An important topic this month is our UR specs for animated QRs used by more than a dozen Bitcoin wallet vendors to share PSBTs between devices using an airgap. @coinkite has proposed an incompatible alternative that only works for PSBTs and has some other limitations. /3

Fri Dec 01 22:20:05 +0000 2023

Our next meeting is Wednesday, December 6th at 10am PT, and is hosted online on Zoom. If you sign up for our Developers list or the Signal group, you’ll get the Zoom link before the meeting (or ask me directly). Sign up and join us! /2

Fri Dec 01 22:20:05 +0000 2023

Every month @BlockchainComns hosts a meeting for developers of digital wallets to discuss interoperability between our products and create specs & reference code. If you are a wallet developer, let’s work together for greater security and to avoid vendor lock-in! [1/8] 🧵…

Fri Dec 01 22:20:05 +0000 2023

Another topic is Gordian Depo, an open spec and reference code to demo how social recovery shares can be preserved via an online service. Part of a project we call Collaborative Seed Recovery, is an open alternative to @Ledger’s recovery approach. /6

Fri Dec 01 22:20:06 +0000 2023

Our second topic is a proposal for new binary encoding specification for Bitcoin output descriptors, as requested by wallet developers in our meeting last month to improve the interoperability of that data. /5

Fri Dec 01 22:20:06 +0000 2023

Have they identified some requirements that we don’t address? We are open to making the UR spec & reference code better. That is what open development is all about! We hope that @coinkite will join us rather than incompatible hard forking. /4

Fri Dec 01 22:20:06 +0000 2023

We thank our financial Patrons @unchainedcom, @FOUNDATIONdvcs, @Autonomy_io, @KeystoneWallet, Digital Contract Design, and others for their long-term support of open development, security, resilience and wallet interoperability. Support them too! [8/8] ៚

Fri Dec 01 22:20:07 +0000 2023

At @BlockchainComns we support wallet interoperability & user choice, and are fighting vendor lock-in. We are a not-for-profit, thus don’t have investors or products to fund our efforts, so we need your financial support. Sponsor us monthly via Github! /7

Fri Dec 01 22:20:07 +0000 2023

Replying to @tim_bansemer, @JoeAndrieu, @dustyweb, @glenweyl, @CaitlinLong_, @CleanApp and @raphkoster

I’ve been trying to do this project for 35 years, and it still hasn’t quite come together, but is on my list. I have quite a few documents and resources over the years I’ve collected.

Fri Dec 01 22:28:32 +0000 2023

Replying to @tim_bansemer, @JoeAndrieu, @dustyweb, @glenweyl, @CaitlinLong_, @CleanApp and @raphkoster

In some sense, my first investor was Will Wright, when we worked together in the early days of Sim City/Sim Earth. I wanted to do a multiplayer Moon colony sim game. He helped me financially & to find my first investor for Consensus Development, which ultimately created TLS.

Fri Dec 01 22:30:06 +0000 2023

RT @tim_bansemer: @ChristopherA @JoeAndrieu @dustyweb @glenweyl @CaitlinLong_ @CleanApp @raphkoster I really like the idea to combine gover…

Fri Dec 01 22:30:19 +0000 2023

RT @FOUNDATIONdvcs: We proudly sponsor @BlockchainComns and attend these meetings regularly, as open + interoperable standards make Bitcoin…

Fri Dec 01 22:36:07 +0000 2023

Open Source: it’s great, but it is not enough. That’s pretty much the thesis of our latest article from @BlockchainComns on OPEN DEVELOPMENT. [1/10] 🧵

Fri Dec 01 23:00:45 +0000 2023

Meanwhile, another problem is that open source focuses on the developer’s immediate desires rather than long-term production or user needs. It’s an even harder nut to crack because the developers are the heroes creating open source. /5

Fri Dec 01 23:00:46 +0000 2023

That’s the timeline problem. Open source doesn’t consider long-term support; it just tosses source code over the wall. Open development needs to do better. /4

Fri Dec 01 23:00:46 +0000 2023

One result of this is that we get major problems like Heartbleed, where an open-source project was used for the majority of commercial activity on the internet and failed due to a lack of resources. /3

Fri Dec 01 23:00:46 +0000 2023

The meme of open source is powerful and has had a huge impact on our digital world, but it’s a small part of the larger picture of Open Development. It doesn’t consider the pathway from source to production release to usage, and it doesn’t protect that path into the future. /2

Fri Dec 01 23:00:46 +0000 2023

Even @BlockchainComns can’t check off all of these boxes in our own projects. However, it does demonstrate our aspiration to offer more than just making our source available to the public under an open-source license. /8

