Sign up to save your podcasts
Or
Share BRH-004: BitDevs Radio Hour #4 – Your 2025 Bitcoin Wrapped is Here
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
BRH-004: BitDevs Radio Hour #4 – Your 2025 Bitcoin Wrapped is Here
Broadcasting live from ATL BitLab, Stephen DeLorme and Alex Lewin close out the year with a festive edition of the BitDevs Radio Hour. This episode covers a grab bag of fresh Bitcoin technical developments: new BIP assignments, a novel approach to private collaborative custody, a consensus discrepancy discovered via differential fuzzing, Lightning protocol optimization ideas, a serious React server components security vulnerability, and the debut of Bitcoin Wrapped 2025.
It's a year-end mix of hard engineering talk, cryptographic concepts, dev-ops war stories, and community reflections.
Episode SummaryStephen and Alex recap the final Atlanta BitDevs meetup of the year and then dive deep into several new Bitcoin and developer-adjacent topics. The discussion includes new BIP numbers, privacy-preserving collaborative custody for multisig, a consensus mismatch uncovered in NBitcoin thanks to fuzzing, a fresh ZmnSCPxj proposal for Lightning efficiency via private key handovers, and a major security alert affecting React server components (and by extension, many Next.js deployments).
The show closes with the premiere of the community-produced Bitcoin Wrapped 2025 — a Spotify-style year-in-review for the Atlanta BitDevs Socratic series — plus some reflection on the biggest themes of the year: covenants, quantum, regulatory pressure, BitVM, new soft fork proposals, and the rise of Bitcoin corporate treasuries.
Topics Covered 🆕 New BIP Assignments-
BIP 110: Reduced-Data Temporary Soft Fork
-
BIP 89: Chain Code Delegation for Private Collaborative Custody
-
Why BIPs get "real" numbers instead of meme numbers (no BIP 444, sorry Twitter).
-
The logic behind keeping related BIPs numerically clustered.
-
Traditional multisig setups (e.g., Unchained, Casa) expose all xpubs to the collaborative custodian.
-
BIP 89 proposes a way to prevent sharing full xpub information using chain-code delegation.
-
Custodians can co-sign emergency transactions without seeing all user addresses.
-
Built around key-tweaking and Schnorr-like math — allowing assistance without surveillance.
-
Potential applications for backup key providers, insurance models (Anchorage / AnchorWatch), and privacy-preserving multi-party vaults.
-
A divergence found where Bitcoin Core marked a transaction invalid but NBitcoin marked it valid.
-
Discovered via differential fuzzing — fuzzing two implementations simultaneously and comparing outputs.
-
Lightning fuzzing and Bitcoin fuzzing continue to find subtle mismatches between CLN, LND, LDK, BTCD, etc.
-
NBitcoin maintainer patched the issue and cut a release the same day.
-
Importance for enterprise shops using .NET (BTCPayServer, Zebedee, large corporate stacks).
-
A proposal for more efficient on-chain HTLC resolution.
-
If a Lightning channel's full balance ends up on one side, that party can be handed the ephemeral private key to spend HTLCs directly.
-
Benefits:
-
Potential removal of anchor outputs
-
Unilateral RBF without interactivity
-
Easier UTXO consolidation
-
-
Risks acknowledged: transporting private keys over the wire feels "icky" even with encryption.
-
Not a re-architecture of Lightning — but an efficiency hack for edge cases.
-
A severe RCE (remote code execution) flaw in several React 19 builds.
-
Affects most Next.js apps created or updated in 2025 due to default server components.
-
Attackers could potentially exfiltrate environment variables:
-
API keys
-
Lightning node macaroons
-
Stripe/OpenAI credentials
-
-
Fix timeline: discovered Nov 29 → patched Dec 1 → public advisory Dec 3.
-
Advice: upgrade React/Next.js immediately and rotate environment secrets.
A custom end-of-year highlight reel for the Atlanta BitDevs Socratic Seminar series.
Some of the big recurring themes:
-
Covenants — CTV, CSFS, OP_TAPLEAF_UPDATE_VERIFY, and endless debate
-
Quantum — threat models, timelines, algorithmic risk
-
Regulatory drama — ETF approvals, treasury strategies, debanking, global restrictions
-
BitVM — hype, skepticism, experimentation
-
Fork proposals — CTV+CSFS and RDTS as the two most publicly mobilized
-
Corporate Bitcoin treasuries — and whether they should become Lightning service providers
-
Hackathon wins from the ATL BitLab community
-
A recognition that Bitcoin is no longer niche — it's fully mainstream technical culture
-
BIP 89 (Chain Code Delegation)
-
BIP 110 (Reduced-Data Temporary Soft Fork)
-
NBitcoin project
-
Bitcoin Fuzzing library
-
Lightning Fuzz
-
Delving Bitcoin posts from ZmnSCPxj
-
React / Next.js CVE advisory
-
Bitcoin Wrapped 2025 (ATL BitLab)
Alex wraps up his final show of the year with a thank-you to listeners, welcomes suggestions for 2026 topics, and encourages everyone to find BitDevs Radio Hour on Fountain to send a boost.
