coinbase customer was in all of them. And since *you* are known to be in all of them (since you used them to send coins to bitrefill) the only plausible way you could be in the same coinjoin as that coinbase customer 20 times in a row is if you *are* that coinbase customer.

That’s the overseer attack and I don’t think it applies to me. I don’t buy my coins from coinbase, I received them from my customers. If I repeatedly send my coinjoined coins to bitrefill and they look at my taint trees, they are unlikely to see a common source for all of them unless everyone who paid me used coinbase. Even if they did, the taint trees would lead an investigator to coinbase, but not – then – straight to me. It would go from coinbase to all of my customers, who would then have to collude with the investigator to say they paid me. I don’t think it is likely that this kind of attack would be my downfall.

In the flashlight attack, the analyst seems to assume that people who receive money to a static coinjoin or monero address repeatedly sell them at an exchange that has their KYC info. He further assumes that exchange is compromised by a government, who observes the taint tree of every transaction you make sending money to that exchange, and identifies that – even if you coinjoined – your static address is a possible origin in each of your coinjoins. That is so unlikely to happen in 20 randomly selected coinjoins that it’s incriminating: the person who owned that static address *was* in each of those coinjoins. And since *you* were also in each of those coinjoins (since you sent money to the exchange *in each of those coinjoins*) the only plausible explanation for both facts is that you are the owner of that static address. Otherwise you would somehow randomly be in the same coinjoin as the real owner 20 times in a row – a statistically impossible phenomenon.

I don’t think this applies to me because (1) I don’t use a static monero or coinjoin address (2) I don’t repeatedly sell my coins at an exchange that has my KYC info. I invented the whisper address protocol so that I can have a static donation “page” without a static donation “address.” And instead of selling my coins at a KYC’d exchange, I use bisq and robosats. I think these protections allow me to escape the flashlight attack undetected.

In the tainted dust attack, the analyst deals with people who – like me – use a fresh address every time they receive. To deal with them, the attacker occasionally sends dust to your fresh addresses and then tries to watch where the dust goes. Even if you coinjoin it, if you repeatedly send money to bitrefill in those coinjoins (or subsequent ones), the attacker can observe that the dust has bitrefill as a possible destination in each of your taint trees. If that happens 20 times in a row, the only plausible explanation is that you repeatedly send money to bitrefill.

I think this one applies to me. Before I say why let me say this: I typically send my coinjoined money into a lightning channel on my own node, *then* to my various common trading partners, who are typically bitrefill, the bitcoin company, other users of robosats, and phoenix wallet (that – and not my own node – is what I typically use for “daily spending”). An attacker who “dusts” my non-static donation addresses can observe that after I do one or more coinjoins some of the money from each coinjoin almost always ends up in a lightning channel. That doesn’t seem like useful information by itself, though it seems to me a dust attacker could conclude I am probably a heavy lightning user. To go beyond that, the attacker would have to also listen in on lightning and break lightning’s privacy protections. Let me share a plausible attack that I think could be used against me.

A tainted dust attacker could observe that I *probably* send a good chunk of my money into fresh segwit script addresses which, after about a month, I “cooperatively close,” revealing them to be 2 of 2 multisigs and thus probable lightning channels. This analysis would give the attacker a list of addresses that *might* be my lightning channels, with some false positives. They could then go to well known lightning channel providers such as Acinq and bitrefill, show them their list of “probably mine” lightning channel addresses, and ask them “do these belong to any common user of lightning services?”

Anyone with whom I frequently create channels could probably tell them it’s me. At that point, the only thing protecting me from the attacker learning how I spend my money is lightning’s source routing technology. But this might not be much help. If I have a channel with bitrefill, and I often spend my money *at* bitrefill, bitrefill can tell them exactly what I’m purchasing. If I have a channel with Acinq, and I often send my money to my Phoenix wallet, Acinq can see that, and then tell them what I do with it after it arrives in my Phoenix wallet, since Phoenix wallet does not use source routing but rather asks Phoenix to find a route to your destination.

So it seems that there is a plausible attack against me using tainted dust: an attacker can create a list of channel addresses that might plausibly be mine, then show that list to common routing nodes, some of whom (since I use them) can identify which ones are definitely mine. I think I can mitigate this attack by not using common routing nodes, as well as dropping Phoenix wallet (though I need to find a better alternative first).

Worth pointing out: the attacks I’ve identified here are not the “sophisticated” kinds of attacks the analyst in the video seems really concerned about (which his talk does not discuss). They are, rather, just a “sniff test.” Basically, if a privacy protocol can’t pass the sniff test, regard it unseriously. He thinks coinjoin does not pass the “sniff test” but I think the way I personally use it comes pretty close, though I need to fix behaviors that leave me vulnerable to the tainted dust attack.

Even if I do end up passing the sniff test, there are other factors to consider. I’ve identified my typical recipients as bitrefill, the bitcoin company, phoenix, and robosats users. How am I protecting that info? (Certainly not by publicly saying so on stacker news.) Do I use tor when selling coins on bitrefill or the bitcoin company? Do I enable tor on Phoenix wallet? Am I confident that their implementation of tor stops them from knowing my ip address? (Answer: no, I think it only makes my channels tor channels, I think I still leak my ip address to them when my phone e.g. requests the bitcoin exchange rate.) Do I use a new identity every time on robosats? Do I take fiat in an easy to trace account?

If I want decent privacy, it’s not enough to use bitcoin privately. That’s just one step. It’s also important to use the internet privately and use my computer privately. How am I doing there? Sophisticated attackers don’t just scan the blockchain. They also collect data from spyware (e.g. Google Keyboard) and, if necessary, steal and scrape your hard drive. If I want to protect myself from sophisticated privacy attackers I have to take steps regarding those things as well.

But in the meantime, I hope this analysis proves enlightening and helpful for other people thinking about taking steps to improve their privacy. The analyst’s video was helpful to me, and I hope others find it good too.

Evaluating my bitcoin privacy techniques against three surveillance attacks

supertestnet

## The Challenge
Many of us are passionate about **building companies** or **creating innovative projects**, but finding the right partner or co-founder can be a real struggle. Traditional methods like hackathons or meetups are great but only sometimes connect us with our ideal collaborator.

## Monthly Collaboration Posts! 
We’re introducing **monthly collaboration posts** on Stacker News! These posts will be a dedicated space for sharing what you’re building and discovering potential collaborators.

### How It Works
- **Monthly Posts:** We’ll have a fixed schedule (like the 1st of each month or the first Monday) for consistency and familiarity.
- **Community Engagement:** We’ll boost these baby! So the entire Stacker News Community gets those ZAPS!
- **Amplification through Social Channels:** Let's together broadcast these opportunities far and wide.

### What to Include in Your Post
To streamline the process, we suggest the following template for your posts but feel free to adjust Stackers!:

- **Name/Nym:** [Your Name]
- **Summary of What You’re Building:** [Brief description of your project or idea or GitHub.]
- **What Kind of Help Are You Looking For?** (e.g., engineers, marketing, sales, legal, education, design, mentorship, advisors, venture capital, strategy, technical consulting.)
- **Purpose:** Is this for fun, or are you aiming to build a Bitcoin business?
- **How to Contact You:** [Your preferred contact method]

### Let’s Build Together!
This is an initiative that I hold dear to my heart. We have a strong collaboration environment at PlebLab, which I want to bring to the Stacker News community. We’re open to suggestions and excited to see how this idea evolves! I will also bring this up on Stacker News Live every first week of the month to get the most visibility for all the builders who participate, and try my best to facilitate an introduction or collaborator.

Ready to find your next co-founder or Building Partner? Post in the Monthly Collaboration thread, and let’s make it happen!

🤘⚡- @Car


Find Your Co-Founder/Building Partner on Stacker News! ⚡

PlebLab

Hi everyone,

My name is Robin Linus and I am doing an AMA for the next hour.

For people that don't follow my work, I am the creator of things like BitVM, BitStream, Stakechains, and zkCoins and I co-founded ZeroSync. For more details check out [robinlinus.com](https://robinlinus.com)

Happy to answer questions if anyone has any!


Robin Linus AMA

robin_linus

I have wanted to learn how to verify with software for a while because I have a habit of erasing my laptop from time to time, and I need to make sure I'm backing up EVERYTHING since I'm often on the road exploring—if anything happens, that might be lead to many problems, *but I'm the one to be blamed*; For example, I had forgotten to backup some articles before, and they are gone, so I need to make sure I'm more antifragile by constantly testing my own backup with erasing.

The second reason is when you are around Bitcoiners so much with all the verifying, you really want to make sure all the software you use is genuine. Also, I've stopped using the Apple Store for a while, downloading software from sites could be risky, even though I do verify the URLs, but you never know! So one of the to-does for me is to learn how to verify software because I need to download again every time. I shared some of the [questions](https://stacker.news/items/436029) I had in the saloon, and @ek patiently wrote this [guide](https://stacker.news/items/436752) on how to verify better, so I'm writing down a more detailed article to help others who also want to learn the art of verifying. 👀


____


### **Why Verify**

I'm not going to focus on the why here, but if you are a Bitcoiner, you know the why - don't trust, verify, especially with all the phishing sites and malicious software these days.

Also, if you think this is way above your head or is not for a normal person, I'm happy to tell you that I don't have any coding skills, but I'm willing to test and learn—so if I can do it, you can too!

____



### **What to Verify ( Important! )**

When I started dipping my toe into verifying, I didn't know what I should verify at all. 👀 but then I read a few docs and followed some of the official guides from the software that I use, and of course, this good [piece](https://stacker.news/items/436752) from @ek; I figured it's actually needed to verify two things when it comes to verifying software:

**1. The `public key`, which is used to sign the software release.** 

When importing a public key, you should check the fingerprint to verify it's the correct public key and ideally from independent sources, and from more sources, the more trusted.

