This Week in Custody #42
This Week in Custody is a newsletter covering technical and narrative developments in digital asset custody written for wallet engineers, digital asset operators, and security engineers.
Last Week’s Most Clicked
Private keys are increasingly being revealed in US courts as part of discovery or pre-trial motions.
Auditing Crypto Wallets is an excellent primer that covers a lot of security details when it comes to developing non-custodial wallets.
Coinbase covers LN growth metrics.
Coinbase covers the Web3 developer stack.
Clockwork raises to improve to build “decentralized” lambdas.
Omni raises money to build its noncustodial wallet.
Block’s hardware wallet team talks about wallet recovery.
Transaction validation in Bitcoin using Cairo.
Building Channel addresses.
Liquidity guide for LN.
Rapid Gossip Sync protocol for LN,
Ledger asks developers to try out the upcoming Miniscript support.
Tweet thread collects latest research papers on LN.
NBER working paper on the usage of the Chivo wallet (El Salvador’s state-sponsored Bitcoin wallet).
despite the government’s “big push” and a large fraction of people downloading Chivo Wallet, usage of bitcoin for everyday transactions is low and is concentrated among the banked, educated, young, and male population.
Paradigm writes about data availability.
Coin Center explains how Tornado Cash works.
Ideas to compress bytes used in an ERC-20 transfer.
Ethereum Tags Database.
Trail of Bits has a guide on building secure smart contracts.
Matic’s Plonky2 is open source.
Flashbots discusses how searchers might be affected from the Merge.
Arbitrum Nitro whitepaper is released.
Nomad creates a repository containing data related to its bridge hack exploit.
Great coverage of the new Group and Governance modules in the Cosmos SDK.
Acala’s aUSD hacked.
Compound’s cETH market freezes following a bug.
Solana team OptiFi locks funds in a Solana program by calling the wrong method.
Skynet Labs is shutting down.
Binary Ninja: reverse engineering Solana.
An introduction to Move from an auditor’s perspective.
Vulnerability disclosure of an Avalanche DoS vector.
Coinbase has an analysis of the Celer Bridge incident.
Mysten Labs releases fastcrypto: a common cryptography library used by the project. Written in Rust.
Ledger Labs shares how linkable ring signatures can be used to improve privacy for users.
a16z has an excellent write-up on trusted setup ceremonies for zero knowledge protocols. In the post, the authors cover some history of famous setups like the original Zcash trusted ceremony as well as discuss a perpetual “powers-of-tau” setup ceremony. The team also open sources an on-chain KZG for EVM networks.
Constant-time not guaranteed by Intel and ARM CPUs?
ZK Whiteboard Sessions by ZK Hack are video tutorials on zero knowledge protocols.
General Bytes, a popular crypto ATM provider, suffers a vulnerability that allows remote privilege escalation.
Google’s blog announcement on Project Paranoid.
Open questions related to improving responsible disclosure in cryptocurrency.
Thanks for reading. Have a great week!
Thanks for reading This Week in Custody! Subscribe for free to receive new posts and support my work.