Welcome to the inaugural issue of this newsletter. The scope is to cover technical and narrative developments related to digital asset custody. Each weekly post will contain technical and narrative updates in the space that might be useful for engineers, wallet operators, and practitioners in the cryptocurrency industry. Thanks for reading and let me know what I missed!
News
Bitcoin
Spending Taproot (P2TR) outputs before activation. 0xB10C writes a blog post illustrating Taproot spending rules before and after the softfork is activated. Several SegWit V1 output scripts were spent and the proceeds were donated to Brink.
A concise explanation on softforks:
A softfork forbids something that was previously allowed once it activates.
Preparing for Taproot. Bitcoin Optech has been publishing a weekly segment in its newsletter showcasing steps for wallet developers on preparing for Taproot.
Ethereum
MEV searchers grind addresses. On a recent Uncommon Core podcast, MEV Senpai shares a trend that MEV searchers are grinding their address generators to find addresses with leading zeros. This is similar to vanity address generation, but the intent is to have cheaper overall fees. This post goes into depth on why a zero in an Ethereum address reduces gas cost.
London Hard Fork. Consensus around the hard fork was successful. Several wallet libraries have been updated to conform to the new EIP-1559 fee standards.
Nonce re-use attack. This attack is from a month ago, but really fascinating. It is well known that ECDSA has a critical weakness when a nonce is reused. An attacker took advantage of nonce reuse and was able to recover a key worth $7.9 million.
Polkadot
Slashing. Polychain Labs writes an overview of the slashing mechanism on Polkadot.
Security
Rolling your own Crypto. New paper adds evidence to the adage of never rolling your own crypto.
Ledger discusses security trade-offs in software wallets. The post provides a concise explanation on the merits of software isolation.
MPC-as-a-service with audit-ability. Paper outlines a novel way to use MPC with a public audit requirement.
Facebook open sources a STARK prover and verifier. Winterfell is written and rust and is designed for arbitrary computations. Github repo here.
Requests for submissions are more than welcome! Let me know if any of the resources were helpful for you. Have a great week!