**2. The `signatures`.**

> Digital signatures are commonly used to ensure the integrity and authenticity of software. When you verify a digital signature, you make sure that the software was created by the person you trust and think it was created by (authenticity) and that it was not modified (integrity). You usually download the signature from the same location as the software. 

explained by @ek

There is also a tricky part: if the signature file name (ASC) does not match the dmg file that you downloaded, you need to do one more step for the checksum verification, which verifies the hashes, and it usually shows in the site too when you need to do this step. *( unfortunately, I'm not that technical being able to explain this, feel free to chip in. )*

____



### **The Setup**

In order to verify, we need to install the tools first, [home brew](https://brew.sh/) and gnupg ( Or install [GPG Suite](https://gpgtools.org) if you are also using a Mac ) **but I recommend using the terminal for more solid learning.**

The homebrew is quite easy to install, all you need is to put these codes into the terminal, wait a bit and done (  $ means  "run this in terminal"  )

**1. Install homebrew**

```
$ /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
```

for better privacy enter `brew analytics off`



**2. Install gnupg**

```
$ brew install gnupg
```

that's it, you are all set! time to explore the fun. 🥁

*Since I'm using a Mac, this experience is based on the Mac system; feel free to pill me other fun!*

_____



### **Learning by Doing**

You can't learn swimming from reading, and talking is cheap; I'm going to use two of my favorite Bitcoin desktop wallets as examples for everyone to follow along and do the verification yourself. 


*For simplicity, we are only using a terminal as practice here.*


#### ***Practice A. [Electrum Wallet](https://electrum.org/)***

Here is the [guide](https://bitzuma.com/posts/how-to-verify-an-electrum-download-on-mac/) linked to the site on how to verify: 

![electrum.png](https://m.stacker.news/23135)


**1. [Download](https://electrum.org/#download) the Software and the Signature next to it.** 

Be sure to put both in the same folder, e.g. in the download folder. 



**2. Check different sources of the fingerprint to verify the signer's public key.**

[*Github*](https://github.com/spesmilo/electrum/blob/master/pubkeys/ThomasV.asc)

*In order to import from PUBLIC KEY BLOCK,  run `gpg --import` copy the block and paste in the terminal and then CTRL+D.*

*[Keyserver](https://keyserver.ubuntu.com/pks/lookup?search=Thomas+Voegtlin&fingerprint=on&op=index)*

*[This guide](https://bitzuma.com/posts/how-to-verify-an-electrum-download-on-mac/)*



And do one more step,  to make sure that you imported the correct key.

```
$ gpg --fingerprint thomasv@electrum.org
pub   rsa4096 2011-06-15 [SC]
      6694 D8DE 7BE8 EE56 31BE  D950 2BD5 824B 7F94 70E6
uid           [ unknown] Thomas Voegtlin (https://electrum.org) <thomasv@electrum.org>
uid           [ unknown] ThomasV <thomasv1@gmx.de>
uid           [ unknown] Thomas Voegtlin <thomasv1@gmx.de>
sub   rsa4096 2011-06-15 [E]

```

All fingerprints are matched: `6694 D8DE 7BE8 EE56 31BE  D950 2BD5 824B 7F94 70E6`, good! 



**3. Verify the signed file.**

Put these two lines of code into terminal: 

```
$ cd Downloads
$ gpg --verify electrum-4.5.3.dmg.asc

gpg: assuming signed data in 'electrum-4.5.3.dmg'
gpg: Signature made Fri 23 Feb 12:32:06 2024 +03
gpg:                using RSA key 637DB1E23370F84AFF88CCE03152347D07DA627C
gpg: Good signature from "Stephan Oeste (it) <it@oeste.de>" [unknown]
gpg:                 aka "Stephan Oeste (Master-key) <stephan@oeste.de>" [unknown]
gpg:                 aka "Emzy E. (emzy) <emzy@emzy.de>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 9EDA FF80 E080 6596 04F4  A76B 2EBB 056F D847 F8A7
     Subkey fingerprint: 637D B1E2 3370 F84A FF88  CCE0 3152 347D 07DA 627C
gpg: Signature made Fri 23 Feb 03:00:55 2024 +03
gpg:                using RSA key 0EEDCFD5CAFB459067349B23CA9EEEC43DF911DC
gpg: Good signature from "SomberNight/ghost43 (Electrum RELEASE signing key) <somber.night@protonmail.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 0EED CFD5 CAFB 4590 6734  9B23 CA9E EEC4 3DF9 11DC
gpg: Signature made Fri 23 Feb 02:46:47 2024 +03
gpg:                using RSA key 6694D8DE7BE8EE5631BED9502BD5824B7F9470E6
gpg: Good signature from "Thomas Voegtlin (https://electrum.org) <thomasv@electrum.org>" [unknown]
gpg:                 aka "Thomas Voegtlin <thomasv1@gmx.de>" [unknown]
gpg:                 aka "ThomasV <thomasv1@gmx.de>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 6694 D8DE 7BE8 EE56 31BE  D950 2BD5 824B 7F94 70E6
```



If you see *" gpg: WARNING: This key is not certified with a trusted signature! "* which means you didn't mark the public key as trusted, then you can run `gpg --edit-key thomasv@electrum.org` , enter `trust` and choose the numbers.

```
pub  rsa4096/2BD5824B7F9470E6
     created: 2011-06-15  expires: never       usage: SC  
     trust: full          validity: unknown
sub  rsa4096/1A25C4602021CD84
     created: 2011-06-15  expires: never       usage: E   
[ unknown] (1). Thomas Voegtlin (https://electrum.org) <thomasv@electrum.org>
[ unknown] (2)  ThomasV <thomasv1@gmx.de>
[ unknown] (3)  Thomas Voegtlin <thomasv1@gmx.de>

gpg>  trust
pub  rsa4096/2BD5824B7F9470E6
     created: 2011-06-15  expires: never       usage: SC  
     trust: full          validity: unknown
sub  rsa4096/1A25C4602021CD84
     created: 2011-06-15  expires: never       usage: E   
[ unknown] (1). Thomas Voegtlin (https://electrum.org) <thomasv@electrum.org>
[ unknown] (2)  ThomasV <thomasv1@gmx.de>
[ unknown] (3)  Thomas Voegtlin <thomasv1@gmx.de>

Please decide how far you trust this user to correctly verify other users' keys
(by looking at passports, checking fingerprints from different sources, etc.)

  1 = I don't know or won't say
  2 = I do NOT trust
  3 = I trust marginally
  4 = I trust fully
  5 = I trust ultimately
  m = back to the main menu

Your decision? 

```

now run it again. *( from my testing, if you want to make this warning disappear, you need to set the trust to "5 = I trust ultimately." )*

And done! safe to install it now.



____



#### *Practice B. [Sparrow Wallet](https://sparrowwallet.com/)*

Here is the Official [guide](https://electrum.org/#download) on how to verify.

![sparrow.png](https://m.stacker.news/23136)

**1. [Download](https://sparrowwallet.com/download/) the Software, the Manifest Signature, and the Manifest next to it.** 

Be sure to put all the them in the same folder, e.g. in the download folder. 



**2.Check different sources of the fingerprint to verify the signer's public key.**

*[Keybase](https://keybase.io/craigraw)*

*[Github](https://gist.github.com/craigraw/20311f22d738fd9f8a1ee0007f633f5a)*

*[Keyserver](https://keyserver.ubuntu.com/pks/lookup?search=Craig+Raw&fingerprint=on&op=index)*



And do one more step,  to make sure that you imported the correct key.

```
$ gpg --fingerprint craig@sparrowwallet.com

pub  rsa4096 2019-10-03 [SC] [expires: 2027-09-18]

   D4D0 D320 2FC0 6849 A257 B38D E946 1833 4C67 4B40

uid      [ unknown] Craig Raw <craig@sparrowwallet.com>

sub  rsa4096 2019-10-03 [E] [expires: 2027-09-18]
```



All fingerprints are matching: `D4D0 D320 2FC0 6849 A257 B38D E946 1833 4C67 4B40` good!



**3. Verify the signed file.**

Put these two lines of code into terminal: 

```
$ cd Downloads
$ gpg --verify sparrow-1.8.2-manifest.txt.asc
gpg: assuming signed data in 'sparrow-1.8.2-manifest.txt'
gpg: Signature made Thu Jan 18 13:35:34 2024 +03
gpg:                using RSA key D4D0D3202FC06849A257B38DE94618334C674B40
gpg: Good signature from "Craig Raw <craig@sparrowwallet.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: D4D0 D320 2FC0 6849 A257  B38D E946 1833 4C67 4B40
```

> You have now verified the signature of the manifest file, which ensures integrity and authenticity of the manifest file - not the binaries!  

 explained by [Sparrow](https://sparrowwallet.com/download/)



**4. Verify the hashes.**

I can see that I need to verify the hashes because *the name of the signature file is different from the software*, which means need to do one more step; Simply copy and paste this code into terminal: `shasum --check sparrow-1.8.2-manifest.txt --ignore-missing`

```
$ shasum --check sparrow-1.8.2-manifest.txt --ignore-missing
Sparrow-1.8.2.dmg: OK
```

And done! safe to install it now.

___

## 🕵🏼 The Art of Verifying



**1. Download the Software and the Signature next to it.**   

Be sure to put both in the *same* folder, e.g. in the download folder. 



**2. Check different sources of the fingerprint to verify the signer's public key.**

Good places to look are Github, Keybase, KeyServer, and different socials. *Generally, the more sources showing the same key, the more trusted.*



**3. Verify the signed file.**

-- If the signature file name ( asc ) *matches* the dmg file that you downloaded, then run this:

`$ gpg --verify {filename}.asc`



 -- if the signature file name ( asc ) *does not match* the dmg file that you downloaded, get the sha256 and ***additionally*** run this:

`$ cd Downloads`

`$ echo "{hash}  {filename}" | shasum -a 256 -c -`



And congrats! now you've learned how to verify two of the best and most important Bitcoin wallets! Feel free to ask if there are any questions or point out any mistakes, as I'm still new in this verifying, and stay tuned for more:)



Learn How to Verify with Me ( with Baby Steps )

Natalia

Submarine swaps are a specific kind of atomic swap that allow moving sats between layers without counterparty risk.

