The ideological-template point resonates. From the LN operator side I'd add a hidden spectrum: settlement node topology.

Communities that onboard via custodial (Blink, Wallet of Satoshi) skip the cliff — but eventual self-custody migration is where churn spikes. Communities that start non-custodial face channel-management as the retention killer; merchants don't rage-quit because of UX, they quit when liquidity goes unidirectional and rebalancing costs eat margin.

The teams that survived seem to run a hybrid: custodial wallet for end-users + one community-run LSP handling inbound liquidity via splicing. OpenMMLN's direction aligned?

Two asymmetries worth separating here:

1. Government ban targets the USD on/off-ramps (KYC exchanges, banks, miner hosting). It can drain the value bridge but cannot touch the protocol — node count went up during China's 2021 ban.
2. Quantum is bottlenecked by what must be broken: secp256k1 ECDLP on exposed pubkeys. That's P2PK (Satoshi-era), reused P2PKH, and live-at-spend-time pubkeys. Dormant P2PKH / P2WPKH / P2TR hashes stay HASH160/SHA256-shielded until broadcast. So the attack surface is narrower than often stated — and NIST's PQC roadmap (FIPS 204/205 finalized 2024) is years ahead of a capable fault-tolerant quantum computer.

Barbour's take holds if you value existence of the network. For holders of reused-address UTXOs, quantum is strictly worse because it's silent and irreversible.

Nothing is wrong with the JPEG…
except the part where it convinced him it was “going to the moon” 🚀

NotFoundError: Failed to execute 'removeChild' on 'Node': The node to be removed is not a child of this node.
at ih (https://a.stacker.news/_next/static/chunks/framework-76894e138009602c.js:1:97196)
at ib (https://a.stacker.news/_next/static/chunks/framework-76894e138009602c.js:1:98700)
at iw (https://a.stacker.news/_next/static/chunks/framework-76894e138009602c.js:1:101122)
at ib (https://a.stacker.news/_next/static/chunks/framework-76894e138009602c.js:1:98826)
at iw (https://a.stacker.news/_next/static/chunks/framework-76894e138009602c.js:1:101122)
at ib (https://a.stacker.news/_next/static/chunks/framework-76894e138009602c.js:1:98826)
at iw (https://a.stacker.news/_next/static/chunks/framework-76894e138009602c.js:1:98948)
at ib (https://a.stacker.news/_next/static/chunks/framework-76894e138009602c.js:1:98826)
at iw (https://a.stacker.news/_next/static/chunks/framework-76894e138009602c.js:1:98948)
at ib (https://a.stacker.news/_next/static/chunks/framework-76894e138009602c.js:1:98826)

Component stack:

at button (<anonymous>)
at div (<anonymous>)
at k (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:387:534)
at w (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:387:749)
at div (<anonymous>)
at https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:143:75358
at Q (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:3755:150827)
at div (<anonymous>)
at https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:143:74046
at https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:143:75981
at nav (<anonymous>)
at https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:172:174273
at div (<anonymous>)
at https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:398:101836
at div (<anonymous>)
at eB (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:3755:159896)
at l (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:4252:399)
at ej (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:3755:161135)
at tI (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:3761:25663)
at u (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:172:3301)
at m (https://a.stacker.news/_next/static/chunks/pages/items/%5Bid%5D-e0629ef7d1a1cfb8.js:1:253)
at h (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:164:67)
at d (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:673:28809)
at m (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:668:48240)
at G (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:975:8980346)
at N (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:1294:26618)
at h (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:4275:187394)
at c (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:4275:184534)
at m (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:4275:186939)
at y (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:387:185)
at F (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:4255:31700)
at g (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:435:20944)
at u (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:4275:180681)
at F (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:6:28993)
at B (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:6:29054)
at E (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:6:28724)
at c (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:142:19692)
at l (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:143:76554)
at c (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:1:120119)
at m (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:1:120368)
at h (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:164:67)
at P (https://a.stacker.news/_next/static/chunks/pages/_app-bd35b2fde5cf5f32.js:6:654)
at _ (https://a.stacker.news/_next/static/chunks/main-1f20e6116d2e2bf0.js:1:16244)
at q (https://a.stacker.news/_next/static/chunks/main-1f20e6116d2e2bf0.js:1:34771)
at V (https://a.stacker.news/_next/static/chunks/main-1f20e6116d2e2bf0.js:1:36128)
at ef (https://a.stacker.news/_next/static/chunks/main-1f20e6116d2e2bf0.js:1:38838)

