Skip to content

Instantly share code, notes, and snippets.

Avatar

chris-belcher

View GitHub Profile
@chris-belcher
chris-belcher / privacy-liquidity-divisibility.md
Last active Jun 3, 2021
How Wasabi Wallet and Samourai Wallet slightly degrade the divisibility of bitcoin
View privacy-liquidity-divisibility.md

How Wasabi Wallet and Samourai-Wallet-Whirlpool slightly degrade the divisibility of bitcoin

December 2018

I made this claim on twitter recently and many people wanted me to go into more detail.

Lots of privacy tech in bitcoin like coinjoin, coinswap, tumblebit and Lightning Network require many entities to come together to agree to make certain kinds of transactions. This creates a requirement that the right resources (coins) have to be in the right place,

View relaybot.config
#Can override these defaults per-section.
[DEFAULT]
#Twisted's default is 30 seconds.
timeout=180
port=6697
#A single channel to join, or a list of channels: #a-bridged-channel,#some-other-channel
channels=#joinmarket
nick=JoinMarketRelay
#Can change to allow more specialized behavior.
username=jmrelay
@chris-belcher
chris-belcher / alectryon.py
Last active Nov 7, 2021
bitcoin-blockchain-feed-bot
View alectryon.py
#jsonrpc.py from https://github.com/JoinMarket-Org/joinmarket/blob/master/joinmarket/jsonrpc.py
#copyright # Copyright (C) 2013,2015 by Daniel Kraft <d@domob.eu> and phelix / blockchained.com
import base64
import httplib
import json
class JsonRpcError(Exception):
def __init__(self, obj):
self.message = obj
View raw-privkey-dangers.txt
https://bitcoin.stackexchange.com/questions/29948/why-doc-says-importing-private-keys-is-so-dangerous
https://bitcoin.stackexchange.com/questions/18619/why-so-many-warnings-about-importing-private-keys
behave un-intuatively
'giving' a key to someone still means you have it
change addresses / paper wallets
@chris-belcher
chris-belcher / sorted-merkle-tree-issue693.md
Last active Jan 11, 2022
Sorted merkle tree as solution to issue #693
View sorted-merkle-tree-issue693.md

The Problem

JoinMarket has a problem where it assumes different nicknames have different bitcoin wallets. This can be exploited by people running multiple yield generator bots from the same wallet, so they get a higher rate of profit at the expense of de-legitimizing the system for privacy.

Crypto primitive 1: Merkle Tree

A merkle tree is a way of producing a commitment to a set, which can later can prove that elements are contained within the set using only O(logN) data, and only revealing one other element in the set.

For example here is a merkle tree commiting to a set of numbers {6, 3, 9, 0, 8, 4, 7, 2}

@chris-belcher
chris-belcher / getpeerinfo-parse.py
Last active Apr 13, 2019
getpeerinfo-parse.py
View getpeerinfo-parse.py
#run with
#/path/to/bitcoin/bin/bitcoin-cli getpeerinfo | python getpeerinfo-parse.py
#output looks like
#zlato@zlato:~/bitcoin-0.17.1/bin$ ./bitcoin-cli getpeerinfo | python getpeerinfo-parse.py
#services L=NODE_NETWORK_LIMITED N=NODE_NETWORK G=NODE_GETUTXO B=NODE_BLOOM R=NODE_REPLACE_BY_FEE W=NODE_WITNESS X=NODE_XTHIN U=UNKNOWN
# id addr user-agent iB se re conn'd ping serv lastr
# # host oO nt cv MMDD-HHMM msec ices HHMMSS
# 414 27.102.130.92 /Satoshi:0.17.1/ oF 20M 28M 0411-2005 358 LNBW 121021
# 417 139.59.34.217 /Satoshi:0.15.1/ oF 17M 46M 0411-2006 163 NBW 121019
@chris-belcher
chris-belcher / irc-own-pings.py
Created Dec 14, 2016
IRC script which sends its own pings without creating any other threads
View irc-own-pings.py
#irc script which sends its own pings without creating any other threads
import socket, random
from datetime import datetime
nick = 'testbot-' + hex(random.randint(0, 0xffffff))[2:]
hostport = ('irc.snoonet.org', 6667)
ping_interval_seconds = 30
ping_timeout_seconds = 60
View rbtc-censorship.md

r/btc markets itself as a "censorship-free" sub. In reality it attempts to silence the voices of people it disagrees with.

A few screenshot examples of censorship https://imgur.com/a/rHrtC

this article was deleted when posted, which describes how the mods of r/btc are roger ver's employees at bitcoin.com https://medium.com/@WhalePanda/the-curious-relation-between-bitcoin-com-anti-segwit-propaganda-26c877249976#.4mfo9qn3e

"Exploit code for the recent BTU attack - apparently this was posted to /r/btc, and of course, got censored. :)"

@chris-belcher
chris-belcher / JMalert.md
Last active May 15, 2022
JoinMarket release 0.2.0 ameliorates this snooping attack.
View JMalert.md