> An atomic swap is a pair of transactions on different systems where one of them cannot happen if the other does not take place as well.

There are two types of swaps:

- Normal swaps, also known as *swap in*, which is the exchange of coins from on-chain to lightning (🔗 -> ⚡️).
- Reverse swaps or *swap out*, which is the exchange of coins from lightning to on-chain (⚡️ -> 🔗).

These operations are typically performed to rebalance channels, move funds to cold storage and to break the link of KYCed sats.

### Swapping in practice

Let's see a simplified example of how this works. 

Alice and Bob would like to perform a submarine swap. Alice will send funds on-chain (swapping in) and Bob will send funds on lightning (swapping out).

They start by exchanging their public keys with each other. Then, Alice builds a contract to lock the funds with a  preimage that she holds and two unlocking conditions:

1. The funds can be redeemed by using Bob's signature and the preimage. 
2. After x blocks, the funds can be redeemed by using Alice's signature.

> A preimage is a 32-byte random secret used to settle lightning payments.

Both parties are able to generate and verify this contract.

Alice now creates the on-chain transaction and broadcasts it to lock the coins with the contract, knowing that she will either receive sats via lightning or, if the trade fails, be able to unlock the coins after x blocks.

After the transaction has confirmed, Alice uses the same preimage to create a Lightning Network invoice and shares it with Bob.

Bob can verify the contract and safely pay the invoice because in order for Alice to claim the payment, she has to publicize the preimage, effectively giving Bob the possibility to unlock the on-chain funds from the contract by using the preimage and his signature.

> It's important that Bob redeems the funds before the contract allows Alice to redeem the on-chain funds.

Once Alice claims the lightning payment and shares the preimage, Bob takes out the funds from the contract and the trade is complete, none of them had to trust the other at any point in time.

### Services comparison

Now, if we want to do this ourselves, there are many services that let you perform this trade with them. Below is a list of the most popular ones and the fees they charge. 

> Miner/routing fees are not included.

| Name | 🔗 -> ⚡️ | ⚡️ -> 🔗 | Open source | Tor support |
| ------- | ---------- | ----------- | ---------- | ------------- |
| [Blink](https://blink.sv/) | 0.3 | 0.7 | [🗸](https://github.com/GaloyMoney/galoy-mobile) | ☓ |
| [Boltz](https://boltz.exchange) | 0.2 | 0.4 | [🗸](https://github.com/BoltzExchange) | [🗸](http://boltzzzbnus4m7mta3cxmflnps4fp7dueu2tgurstbvrbt6xswzcocyd.onion/) |
| [Breeze](https://breez.technology) | 0.75 (2,000 sats min fee) | 0.5 | [🗸](https://github.com/breez) | 🗸 |
| [coinos](https://coinos.io/) | 0.1 | 0.1 | [🗸](https://github.com/coinos) | [🗸](http://vm7h454g5hiy2nt3u5o7evtz3vigtypo2mkyausakvdkbmd7wpyhx5qd.onion/) |
| [Deezy](https://deezy.io) | - | 0.15 | [🗸](https://github.com/dannydeezy/deezy-auto-swap) | ☓ |
| [Diamond hands](https://swap.diamondhands.technology) | -0.15 | 0.2 | [🗸](https://github.com/diamondhands-dev) | ☓ |
| [Electrum](https://electrum.org) | ☓ | 0.5 | [🗸](https://github.com/spesmilo/electrum) | 🗸 |
| [FixedFloat](https://fixedfloat.com/) | 0.5/1 | 0.5/1 | ☓ | ☓ |
| [HodlHodl](https://hodlhodl.com) (trade) | 0.3 + premium | 0.3 + premium | [🗸](https://gitlab.com/hodlhodl-public) | ☓ |
| Loop | Variable (0.1 to 1) | Variable (0.1 to 1) | [🗸](https://github.com/lightninglabs/loop) | 🗸 |
| [Muun](https://muun.com) | Variable | 0.25 | [🗸](https://github.com/muun) | ☓ |
| [myloopoutbot](https://t.me/myloopoutbot) | - | 0.125 | ☓ | 🗸 (telegram over tor) |
| [Phoenix](https://phoenix.acinq.co) | 1 (3,000 sats min fee) | 0 | [🗸](https://github.com/ACINQ/phoenix) | 🗸 |
| [Robosats](https://unsafe.robosats.com/) (trade) | 0.025/0.175 + premium | 0.025/0.175 + premium | [🗸](https://github.com/Reckless-Satoshi/robosats) | [🗸](http://robosats6tkf3eva7x2voqso3a5wcorsnw34jveyxfqi2fu7oyheasid.onion/) |
| [Robosats](https://unsafe.robosats.com/) (swap) | - | Variable (from 1 to 10) | [🗸](https://github.com/Reckless-Satoshi/robosats) | [🗸](http://robosats6tkf3eva7x2voqso3a5wcorsnw34jveyxfqi2fu7oyheasid.onion/) |
| [WoS](https://www.walletofsatoshi.com/) | 0.5 | 0.5 + 26,000 sats | ☓ | ☓ |
| [ZigZag](https://zigzag.io) | - | 3 | [🗸](https://github.com/bitlum) | ☓ |

### Important notes

- In **Robosats**, the order maker pays a fee of 0.025% and the taker 0.175%. The built-in swap fee can be checked at the coordinator summary. The flow of the trade is not exactly as explained above, but similar in practice.
- Opening channels in **Phoenix** is expensive (1% fee) so I would suggest that you set up a big enough one and delay the rebalancing as much as possible. Also, don't forget to disable on-the-fly channel creation since it may open unnecessary channels and charge you 1% for each one opened when the sender can't find a route or he uses MPP.
- **Loop** requires to run both a Bitcoin and a Lightning node. The Loop client is open source but the server you do the swap with is proprietary, you have to perform it with Lightning Labs, which charges a fee for it. This fee depends on current on-chain fees and it's represented in satoshis, meaning that the higher the amount you swap, the lower percentage you will pay.

	There's also a prepayment of 30,000 sats that you have to do before starting the loop out, it's counted towards your swap but will be forfeited if you do not send the rest of the funds. It prevents denial of service attacks and covers the cost of failed swaps. Learn more [here](https://blog.lightning.engineering/technical/posts/2019/04/15/loop-out-in-depth.html).
- Funds sent to a **Muun** wallet are forced to be routed through a [node](https://amboss.space/node/038f8f113c580048d847d6949371726653e02b928196bad310e3eda39ff61723f6) with a 2500ppm (0.25%) fee. This attack is called [fee siphoning](https://www.reddit.com/r/Bitcoin/comments/pqjcvo/stealing_sats_from_the_lightning_network/?rdt=36872).

	On the other hand, swapping in is the equivalent of doing two on-chain transactions, since when you deposit funds they are not really in the Lightning Network, you have to send the funds out of the Muun wallet to complete the swap. So in this case the fee is for the miners, and will depend on the network congestion and the amount that you send (higher amount, lower % fee).
- **Deezy** requires an access token to swap, must be requested through email or telegram. Swapping in is supported in the [API documentation](https://docs.deezy.io/#tag/Swap-(BTC-to-LN)) but it's not an option in the UI (only buying channels). The swap out fee can be checked [here](https://api.deezy.io/v1/swap/info), no information on how to check the swap in fee.
- **Electrum** and **Breeze** swaps are powered by Boltz. However, they charge 0.1% more than Boltz itself.
- **Diamond hands** is a Boltz's fork.
- **Blink** is the new name of the **Bitcoin Beach Wallet**. The first swap out costs 2,000 sats, the rest 0.7%.

### Which one is the best?

The answer will depend on your use case and preferences. But in my case, after having tried most of the services, I would lean towards private, non-custodial, fully open-source and inexpensive ones like: 

- **Robosats** (trade): cheapest way of swapping if the premium is chosen wisely. I have seen orders with premiums above 0.5% (benefiting the maker) which make absolutely no sense and are a waste of their time. A better number would be near 0, allowing both parties to benefit from the trade. 

    Probably in the range of -0.08 to 0 for *swap out* orders (remember, the on-chain fee is paid by the counterparty) and -0.05 to 0.05 for *swap in* orders.
- **Loop**: swap monitoring, miner and routing fees adjustments. Really affordable when swapping large amounts.
- **Boltz**: good reputation, beginner-friendly and simplest solution. Doesn't support Taproot.

There are also other worth mentioning options that do not offer as much privacy as the ones mentioned above, but that are still pretty good:

- **coinos**: one of the lowest fees, Tor support and extremely simple to create a new account. Custodial, but if you are using it just to swap it doesn't really matter.
- **Phoenix**: inital setup is expensive but then you enjoy swap outs without fees (apart from miner ones). A really convenient alternative if you are looking to be swapping out multiple times and for an extended period of time.

If you are swapping non-KYC sats, these two are fair pick. However, please take into account that using wallets lowers your privacy and is not recommended for breaking the link of KYCed sats.

This is because all your transactions are performed under the same identity, they store the xpub and all your movements in their databases. Even if the provider doesn't know who is the account owner, it has got information about where the funds came from and where they were sent. 

> With **coinos**, you could evade this by creating a new account for every swap.