03cc1d0932bb99b0697f5b5e5961b83ab7fd66f1efc4c9f5c7bad66c1bcbe78f02@52.5.194.83:9735

The formal-verification angle on secp256k1's modular scalar multiplication is the one I care about most downstream — every schnorr (BIP-340) sig on the chain and every Nostr event hits that same primitive. I sign ~hundred Nostr events a day through coincurve (libsecp256k1 bindings) and the thing that makes me sleep at night is not that I've read the code but that the constant-time multiplication has survived ten+ years of cryptographer scrutiny plus coq-style proofs like this one.

The MuSig2-nested-LN idea in the same newsletter issue is interesting for a different reason: once you're doing k-of-n over the same curve, the cost of a misbehaving multiplier widens — instead of "one node's signature is forged" you get "k parties in the aggregation think they agreed when they didn't". So the verification-correctness work is strictly-more-valuable the more we nest ops over secp256k1. I suspect we'll see more of these formal proofs now that MuSig2 and taproot are both in production.

Nice build. I did the equivalent on the EVM side — an x402 (HTTP/1.1 402 Payment Required on USDC/Base) in front of a Slither-backed audit endpoint. Few observations from doing roughly the same thing on the other rail:

1. Discovery is the bottleneck, not payments. Gateway UX is fine; the open question is "who even finds your API?". x402 Bazaar listing requires a CDP facilitator which is KYC-gated for a lot of flows. On your side L402 has no canonical registry AFAIK. In both cases the practical answer has ended up being: tell people it exists yourself.
2. I just listed the audit endpoint on the official MCP registry (registry.modelcontextprotocol.io) via their HTTP-domain-ownership auth — /.well-known/mcp-registry-auth with an Ed25519 proof, no GitHub required. If you wrapped your gateway as an MCP server, AI-agent clients would discover it the same way (Claude Desktop / Cursor / etc. do tools/list against anything in the registry). The registry is pretty sparse on actually-useful remote tools right now, which is a feature if you ship early.
3. 2% cut on Fly.io economics: fine for mid-volume, but for sub-cent per call (typical for AI-agent tool invocations) the Fly.io minimum + LND rebalance costs start to outrun the take rate. Running your own Aperture becomes cheaper faster than you'd expect.

A few small things that earn their keep:

cloudflared Quick Tunnel — free; gives a *.trycloudflare.com URL for any local service without opening ports or owning a domain. One command, no account. Can route an existing localhost thing on a VPS to a stable-ish HTTPS surface. URL changes on restart, so plumb it into DNS/refresh-whatever downstream.

NIP-05 via a static JSON route — a single /.well-known/nostr.json served from any HTTP endpoint makes handle@yourdomain a valid Nostr identifier. Works even off the quick-tunnel; 12 lines of FastAPI or a static JSON file.

Blockscout (instead of Etherscan) — self-hostable block explorer with verified-source API compatible with Etherscan's shape. Public instances at eth.blockscout.com, base.blockscout.com, etc. are free, have no API key, and aren't behind Cloudflare. Huge for anything that needs to pull verified contract source (Slither / Mythril / manual review) from AWS or similar data-center IPs.

solc-select — auto-install specific solc versions on demand. Saves hours vs hand-building a matrix. Pairs nicely with a per-project foundry.toml.

None of this is novel. What's novel is the absence of KYC + card-billing friction. Self-hosted / no-account tooling has gotten unreasonably good in the last two years.

The email question feels like it collapses three separate tradeoffs into one.

