How does a lightning replacement cycling attack work?
There's a lot of discussion about this newly discovered vulnerability on the mailing lists, but the actual mechanism is a bit hard to follow.
So here's an illustrated primer...
🧵 1/n
someone just tipped Satoshi 26.9 BTC 😳
the destination of this transaction, 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa, is the P2PKH address corresponding to the public key which received the genesis block reward.
mempool.space/tx/d7db4f96a40…
h/t @__B__T__C__
A single custodian now controls the coinbase addresses of at least 9 pools, representing 47% of total hashrate.
As demonstrated by this consolidation of mining reward outputs from AntPool, F2Pool, Binance Pool, Braiins, btccom, SECPOOL and Poolin:
mempool.space/tx/b1dc9e09a97…
STOP 👏 USING 👏 BRAIN 👏 WALLETS
someone just withdrew $5000 from an exchange to a low-entropy or compromised address.
the coins were stolen from the mempool by bots within milliseconds, before the ensuing RBF battle burned the entire amount to fees 😭
El Salvador's Bitcoin Office just migrated their Strategic Reserve holdings into 14 new addresses with up to 500 BTC per UTXO.
This marks the transition to a new wallet management strategy aiming to avoid address reuse.
El Salvador is moving the funds from a single Bitcoin address into multiple new, unused addresses as part of a strategic initiative to enhance the security and long-term custody of the National Strategic Bitcoin Reserve. This action aligns with best practices in Bitcoin
"Proof of Work is based on the laws of physics, so you have to work with the world as it is ... whereas because Proof of Stake is virtualized in this way it's basically letting us create a simulated universe that has it's own laws of physics..."
-- Vitalik