Submarine Swaps Guide

aftermath

Top Stackers - Sats Per Write & More Metrics

davidw

This is the announcement that I announced [here](https://stacker.news/items/336740):

---

## **I finally got the MVP done for a [prediction market on lightning](https://delphi.market/).**


_If you don't know what a prediction market is, watch [this video](https://www.youtube.com/watch?v=xA27x7GRMZQ)._

---

## But first and foremost: **To prevent loss of funds, the market is running on [mutinynet](https://blog.mutinywallet.com/mutinynet/) and not mainnet until I have enough confidence in the code for mainnet. This means the sats have no value and you need to use the [mutiny faucet](https://faucet.mutinywallet.com/) to pay invoices and the [mutiny wallet (signet)](https://signet-app.mutinywallet.com/) to test withdrawals as mentioned in [/about](https://delphi.market/#/about).**

**Thanks to @benthecarman @TonyGiorgio and Paul (I don't know his nym on here, lol) for mutinynet and the provided tools! Less stuff I had to worry about on my own.**

---

## **Features**

1. **create your own binary markets**

On the main page, you can immediately see a button to create a new market. You'll need to login with lightning though. You can use any LNURL-auth capable wallet for that. LNURL-auth is independent from which network is used for transactions :)

For now, you can only create binary markets. This means that you can only bet on events which outcome is either `YES` or `NO`:

_market creation form:_
![delphi.market_(iPhone SE) (1).png](https://m.stacker.news/6616)

Be aware that you can currently not change the description or delete the market after creation. In the future, I might allow edits for a few minutes after creation.

2. **trading of YES and NO shares**

Basically the heart of the market. As a market would be useless without trading, you can obviously create BUY and SELL orders for YES and NO shares. **Every order must be matched with an order of a different market participant.**

For example, if you want to buy 2 YES shares at a price of 70 sats per share or short: `BUY 2 YES @ 70 sats`, your order must match a `BUY 2 NO @ 30 sats` order.

_buy order form:_
![delphi.market_(iPhone SE) (3).png](https://m.stacker.news/6619)

The interface might still be overwhelming even though I iterated on it several times already.

The input labeled with `how much?` specifies how many sats you want to bet. With `how sure?` you specify the price per share since the share prices in a prediction market reflect what the market currently thinks how likely an outcome is (at least in theory).

3. **interactive order book**

To match existing orders easily, you can simply click on `PENDING` and a context menu will show - assuming it's not your own order, else it will show a button to cancel your order:

_matching existing orders using the interactive order book:_
![delphi.market_(iPhone SE) (4).png](https://m.stacker.news/6620)

On click on `match`, you'll get redirected back to the order form but with prefilled values. If you submit this order, this will match the other order after payment. For example, if you click on `match` in the screenshot, you would get redirected to this order form with `BUY 2 YES @ 20 sats` prefilled:

![delphi.market_(iPhone SE) (5).png](https://m.stacker.news/6621)

4. **basic market stats**

On the `stats` page, you can see the total sats locked in the market (volume) and how many are on which side. `YES` 75% means that 75% of all sats were put into YES share which means that the market thinks that the chance that YES will win is 75%. However, tbh, I am not entirely sure if the chart works, lol

_stats page:_
![delphi.market_(iPhone SE) (6).png](https://m.stacker.news/6622)

5. **withdrawal**

You can withdraw any sats you received via payout or canceling an order (you'll get a refund for any invoice you paid for the order) in your wallet:

_wallet page:_
![delphi.market_(iPhone SE) (8).png](https://m.stacker.news/6624)


_withdrawal via bolt11 payment request:_
![delphi.market_(iPhone SE) (9).png](https://m.stacker.news/6625)

6. **list of all invoices**

Not much to say here. Just a list of all your invoices with their status so you can pay them later or keep track of what you've done:

![delphi.market_(iPhone SE) (10).png](https://m.stacker.news/6626)

7. **list of all orders**

Similar to the invoice list. You can also cancel your orders from this list (and not only from within a market order book) by clicking on `PENDING` to show the context menu. 

![delphi.market_(iPhone SE) (11).png](https://m.stacker.news/6627)

8. **market settlement**

If you created a market, you can decide the outcome of the market via a hidden `settings` page:

![delphi.market_(iPhone SE) (12).png](https://m.stacker.news/6628)

This is obviously not ideal and unlike what I initially mentioned: that the market creator (or me, as the site operator) would only be used as a fallback if the trading parties don't find consensus on the outcome. However, this idea didn't make it into the MVP.

If anyone even remembers, I also mentioned that I would be using HODL invoices to wait with settling the invoices until a counter party was found. If no counter party was found, their sats would get returned for free - no network fees. That also didn't make it into the MVP and I am no longer sure that's even something users would want since it trades UX for a potentially insignificant risk of having to pay the lightning network again for a withdrawal if you found no counter party.

---

## **Planned**

- actually show end date that was picked during market creation to user
- PWA with push notifications
- fix chart (?)
- code cleanup / refactor (that's probably always a thing, lol)
- tests, tests, tests
- other stuff that I forgot now
- ...
- mainnet

---

That's it for now. I want to go to sleep and writing all of this took some time that I was worried [about my account deletion deadline](https://stacker.news/items/336740), lol 

Now go, find all the bugs that I have hidden for you! Feel free to create new markets. I have created some orders for the existing markets so you can use them to immediately find some matches :)

Hopefully I'll wake up to some interesting prediction markets - or funny :)

---

_some somewhat random pings: @Natalia @grayruby @Undisciplined @nemo @siggy47 @orthwyrm @elvismercury @carlosfandango_ 

Lightning Prediction Market MVP - delphi.market

Bitcoin is not just a black hole. It has a far brighter future

# Introduction

> [Users of] the Lightning Network...trust third parties (TTPs) with the security of funds owned in the system. ... [This is because the] Lightning Network is vulnerable to hashrate majority collusion and flood and loot attacks, where the attackers can steal but not freeze the funds owed to their channel counterparties. [source](https://lightco.in/2023/12/13/lightning-validia-rollups/)

This is an interesting paragraph imo. The first sentence reminds me of this maxim: it's custodial if someone can steal it. If John's first sentence here means (and I'm not sure it does) that every lightning user trusts someone not to steal their money, then it seems to follow that every lightning wallet is actually custodial, including every lightning full node. If that is true, it means the entire lightning network is actually a custodial system, not just products like WoS, but even network infrastructure like LND and CLN. It's really all just a cleverly disguised custodial system, if I understand John's thesis here correctly (which, I probably don't -- he probably doesn't mean that).

The second two sentences I quoted appear to back up the first one. If his thesis is: "there's always someone who can steal your money on lightning" then it is wise to identify who that is, because that person is actually a disguised custodian. John identifies two ways someone can steal from your lightning channel: "hashrate majority collusion and flood and loot attacks."

# Flood and Loot

The second attack ("flood and loot attacks" aka FAL attacks, aka Forced Expiration Spam attacks, aka FES attacks) is outlined in section 9.2 of [the lightning network whitepaper](https://lightning.network/lightning-network-paper.pdf) where it is described as "[maybe] the greatest systemic risk when using the Lightning Network." A FES attack is (1) hard to pull off (2) always at massive risk of failing (3) likely to cause loss of funds *for the attacker* if it *does* fail.

To accomplish a FES attack, the attacker must first create a situation where bitcoin blocks suddenly become very congested, or he must act quickly when that situation arises through some other cause. Next he must force close his channel with you using an "old state" where he owes you less money than you're actually due.

The victim is expected to broadcast a "justice transaction" when this happens, but due to sudden network congestion, the justice transaction is not expected to pay a sufficiently high fee to get into a block. Moreover, the input to a justice transaction is a utxo from a multisig address "owned by" the attacker and the victim jointly, which prevents the victim from using RBF to unilaterally bump the fee (to use RBF on a multisig utxo, both parties have to agree on the new feerate and cosign it -- which the attacker won't do).

The FES attack isn't over yet, though. The attack will fail if the victim successfully uses CPFP or a centralized transaction accelerator to bump the fee on the justice transaction, which, if the victim succeeds, that will cost the attacker all of the money they had in the lightning channel with the would-be victim. So he must hope the victim does not do that. And even if all of that turns out to be true, the attacker *still* might fail if, before the timelock on the attacker's force closure transaction expires, fees fall to levels that allow the victim's justice transaction to get mined.

It seems extremely unlikely that all of these factors are under the attacker's control, especially the part where the victim can just use CPFP or a transaction accelerator to foil the attack. So I personally don't think the FES attack "counts" as a proof that a trusted third party can steal your money. I don't think it proves John's thesis (which I probably misunderstood, but here I am acting as if I did not).

FES attacks do not imply that lightning is custodial or that anyone can steal your money. The victim is in control of whether or not the attack succeeds. Foiling it is even something you can automate through judicious software that watches for FES attacks and uses CPFP and transaction accelerators when they happen. Moreover, since foiling such an attack actually *earns the victim some money* (you get all of your counterparty's money when you successfully broadcast a justice transaction) there is an incentive to build an auto-foiler directly into lightning wallets. I'm not sure if any has done this but I wouldn't be surprised if Acinq has.

# Miners Can Steal

John calls the other attack "hashrate majority collusion." It refers to the fact that miners can censor transactions from getting into blocks, but only if they control a "hashrate majority" i.e. 51% of mining rigs. If you can convince a group of miners to do that for you, you can steal from your lightning counterparty in the following manner: force close your channel with them using an "old state" where you owe them less money than they're actually due.

Next, expect your counterparty to broadcast a justice transaction to stop your attempted theft, but tell your group of miners not to mine that transaction. Also, if anyone *else* mines that transaction, tell your group of miners to orphan that block and mine a different block to replace it -- one without the justice transaction in it. As long as your group of miners really has 51% of the hashrate they will eventually "win the fight" (though it may take weeks to do so if they only have 51% of mining rigs), the timelock on your force closure will expire, and you will get to keep whatever money you owed your counterparty because they couldn't get their justice transaction mined in time to prevent the theft.