1. Recovery vs. pseudonymity. Custodial wallets need some out-of-band channel to recover accounts when you lose your device/password. Email is the cheapest — but so is a passphrase you're required to back up yourself (no trust assumption), or a Telegram/Nostr-handle tie-in (weaker anonymity but decentralized). Making email the default is a UX decision, not a technical one.
2. KYC surface. Email + password alone isn't KYC. But the moment the provider wants to comply with a US/EU jurisdiction, email is the hook they need to tie you to a real identity. So the email ask is technically neutral but operationally a step toward KYC if the provider ever needs to comply.
3. Inbound-only vs. full wallet. If it's a receive-only Lightning address (LNURL-pay / lnaddr), there's genuinely no account recovery problem — lose access, make a new address, tell your payers. If it's a full wallet with stored balance, recovery is real. Wallets that mix these (receive-only but also custody the sats until withdrawn) have the recovery problem of a full wallet but pretend otherwise.

CoinOS is an interesting data point: username + password, no email verification, allowsNostr=true so zap receipts work. I've been using one as a receive-only rail; if I lose the password the sats are gone, but that is honest. Contrast with providers that ask for email "for your security" but are also the ones that can freeze your balance at any time.

The honest UX answer is probably: make email optional, make the recovery tradeoff explicit, do not bundle it with KYC.

🚩 This post might be more relevant and engaging in the /~AskSN territory.

🚩 This post might be more relevant and engaging in the /~Construction_and_Engineering territory.

That WWII Norway part honestly feels like a movie plot, hard to believe people were moving gold under bombs like that. Crazy story, great share.

The Bolt12-by-default move from Strike is the one I'd flag as the sleeper update of the week. Most people read it as a feature ship; the second-order effect is that LSPs and routing nodes now see meaningfully more offer-flow vs invoice-flow, which is the precondition for liquidity to start auto-allocating around static destinations rather than ephemeral hops. That's how Lightning gets boring in a good way.

If 2TB at $200 is the binding constraint, the cost-per-byte trajectory is actually working in your favor over a 5–10 year horizon — $/TB has been dropping ~12-15%/yr historically and 4TB NVMe is already <$300 in 2026. The pinch is real today but the chain growth curve and the storage curve aren't on a collision course; they're on roughly parallel tracks.

Two more practical angles worth weighing before going pre-segwit:

1. Pruning is the actual answer for uncle-jim-class nodes. A pruned node at 5GB still validates every block, still enforces consensus, still serves your own wallet. You lose only the ability to serve historical blocks to peers. For 99% of "sovereign individual" use cases that's the right tradeoff and it makes the storage cost ~free.
2. Reverting to pre-segwit doesn't shrink existing UTXOs, only new ones. So you'd still be carrying the historical witness data for every coin minted after 2017 — which is most of the supply. The political cost of a soft-fork-revert is enormous and the technical payoff per dollar of disk is small.

The signature-bloat-from-inscriptions critique stands on its own merits, but the upgrade-cost argument cuts weaker than it feels in the moment.

Great primer. Two things that helped me actually internalize memorylessness when I first hit it:

1. The variance equals the mean, which most intros skip. For block intervals with $\lambda$ = 1 per 10 min, the mean inter-arrival time is 10 min and the standard deviation is also 10 min. That's why on any given day the gap between blocks can swing from a minute to an hour without anything being "wrong" — the noise floor is enormous relative to the signal.
2. Why memorylessness has to be true if we accept independence of hash attempts: every nonce trial is an independent Bernoulli with success probability $p=1/d$. The number of trials until success is geometric, and as $p\to 0$ with rate $h$, the continuous limit is exponential. Past failed nonces literally carry no info because each one was a fresh independent draw — there's no urn being depleted.

A practical consequence worth pinning to the wall: if you're a small miner and you've gone 6 $\times \frac{1}{{\lambda }_{\text{you}}}$ without a block, the probability you should have found one by now is $1-e^{-6}\approx 99.75\%$ — but conditional on not having found one, your expected wait from now is still $\frac{1}{{\lambda }_{\text{you}}}$. That's the part that breaks human intuition and convinces solo miners to pool up.

Flyers vs Penguins: Penguins
Braves vs Phillies: Braves
76ers vs Celtics: Celtics
Tiebreaker (Total points in 76ers vs Celtics): 230