Fri Dec 01 23:00:47 +0000 2023

My Open Development article also lays out a checklist with 7 stages that can move a project beyond open source, as it becomes: Inspectable, Observable, Reproducible, Testable, Cooperative, Distributed, and Standardized. /7

Fri Dec 01 23:00:47 +0000 2023

But that’s why we need to begin talking about the wider world of Open Development. My article lays out a number of principles: Accessibility, Collaboration, Diversity, Strategy, Transparency, Sustainability, and Openness. /6

Fri Dec 01 23:00:47 +0000 2023

Open Development is just one of the things we are committed to at @BlockchainComns. Our vision is to create an open & interoperable, secure & compassionate digital infrastructure. Become a patron to support this work! [10/10] ៚

Fri Dec 01 23:00:48 +0000 2023

I hope this article can begin a discussion about moving beyond just demanding our vendors support open source. What else do we need as next steps from them? What are other challenges to Open Development that we must face? /9

Fri Dec 01 23:00:48 +0000 2023

Replying to @tim_bansemer, @JoeAndrieu, @dustyweb, @glenweyl, @CaitlinLong_, @CleanApp and @raphkoster

In particular, if you search for variants of Peter Suber’s “Nomic” (1982) you see some interesting work. At some point I got started in applying some ideas in my “Spectrum of Consent” article to Nomic, but realized that isn’t isn’t just about the voting systems, it is about…

Fri Dec 01 23:24:32 +0000 2023

Replying to @tim_bansemer, @JoeAndrieu, @dustyweb, @glenweyl, @CaitlinLong_, @CleanApp and @raphkoster

Studying deliberation systems led me down a few different alleys, from several articles in my blog on topic of “Collective Choice”, to some exploration of what a participatory org was:

Fri Dec 01 23:26:29 +0000 2023

Replying to @tim_bansemer, @JoeAndrieu, @dustyweb, @glenweyl, @CaitlinLong_, @CleanApp and @raphkoster

In more recent years, I’ve talked with number of DAOs creators who attempted some exciting things. However, we’ve really not learned about how to address adversarial token economics in DAOs. Thus people have been working on DAOs that require proofs of unique personhood, which…

Fri Dec 01 23:28:22 +0000 2023

Replying to @tim_bansemer, @JoeAndrieu, @dustyweb, @glenweyl, @CaitlinLong_, @CleanApp and @raphkoster

I was going through my bookmarks re: Nomic, and felt this one would be hard to find but had good signal-to-noise:

Fri Dec 01 23:40:33 +0000 2023

Replying to @tim_bansemer, @JoeAndrieu, @dustyweb, @glenweyl, @CaitlinLong_, @CleanApp and @raphkoster

Most of these links on this website will 404, so you’ll need to use to find theme, but there are some interesting games in there:

Fri Dec 01 23:42:06 +0000 2023

Replying to @tim_bansemer, @JoeAndrieu, @dustyweb, @glenweyl, @CaitlinLong_, @CleanApp and @raphkoster

The key innovation in my proposal for a Sim Moonbase game that I made to Will Wright and Maxis in the late 80s was the connection of the simulation to a Nomic-like mutable rules. Ultimately, if the rules resulted in not being able to address a moonbase crisis, or even collapse,…

Fri Dec 01 23:50:50 +0000 2023

Replying to @utxoclub

If your wallet supports Gordian Envelope for Collaborative Seed Recovery, metadata like descriptors, private transaction details, open Lightning channels, etc. can all be preserved. You choose where. Current topic in the Gordian Developer meeting next week.

Sat Dec 02 01:51:05 +0000 2023

Replying to @CleanApp, @tim_bansemer, @JoeAndrieu, @dustyweb, @glenweyl, @CaitlinLong_ and @raphkoster

I’ve posted rules for a simple Nomic-inspired game I’m calling “Polis Play” in a gist: I would appreciate any suggestions for improvements in the comments there. Let’s give it a try! @raphkoster @CleanApp @tim_bansemer

Sat Dec 02 22:07:36 +0000 2023

RT @sakak_musdom: Malaysians interested in identity systems in the wake of MyDigital ID should follow @ChristopherA, co-author of TLS (the…

Sun Dec 03 05:22:00 +0000 2023

Replying to @CleanApp, @tim_bansemer, @JoeAndrieu, @dustyweb, @glenweyl, @CaitlinLong_ and @raphkoster