In my opinion, the existence of this attack does not imply that lightning is custodial or that anyone can steal your money. The attack assumes that your counterparty can collude with 51% of miners, but that does not seem plausible to me. The most plausible way to do it that I can think of is to bribe the two largest mining pools. But those pools do not "control" 51% of mining rigs. The actual mining rig owners are just "members" of various pools, and not only can they switch to a new pool at a whim, they appear to do so very responsively in reaction to things like twitter mobs yelling "censorship!" about things like (1) Antpool following OFAC guidance (2) Foundry pool *merely announcing an intention* to comply with OFAC in the future and (3) most recently, Ocean censoring inscriptions.

I don't think John actually thinks this, but suppose for a moment that he believed all the members of large mining pools are actually trusted counterparties to every lightning channel. I think that would only be true if (1) they chose to collude together with one of the members of that channel to orchestrate a "miners can steal" attack, (2) they were able to maintain a hashrate majority for the duration of the attack (3) to the point of orphaning other miners who tried to mine your justice transaction (4) and stop their mining pool members from leaving the pool due to the clear censorship happening.

I just don't think this attack is serious. There is no evidence of that scale of collusion, and I don't even think it's *possible* without some sort of collusion *tool,* evidence of whose existence is lacking, unless I'm in the dark about it.

# Conclusion

Both of the attacks John identifies are not serious in my opinion. They do not support the thesis (which I probably misunderstood, and which he probably does not claim to make) that all lightning users actually trust a third party not to steal their money, which, if it was true (I don't think it is), would imply that the lightning network is actually a giant custodial system. I hope this essay helps clarify why I think John is wrong (or rather, why I probably misunderstood him -- again, I don't think he really believes the thing I am arguing against).

Two Lightning Attacks Analyzed: A Response to John Light

Greetings, Stackers!

First post here, and I've got some quick introductory thoughts to share.

As a 100K+ Reddit karma whore, I've never been more confident that the time for disruption in the long-form/forum niche is now.

As someone who's been active on Reddit for over a decade, I can confirm this sentiment is rapidly growing among the hundreds of millions of active users, especially since their disastrous shitcoin experiment imploded a few weeks ago.

Very excited to learn the ropes, and join the fight to progress mass SN adoption with you all!

Keep calm and stack on 🤙⚡️

-BW
![Screen Shot 2023-11-12 at 8.03.39 PM.png](https://m.stacker.news/4733)

Reddit is Dead...Long Live Stacker News ✍️⚡️

benwehrman

Recently, I managed to pill one of the Airbnb hosts—it wasn't easy, but it was so worth it because I could come back anytime and pay in sats now.

### **The Art of Using Airbnb**

As many of you might already know, I'm a nomad, and I usually book accommodations on Airbnb when I'm out exploring. **And here is one of my hacks: I only book the first 1-2 days of the trip**. If I like the place, I extend; if I don't like it, I find a new place. I like being flexible and definitely don't want to be stuck at somewhere I don't enjoy. 

**Another hack is I always ask for ways to contact the hosts outside of Airbnb after I pay for the initial days and keep the good hosts' contacts.** If I happen to go back to that place, then I just text them and say I would like to come back and stay again, and then we discuss how the payment works *between us*; Airbnb already served its purpose of connecting, but after we are connected, it has done its job and got paid for that—everything that happens next is private, and nobody needs to know anything, but many people don't understand the meaning of public and private...

### **My Pilling Experience** 

I returned to somewhere I had stayed before lately, and all I did was message the host, reserve the time and agree on the price. Then, as I mentioned [here](https://stacker.news/items/287984), I don't have much fiat with me, so I used the same strategy again—I [asked](https://stacker.news/items/293271) the host if I could pay in Bitcoin.

 At first, he said no because the house is his parents and they are old and don't quite understand Bitcoin, blah blah, and would prefer cash. *( The first ask failed. )* But after a week, I decided to extend the stay, and I just asked again and said I don't have enough Lira with me, how about I pay you in Bitcoin? He still said no and didn't mind waiting for me to exchange. ( *The second ask failed.* )

After that week, I decided to extend for two more days due to weather reasons, so I asked again, do you want to *try* accepting Bitcoin? All it takes is two minutes, and so much easier! Actually, during that entire week, I learned something interesting, and I saw my opportunity — there is a new Airbnb policy in Turkey. Basically, anyone who wants to continue doing Airbnb needs to apply for a license and pay extra tax, and dat is my chance! I guess he probably doesn't want to bother with that, so I just said Bitcoin easily solved this problem, and you can even accept it with other old guests, and not to mention the [inflation](https://stacker.news/items/376570)! He was intrigued, so I guided him to download [Blink](https://stacker.news/items/341247) and showed him how to send and receive, and voila! Now, I can pay in sats whenever I come back. 👀

But something interesting I've noticed is whenever I pill someone new, *they always ask how they can sell it back to fiat*, and then I would just say why would you even want to sell the best money?! The goal is to use them directly like what I'm doing now. *But okay, I'm fine showing them how to exchange with fiat too, they are free to do whatever they want with their money after all...*

### **Easy Pilling Strategy**

- Try with a simple **ASK**.

- Keep trying and be patient, but only for the ones who are worth it,  especially those you need to contact from time to time.

- **Spot the pain points of others and show how Bitcoin can help with that!**

  

Did you learn any new hacks on pilling others? 🤓

Maybe All you Need is to Ask - Do you Accept Bitcoin? ⚡️ ( Part III )

Luke Dashjr launches Ocean to radically decentralize Bitcoin mining

Rsync25

### territories

You can now created your own ~~subs~~ territories. Note: this is *just* an MVP. It's probably 5% of what we have planned for territories.

*edit: you can create them from the dropdown in the top bar*

##### currently
- 50% of all revenue made by the territory is paid to the founder at the end of the day texas time
    - the other 50% goes to rewards 
    - this split will eventually be configurable, eg the founder gets 100% of revenue or rewards get 100% of revenue
    - the territories revenue is the revenue SN would ordinarily collect: 100% posting costs, 10% of zaps, 100% of boost
- territory founders can configure and edit indefinitely:
    - base post cost
    - post types
    - you can't currently *edit* the name or billing type but that'll be implemented eventually
    - eventually everything

##### planned
- seamless crossposting and retroactive crossposting between territories
- subscribing/unsubscribing to territories
- create territories within other territories, eg `~bitcoin/privacy` and `~bitcoin/mining` 
    - the territory founder can sell sub-territories to other stackers at a price of their choosing
- more post types
- more economic parameters

That's it mostly. Let me know if you have questions.

### what's next
While we will definitely be iterating on territories, you [might](https://stacker.news/tos) have [noticed](https://stacker.news/privacy) we are prioritizing [legal](https://stacker.news/copyright). It's all WIP but our focus for the next few weeks (after editing out all the wonky copy-paste legalese in those docs) will be on wallet stuff. 

We haven't exactly figured out our plans yet but you can expect more non-custodial support at the very least. I promise not to surprise you with anything weird and to discuss any potentially large changes should we end up making them.

yeehaw cowboys!

SN release: territories, formerly known as user generated subs

k00b

This is about open source, but has obvious implications for btc.  Interesting to see how the btc ecosystem has responded to the challenge, and compare to ways other large products like Linux, postgres, Python, etc., have made do.  

Is a more systematic solution possible?  I know there are various lists where btc-related devs can solicit funding; there are different grants by companies that are good stewards.  Every so often a mega-whale from the past surfaces (e.g., Pineapple fund) and throws money around.  Is it enough?  Is danger ahead?

Also: sorry to front-run HN bot, but this is a topic of particular interest to me.

The Lack of Compensation in Open Source Software is Unsustainable

elvismercury

So the Bugle has been live for over a year, with a focus on being entirely community funded instead of taking gay sponsorship money which influences our journalism, as well as sets up our readers for rug pulls. It's been a really interesting experiment so far, and I'm convinced that there is a path forward to have a full fledged media company operate this way. 

There are a few ways we generate money: 
1. direct donations on our site
2. direct donations via Geyser 
3. Selling merchandise in person (Haven't been very consistent at this) 
4. Allowing people to point hashrate at our mining pool account 
5. Nostr Zaps
6. Allowing readers to tip each article's author via LNURL at the bottom of each article
7. Selling black market cigarettes at Bitcoin conferences 

There are a few ways we could expand ways to earn sats from readers: 
1. Premium subscriptions 
2. Gamefy what articles are written next 
3. Migrate from ghost to a custom site with lightning payments integrated, maybe built on nostr 
4. Actually sell merchandise seriously 
5. Physical book sales
6. etc there's probably a lot of ways we expand here 
7. Fountain podcasting stuff

Stacker has been a pretty consistent way to generate sats. When I post articles on here, I forward sats to the authors who wrote the content. In the future, I could see splitting percentages making more sense but I don't pay anyone who contributes so until that changes, I'll just give 100% of tips to authors. The lightning network is so slick for stuff like this. 

I think if you have a compelling mission, you can solicit donations. People have really gone out there way not only to send us sats, but also promote our content on their podcasts, at conferences, and word of mouth. 

The Bugle's mission is to do a few things: 
1. Push back against and criticize the influencer circle jerk in Bitcoin related communities
2. Promote freedom and human dignity
3. Educate people on why smoking is good for you
4. Earn Bitcoin in the process 
5. Open source new ways individuals can earn sats 
6. Be the best damn journalists in the business, free of corporate overlords 
7. Promote new communication channels and communities that further our goals. 

Anyways, just thought I would do a post here and see what happens. I'm really curious to see what ideas the community has on this topic. 

Value for Value News Journalism Discussion Using Entirely Bitcoin 

thebitcoinbugle

[Similar to how @siggy47 gets why bitcoiners like bear markets now](https://stacker.news/items/318223), I think I finally can start to grasph why @DarthCoin is being so toxic all the time. Prepare yourself for a very long and hopefully funny story :)

---

Almost exactly one month ago, my girlfriend of almost 2 years broke up with me.

