We made a bit of history at @BTCPrague. The first bitcoin payments using zero-knowledge proofs were sent over Lightning. Discussed by Satoshi 2010, ZK can improve bitcoin privacy. Our experiment was the first real-world demo to showcase how:

Giving away even more sats tomorrow and I will have **zero knowledge** about your balance Find me around if you want some private beers

fun 12 hours for @lxdev_ after fixing some last minute bugs, we're onboarding our first users at @BTCPrague. @otaliptus or @stutxo are on the ground if you wanna test unrelated photo of zerosats' first payment to a bark wallet ⚡️

The trade-off of proving HTLC in ZK became obvious quite early: instead of waiting 20 mins (on average) the swap timed out in 80 mins.

My coinjoin coordinator just surpassed 500,000 BTC in total volume! Bitcoin is a privacy coin.

team just added direct LN support via our @NoirLang htlc circuits now we can facilitate LN payments directly from the shielded layer currently testing. likely to be available on mainnet tomorrow after we confirm this is steady, we'll roll out alpha access

Claude could code you $1B startup, but it will cost probably $1.1B worth of tokens.

Soon with Lightning and zero knowledge HTLC.

Excited to double up on @lxdev_ following the @BTCFiNetwork Privacy is critical for Bitcoin’s long term success. Without it, money becomes surveillance infrastructure hurting fungibility, personal security, and censorship resistance.

the concept that bitcoin use is private with the correct skill set is true but only in the sense that a) it's not a guarantee tx will remain private forever b) the skill set to use it means there are ~10k people in the world that can do it and c) probably a 1/3 of them are spooks

Taking a note: offer a bitcoin derivative when bootstrapping a prediction market platform.

Yeah Sex Is Cool But... Did you try to remove and restore #Bitcoin Lightning Network wallet and avoid force closing channel?

reminder: the only bitcoin l2s that are trust-minimized are lightning and ark trust-minimized means a user has an onchain guarantee that they alone can unilaterally exit with their l2 funds this is provided through 1) a pre-signed exit transaction and 2) a *provable* assurance that they are the *only person* who can spend their l2 funds on bitcoin alternative blockchains with pegs do not, and can not, provide this (liquid, citrea). statechains do not, and can not, provide this (can't prove key deletion) ecash mints, federated or otherwise, do not provide this lightning provides this through continually updating channel state via psbts. you can challenge malicious channel closures with a justice tx ark provides this through an ability to spend your vtxos into an onchain commitment where you have full control of funds statechains have similar guarantees to ark offchain, but do not let you intermittently update your balance onchain ark and lightning can be used in a trusted way, but that does not make the protocols themselves trusted lastly, the fact that lightning and ark can be more complex, too expensive, or restrictive for any other reason, does not make them trusted. it makes them complex the reason people obscure this definition is 1) they don't care 2) they don't know (which is totally fine) 3) they do care but we all gotta pay the bills i likewise have bills to pay, so i'd like to announce that our new statechain will be trust-minimized and anyone else's isn't 😄 jk