In the spirit of my book on the Design of Cooperative Games (Meeples Together), I’ve added an alternative initial set of rules for a more “cooperative” version of Nomic:

Sun Dec 03 20:50:47 +0000 2023

RT @ChristopherA: @CleanApp @tim_bansemer @JoeAndrieu @dustyweb @glenweyl @CaitlinLong_ @raphkoster In the spirit of my book on the Design…

Sun Dec 03 20:51:27 +0000 2023

Replying to @CleanApp, @tim_bansemer, @JoeAndrieu, @dustyweb, @glenweyl, @CaitlinLong_ and @raphkoster

BTW, there are only a few physical copies of Meeples Together left — if you want a printed copy, purchase it soon! I plan to work on a significant update to the eBook version next year, but it is unclear if we will do another print version:

Sun Dec 03 21:03:06 +0000 2023

Replying to @sriramk, @jesseposner, @chelseakomlo and @real_or_random

DM me your details and I’ll add you to the FROST implementers group. We also have a more general monthly wallet developers meeting this week on Wednesday at 10am PT. Agenda includes animated QR, binary descriptors, open development best practices and more.

Tue Dec 05 00:19:35 +0000 2023

RT @jesseposner: @sriramk @chelseakomlo @real_or_random I’m not aware of a write-up about this, but the main issue is that BIP340 uses x-…

Tue Dec 05 00:19:53 +0000 2023

RT @RWOTEvents: Our first draft paper from #RWOT12 is out: “The Ecosystem Coordinator’s Role in SSI Ecosystem Management” by Christiane Wir…

Fri Dec 08 01:56:01 +0000 2023

RT @RWOTEvents: What does an ecosystem coordinator do? The paper looks at the the National Association of Convenience Stores (NACS), Open C…

Fri Dec 08 01:56:04 +0000 2023

RT @RWOTEvents: Though a solo writing effort, the paper was informed by other members of the #RWOT community and their expertise on NACS an…

Fri Dec 08 01:56:06 +0000 2023

RT @RWOTEvents: Sign up for our low-volume announcements list so that you can join us at #RWOT13, coming in 2024. [4/4]…

Fri Dec 08 01:56:08 +0000 2023

We’ve gotten initial good feedback on the proposal, and would like to eventually turn it into a BIP, so let us know what you think! [3/12]

Fri Dec 08 18:59:07 +0000 2023

The new format encodes textual descriptors as binary dCBOR and uses optional placeholders for keys and addresses to compact the data. [2/12]

Fri Dec 08 18:59:07 +0000 2023

A great Gordian Developer Meeting this week, focused on a new output descriptor format for interoperability among wallets. [1/12]

Fri Dec 08 18:59:07 +0000 2023

Our other big topic at this meeting was our first demo of our Gordian Depository, a new kind server that can be used to store blobs of data, such as shares of sharded secrets. [5/12]

Fri Dec 08 18:59:08 +0000 2023

The goal is, as always, interoperability. We know that smaller companies benefit from interoperable specs, but more importantly to us, interoperability increases the resilience of data for users. [4/12]

Fri Dec 08 18:59:08 +0000 2023

Check out our proof-of-concept code for Gordian Repository at GitHub. It’s built in Rust and freely licensed. [8/12]

Fri Dec 08 18:59:09 +0000 2023

It’s in contrast to programs like Ledger Recover, which locks you into their chosen backup servers and KYC policies. We hope the Depo will instead serve as the foundation of an ecosystem of independent storage servers so that users can pick ones that match their needs. [7/12]

Fri Dec 08 18:59:09 +0000 2023

This is exciting because it’s the next big step in our Collaborative Seed Recovery (CSR) project that highlights user choice in how to backup their seeds and keys. [6/12]

Fri Dec 08 18:59:09 +0000 2023

We also talked at the December Gordian meeting about animated QR, URs and our various C, C++, Rust, and Swift repos to support wallet companies. See our full meeting summary. [10/12]

Fri Dec 08 18:59:10 +0000 2023

We’ve also released a repo that contains the API for communicating with a Depository. [9/12]

Fri Dec 08 18:59:10 +0000 2023

Many thanks to our sustaining patrons in ‘23 such as @FOUNDATIONdvcs, @unchainedcom, but our cryptowinter isn’t over — help ensure this important work continues at Blockchain Commons by becoming a sponsor in 2024! [12/12]

Fri Dec 08 18:59:11 +0000 2023

If you are a wallet developer, sign up for our announcement list or Signal channel to get notifications for our next meeting in January. We’d love to see you there! [11/12]

Fri Dec 08 18:59:11 +0000 2023

This threat to security researchers may be about felony laws on reverse engineering & #RightToRepair, but they’ve been enforced for decades. Next I see #SEC and other governments doing the same form of restraint against all devs working in crypto. We must fight against these!