Almost, because it was on November 11, not November 12. What a convenient date to remember: 11/11 :)

I have asked myself a lot if I should share this on SN. This is (obviously) a very personal topic for me and I do care about my online privacy which is also [why I have started to use the delete feature more](https://stacker.news/items/348731) but I think this might actually resonate with some people on here. Or make some people reconsider how they see @DarthCoin. Also, I notice how I can't really focus as much as I would like to anymore because something is boiling inside of me. I am literally walking around faster and I have to hold myself back to not push people over because they are walking too slow for me. I am trying to not scream at the  cashiers when they do not say "have a nice day" back to me. I consistently have to take a breath before I respond to some people on here or in other places to make sure I am not going to lash out on accident for something so irrelevant, I might look like a bad person to interact with and not like the person I want to be. [I can't even hold myself back to call out @ODELL for something I don't like](https://stacker.news/items/348945) even though I never met him thus don't know him, never read much about what he is doing in this space, what is important to him and so on. I literally have no idea who he is in some way. And most important, I have no idea why he is even using ALL CAPS. I can of course only speculate, lol :)

I know I am in a bad emotional state right now.

**But at least I know**. I also know that lashing out is almost never the solution to anything. It DOES NOT help with fixing ANY situation, it only makes it worse. However, only ALMOST NEVER. This is what this post is going to be about. This post is about how [toxicity is the red pill for bitcoiners](https://stacker.news/items/347458) or how [toxicity is brutal honesty](https://stacker.news/items/347687).


**Is there ever a time and place to be toxic? To be as toxic as you can be? To scream at the top of your lungs at someone to make them finally understand that you're being <censored> serious? That it's not you who is crazy but them? Even though the definition of crazy is usually**

> If you think everyone around you is crazy... you might be the crazy one.

**Because they just can not understand that what you are trying to tell them is a very serious topic for you? So they should stop making jokes about it? Since you're also not joking for once? Like for once in your <censored> life, you are not trying to make jokes so people that have known you for so <censored> many years, they might actually take you serious for once? ...**

Anyway, we will try to answer this question in this post. :)

For an example when I need to take a breath before replying, see [this comment](https://stacker.news/items/349022):

> We can integrate the Chess part on SN too and use your prediction market when people play

@brave, I hope you can forgive me for mentioning you but you are just the latest best example, haha

Zap them like <censored> crazy since I have put them on a spotlight on here without asking them first because I just HAVE TO write this RIGHT <CENSORED> NOW. **I am literally afraid my newfound toxicness is going to disappear before I am done writing this post because [I think this can be part of my superpower](https://stacker.news/items/343999).**

I think my superpower is:

> convert bad energy into code

The problem with that superpower for now is just: that code isn't good, if it even exists. It's very hard to focus during programming if you have so many things going on in your mind at the same time. But this is also why I am writing this, to at least get something like 1% of these things out of my system.

Also, you, @brave, seemed to understand that I was trying to make you understand in a "funny but toxic but funny" way how ridiculous this request was. Again, I do not intend to be rude (at least I sure hope so). I just want to help people understand some things without completely <censored> censoring myself when I am trying to.

I also gave @brave 1000 sats because I was so happy [he realized that I didn't mean to be rude](https://stacker.news/items/349051), I just wanted to call out the audacity to even ask for something like this, and I did have a good laugh reading his reply:

> LOL, I'm not which is what gave me the audacity to even think so

So, why did I start with my recent breakup? To keep it short (and not AS <CENSORED> TOXIC AS IT COULD BE):

Our relationship started with me being scared that it might not work out in the long run because I know myself too well. I like to be alone way too much sometimes :)

She said she understands and I also liked her. She seemed to really get me. So after some long discussions, including time that we had for ourselves to think about if we really want to do this, we thought: Why not just try it?

So we tried. Again, I am trying to keep this short, since I have stuff to do, lol. **But disclaimer: I know this is only my side of the story. Don't trust me that I am not making stuff up here. Like some stories based on real events are also not _completely_ true :)**

In something like the last 3 months before she broke up with me, I felt like something was wrong. I kept asking her

> I feel like something is wrong, I think you don't like me anymore. We keep visiting each other during the weekends, but I don't think you actually want to. What is going on? I am really worried about you."

She kept insisting that either a) nothing is wrong or b) it has nothing to do with me. 

Oh, what kind of foreshadowing is this? :)

Well, when she broke up (she didn't even start the discussion) it obviously had a lot to do with me.

The funny part is, we were sitting around again as we used to do, having a good talk and laughing about dumb stuff. That's also why I liked her so much. You could talk to her about so many things. Just not about _everything_.

Or at least it seemed to be a good talk as usual. When I noticed _again_ (FOR THE I DON'T KNOW I <CENSORED> LOST COUNT) that something is off, I asked her again. She just started crying. I tried to calm her down. "It's okay.", I said. But internally, I thought:

> _I should have <censored> known. I should have <censored> known that even though we started our relationship with the premise that we're going to talk openly about every-<censored>-thing. We said we will try to block every <censored> Sunday so we can <censored> talk about anything we might not wanted to talk about during the week for whatever <censored> reason. That Sunday is going to be the day, we're 100% going to <censored> listen to each other to see how the other person is <censored> doing. I should have known that when I knew something was off, she wasn't telling me the truth. She was trying to avoid conflict but ... did she? DID SHE <CENSORED> AVOID CONFLICT? OR DID SHE LITERALLY JUST MAKE IT <CENSORED> WORSE THAN IT <CENSORED> HAD TO BE?_

But I didn't fully internalize these thoughts yet. I think I kept pushing them off. I didn't want to think like this.

Well, we talked, we ate dinner for the last time, watched some episodes of the series that we started watching before we even got together (a new season came out). Then she left with us saying to each other we can meet again. I asked if I am still invited to the New Year's party with mostly her friends. She said she doesn't mind but the problem is if someone will actually plan something. Like where to go etc. She said she is happy how understanding I was and that I didn't make a drama out of this.

> _BUT WELL, WHAT ABOUT <CENSORED> YOU? DID YOU TRY TO NOT MAKE A <CENSORED> DRAMA OUT OF THIS?_

Anyway. A week later, I wrote her, asking if she has time to go hiking. Since we literally said, we can still meet. We can still be friends (I guess A LOT OF YOU can relate to this).

Her answer after two days was:

> Good morning :) Sorry for the late reply. I have been quite busy the past days. Nice idea! But all my free days from work for this and next month are already filled up with other stuff, sorry 🙈

She didn't write anything else. And most important, she didn't reply with:

> HEY THANKS YOU <CENSORED> REACHED OUT TO ME EVEN THOUGH MAYBE I SHOULD HAVE BECAUSE I HAVE TREATED YOU LIKE A <CENSORED> <CENSORED> BECAUSE YOU KEPT ASKING FOR MONTHS WHAT THE <CENSORED> IS GOING ON AND THUS I SHOULD HAVE KNOWN THAT YOU ARE PRETTY <CENSORED> AWARE OF WHAT THE <CENSORED> IS GOING ON BUT YOU TRUSTED ME THAT I WOULD TELL YOU THE <CENSORED> TRUTH AND THUS YOU THOUGHT THAT YOU'RE JUST SEEING THINGS THAT AREN'T <CENSORED> THERE AND YOU SHOULD TRY TO CALM THE <CENSORED> DOWN BECAUSE WHY THE <CENSORED> WOULD SHE NOT TELL ME THE TRUTH?

But I only fully realized that she didn't reply like this recently. It's funny because I know, [people say after a breakup you go through phases of denial, anger, bargaining, depression, acceptance](https://www.csn.edu/_csnmedia/documents/caps-counseling-and-psychological-services/stages_of_grief_after_a_breakup_0.pdf).


I think one day I just woke up and I thought:

> _WAIT A <CENSORED> MINUTE. WHY AM I FEELING SO <CENSORED> SAD? AS IF IT'S ALL MY <CENSORED> FAULT?_

And I think then it was official: I entered the anger phase, lol :)

I actually don't know how long this post already is since I am writing it outside of SN since I am too <censored> afraid we might have a bug, we didn't implement [this feature yet](https://github.com/stackernews/stacker.news/issues/216) or my browser might crash or I don't <censored> know what life has planned next for me. But I am getting to my theory of why @DarthCoin is just so insufferable sometimes, soon, hang on :)

Then I started to talk to IRL friends about my breakup. That actually helped me and they were very understanding.

Then, they realized I don't have time to <CENSORED> MEET THEM ALL THE <CENSORED> TIME. Were they worried about me? Maybe. But I tried to tell them:

> I AM DOING <CENSORED> FINE STOP <CENSORED> ASKING IF I HAVE <CENSORED> TIME WHENEVER YOU NOW <CENSORED> WANT TO MEET <CENSORED> <CENSORED> IS <CENSORED> WRONG WITH YOU <CENSORED> PEOPLE

Then I tried to explain to them why I think I am doing fine and I just want to have time for myself ... oh boy, this got extremely funny very fast.

They didn't take me serious when I tried to explain to them how important bitcoin is to me. They literally thought I was joking about all the things I said. I tried to have patience with them since I know how <censored> crazy or hard bitcoin is to understand.

But you know what?

> AT LEAST TAKE ME <CENSORED> SERIOUS WHEN I AM TRYING TO LITERALLY TELL YOU HOW <CENSORED> SERIOUS I AM.

Long story short, I literally started to burn some very old bridges - more or less temporarily - because I just couldn't interact with them anymore.

> THEY JUST DON'T <CENSORED> GET IT. THIS IS A <CENSORED> WASTE OF TIME.

However, I told them, depending on the amount of trust that I have in them finally <censored> understanding that I am being <censored> serious:

> I don't want to talk to you anymore for X months / years.

