This Week in Custody is a newsletter covering technical and narrative developments in digital asset custody written for wallet engineers, digital asset operators, and security engineers.
Bitcoin
Lightning Network Offers. There’s a website which highlights Offers, a draft specification that aims to replace BOLT11 invoices. Rusty Russell appears in a podcast to discuss it further. Overall, it looks like a very promising primitive for LN for several reasons including setting a standard for recurring payments, convenient proofs, and paves the way for a clean user experience.
PSBT Visualizer. A new online visualization tool for examining serialized Partially Signed Bitcoin Transaction (PSBT) objects. The original version of the format is described in BIP174. The second iteration of the format is outlined in BIP370. The format has become a standard payload format for interfacing with signers.
Ethereum
Geth hotfix. There’s a high severity security issue affecting Geth and its downstream projects. A newly tagged v.1.10.8 release patches the vulnerability CVE-2021-39137. No concrete details yet.
Liquid exchange. Liquid has an incident where funds were moved from their warm wallets.
Metamask UX. Metamask adds a warning to its sync with mobile feature. There always seems to exist a tradeoff between usability and security in user experience design.
Poly Network. It seems that Poly Network has been able to recover most of the funds that were stolen in its recent hack.
Plonk. A series of blog posts on PLONK.
Security
Cloudflare uses zero knowledge proofs. Cloudflare shares a novel way of using zero knowledge to attest hardware without revealing the metadata details of devices.
Roll your own crypto, then smoke it. Fascinating podcast and response to the “roll your own crypto” debate.
Thanks for reading. Have a great week!