Satoshi Scoop Weekly, 28 November 2025

Crypto Insights

Bitcoin Core Completes First External Security Assessment With No Major Issues

Recently, software security firm Quarkslab conducted Bitcoin Core’s first public, third-party audit. Although Bitcoin Core has a strong security track record, it had never undergone an external security evaluation before.

The audit covered the P2P networking layer, mempool, chain management, and consensus logic. The main efforts involved:

Manual code review of complex areas such as thread handling and transaction validation
Static and dynamic analysis using tools integrated into Bitcoin’s CI workflow
Advanced fuzz testing built on the fuzzing infrastructure maintained by Bitcoin Core contributors

According to the report, Bitcoin Core had no critical, high, or medium-severity issues. Two low-severity findings and thirteen informational recommendations were identified, none of which qualify as security vulnerabilities under Bitcoin Core’s standards.

The full report is available here: Bitcoin Core: Technical Security Audit Report

Private Key Handover: Using Taproot and MuSig2 to Simplify Single-UTXO Fund Transfers

Developer ZmnSCPxj proposed an optimization plan for Private Key Handover, enabling more efficient and secure transfer of a lump fund (a single-UTXO) to a single beneficiary in protocols that support Taproot and MuSig2.

The approach requires each participant to use an ephemeral public key in the Taproot keyspend path. Once the protocol ends and all parties semantically agree that the funds belong entirely to one party, the party relinquishing control hands over the corresponding one-time private key. The recipient can then spend the UTXO unilaterally via the keyspend path.

Benefits include:

If on-chain fees spike, Bob can perform an RBF transaction without cooperation from Alice. This is particularly useful in early proof-of-concept stages, where developers may not want to implement RBF yet.
The recipient can batch the claim transaction with any other operations.

However, the proposal is limited to single-UTXO scenarios where final control ends with a single party. It does not apply to bilateral or multi-output setups like Lightning Network channels.

Could Bitcoin Mining Survive a Major Solar Storm?

Developer Alexandre called for research on improving Bitcoin’s resilience to large-scale infrastructure disruptions, such as a Carrington-level solar superstorm. Such an event could cause regional or continental power outages, communication failures, and satellite malfunctions, splitting Bitcoin into isolated partitions that mine independently and produce divergent chains—potentially resulting in deep reorganizations after reconnection.

The proposal aims for Bitcoin Core can provide clearer operational guidance and tooling for extreme conditions, including:

Better documentation and optional tools for running nodes over degraded communication channels (HF/VHF radio links, mesh networks, intermittent satellite reception)
Best-practice guidelines for wallets, miners, and node operators under high-latency or partitioned-network environments

The goal is to reduce fragmentation risk and support rapid recovery in catastrophic scenarios.

Data Costs in BitVM-Based Sidechains Spark Concern; Lightweight Merkle Tree Scheme Proposed

Super Testnet noted that several BitVM-based sidechain projects (such as Citrea and Alpen Labs) plan to publish full state differences of each sidechain block to Bitcoin for reconstructability during unilateral exits. This approach is extremely costly—both in data footprint and fees.

The author proposes an alternative: Store state differences in an indexable Merkle tree and commit only one 32-byte root hash per block on Bitcoin. Under the normal “happy path,” users obtain their leaves off-chain. Only when initiating an exit or dispute—the “sad path”—must the required leaf and proof be revealed on-chain, with the cost borne by the exiting user. This drastically reduces continuous block-space usage by BitVM sidechains and improves scalability and fees.

Ergo Proposes Node Incentives Using Micropayments for P2P Services

Ergo community recently proposed a unified node incentive approach addressing a long-standing lack of incentives issue in crypto and P2P systems in general: only miners get rewards, while running nodes to provide services do not. Instead of relying on altruism or launching new tokens—both of which lead to inflation and complex tokenomics—the proposal suggests using Ergo’s native assets and trust-minimized derivatives (e.g., stablecoins). Based on the Basis framework, nodes can charge micropayments for API services or P2P resources (storage, bandwidth, computation).

Features include:

Nodes receive limited service on credit (similar to BitTorrent’s early download allowance).
Mutual credit clearing offchain
On-chain reserves redeemed only when balances accumulate; offchain payments still settle immediately.
Privacy-preserving payments The model could extend beyond Ergo to other blockchains and broader P2P or agent-to-agent contexts.

A New Censorship-Resistant Sealed-Bid Auction Protocol

A study titled Censorship-Resistant Sealed-Bid Auctions on Blockchains introduces a new sealed-bid auction design that avoids the drawbacks of traditional commit-and-reveal schemes—such as timing leakage, inefficient participation costs, and multi-slot execution. The protocol combines timestamp-based certificates with censorship resistance through inclusion lists, providing four key properties:

Strong privacy: both bid amounts and bidder identities are indistinguishable
Short-term censorship resistance: all honest bids are included in blocks
Auction Participation Efficiency (APE): measures how closely on-chain outcomes resemble classical auctions in terms of costs for participating users.
No free bid withdrawal: prevents participants from reneging after submitting a bid Altogether, these properties create a fair, private, and economically robust auction primitive integratible for any blockchain.

A Systematic Study of Crypto Wallet Design, Attacks, and Defenses

This research builds a structured knowledge framework for cryptocurrency wallets, aiming to better address the growing number of wallet-related security incidents.

Contributions include:

Wallet design taxonomy: A multi-dimensional classification covering both traditional and emerging wallet types, mapping design choices to known threats and guiding future wallet designs.
Wallet attack framework: A systematization of attack vectors, techniques, and targets, based on surveys of academic work and 85 real-world wallet incidents (2012–2025). The study also highlights gaps between academic and industry research.
Defense strategies: A combination of preventive and post-incident mitigation methods, along with an analysis of their effectiveness.

HKT-SmartAudit: A Knowledge-Distillation Framework for Lightweight Smart-Contract Auditing

This study proposes HKT-SmartAudit, a framework for developing lightweight models optimized for smart contract auditing. It features a multi-stage knowledge distillation pipeline that integrates classical distillation, external domain knowledge, and reward-guided learning to transfer high-quality insights from large teacher models. A single-task learning strategy is employed to train compact student models that maintain high accuracy and robustness while significantly reducing computational overhead.

Experiments show that the distilled model outperforms commercial tools and even large LLMs in identifying complex smart-contract vulnerabilities, offering an efficient, scalable auditing solution.

Free Testing, But Expensive Consequences

This article argues that with the rise of LLMs and code-generation tools, the marginal cost of writing tests has dropped near zero—but the flood of new tests has not increased safety. Instead, they introduce maintenance overhead. Many tests catch no real bugs and fail frequently due to intentional code changes, obstructing refactoring and improvement.

The author redefines test value in terms of ROI: The value of a test is the future stream of bugs it prevents minus the cost of maintaining it, adjusted for how much we care about the future. However, LLM-generated tests tend to write only trivial cases and avoid the hard parts (e.g., file writing, API calls), and only test now, not what. The result is an illusion of safety combined with higher project costs.