This Week in Custody is a newsletter covering technical and narrative developments in digital asset custody written for wallet engineers, digital asset operators, and security engineers.
As always, please let me know if I missed anything!
News
SEC comments on crypto custody. Gary Gensler, newly appointed SEC Chairman, comments on the agency’s plans to increase regulatory protections in the custody space.
Bitcoin
MuSig2. A presentation at Crypto 2021 describes the latest update to MuSig2, a practical multi-signature scheme that works with Schnorr signatures. MuSig2 is a fundamental primitive for key aggregation and a prerequisite for taking advantage of Pay-to-Taproot space-savings in the upcoming Taproot soft-fork. For more background on MuSig, Bitcoin Optech provides context.
Ethereum
Poly Network hack. An estimated $611 million stolen using a privileged contract call. This explanation provides an excellent summary.
IC3 Blockchain Camp. IC3 held a blockchain camp and published videos of the talks.
Coinbase Secure Trait Analyzer. DEF CON was last week and there was a series of interesting talks in the Blockchain Village. Peter from Coinbase shares the COSTA program which uses an abstract syntax tree to analyze smart contract function signatures to help automate security assessment for new assets. Very fascinating initiative!
Security
Awesome Rust Cryptography. A list of cryptographic libraries for rust development.
Go 1.17. New release of Go. I’m pretty excited about the new fuzzing framework that will be included in the standard library. This didn’t make the release as originally planned so we’ll have to wait for the next one. Until then, fuzzing is beta ready.
Dangers of Surprising Code. Sam from Paradigm examines “safe” functions.
—
Jameson Lopp compared sync times across different blockchain nodes. A clear takeaway here is that projects mostly cater to enterprise users that can afford to run expensive machines in data centers and hire infrastructure teams. Aside from the frequent crashes, Lopp highlights low-hanging fruit including read/write optimizations. These chronicles makes me appreciate all the low-level work contributors do to optimize IBD for Bitcoin.
Have a great week! Thanks for reading.