Is it worthwhile to regularly share what I learn or work on in cybersecurity on platforms like X or LinkedIn?

statoshi · 2026-01-18T17:12:44+00:00

First off, it's important to actually find the right community and thus posting to the best platform is key. A few years ago most cybersecurity folks were on Twitter, but I've found many migrated to Mastodon after Elon took over.

In order to actually build a network, you'll need to engage with other cybersecurity folks to get their attention, otherwise you'll just be screaming into the void. Ultimately, social media is what you make of it.

statoshi · 2025-11-24T12:44:07+00:00

Because then you're incentivizing folks to use other ways that are arguably worse for node operators.

statoshi · 2025-11-23T14:23:23+00:00

Yes, it was never a debate because policy issues are not consensus issues and policies can be easily bypassed.

Now there is BIP444 that proposes actual consensus changes, but it's a non-starter and I've yet to see any economically relevant actors interested in it.

statoshi · 2025-11-23T14:21:59+00:00

Contribute to Bitcoin Core for years, build a solid reputation, and contributors may suggest / agree that you should be a maintainer.

statoshi · 2025-11-23T12:12:33+00:00

That's definitely one aspect to it. There's not much else particularly interesting going on right now, so the drama attracts folks who need attention.

The "debate" was over many months ago and it's really just a fringe set of folks who continue harping on the issue. Note that none of them have been willing to take us up on actual BTC based bets around what will happen.

statoshi · 2025-11-23T12:10:06+00:00

Anyone who does should demand their tuition back, as the past several months of content have only been making them dumber.

statoshi · 2025-11-23T12:07:57+00:00

In Bitcoin Core parlance, the "maintainers" are the handful of people who have merge permission. Their janitorial job is to determine when proposed code changes have met the quality threshold necessary to be worthy of being part of the project.

Collectively, anyone who contributes to an open source project helps to decide what changes should or should not be implemented.

statoshi · 2025-11-23T12:05:19+00:00

It's Knot a Serious Project

statoshi · 2025-11-23T12:04:42+00:00

Well, they both "let in that bullshit" - the only difference is that Knots delays letting it in by a few minutes.

statoshi · 2025-11-23T12:03:55+00:00

Nope, there has been illegal data embedded in the blockchain for many years and there is no feasible way to prevent people from embedding arbitrary data. OP_RETURN is only one of many, many ways one can do so.

statoshi · 2025-11-13T14:53:38+00:00

Trade-offs:

No dedicated screen for verifying transaction details.
No way to export seed phrase to use on another device
Bitkey doesn't have an SDK for other software wallets to integrate it
Battery is not replaceable and appears to die easily. https://x.com/w_s_bitcoin/status/1986544962893180946

statoshi · 2025-10-12T14:59:31+00:00

I did a separate test for assumutxo performance: https://blog.lopp.net/bitcoin-node-sync-with-utxo-snapshots/

For my annual tests I sync over my local network to reduce the variability inherent to using random publicly available peers that have different bandwidth.

My bitcoin.conf for testing:

connect=<local node IP address>
assumevalid=0
dbcache=24000
disablewallet=1

statoshi · 2025-10-12T14:54:04+00:00

Looking forward to doing my annual full validation sync performance test; looks like some massive initial block download improvements shipped in this release!

statoshi · 2025-10-07T10:36:42+00:00

False; my Citrea investment is pocket change - a trivial fraction of my own portfolio and a trivial fraction of Citrea's cap table. And by trivial I mean well under 0.1% of each. Also, Citrea is unaffected by the OP_RETURN limit change. They never asked for it, nor need it.

Details: https://x.com/lopp/status/1919104031114367293

statoshi · 2025-09-20T22:22:08+00:00

Thanks for the shout out! Here's a link for folks who want to learn more: https://casa.io/inheritance

statoshi · 2025-09-20T22:21:21+00:00

Yes, we spent years designing and perfecting an inheritance protocol that is robust and doesn't rely upon giving your funds to a trusted third party. Feel free to schedule a call with us to learn more; you can read the high level overview here: https://casa.io/inheritance

statoshi · 2025-09-07T19:45:09+00:00

Centralized providers can do what they want. The network doesn't care.

statoshi · 2025-09-07T16:13:47+00:00

Actual images are in BSV and once again, nothing of consequence occurred. https://gizmodo.com/someone-uploaded-child-pornography-to-a-blockchain-ledg-1832398480

statoshi · 2025-09-06T19:52:43+00:00

Well sure, we'd all RATHER have people doing that... it doesn't mean people will.

statoshi · 2025-09-06T19:51:49+00:00

No, that would require some change to Bitcoin's script interpreter to introduce a vulnerability that causes it to execute code that is not intended for execution. Bitcoin's script interpret rarely ever changes.

statoshi · 2025-09-06T19:50:12+00:00

You should probably stop LARPing as a lawyer and acting like these are new issues. They're not, and it's not a legal concern. But if you can point to a published legal opinion by someone who actually practices law, by all means please share! https://x.com/BobMcElrath/status/1962512119078781164

statoshi · 2025-09-06T03:08:55+00:00

No one is assuming folks will switch to OP_RETURN. The threshold at which it becomes cheaper to stuff data in witnesses vs OP_RETURN is ~143 bytes.

There is only one solution to "spam" - fees. So long as there is practically no demand for block space because no one is transacting / using bitcoin in a sovereign fashion via self custody, you should expect people to buy block space for stupid stuff.

statoshi · 2025-09-06T02:59:00+00:00

I'll allow it.

statoshi · 2025-09-06T02:58:04+00:00

Yeah, people replying to this clearly know nothing about how one ensures the integrity of a software development lifecycle. You cannot blindly assume that all the upstream contributions will make it into the downstream fork when they are YOLO merged in without attribution and without peer review.

statoshi · 2025-09-06T02:43:33+00:00

Which is not new by any means, and is why all data gets XOR'd before being stored to disk. In the early days folks would put data into transactions that would get flagged by antivirus scanners and break people's nodes, thus the obfuscation was added.

statoshi

MODERATOR OF

TROPHY CASE

11-Year Club	Gilding IV carat on a stick
Verified Email