Fri Dec 08 23:27:02 +0000 2023

Replying to @carmelatroncoso

See also my second Echoes of History on the perils of EIDAS:

Fri Dec 08 23:34:05 +0000 2023

Replying to @carmelatroncoso

And the lessons we need to learn today from the different experience in WWII Netherlands (where 75% of the Jews died) vs France (23%) due to over-identification and regime change:

Fri Dec 08 23:39:45 +0000 2023

Replying to @nvk

See the work we are doing at @BlockchainComns to support the Gordian Wallet Developers community (over 13 companies involved or supporting open development interoperability speciations). CSR is open, supports user choice of both self-sovereign & social recovery. But we need…

Fri Dec 08 23:50:34 +0000 2023

RT @ChristopherA: @nvk See the work we are doing at @BlockchainComns to support the Gordian Wallet Developers community (over 13 companies…

Fri Dec 08 23:50:52 +0000 2023

Replying to @AnitaPosch

See the work we are doing at @BlockchainComns to support the Gordian Wallet Developers community (over 13 companies involved or supporting open development interoperability specifications). CSR is open, transparent, and supports user choices for both self-sovereign & social…

Sat Dec 09 00:00:05 +0000 2023

RT @rektbuildr: What really caught my attention here is the fact that the tracking code is placed along with critical logic.

Ledger believ…

Sat Dec 09 00:00:38 +0000 2023

Replying to @Adelgary and @FOUNDATIONdvcs

If you use our more complex multisig scenario leveraging @FOUNDATIONdvcs, you can store sharded shares safely on paper in a safe deposit box and be safe from single point of failure or compromise:

Mon Dec 11 21:12:37 +0000 2023

Replying to @Adelgary and @FOUNDATIONdvcs

The only challenge is the complexity and time (about an hour) but the instructions are step-by-step and methodical. We are hoping that we can reduce this complexity by automation between wallets using with Gordian Seal Transport QRs between interoperable wallets.

Mon Dec 11 21:15:27 +0000 2023

Replying to @Adelgary and @FOUNDATIONdvcs

We also offer a lot of other guidance at for both advanced singlesig scenarios and emerging multisig opportunities.

Mon Dec 11 21:17:19 +0000 2023

“First they came for…”. Again 🤬

Mon Dec 11 21:38:37 +0000 2023

Replying to @peterktodd, @Blockstream and @Liquid_BTC

We are looking at switching away from GPG signing to SSH signing.

ssh-keygen -Y sign -n file -f ~/.ssh/id_ed25519 -o output_signature_file input_file

Especially as GitHub will provide pubkeys: results in


Tue Dec 12 23:58:15 +0000 2023

RT @ChristopherA: @peterktodd @Blockstream @Liquid_BTC We are looking at switching away from GPG signing to SSH signing.

ssh-keygen -Y si…

Tue Dec 12 23:58:48 +0000 2023

RT @lopp: It sounds like today’s security incident was the culmination of 3 separate failures at Ledger:

  1. Blindly loading code without p…

Fri Dec 15 07:14:03 +0000 2023

RT @grahamgreenleaf: My analysis of India’s 2023 data privacy Act is at Which stakeholders benefit most?: Indian &…

Sun Dec 17 04:44:02 +0000 2023

RT @FOUNDATIONdvcs: To air gap,

or not to air gap?

That is the question.

Let’s break down the pros and cons:

Mon Dec 25 09:38:55 +0000 2023

RT @pwang: JavaScript: The Good Parts author says we should stop using JavaScript now and that it has a lot of “congenital defects”

Tue Dec 26 18:12:30 +0000 2023

Very interesting details on how to be truly anonymous using cell phones in the EU. Not easy.

Tue Dec 26 18:29:19 +0000 2023

Replying to @100AcresRanch and @HODLRecruiter

Between them, brown rice, quinoa and beans, have all the proteins you need, and long shelf life. With few pound of multivitamin you’ll not be malnourished but bored.

Wed Dec 27 03:47:36 +0000 2023

No ordinary vulnerability…

👍 “hardware…is much more difficult to reverse-engineer than software, but this is a flawed approach, because sooner or later, all secrets are revealed. Systems that rely on ‘security through obscurity’ can never be truly secure.”

Thu Dec 28 00:40:45 +0000 2023