View all episodes
By ATL BitLabBroadcasting live from ATL BitLab, Stephen DeLorme and Alex Lewin close out the year with a festive edition of the BitDevs Radio Hour. This episode covers a grab bag of fresh Bitcoin technical developments: new BIP assignments, a novel approach to private collaborative custody, a consensus discrepancy discovered via differential fuzzing, Lightning protocol optimization ideas, a serious React server components security vulnerability, and the debut of Bitcoin Wrapped 2025.
It's a year-end mix of hard engineering talk, cryptographic concepts, dev-ops war stories, and community reflections.
Episode SummaryStephen and Alex recap the final Atlanta BitDevs meetup of the year and then dive deep into several new Bitcoin and developer-adjacent topics. The discussion includes new BIP numbers, privacy-preserving collaborative custody for multisig, a consensus mismatch uncovered in NBitcoin thanks to fuzzing, a fresh ZmnSCPxj proposal for Lightning efficiency via private key handovers, and a major security alert affecting React server components (and by extension, many Next.js deployments).
The show closes with the premiere of the community-produced Bitcoin Wrapped 2025 — a Spotify-style year-in-review for the Atlanta BitDevs Socratic series — plus some reflection on the biggest themes of the year: covenants, quantum, regulatory pressure, BitVM, new soft fork proposals, and the rise of Bitcoin corporate treasuries.
Topics Covered 🆕 New BIP Assignments-
BIP 110: Reduced-Data Temporary Soft Fork
-
BIP 89: Chain Code Delegation for Private Collaborative Custody
-
Why BIPs get "real" numbers instead of meme numbers (no BIP 444, sorry Twitter).
-
The logic behind keeping related BIPs numerically clustered.
-
Traditional multisig setups (e.g., Unchained, Casa) expose all xpubs to the collaborative custodian.
-
BIP 89 proposes a way to prevent sharing full xpub information using chain-code delegation.
-
Custodians can co-sign emergency transactions without seeing all user addresses.
-
Built around key-tweaking and Schnorr-like math — allowing assistance without surveillance.
-
Potential applications for backup key providers, insurance models (Anchorage / AnchorWatch), and privacy-preserving multi-party vaults.
-
A divergence found where Bitcoin Core marked a transaction invalid but NBitcoin marked it valid.
-
Discovered via differential fuzzing — fuzzing two implementations simultaneously and comparing outputs.
-
Lightning fuzzing and Bitcoin fuzzing continue to find subtle mismatches between CLN, LND, LDK, BTCD, etc.
-
NBitcoin maintainer patched the issue and cut a release the same day.
-
Importance for enterprise shops using .NET (BTCPayServer, Zebedee, large corporate stacks).
-
A proposal for more efficient on-chain HTLC resolution.
-
If a Lightning channel's full balance ends up on one side, that party can be handed the ephemeral private key to spend HTLCs directly.
-
Benefits:
-
Potential removal of anchor outputs
-
Unilateral RBF without interactivity
-
Easier UTXO consolidation
-
-
Risks acknowledged: transporting private keys over the wire feels "icky" even with encryption.
-
Not a re-architecture of Lightning — but an efficiency hack for edge cases.
-
A severe RCE (remote code execution) flaw in several React 19 builds.
-
Affects most Next.js apps created or updated in 2025 due to default server components.
-
Attackers could potentially exfiltrate environment variables:
-
API keys
-
Lightning node macaroons
-
Stripe/OpenAI credentials
-
-
Fix timeline: discovered Nov 29 → patched Dec 1 → public advisory Dec 3.
-
Advice: upgrade React/Next.js immediately and rotate environment secrets.
A custom end-of-year highlight reel for the Atlanta BitDevs Socratic Seminar series.
Some of the big recurring themes:
-
Covenants — CTV, CSFS, OP_TAPLEAF_UPDATE_VERIFY, and endless debate
-
Quantum — threat models, timelines, algorithmic risk
-
Regulatory drama — ETF approvals, treasury strategies, debanking, global restrictions
-
BitVM — hype, skepticism, experimentation
-
Fork proposals — CTV+CSFS and RDTS as the two most publicly mobilized
-
Corporate Bitcoin treasuries — and whether they should become Lightning service providers
-
Hackathon wins from the ATL BitLab community
-
A recognition that Bitcoin is no longer niche — it's fully mainstream technical culture
-
BIP 89 (Chain Code Delegation)
-
BIP 110 (Reduced-Data Temporary Soft Fork)
-
NBitcoin project
-
Bitcoin Fuzzing library
-
Lightning Fuzz
-
Delving Bitcoin posts from ZmnSCPxj
-
React / Next.js CVE advisory
-
Bitcoin Wrapped 2025 (ATL BitLab)
Alex wraps up his final show of the year with a thank-you to listeners, welcomes suggestions for 2026 topics, and encourages everyone to find BitDevs Radio Hour on Fountain to send a boost.