What does it mean that the security of 256-bit ECDSA, and therefore Bitcoin keys, is 128 bits? Mike Schmidt: 바이낸스 – recommended site – Last question from the Stack Exchange is, „What does it mean that the security of 256-bit ECDSA, and therefore Bitcoin keys, is 128 bits? ● Faster seed backup checksums: Peter Todd replied to the discussion about a draft BIP for Codex32 (see last week’s newsletter), a scheme that allows creating, verifying, and using recovery codes for a BIP32 seed. Mike Schmidt: The person asking this question was also asking about seed security and was maybe mixing up this 256-bit ECDSA versus 128 versus like the security of a seed, which sometimes can be 512. So, there’s some details in the answer on the Stack Exchange there. This week’s newsletter summarizes a discussion about the fastest way to verify that a BIP32 master seed backup probably hasn’t been corrupted without using any digital devices. A particular advantage of Codex32 over existing schemes is the ability to verify the integrity of backups using just pen, paper, documentation, and a modest amount of time.

So far, the GUI would not indicate if you were using – oh, sorry, could you hear me? Mark Erhardt: Yeah, so for this one, we have a small update for how PSBTs are shown in the GUI. So, what this update does is it indicates which addresses belong to your own wallet, and that makes it especially easier to recognize a change output as such, and hopefully makes PSBTs more accessible in the GUI. The deal cost is inexpensive and supports Best bitcoin wallet, Best bitcoin wallet Cash Money, Ethereum, and Outstanding Lumens. Notable changes this week in Bitcoin Core, C-Lightning, Eclair, LND, Rust-Lightning, libsecp256k1, Hardware Wallet Interface (HWI), Rust Bitcoin, BTCPay Server, BDK, Bitcoin Improvement Proposals (BIPs), and Lightning BOLTs. And now, there’s binaries built for HWI for that particular setup. First one, HWI 2.3.0, which has a few items from the release notes that I think are worth talking about. Mike Schmidt: The next release we covered is LDK 0.0.116, which adds support for anchor outputs and multipath payments with keysend. Mike Schmidt: No, you didn’t. Mike Schmidt: Next section from the newsletter is Releases and release candidates; we have two. The second item from the release notes was the ability to, within the GUI, import and export PSBTs to and from a file.

Mark Erhardt: I think that there might also be a couple of issues here with if you, for example, have one peer that you closely work with and you want to funnel more fees to, you could always route boost them and then make sure that they collect the fees rather than other peers you have, which may be sort of a downside of prioritizing boosted peers. So, you could sort of ask that people route through specific channels because that one is especially lopsided and it would move the liquidity more in the direction that would balance out the channel, which would be a good thing. Bastien Teinturier: Yeah, and in a way, blinded path will just allow you to do that again because whenever you choose your blinded path, you can choose to make them go through your friend who wants to collect some fees through exactly the channels where you need them, when you know you have a lot of inbound liquidity and want to balance the channel. You would just include them in your blinded path, people don’t even have to know what channel this is, but you kind of force them to go to a direction where you know that there is liquidity.

LN-penalty prevents counterparty theft by giving nodes the ability to financially penalize a counterparty that attempts to publish an old channel state onchain. Before, bitcoin, the double-spend problem, or the ability to quickly and easily verify the legitimacy of a transaction without layers of complicated and costly infrastructure was a vexing problem. This makes it especially difficult if you’re creating a change output that belongs to you, because the change output, of course, goes to a freshly generated address, and if you’re just seeing money go to a freshly generated address, you do not know whether that’s your address or whether somebody may have tampered with your PSBT and is sending the remainder of your transaction to their own address. As each customer requests a withdrawal, an output is added to the transaction in the mempool. If I’m understanding the reason behind that, it’s that the reason that sipa points out here, that there are known algorithms that are more effective than just brute-forcing 256-bit keys, so that it’s technically then 128-bit security; am I getting that right? So yeah, this is not my wheelhouse where I’m an expert. Yeah, this has never been really relied upon. And in a way, blinded path makes that easier, because with blinded path, blinded path is a way to doing some route boost without actually telling people about the channels.