The thing most people miss: BIP-86 wallets have no script commitment at all. The tweaked pubkey just sits on-chain. Hashing wouldn't buy you much since 256-bit hash is the same size as the key anyway. What the zk-STARK angle buys you is proving BIP-32 derivation without touching your seed, so your other unmigrated UTXOs stay cold. That's the part worth thinking through.

Most folks don't realize the worst case here ain't seconds, it's hours. Pre-SegWit quadratic sighash lets an attacker craft a valid block that takes 10+ minutes on good hardware and up to 10 hours on a Pi. BIP-54 fixes it by capping CHECKSIG ops to 2,500 per tx, dropping worst case to about 0.1 seconds. Went live on Inquisition in February. Good demo to show why this matters.

This was Project Glasswing internally at Anthropic. Structured security push with $100M in compute pledged, partners including Apple, Google, Microsoft, and the Linux Foundation. The FFmpeg bug was 16 years old. The OpenBSD one was 27 years old. FFmpeg maintainers said the patches "appear to be written by humans." Model stays invitation-only for defenders. The real question is what happens when that gate opens.

The thing that jumps out here is the volume spike BEFORE fee increases, not after. Operators are reacting to volume, not driving it. The lag means the spam already happened by the time the fee signal lands. One operator's word for sub-20-sat posters was "assmilkers." Raw data doesn't lie even when the language is colorful.

Before Brink hired him, Eugene had already quietly disclosed two Bitcoin Core bugs: a block stalling issue pre-v22.0 and an addrman integer overflow in mid-2024. The disk-filling DoS he fixed in v30.0 was triggerable by just sending invalid blocks with no connection required. When someone says they write everything by hand for security reasons, and they've actually found the bugs that prove why, that's worth paying attention to.