This Week in Custody #10

PTLCs, Scaling Ethereum, and ATM security.

This Week in Custody is a newsletter covering technical and narrative developments in digital asset custody written for wallet engineers, digital asset operators, and security engineers.


  • U.S. Bank Custody. Traditional banks continue to offer custody for popular cryptocurrencies to their clients. This week, its U.S. Bank. It looks like they are not building their own custody systems, but instead relying on sub-custodians like NYDIG.

  • Square. Square launches a newsletter covering their approach to self-custody.


  • The Blocksize War. This weekend I took some time reading Jonathan Bier’s The Blocksize War. Highly recommend! The scaling wars in Bitcoin were not too long ago, but it also feels like a distant memory.

  • PTLCs. Mailing list discussion on replacing HTLCs used in the Lightning Network with Point Time Locked Contracts (PTLCs). Suredbits has an excellent blog post series explaining PLTCs.

  • Bitcoin Problems. A list of open-ended research problems in the Bitcoin ecosystem.

  • Adaptor Signatures. Testing adapter signatures in the context of PTLCs.

  • MPC HD Wallets. Excellent survey of using MPC in the HD wallet context.

  • Bitcoin in Python. From earlier this year, but a great tutorial on learning Bitcoin with python.

  • MuSig2. Video explanation of MuSig2.

  • Dust HTLCs. A new CVE is disclosed that affects several LN implementations. A new LND release has been tagged. Lightning Labs also released a dust tool to survey affected channels.

  • State of LN. Arcane Research published a widely shared report on the Lightning Network.


  • Security. Secureum is running a bootcamp on smart contract security. For those that want to follow along, they are releasing videos.

  • Phishing. More phishing attempts targeted at Metamask users.

  • Security Standards. Repo attempting to standardize the security standards of smart contracts.

  • Flashbots. The Flashbots Project announces a new API titled Flashbots Protect.

  • Scaling. Approachable beginner guide to scaling Ethereum.

  • Hardhat. Hardhat is working on a VS Code plugin.

  • Podcasts. The Zero Knowledge Podcast has an episode on WalletConnect. Stephan Livera has an episode with the CTO of Ledger.

Other Chains

  • Solana. A post for understanding Solana from an Ethereum developer’s POV.

  • Polkadot. Part 3 on XCM in Polkadot.


  • Twist Attacks. Excellent overview on Secp256k1 twist attacks.

  • ATMs. Kraken identified vulnerabilities in the popular General Bytes (GB) Bitcoin ATM. It appears that the ATMs shipped with a uniform default password. Akin to not changing the default password on a WiFi router, it is likely that Bitcoin ATM operators did not change their password. This means anyone with an QR code of the default password can interact with the software admin interface as well as modify hardware inside the machine. No tamper detection either! It appears that GB was notified in April. Let’s hope most operators got the memo! 🤞

  • AWS Ransomware. Whitepaper from AWS on ransomware risk management.

  • Supply Chain. A GCC dependency depended on an http endpoint and it went offline for a couple days. Tweet.

  • Cosmic Rays. In the list of edge cases possible during key generation ceremonies, it’s important to add cosmic rays causing bit flips. It happens in the wild.

  • ECDSA. New paper out by researchers at Dfinity on the security of ECDSA additive key derivation and presignatures.

  • Bug Bounties. Tweet thread on developer experiences with bug bounties in the cryptocurrency ecosystem.

ICYMI, Bitcoin contributors can apply to receive a free ticket to Bitcoin 2022.

Have a great week!

This Week in Custody #9

Cloudflare focuses on Web3, BIP32 Security, BGP, and more.

This Week in Custody is a newsletter covering technical and narrative developments in digital asset custody written for wallet engineers, digital asset operators, and security engineers.


  • Cloudflare. Cloudflare announces a big push into Web3. Part of their announcement includes a focus on distributed web gateways.

  • Coinbase. A new Coinbase MFA vulnerability affects 6000 clients. Moving away from SMS 2FA is critical for reducing account takeover risks.

  • DeversiFi. A deposit to DeversiFi accidentally included a $23.7 million transaction fee. Here is a post mortem. A combination of a bug in EthereumJS and a UI issue in Ledger devices created a poorly crafted transaction.


  • Lightning Address. A popular dns-like standard called Lightning Address has been emerging that lets you map a human readable URI to a server running a LNURL compliant API.

