Michael Ford
@fanquake
Followers
7K
Following
5K
Media
144
Statuses
5K
The Bitcoin Core development process and distribution model actually makes it somewhat harder to fix security issues, compared to other serious software distributors. Take Google Chrome as an example. The CVE fixing happy path is to develop and review a fix in private, push that
@adam3us They can always push security fixes in v29 like any serious software distributor does, not forcing anyone to upgrade to unwanted/unprepared for functional changes… and I should know I work for a software editor for 15+ years
27
69
270
OSS-Fuzz is experimenting too:
github.com
LLM powered fuzzing via OSS-Fuzz. Contribute to google/oss-fuzz-gen development by creating an account on GitHub.
0
0
2
Good chat. The answer to “Are LLMs useful for fuzzing?” is ~Yes. They’ve been used at @bitcoinbrink to generate boilerplate, explore new approaches/tooling & generally experiment. Proving useful so far.
TFTC 671 w/ @theinstagibbs: "The payment tech still isn't there. If BTC payments need to take off non-custodially, the infrastructure must be ready before the demand." We discuss: ⚡️ BTC Core v30 improvements ⚡️ Eclipse attacks & peer protection ⚡️ Future of Bitcoin scripting
2
3
28
We've released v29.2. If you're running a 29.x release, and not upgrading to 30.0 (waiting for a 30.1, BDB removal, API changes etc), you should consider upgrading to 29.2. A 28.3 release will also become available soon, likely later this week: https://t.co/kXgZAvFH0S.
github.com
Backports: ci: Properly include $FILE_ENV in DEPENDS_HASH #33581 Plus the changes to finalise v28.3
Bitcoin Core v29.2 was released! It is available from: https://t.co/TG74PZCrQZ Release notes:
24
13
92
v28.3rc2 has been tagged, with only a handful of additional changes since rc1. See here https://t.co/ivgNeFsWrq & https://t.co/YVxMLSjc0G. This will likely become v28.3 final.
github.com
Backports: contrib: fix macOS deployment with no translations #33482 [29.x] build: fix depends Qt download link #33563 Plus final changes for a 28.3rc2.
0
2
8
In ~2 weeks from now, we'll be disclosing 5 low severity vulnerabilities. We'll also shortly be releasing v29.2 & v28.3. The 27.x branch has now reached its end of li fe.
Bitcoin Core v30.0 was released! It is available from: https://t.co/WpMuMaeRoz Release notes:
18
38
181
We've made some changes to https://t.co/dy0X3Or4u2, to make Security Advisories easier to find, and the content of pre-annoucements more clear. You can find the updates here:
bitcoincore.org
Security Advisories
9
11
49
Note that v29.2 has also been tagged today, which contains a number of bugfixes. See changes in https://t.co/aavRPJStfd & https://t.co/ePbytFXYCn.
github.com
Backports: rpc: fix getblock(header) returns target for tip #33446 doc: rpc: fix case typo in finalizepsbt help (final_scriptwitness) #33484 Mempool: Do not enforce TRUC checks on reorg #33504
0
5
27
v30.0 has been tagged. Binaries will be available shortly, and the website updated soon after that: https://t.co/CHN2ZjJ5c6.
60
26
165
This should be the final release candidate before v30.0 is tagged. Instead of producing a 4th rc, and delaying the release further, a number of (mostly IPC related) changes have been pushed to v30.1, they can be found here:
github.com
Bitcoin Core integration/staging tree. Contribute to bitcoin/bitcoin development by creating an account on GitHub.
A new release candidate of Bitcoin Core, v30.0rc3, is available for testing. This is a new major release, and follows v29.0. It is available here: https://t.co/8FLkdBqus2 Work-in-progress release notes are available here:
14
12
53
Test binaries are not yet available, but you can find the tag here:
github.com
Tree-SHA512: 90bffbb6dfe2b512167b5e08253ea163b714505ec3ef2247d798c40b30713a7db13cf0b5486b5f9e0e5b3ba53108dfaeea47276c40816eeb81065d42bd402379
0
0
4
A third release candidate for v30.0 has been tagged. It includes these changes:
github.com
Backports: depends: static libxcb-cursor #33434 rpc: fix getblock(header) returns target for tip #33446 docs: Undeprecate datacarrier and datacarriersize configuration options #33453 bugfix: miner...
13
13
50
📜📈
I am sorry to interrupt whatever drama is happening in Bitcoin today, but I like the idea of bringing back Bitcoin's programmable money and untethering weird and wonderful Bitcoin creations.
0
0
4
There will be an rc3. It will include https://t.co/nxNweYBPTu, as well as anything on the v30 milestone: https://t.co/A34CwFaJgX.
0
1
4
A second release candiate for v30.0 is available. It includes the changes from https://t.co/tRhEZcW7N1 & https://t.co/9kNlnVcp9S.
github.com
Backports: p2p: Increase tx relay rate #28592 ci: disable cirrus cache in 32bit arm job #33302 coins: warn on oversized -dbcache #33333 test: Avoid interface_ipc.py Duplicate ID errors #33420 buil...
A new release candidate of Bitcoin Core, v30.0rc2, is available for testing. This is a new major release, and follows v29.0. Work-in-progress release notes are here: https://t.co/5oFSOBoXGM It is available here:
3
5
23
Number (of bugs found) go up; and not just in Bitcoin Core.
Brink is excited to announce the addition of two interns to our team! Dongjia and Stratos will work with Niklas Gögge (@dergoegge) on fuzz testing Bitcoin Core for the coming 3 months. We look forward to updating you on their progress. Welcome Dongjia and Stratos!
1
2
15
A high-level look at many years of (ongoing) work, to remove third-party risk from Bitcoin Core.
The security of Bitcoin Core’s codebase is rightfully emphasized in discussions of the Bitcoin network’s resiliency. But Bitcoin Core’s code is not the only code executed when running Bitcoin Core... https://t.co/mkOzZV5pDr
1
3
16
Taking advantages of features shipped in Core v29.1 is already in the pipeline: * orphan handling improvements * ephemeral dust / v3 transactions * feerates below 1 sat/byte https://t.co/y0IN8tJzm3
github.com
Update Bitcoin Core to v29.1. This release doesn't contain any breaking change. It contains the following interesting features that we want to leverage in future eclair versions: orphan ha...
0
1
6