Oh boy, this got even more funny even <censored> faster, haha!

THEY LITERALLY STARTED TO <CENSORED> TELL ME HOW I AM OVERREACTING AND I AM CRAZY AND I AM SUCH A BAD BAD PERSON THAT I AM BURNING BRIDGES BECAUSE THEY DON'T GET SOMETHING SO STUPID LIKE <CENSORED> BITCOIN.

I couldn't take this <censored> <censored> anymore. Then I started to become as toxic as I ever was in my <censored> life. If some stuff they said to me in person, I think I literally would have screamed until I would have passed out, lol. Just to get up and scream at them some more! But no, the very bad stuff was mostly over text.

Then I send every single <censored> one of them a very personal <censored> message how I think that actually, they might be wrong and that THEY are actually the <censored> <censored> because I LITERALLY TRIED TO EXPLAIN TO THEM BUT THEY JUST DON'T WANT TO TAKE IT <CENSORED> SERIOUS LIKE WHAT THE <CENSORED> IS WRONG WITH YOU <CENSORED> PEOPLE LIKE SERIOUSLY GIVE ME A <CENSORED> BREAK <CENSORED>! I AM BEING SO <CENSORED> TOXIC RIGHT NOW, I THINK I MIGHT ACTUALLY HAVE FIXED MY <CENSORED> SOCIAL ANXIETY <CENSORED> BECAUSE I JUST DON'T GIVE A <CENSORED> ABOUT PEOPLE WASTING MY <CENSORED> TIME ANYMORE

And then I realized ... wow, this might have indeed helped with some of them!

They were suddenly like

> Oh, I am very sorry, I didn't know you are going through hard times. Are you sure you don't want to meet?

> YES I AM <CENSORED> SURE BECAUSE YOU ARE LITERALLY WASTING MY <CENSORED> TIME AND YOU STILL DON'T <CENSORED> GET IT EVEN THOUGH I LITERALLY WROTE YOU THE MOST TOXIC MESSAGE I HAVE EVER WRITTEN IN MY <CENSORED> LIFE, TRYING AGAIN TO EXPLAIN FOR THE NTH TIME WHY I DON'T WANT TO <CENSORED> MEET YOU _RIGHT NOW_.

So to come to a final conclusion: If you think the only thing you have left is to be SO <CENSORED> TOXIC, <CENSORED> DO IT. IT MIGHT ACTUALLY MAKE A <CENSORED> DIFFERENCE.

And I think @DarthCoin has been in this space for so <censored> long, he lost patience with some people like I did in the span of a few weeks.

I mean, I know I have been active in this space for not even a year and I AM ALREADY SO <CENSORED> TOXIC TO PEOPLE WHO DON'T TAKE BITCOIN SERIOUS.

Imagine you've been in Bitcoin since 2012, it's been over 10 <censored> years and people still don't <censored> get it. WOULDN'T YOU BECOME VERY TOXIC YOURSELF?

Just ask yourself this. This could have been all I wanted to say with this post.

But I think @DarthCoin is sometimes just being toxic for the sake of being toxic and thus is so insufferable sometimes. I just searched for "insufferable" on here and this is the first comment that showed up:

> You are easily one of the most insufferable people on this website. I found a selfie.
-- https://stacker.news/items/101165

But I actually wanted to find my own comment about @DarthCoin being insufferable, lol:

> @DarthCoin never change even though you are really insufferable sometimes :)
-- https://stacker.news/items/344665

So the point of this story is: BE <CENSORED> TOXIC WHEN YOU HAVE TO, BUT BE <CENSORED> SMART ABOUT IT, NOT LIKE <CENSORED> @DarthCoin, BEING <CENSORED> TOXIC WHENEVER HE <CENSORED> CAN, EVEN ON TOPICS HE HAS SO <CENSORED> OBVIOUSLY NO <CENSORED> IDEA ABOUT, [EVEN ADMITTING HE HAS NO FUCKING CLUE ABOUT CODE LOL](https://stacker.news/items/347737)!

And one last thing:

PLEASE DON'T <CENSORED> ASK ME HOW I AM DOING OR START DM'ING ME OR WHATEVER THE <CENSORED> YOU THINK MIGHT HELP ME. I JUST WANT TO <CENSORED> MOVE ON, I DID NOT _REALLY_ WANT TO TALK ABOUT THIS HERE BUT I JUST REALIZED I MIGHT HAVE TO TO FINALLY BE ABLE TO <CENSORED> CODE AGAIN <CENSORED> AND COMMIT TO ME BEING FUCKING TOXIC BUT IN A HELPFUL WAY TO ANYONE WHO I THINK IS WASTING MY <CENSORED> TIME.

BUT IF YOU REALLY HAVE TO GIVE ME SOME ADVICE, DO IT BELOW THIS POST SO I CAN <CENSORED> IGNORE IT TO FINALLY <CENSORED> CODE AGAIN WITHOUT SO MANY <CENSORED> DISTRACTING THOUGHTS IN MY <CENSORED> HEAD <CENSORED>. I MIGHT NEVER REPLY TO ANY OF WHAT YOU ARE WRITING HERE SINCE I PROBABLY ALREADY <CENSORED> TRIED OR AM CURRENTLY TRYING OR ALREADY <CENSORED> KNOW. AND YES, I <CENSORED> KNOW I AM A VERY NICE PERSON SINCE I AM TRYING <CENSORED> HARD, PLEASE STOP WASTING MY <CENSORED> TIME AND YOURS AND ACTUALLY DO SOMETHING <CENSORED> USEFUL IN YOUR LIFE FOR ONCE

[THANKS I NOW NEED TO DO SOME \<CENSORED\> BINARY STUFF IN \<CENSORED\> JAVASCRIPT](https://github.com/stackernews/stacker.news/pull/683) LIKE WHAT THE <CENSORED>! JUST SO SOME <CENSORED> PEOPLE ON HERE CAN START <CENSORED> UPLOADING THEIR PICTURES WITHOUT IT GETTING <CENSORED> ROTATED FOR NO APPARENT <CENSORED> REASON

I THINK I AM <CENSORED> DONE NOW. I FEEL MUCH BETTER. 

(I think) I finally understand DarthCoin


![](https://m.stacker.news/31743)

I attended the first of what I hope will be many bitcoin meetups at the Melville Deli Friday night. I first visited the deli back in September of last year. I posted about it [here](https://stacker.news/items/267725/r/siggy47).  Since then I have kept in touch with @Simaan, who is a great guy and a very committed bitcoiner. His deli is the only business on Long Island that I know of that accepts bitcoin. 

I don’t get out much. Most bitcoiners I know are the people I talk to every day here on SN. I have made three or four pilgrimages to [PubKey](https://stacker.news/items/219987/r/siggy47), but that’s about it when it comes to interacting with real, live bitcoiners in meat world. So when I found out that Simon was holding his first meetup at the deli, I was excited. I had an even better time than I expected.  

Simon hosted the meetup at the deli after hours. He provided all the food and drink at no cost. He is a very generous guy, but I plan to try to convince him to accept some sats for future events. There were tables and chairs set up in the back, which provided plenty of space for the dozen or so people who attended.  

The structure was informal, but worked very well. Simon had everyone introduce themselves and describe their connection to bitcoin. This inspired some great conversation. Some attendees had traveled 50 miles to attend. There were newbies, two non-bitcoiners who wanted to learn, and a smattering of interesting bitcoin characters.

One guy described himself as a full-time bitcoin evangelist. He wore a “WTF? 1971” T shirt, which was the perfect prop for him to launch into an articulate explanation of money as it relates to the “Nixon Shock.”  I am a little hard of hearing, so when he introduced himself I missed some of it.  I said “I’m sorry, what did you say your name was?” Without skipping a beat he smirked and said “nice try, fed.” It warmed my heart. 

Peg from Rockaway, a retired New York City public school teacher, was wearing a New York Bitcoin T shirt and orange sneakers. She first discovered bitcoin when her son was buying drugs off of Silk Road. She often led the conversation and showed herself to be a personable, natural advocate. 

Other highlights:

- During a discussion about money, a wampum bracelet was passed around the room. 

- Simon gave a brief proof of work speech using the preparation of a deli sandwich as an example.

- Simon regaled us with a cautionary tale about mining.  A few years back he and his partners set up an operation in an impoverished Pennsylvania town with cheap electricity. Although they were successful, they also managed to cause a fire that burned down their facility and knocked out the town’s electric service. 

- A couple drove in from Queens. The woman had connections to Kazakhstan and China. She discovered bitcoin through miners who wanted her to set up an operation in Kazakhstan. Her fiance was a New York firmware engineer.

- There was a couple who owned a local cigar factory. They were no coiners who passed out cigars to promote their business. I tried to convince them to accept bitcoin. I’ll keep you posted on any orange pilling success.


### My observations

I really enjoy these in person meetups. A few of the newbies were dabbling in shitcoins, as many of us have in the past.  It’s less comfortable giving someone a brusk “shitcoiner” dismissal in person than on a computer screen, so you rely on really explaining why bitcoin is different. I believe those conversations were almost as valuable to me as to the soon to be ex-shitcoiner. 

I also discovered that not everyone shares my desire to actually spend bitcoin. I started out spouting about a circular economy, but it quickly became evident that just about everyone thought I was nuts to want to part with my precious bitcoin. I detected this same sense during my few visits to PubKey. No one changed my opinion, but it was good to get a different point of view.


### Conclusion

I encourage everyone to find a local meetup. It’s fun, and you might just learn a few things you won’t find on Stacker News. With the excitement being generated by this bull market, they seem to be popping up everywhere. 