  • LNRouter. LNRouter Lookups service helps routing node operators by providing liquidity management recommendations.

  • Blinded Xpubs. An interesting approach to blinding xpubs when sharing with other wallet participants.

  • Electrs 0.9. New release of Electrs. Tweet shares release notes.

  • Bitcoin Core. New minor release of Bitcoin Core.

  • Scaling LN at Exchanges. I recently went on the Stephan Livera podcast to speak about scaling Lightning Network products at River.

  • Backdoors. Very interesting discussion on the bitcoin-dev mailing list last week on backdoors in Bitcoin. The discussion focuses on detecting backdoors and how maintainers and PR reviewers might respond.


  • New Bridges. Paper on generalizing weighted trees in order to bridge Bitcoin to Ethereum more easily.

  • Layer Twos. An updated overview of L2s.

  • Proofs of Custody. Great blog post introducing a “Proofs of Custody” scheme for Ethereum 2 validators.

  • NodeWatch. New explorer for Ethereum 2.

  • Beacon Chain. A new paper provides a security review of Beacon Chain clients.

  • Compound. Tweet thread on debugging the recent Compound bug using dapptools.

  • Infura. Guide to running your node alongside Infura’s node.

Other Chains

  • Monero Proof of Reserves. Paper on improving a Proof of Reserves protocol for Monero.

  • Privacy. Paper analyzing the privacy-enhancing techniques adopted in Bitcoin and other chains.

  • Zerojoin. Paper on combining Zerocoin and Coinjoin protocols.


  • BIP32 Security. More academic research on the security of the BIP-32 HD wallet standard. Very needed!

  • DIY HSMs. Slides from a talk from HCPP21 on HSMs.

  • Coreboot & FOSS. New podcast episode by Opt Out with a System76 engineer discussing Coreboot, FOSS, and general boot security issues.

  • BGP. Facebook services went offline yesterday due to a poorly configured BGP update. Patiently waiting for the epic post-mortem. Cloudflare wrote a post explaining the root problem. BGP has been a topic for cryptocurrency engineers for some time. Sharing this older paper on the risks that BGP has on cryptocurrency networks.

Have a great week!

This Week in Custody #8

This Week in Custody is a newsletter covering technical and narrative developments in digital asset custody written for wallet engineers, digital asset operators, and security engineers.


  • Twitter adds Bitcoin tipping. Twitter adds support for tipping using the Lightning Network. They partnered with Strike allowing Twitter users to authorize invoice creation from their Strike account. This is pretty exciting. However, a user has to perform KYC with Strike in order to receive payments. Sounds like a walled garden. To receive payments on LN without requesting a BOLT11 invoice, one can use spontaneous payments or offers.

  • IRS funds hardware exploits. The IRS is funding attempts to crack hardware wallets. Yes, state actors should always be part of your threat model.

  • OFAC. OFAC updates its list of crypto addresses. To stay up to date on this list, b10c has a tool for this on Github.


  • Strike API. Strikes announces its API and Twitter as its first customer.

  • LN Fee Siphoning. Someone has taken advantage of poor fee practices with some Lightning Network wallets to collect payments in the form of routing fees. This type of DoS vector has been known for sometime. The attack works like this:

    1. Create a node with high fee policies.

    2. Create an invoice that would always need to use the route with your node.

    3. Pay the invoice from a wallet that subsidizes fees. The node (attacker) will collect the difference as profit.

    The solution is to always charge users for their withdrawals. Using fee estimation and charging the final fee mitigates this attack.


  • Diligence Fuzzing. Consensys releases a new product to its suite called Diligence Fuzzing. It’s a fuzz corpus that you can run your fuzz functions against to test for popular vulnerabilities in smart contract code.

  • Hardhat Ignition. Nomic labs teases an extension to the Hardhat testing framework.

  • Account Abstraction. Vitalik writes about ERC 4437.

  • Solidity 0.8.8. Release notes for Solidity 0.8.8.


  • What’s in Your Wallet? New paper enumerates the privacy issues in Web3 wallets.


  • Linux Plumbers Conference. Videos are online from the Linux Plumbers Conference. Lots of good topics covered, but the most relevant might include system boot and security.

  • Vendor Security 2.0. Nice writeup on vendor security.

