This Week in Custody is a newsletter covering technical and narrative developments in digital asset custody written for wallet engineers, digital asset operators, and security engineers.
News
Coinbase Wallet plans support for hardware wallets. I’m really excited about this and hope this encourages new users in the industry to adopt better security practices around their self-custody.
Coinbase releases an open source cryptography library. Here is the accompanying blog post.
Facebook’s Novi wallet starts a pilot program on WhatsApp.
NYDIG raises $1 billion.
Bitcoin
Hosted channels on the Lightning Network.
The team behind BDK releases a second part to their Taproot guide.
Chainalysis is adding Lightning Network support for its surveillance tooling. Its likely that we will see broader adoption of LN by enterprises following this news.
Stackexchange answer breaks down key spend and script spend for P2TR outputs.
Spiral (formerly Square Crypto) releases a fun video explaining Lightning Development Kit.
Ethereum
Paradigm announces Foundry, a SDK for Ethereum developers.
Other Chains
Confidential SPL tokens on Solana.
Auditing Solana smart contracts.
Thread on retroactive learning from developing on Solana.
Cosmos shares a year in review report.
Security
Newly published paper on two attacks against threshold ECDSA implementations.
Project Zero does a deep dive on the infamous NSO zero-click message exploit.
Go 1.18 beta release includes official support for fuzzing.
The vulnerability in Log4j has made headline news. It is not worth rehashing the news in this format, but the situation strikes a common trend on the fragility of open source software. Filippo writes a piece on the sustainability issues in open source software.
Software supply chain attacks in open source software.
Using Trezor with age (Go encryption tool).