Hear me out, PONS: Proof Of Non-Spam for Bitcoin! I was discussing with @Luke Dashjr about various usage of ZKP for Bitcoin, and he came with this intriguing idea to use Zero Knowledge Proofs to fight spam on Bitcoin (without breaking some designs such as BitVM). Initially I was sceptical, but the more I think about it, the more I am convinced that it could be a very interesting idea to explore. Just to be concrete, here are some examples of valid / non spam materials that could be theoretically proven via a system like PONS: - Schnorr public keys: Prove knowledge of corresponding private key - Hash preimages: Prove knowledge of data hashing to claimed values - Taproot scripts: Prove leaf scripts are valid Bitcoin Script, not arbitrary bytes - Merkle roots: Prove correspondence to actual Merkle trees of valid elements As usual, I like to experiment and play with ideas, so I started to implement a proof of concept of this idea, for the minimalistic simplest example here that is: prove that a public key is "real" and not a "fake" public key. You can see in the demo video below the following flow: - Generate a Schnorr public key and its corresponding private key - Create a digital signature of an arbitrary message - Run a Cairo program that verify the signature against the public key - Generate a STARK proof of the Cairo program execution using STWO prover - Verify the STARK proof using STWO verifier Sorry Luke Dashjr I know that you consider Rust as a woke language haha, but for now we have the STWO prover and verifier only implemented in Rust, so I used it for the demo. We can easily integrate the STWO verifier in Bitcoin Core or Knots via ffi though (as we already did in another POC). So of course here it's completely overkill to use a STARK proof for this and you could do it much more efficiently without a ZKP, but it is to show how the architecture could look like end to end. There are many interesting design questions, like how to make nodes / miners play nicely and prioritise transactions with valid proofs, how to incentivise the generation of proofs, how to make it efficient and not bloated, etc. I am curious to hear your thoughts on this idea, and if you think it could be a good idea to explore further.

Breaking news coming from El Salvador today, let me introduce you the first Starknet powered Bitcoin ATM in the world! Edgar did the first ever Bitcoin purchase from a K1 ATM where the funding is coming from a Starknet wallet via an atomic swap to Lightning!

Spending some time with the great folks at @My First Bitcoin working on such an important mission: Bitcoin education in El Salvador and all over the world. As I was told here: Mi Primer Bitcoin is a MOVEMENT!

Yosh Nostriches, I am in San Salvador this week. Any recommendations for Bitcoiners to meet there or cool places for Bitcoiners in general.

I was chatting with the Alby wallet team about their Lightning MCP server using Nostr Wallet Connect. Forked it to integrate Lightning <> Starknet atomic swaps via Atomiq Labs SDK. In the demo, I fired up Claude Code (also did it with Goose) and asked it to handle an end-to-end swap: "swap 311 sats to STRK". It executed perfectly, pulling from my Primal wallet via NWC connection string and performing the swap. Fully trustless (HTLC reverse submarine swap). Exciting times for building Bitcoin apps with AI. 🧡 #Bitcoin #BitcoinAI #ClaudeCode #Goose

Bitcoin covenant toolkit: A deep dive into CTV and CSFS

HackMD

Bitcoin covenant toolkit: A deep dive into CTV and CSFS - HackMD

Together, CTV (proposed in BIP-119) and CSFS (BIP-348) enable forms of covenants – restrictions on how coins can be spent after they leave an out...

Built a proof of concept of Bitcoin vaults to showcase CTV & CSFS on Mutinynet signet. Basic vault: Funds locked to a P2TR output with a single leaf CTV script committing to a trigger tx template. Trigger moves to a conditional P2TR: IF branch requires CSV delay + hot key sig; ELSE is CTV to cold address (immediate, no sig). NUMS internal key forces script spends. Hybrid vault extends to two leaves: One for CTV path (same as basic). Second for CSFS: Verifies a Schnorr sig over a delegation message (e.g., "EMERGENCY_DELEGATION:AMOUNT=...:RECIPIENT=...:EXPIRY=...:VAULT=...") from treasurer key, allowing direct spend to recipient (escape hatch). Demo flow 1: Cold clawback via CTV. Fund vault P2TR. Broadcast trigger (satisfies CTV from vault). Then broadcast cold tx from trigger (ELSE branch, satisfies CTV to cold). No delay. Works as emergency response if trigger detected (e.g., hot key compromise). Demo flow 2: Delegation via CSFS. Treasurer signs message authorizing ops team to spend X sats to Y by Z block (though the amount and other dynamic transaction params are not enforced in the demo, would require OP_AMOUNT, might be possible forcing the spender to provide the transaction data in the witness, check the signature of the tx data with CSFS, and then introspect the transaction elements we want like the amount, but not sure the parsing / splitting of the transaction elements would be practical). Spend vault directly via CSFS leaf: Witness includes sig, message hash, treasurer pubkey, script, control. Bypasses CTV/timelock for authorized emergencies.

GitHub

GitHub - AbdelStark/doko: Bitcoin Vault proof of concept using CTV + CSFS

Bitcoin Vault proof of concept using CTV + CSFS. Contribute to AbdelStark/doko development by creating an account on GitHub.