i will try to explain the argument even though i don't agree with it anymore rollups are the only type of sidechain that *can* be trust minimized in the event of a soft fork. they are not trust minimized in their current state. trust minimized means that users have a cryptographic guarantee that they can leave the system whenever they want (unilateral exit). Liquid, RSK, etc., can never provide this. you will always trust sidechain operators (miners, stakers, functionaries, etc.,) to be honest. rollups, in their current state, are arguably more centralized and less trust minimized than all bitcoin semi-legit sidechains, so none of this really matters. still, i'll elaborate the reason that rollups can be more trust minimized sidechains is that rollups are subsets of bitcoin - they rely on bitcoin for ordering and data availability when updating the state, rollup full nodes are the parties that effectively decide whether the state is "valid" - i.e. the sequencer cannot post an invalid state root // diff to bitcoin and advance rollup state. if it posts a blob of "incorrect" data the system will halt. rollup nodes always check bitcoin to determine if state is updated. sequencer just provides preconsensus. sequencer and prover can't steal (ideally) so the sequencer posts data to bitcoin, full nodes (who are also bitcoin full nodes) check the state by looking at rollup tx's in bitcoin, state good, move on. if not everything stops so while people think the sequencer is the one who ultimately decides the ordering, it's not really the case. bitcoin provides ultimate ordering and makes said data available to rollup full nodes to validate // advance their state. because of this model, a "prover" cannot create an invalid validity proof to checkpoint the bridge and steal all the money. it too could yeet some fake data, but the bridge would be unable to validate it. in this perfect world, a "zk rollup" would have the bridge be secured by cryptography and cryptography alone. but, there's a catch! bitcoin cannot verify a validity proof within a single bitcoin block (script size too large). we need new opcodes to do this (i.e. GSR). this means that we do not have a system where the bridge is secured by cryptography alone. because of this, citrea's bridge relies on a bitvm implementation via a federated set of operators for a number of roles & functions. tl;dr citrea's bridge has three spend paths: 1. 10-of-10 multisig (federation) 2. 3-of-5 security council (smaller federation) 3. bitvm pre-signed operator fronted tx's that can be challenged if invalid by one of the 10, federated operators ultimately, the core security model is that 10 people can steal your money or 3 can. as you can see, this is not a system secured by cryptography alone (which is what a "zk rollup" really is) there are other benefits for users if bitcoin is used as a DA layer (i.e., users can bypass the sidechain operator and force their transaction into a sidechain block), but it really comes down to the bridge. the reason to build a rollup, in the context of bitcoin, is because rollups can have really good bridges in theory if soft fork. if the bridge isn't better than liquid, than i agree, the entire premise is a bit weird because it's more costly at the end of the day for rollup users and not very scalable because bitcoin has very low throughput if bitcoin had a soft fork and could do real "zk rollups" (zk is just a marketing term fwiw, the correct term is "validity rollup" and even i think that is a marketing term), then any user could start a rollup full node, from genesis, by querying data from bitcoin. they could run their own prover and generate a validity proof of current rollup state to prove to some bridge that they can spend their funds out of it. this is amazing in theory, but in practice *very* hard to build sorry for the novel. as i've presented, there's an argument that rollups are great systems if you think bitcoin is getting a soft fork, but in current state, i don't see how rollups are more secure than sidechains from the lens of a "bitcoin asset" user unless their bitvm implementations are: 1) sufficiently large and 2) w/o security councils. even then, im not sure how great the improvement is

Kraken: We regret to inform you that we have closed your Kraken account. We apologize for this inconvenience and appreciate your understanding. Also @krakenfx: Rate your experience

Bisq v1 has experienced an exploit in its trade protocol that allowed an attacker to drain a portion of available offers.

Bitcoin Lightning ecosystem has become a ghost town. Meanwhile the network itself resumed slow growth after correction.

A IA que hackeia qualquer software do planeta foi hackeada por amadores do Discord no dia do lançamento. Parece piada. Mas não é. A Anthropic criou o Claude Mythos: uma IA tão perigosa que se recusou a lançá-la ao público. Criou o Project Glasswing, um programa de acesso controlado restrito a empresas como Apple, Google, Microsoft e NVIDIA, com protocolos de segurança de nível governamental. Aí um grupo de curiosos em um canal privado do Discord usou informações de um data breach e acesso de um contratante terceirizado pra adivinhar a URL do modelo. E tem usado o Mythos desde então

Projects in Lightning are constantly rugged/exploited because many of them are not funded at all. However, the network is distributed and works as an actual offchain settlement network. This is why it is incredibly resilient. Everything Lightning operator needs are electricity, Internet and some Bitcoin.

Yes. But it could be just LNURL-enabled Bitcoin-only wallet and vault.satsbridge.com