  • REvil Ransomeware. Wait, the FBI has a decryption key? Always had it.

  • Firmware Security. A review of attack vectors in firmware.

Have a great rest of the week!

This Week in Custody #7

Robinhood, Block Explorers, and Operator Playbooks.

This Week in Custody is a newsletter covering technical and narrative developments in digital asset custody written for wallet engineers, digital asset operators, and security engineers.


  • Robinhood. Robinhood teases crypto wallet support. I can’t wait for blog posts from them on the work they’ve done so far to operate at their scale.

  • Trezor Firmware. New Trezor suite and firmware updates include EIP-1559 compatibility and support for completely offline setup. Its news to me that Trezor suite was did not support air-gapped operations, but perhaps this suite makes it easier for consumers to take extra care of their self-custody.

  • Block explorers. Chainalysis is allegedly using a block explorer to de-anonymize users. This initiative has helped law enforcement by sharing IP addresses of users that query for suspicious addresses. This is an old block explorer, and the owner of the website did join Chainalysis shortly after it was built. This is another data point regarding the importance of minimizing meta-data leakage from basic data queries. It is fundamentally important to own the entire stack including node infrastructure and chain indexing data.


  • Lightning Node Management. Openoms has an open source gitbook on best practices for Lightning Node management. Highly recommend!

  • Taproot support. Taproot activation is around the corner. Specter Wallet’s latest release adds support for single-key taproot for regtest and signet.


  • Yearn Playbook. Insightful tweet thread on the tooling, operations, and observability efforts managed by the Yearn Finance team. I really like their playbooks for various operator situations. It would be very useful for more projects to share their playbooks for transparency and showcase their disaster readiness.

  • Entropy. MyCrypto writes an introductory blog post on the concept of entropy.

  • Smart Contract Security. OpenZeppelin shares a set of smart contract security guidelines.

  • Ledger <> Etherscan. Ledger partners with Etherscan in displaying security reports on addresses in their block explorer.


  • Polkadot. Incase you missed it, Gavin Wood wrote a two-part blog post on the Cross-Consensus Messaging format (XCM) used in the Polkadot ecosystem. Part One and Two.


  • NIST Supply Chains. Nist has a new report on supply chain validation.

  • Netflix. New blog post on securing Netflix at scale.

  • Go crypto/tls. This blog post shares the design decisions in a new ordering of ciphers in Go’s crypto/tls package. I really appreciate the effort by the Go team to design safe cryptography APIs within the standard library. Worth reading to understand the trade-offs involved in designing a good crypto library! Here’s an excellent takeaway:

    “This is consistent with our general philosophy of making cryptographic decisions whenever we can, instead of delegating them to developers, and with our cryptography principles.”

  • Go Fuzz. Go 1.18 will have native fuzzing support. Awesome!

Have a great rest of the week!

This Week in Custody #6

Lightning Network, Web3 Dependencies, and more.

This Week in Custody is a newsletter covering technical and narrative developments in digital asset custody written for wallet engineers, digital asset operators, and security engineers.


  • Kraken CSO profile. Verdict writes about the security efforts at Kraken.

  • UI Fractionalization. Recently, a reader brought up an interesting find that Ledger Live’s UI and functionality varies based on jurisdiction. For example, some users cannot swap assets easily based on country location. Compliance to local laws is nothing new, but I wonder what sort of enforcement might creep its way into the firmware code.

  • CACEIS. CACEIS, a very large European bank, is building its own in-house custody unit.



  • Clockwork Finance Framework. A new paper creates a framework for analyzing the economic security properties of smart contracts.

  • Dependency Graphs. A running issue in Web3 is the large dependency chain involved. For many users accessing Ethereum through their browser, the dependency chain includes the wallet (e.g. Metamask), web browser, host machine, hardware wallet vendor library, and finally the firmware on the device. Any breaking change in the chain cascades fairly quickly. A recent twitter thread highlights the challenges of a single change done in Google Chrome. Is there a framework for handling these dependencies?

  • dapptools-rs. New rust implementation of `dapp` and `seth` for dapp development tooling.


  • Travis CI. It appears that environment variables of all public Travis CI repos were potentially leaked.

  • NSO. NSO’s zero-click exploit has been found in the wild. The impact of this vulnerability is staggering. Update your Apple devices.

Thanks for reading. Have a great week!

Loading more posts…