Satoshi Scoop Weekly, 19 September 2025
🍨 Your weekly bite of the latest updates from the Bitcoin tech ecosystem!
Crypto Insights
Blockstream Researcher Jonas Nick’s Workbook on Bitcoin Cryptography
Jonas Nick from Blockstream Research shared a workbook he developed for a Bitcoin cryptography workshop. Its goal is to provide sufficient background knowledge for readers to understand the latest papers on cryptographic signatures, especially those on discrete-logarithm-based (multi-party) signatures, like the DahLIAS interactive aggregate signature scheme. It also aims to help readers develop the ability to formalize security notions for cryptographic primitives — a crucial skill when selecting appropriate primitives and precisely defining the goals of a cryptographic protocol during design and review.
The workbook includes definitions, propositions, lemmas, theorems, and exercises, along with a complete solution-book to the exercises.
Eclipsing Bitcoin Nodes with BGP Interception Attacks
The author presents research on using interception attacks (SICO) — a stealthier variant of BGP hijacking — to isolate Bitcoin nodes. He claims that interception attacks are feasible against many nodes in the network. In a controlled environment, he carried out an attack on his own mainnet node and successfully demonstrated a proof-of-concept. To mitigate such attacks, he explored several countermeasures, some of which leverage network data that nodes can independently observe.
Ordinals Analysis: BRC-20 Tokens Pose a Greater Burden on Node Runners
Reviewing Ordinals-related data, BitMEX Research observed that BRC-20 tokens are the dominant form of Ordinals by transaction count: 92.5 million BRC-20 transactions versus just 2.7 million on-chain Ordinal images. However, in terms of total data size, image related Ordinals and BRC-20 Ordinals are roughly similar at about 30GB each.
From the perspective of node runners, BRC-20 transactions — which structurally resemble regular Bitcoin transactions and are relatively small — create a significant burden. By contrast, image related Ordinals are larger in size and carry more arbitrary data. This has a positive to neutral impact on a node’s resources. Therefore, the BRC-20 tokens may become a bigger concern to some node runners.
Compact Block Filter Design Guide: A Practical Reference for Wallet Developers
When building Bitcoin wallets, developers often face a challenge: how to achieve fast, lightweight, and private wallet synchronization without forcing users to run a full node. A compact block filter can provide a practical solution: instead of downloading full blocks, a wallet can download small filters to quickly determine which blocks may contain relevant transactions.
While elegant in theory, many developers struggle with who serves the filters, what filters to request, and processed in practice. This guide explores how compact block filters work, what a “filter client” means, and how wallet applications can benefit from this efficient, privacy-preserving design.
Nostr Security Analysis: Practical Attacks via Encrypted Direct Messages
Decentralized social networking services (SNS) have gained wide attention in recent years as alternatives to centralized SNS, which impose inherent restrictions on user privacy and freedom. This paper presents the first in-depth security analysis of Nostr, a leading open-source, decentralized SNS protocol.
The authors analyzed Nostr’s protocol specification and client implementations and proposed several practical attacks allowing malicious users or servers to forge multiple types of objects, including encrypted direct messages. They further demonstrated a confidentiality attack against encrypted DMs by a malicious user exploiting a flaw in the link preview mechanism and the CBC (Cipher Block Chaining) malleability.
These attacks stem from cryptographic flaws in the protocol specification and client implementations, some of which can be combined to escalate forging attacks to confidentiality violation. The researchers validated the feasibility of these attacks through proof-of-concept implementations and discussed potential mitigations.
Path Planning at the Edge of Payment Channel Networks
In Payment Channel Networks (PCNs), payments between two nodes without a direct channel require determining a payment path — a sequence of channels connecting the two nodes. Pathfinding is computationally expensive and often infeasible for edge devices.
This paper proposes a new method that enables edge devices to support pathfinding with a service provider. However, sharing payment data with service providers may compromise user privacy. To address this, the research integrates two privacy-preserving mechanisms:
The first generalizes existing blinded paths, obfuscating both the source and destination of the payment.
The second generates plausible fake requests to hide the real one.
The authors validated their approach by simulating payment attempts on the Lightning Network and compared its performance against trampoline payments — a widely cited method that also leverages service providers for pathfinding.
Infiltrated Selfish Mining: A Win-Win Approach to Breaking the Miner’s Dilemma
This paper proposes a new attack called Infiltrated Selfish Mining (ISM). Under certain conditions, ISM can yield higher rewards than Fork After Withholding (FAW) attacks while being easier to execute than both Power Adjusting Withholding (PAW) and FWAP. By infiltrating a mining pool and delaying block submission, ISM attackers can not only create an intentional fork but also generate a rivalless secret block that stays one block ahead of the public chain.
According to the authors, ISM is the first pooled mining attack that can break the miner’s dilemma, allowing two or more pools to attack each other without incurring losses, and provide the corresponding theoretical winning conditions.
The research provides formal analysis that ISM can create win-win outcomes for all attacking pools, unlike traditional pool-size games that benefit only large pools. This win-win dynamic makes ISM more attractive and thus more harmful. To counter it, the researchers also propose a reward mechanism combined with new punishment solution as a potential defense against ISM.
A Plausible Attack on the Adaptive Security of Threshold Schnorr Signatures
This paper presents a plausible attack on the full adaptive security of threshold Schnorr signature schemes. The analysis shows that a wide range of such schemes — including all variants of FROST, Sparkle, and Lindell’22 — cannot be proven fully adaptively secure without modifications or assuming the hardness of a search problem defined in this work. It then proves a generalization that extends below t − 1 adaptive corruptions.
Citrea Integrates TOOP to Power Garbled-Circuit-Based Solutions
At the recent Bitcoin++ conference, Citrea’s Ekrem Balamir demonstrated how Citrea integrates the Transfer of Ownership Protocol (TOOP) with garbled circuits.
Developed by the Fairgate team, TOOP solves a fundamental limitation shared by all BitVM-like protocols (and UTXO blockchains at large) that restricts the unlocking transfers to addresses known and pre-registered during locking and setup. TOOP avoids the costly, regulatory problematic, and congestion-prone front-and-reimburse paradigm. Besides Citrea, TOOP is also adopted by BOB and Cardano.
