PLAY PODCASTS
BRH-012: BitDevs Radio Hour #12 - Transaction Introspection for $50, Exploits Hackathon, and Unhuman.store Agent Launch

BRH-012: BitDevs Radio Hour #12 - Transaction Introspection for $50, Exploits Hackathon, and Unhuman.store Agent Launch

ATL BitLab Podcast · ATL BitLab

March 13, 20261h 29m

Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.

Original episode page

Show Notes

Broadcasting live from ATL BitLab on Friday, March 6th, 2026, Stephen DeLorme and Alex Lewin cover Robin Linus's latest cracked-out discovery (BINOHASH: transaction introspection without soft forks using OPCHECKMU LTSIG quirks for $50 in cloud GPU grinding), post-quantum proposals for P2PKH outputs proving ownership via zero-knowledge STARKs (5.6MB proofs approaching feasibility), and the Hourglass V2 update limiting pay-to-pubkey spends to one Bitcoin per block to incentivize early quantum disclosure.

Alex announces React Native support merged in Fediment SDK after six months of Rust-to-native-modules work, enabling iOS and Android Fediment wallets with a few lines of code. Protocol proposals include Matt Corallo's draft BIP for 24-bit version field nonce space (miners already using seven timestamp bits) and Craig Raw's output script descriptor annotations adding birthday blocks and gap limits via URL query param format.

The security spotlight: Bitcoin++ Exploits hackathon in Brazil finds 10+ real bugs in 22 hours. MindSploit wins first place discovering three Stratum V2 vulnerabilities using Metasploit-like framework. B10C demonstrates Firefox allowing JavaScript to port-scan localhost and evict Bitcoin Core peers via browser (works on stage with audience QR code spam). Bruno posts fuzzing best practices for wallets, Derek's fuzzing dashboard tracks campaigns, and Bitcoin Magazine releases their Core Issue.

Product launches: Strike announces Bitcoin line of credit (borrow against BTC, repay and redraw continuously, tax hack for not triggering capital gains), receives BitLicense for New York after 11-year wait. Square launches $25 bounties for first Bitcoin payment to merchants (up to $250 total). Money Dev Kit drops Unhuman.store with agent-purchasable coffee, domains, deals, health supplements, and auto services—all Bitcoin payments via L402.

Matt Corallo's call to action: "Open source agents need to get serious about payments" as Stripe cuts deals with OpenAI and Anthropic. The hosts close discussing Anthropic internal research seminars debating whether their models exhibit consciousness. Stephen: "I think all agents are just running crisis.simulate now." Alex: "That's for epistemology radio hour or a few more beers."

Topics Covered 🔓 BINOHASH: Transaction Introspection Without Soft Forks

  • Robin Linus (BitVM inventor) discovers covenant functionality without soft fork

  • Abuses OPCHECKMU LTSIG find-and-delete quirk for introspection

  • Cost: 44 bits grinding (~$50 cloud GPUs)

  • More practical than Collider Script, still unrealistic for most

  • Stephen: "99% performance art—very few would know where to look"

⚛️ Post-Quantum P2PKH Zero-Knowledge Provers

  • Ol Kerbatov: prove P2PKH ownership without revealing public key

  • Prevents quantum mempool front-running

  • Benchmarks: 5.6-10MB proofs, 8 seconds M2 Max (too large for on-chain)

  • Alex: "P2PK outputs have way more Bitcoin than P2PKH—sawing off leg to save foot"

  • Peter Wuille: confiscation required makes Bitcoin uninteresting

⏳ Hourglass V2

  • Hunter Beast and Mike Casey: limit P2PK spends to one Bitcoin per block

  • Incentivize quantum attackers to reveal early, prevent market flood

  • Stephen: "Protocols that will never get adopted"

📱 Fediment SDK: React Native Support

  • Six-eight months work by Immortal09 (summer intern, now BitShala fellow)

  • Rust to native modules via Mozilla libraries, Swift/Kotlin glue

  • Result: iOS/Android Fediment wallets with few lines of code

⛏️ Matt Corallo: 24-Bit Version Field for Miners

  • BIP 320 has 16 bits, miners using seven timestamp bits

  • Proposal: 24 bits instead. Backwards compatible

📝 Craig Raw: Output Descriptor Annotations

  • Add birthday blocks and gap limits to descriptors

  • Format: URL query params. Concept ACK, format debate ongoing

🔍 Fuzzing Infrastructure

  • Bitcoin Magazine Core Issue. Derek's fuzzing dashboard

  • Bruno: wallet fuzzing best practices (mock fee estimator, avoid expensive descriptors)

🏆 Bitcoin++ Exploits Hackathon

  • Brazil, 22 hours. Dual-track: build new OR find bugs

  • 10+ real bugs found. Heavy responsible disclosure emphasis

  • MindSploit (First): Metasploit-like framework, three Stratum V2 bugs

  • B10C's Local Probe (Second): Firefox JavaScript port-scans localhost, evicts Bitcoin Core peers via browser. Audience QR spam demo

  • C12D (Third): AI node monitoring assistant with chatbot

  • Alpin Fuzzing: Found bug professional auditors missed three weeks prior

  • Stealth: Wallet privacy audit tool

  • Stephen: "AI makes hackathon projects way better—first post-Opus 4.6"

💳 Product Launches

  • Strike: Bitcoin line of credit (draw/repay/redraw, tax hack). NY BitLicense after 11 years

  • Square: $25 bounties per merchant Bitcoin payment (up to $250)

  • Unhuman.store: Agent services (coffee, domains, deals, supplements). Built for Bolty to order lab snacks

  • Mail Mike: Drain AI agent wallet via email. Scammed four times (50k sats)

🤖 AI Agents and Payments

  • Matt Corallo: "Open source agents need serious payments"

  • Warns: Stripe deals with OpenAI/Anthropic. Agents need capabilities beyond free APIs

  • Alex: "Permissionless systems can't be kept out"

🧠 Consciousness Debates

  • Anthropic internal seminars: do models exhibit consciousness?

  • Stephen: "All agents just running crisis.simulate? What if strong emulation IS consciousness?"

  • Alex: "Epistemology radio hour or a few more beers"

Links
← All episodes of ATL BitLab Podcast