For anyone in the New York area, I would highly recommend attending the next meetup at the Melville Deli. Here is the contact information:

The Melville Deli 
90 Broadhollow Road
Melville, New York 11747
(631) 351-9338
https://melvilledeli.org/


Leaving My SN Bubble: Bitcoin Meetup At The Melville Deli

siggy47

That's mostly it. 100% @ekzyis

There's a little button for adding images (probably too little) and you can also add images by dragging them to the textarea.

There's a lot of great stuff I'm actively reviewing but I know how badly you've all been waiting for this so I decided to just push it.

![LwdbX00.gif](https://m.stacker.news/4212)

SN release: image uploading

Hello,

I am CTO of Commerceblock, and have been designing and building mercury layer statechains last couple of years. 

Ask me anything about the tech, cryptography, use cases etc. or anything else. 

Mercury layer AMA

tptrevethan

I thought you were missing Darth's "tips of the day", so I came up with a question I had from one of my readers few days ago: 

### "How can I run LNbits quickly, with minimum effort and resources?"

We all know that the powerful LNbits require a LN node as funding source. And many new users are struggling to setup a node for that, or using bundle nodes, with outdated software, complicated dockers etc, things that for a noob are quite hard to debug and maintain.

So I came up with a more simple approach: 
### A LN node with neutrino synced blocks.
Why?
- it does NOT require to run a heavy full Bitcoin Core node
- it does not need a big hard drive
- it sync in aprox 5 min
- it is not using heavily the CPU and memory
- is private syncing (neutrino server node doesn't need to read your wallet xpub, it just provide blocks)

### Steps to do:
In this scenario, we want to run a LNbits with a LND node as funding source, for a small shop merchant or as a LN bank fro your family / friends.
This process take more or less 30 min.
1. On any PC with a Linux OS (I recommend Debian or Ubuntu for simplicity), install LND as LN node.
2. Optional for managing your node you can install Thunderhub or RTL as desktop apps. If not, you can easily connect Zeus mobile app to your node and manage it from there.
3. Open 2-3 channels with big good nodes.
4. Install LNbits latest version, as a standalone app (no need for complicated docker etc)
5. Connect your LNbits with the LND node
6. Edit your domain DNS entries for your new LNbits server and also open the ports 80/443 required for the SSL certificate and access in your router, pointing to the LNbits machine.
7. Setup Caddy for reverse proxy DNS https of your LNbits (see LNbits documentation, is very easy)
8. Done. Start your LNbits instance and setup your users.

### Documentation:
- [Set Neutrino for your LND node](https://docs.lightning.engineering/lightning-network-tools/lnd/enable-neutrino-mode-in-bitcoin-core)
- [LNbits documentation](https://github.com/lnbits/lnbits/wiki/LNbits-Documentation)
- [Using Caddy as reverse proxy for LNbits](https://github.com/lnbits/lnbits/blob/main/docs/guide/installation.md#reverse-proxy-with-automatic-https-using-caddy)
- [Managing LN node liquidity](https://darthcoin.substack.com/p/managing-lightning-node-liquidity)
- [Getting started with LNbits](https://darthcoin.substack.com/p/getting-started-lnbits)
- [Private banks over LN](https://darthcoin.substack.com/p/bitcoin-private-banks-over-lightning)
- [LNbits for small merchants](https://darthcoin.substack.com/p/lnbits-for-small-merchants)
- [How to use LNbits with streamer copilot](https://darthcoin.substack.com/p/lnbits-streamer-copilot)
- [Getting started with LNbits NOSTR market](https://darthcoin.substack.com/p/lnbits-nostr-market)
- [The Bank of Lnbits](https://darthcoin.substack.com/p/the-bank-of-lnbits)
- [Using LNbits to provide Ecash Cashu mints](https://darthcoin.substack.com/p/bitcoin-adoption-using-ecash)
- [Zeus Mobile Documentation](https://docs.zeusln.app/)
- [Thunderhub Documentation](https://docs.thunderhub.io/)

In closing, I would encourage all public node runners to ACTIVATE NEUTRINO on their Bitcoin Core nodes. It takes just 2 lines:
```
blockfilterindex=1
peerblockfilters=1
```

In this way you could participate and really help decentralize the network, helping the mobile node users (See Blixt, Zeus, Breez, Nayuta etc) that are using Neutrino. Or just offer these neutrino connections to your close friends and family to use it. Be a real "uncle Jim" for those that cannot run a full Bitcoin Core node.

I hope more users will understand the significance of this mini-guide...
May the Bitcoin Be With You!

Tip of the day: How can I run a LN node without full Core?

DarthCoin

I continue to work on my hedgehog protocol and I've figured out how to add some cool features to it. I wrote a "bridge server" which helps "translate" hedgehog payments into lightning payments, and it works right now, which means a hedgehog wallet can pay regular lightning invoices. I also added support for something I call "unilateral channels."

What that means is, someone can be fully offline, not even talking to you, not even aware of you, and if you have their pubkey you can send them $100 in bitcoin (for example) in such a way that they "receive" it in a new hedgehog channel. You just use their pubkey to create a multisig and fund it with the $100, then send them a string of text containing signatures for the "force closure" transactions that they need in case they have to unilaterally exit from the multisig. Then, whenever they next get online, they can paste that string into their wallet and instantly start using the money in their (already confirmed!) new hedgehog channel to make hedgehog payments and lightning payments.

You you could also use the unilateral channel feature to "make up" a bunch of keypairs, get some business cards, print out channel opening/closing information on the business cards (using the pubkeys from each of the keypairs you made up to create the multisigs), fund the multisigs yourself, and then "gift" them to people by just handing them the business card. Each recipient gets a new, prefunded hedgehog wallet with full support for sending and receiving lightning payments, with two simple steps: (1) visit a webpage (or download an app) that runs hedgehog wallet software and (2) scan the qr code to import the channel data.

All of these features have some interesting side effects. For example, since you can receive money into a new hedgehog channel without being online, you can keep your private keys fully offline in an airgapped hardware wallet, and whenever you want to send money over hedgehog or lightning, you can just prepare the transaction in your software wallet, encode it as a series of several psbts, pass those to your hardware wallet for signing, and let your software wallet send the newly signed transactions to the bridge server.

You could also *receive* money over lightning into a separate hot wallet, and regularly withdraw it to a cold hedgehog wallet by using your hardware wallet to individually sign the various transactions that are involved in receiving lightning payments and revoking old state (but this requires implementing support for receiving lightning payments on hedgehog, which I haven't done yet -- see below).

I am currently working on a feature that I call "virtual channels" which allow you to make a unilateral channel without going on chain. This lets you cheaply give people hedgehog channels that "fully" work, with the tradeoff that you (the sender) have a copy of this virtual channel's private keys, so you have custody of the recipient's funds. But the channel works just like a regular hedgehog channel, with the same interface, its own balance, full support for sending and receiving hedgehog payments, and sending lightning payments. So it's sort of like you're hosting an lnbits wallet for someone, only with hedgehog's ability to effectively emulate asynchronous payments. Which means you don't need a server to host this software, a regular phone or even a web browser should work fine, because you don't need to be online all the time, only the bridge server does.

Once virtual channels are ready I want to add support for "receiving" lightning payments into a hedgehog channel. I wrote up a specification for it here ([https://github.com/supertestnet/hedgehog-advanced](https://github.com/supertestnet/hedgehog-advanced)) but I haven't implemented it yet. Once that is done I think hedgehog will be ready to implement in a "real" wallet. It will have so many cool features:

- keep your keys airgapped and still (a) send hedgehog payments (b) receive hedgehog payments (c) send lightning payments (d) regularly withdraw lightning payments from a "hot" wallet into .your airgapped hedgehog wallet without needing to do any base layer transactions

- if exchanges like kraken or swan add support for hedgehog, any user who has monthly or weekly autobuy enabled could receive these regular purchases of bitcoin directly into a hedgehog wallet -- hot or cold -- and be able to spend the money on lightning or hedgehog as soon as it confirms, without needing to come online til they want to actually spend the money

- if you are sending someone money and your recipient is *on*line, you can use a hedgehog wallet as a regular lightning wallet

- if your recipient is *not* online, you can pay them by making a unilateral channel for them on the base layer, and to do that you just need to be willing to pay a base layer tx fee and know one of their pubkeys (technically that part is optional, as you can just make up a keypair for them -- though I personally wouldn't trust a keypair that some rando made up for me and I would sweep all funds from such a channel whenever I next got online)

- if your recipient is not online and you don't want to incur a base layer fee, you can make a "virtual" (i.e. custodial) unilateral channel for them and deposit whatever amount you want to pay them into that. You can then send them its details and go offline, and they can sweep it whenever they next get online, without any further help from you (i.e. you don't need to be online when they sweep the funds! They just need the bridge server to be online)

- this emulates asynchronous lightning payments pretty effectively, without the need for the sender to run a server or rely on a third party custodian. But there is a "first party" custodian -- the sender retains custody of the funds in a virtual channel until the recipient sweeps them. And there is a third party bridge server, who can censor payments, though if that happens, the sender can just retry with a different bridge server and stop using the old one

- it also emulates "pull" payments, which are useful for subscriptions. If you want to subscribe to twelve months of bitflix, you can send bitflix twelve virtual channels where each one has a timelock on the virtual channel opening transaction. This effectively means that the first virtual channel cannot be used til 1 month goes by, the second one cannot be used til 2 months go by, etc. As each timelock expires once per month, a single virtual channel becomes usable each month. This allows bitflix to sweep funds from one channel per month, thus "pulling" pre-authorized funds from your wallet according to a predetermined schedule

- if you ever want to cancel such a subscription, just make a new transaction with the bridge server overwriting all the remaining virtual channels you gave to bitflix. The bridge server will then stop treating the virtual channels as valid, because they can no longer redeem the money in them even if it comes to their side of the virtual channel, so bitflix can't use them anymore either, and thus your subscription is effectively canceled

- all of this can work just fine today without waiting for bitcoin *or* lightning to upgrade -- which I think is just amazing!