Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
mononaut (tx/acc) Profile picture
@mononautical
Feb 4, 2023 9 tweets 3 min read Read on X
While everyone's distracted by jpegs, something else is burning blockspace and bloating the UTXO set.

Over the past month, it may have used up to 2% of block capacity, created 0.4% of the current UTXO set, and fueled the recent spike in P2TR outputs.

mempool.space/block/00000000…
Each of the tiny transactions in that block spends a P2WSH input with a complex witness script.

It pays exactly 606 sats in fees, and creates a single P2TR output with a small round number of satoshis - usually 2500, 5000, or 10000.

mempool.space/tx/512e863a7b2…
The P2WSH inputs are peeled off one by one in precise amounts in long chains of apparently pointless transactions.
These chains of transactions are tied together at common "sources" and "sinks".

Here, for example, 4 BTC is unrolled over a few transactions to begin 200 new peel-chains.

mempool.space/tx/c1fc15381f3…
There are a *lot* of these, stretching back to late 2021, but accelerating in volume recently.

Searching the blockchain for activity matching the pattern gives us a rough upper bound of ~1.6 million transactions in total, about half of which occurred after Jan 1st 2023.
The distinctive locking script is interesting - a kind of HTLC similar to those used in Lightning.

It is spent either by signing with two keys and revealing a 32-byte preimage, or by a different key after a certain block height (~64 blocks in the future)

Because the long script enjoys the witness discount, blocks containing lots of these transactions are larger than average.

In fact, they're responsible for some of the largest blocks of all time.

So, two final questions:

1) Who can tell me what they're for?
2) Is anyone working on a spam filter for this garbage yet? #Bitcoin

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with mononaut (tx/acc)

mononaut (tx/acc) Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @mononautical

mononaut (tx/acc) Profile picture
Oct 2
The State of the Mempool
as of Wed Oct 2nd - 21:00 UTC

Although the mempool now frequently clears transactions below ~2 sats/vb, it remains just under 100 blocks deep, with the lower strata largely unchanged for the last several months.

So what's down there? 🧵Image
here's a snapshot of my entire mempool, color-coded by transaction type.

the top-right square is the next projected block, with subsequent blocks laid out in rows: right to left and top to bottom. Image
the mempool is dominated by large consolidations of inscription-related dust, highlighted in pink.

the "BRC-20" token minting craze left behind an huge volume of dust-sized waste outputs.

minters can recoup a small % of their investment by consolidating these at low fee rates. Image
Read 7 tweets
mononaut (tx/acc) Profile picture
Jun 1
Japanese exchange DMM Bitcoin recently lost 4503 BTC, worth over $300m.

So what happened? Did North Korea hack their mainframe? Perhaps a team of elite thieves executed a series of elaborate heists to exfiltrate multisig keys from DMM's vaults?

Let's investigate... 🧵
Here's the "theft" transaction. Note the output address, and the absurdly high fee of 0.1 BTC.

mempool.space/tx/975ec405ac9…
Image
Here's a legitimate withdrawal to one of DMM's own addresses from earlier this month.

mempool.space/tx/a673525b3c8…
Image
Read 11 tweets
mononaut (tx/acc) Profile picture
Feb 3
uh guys? Image
seems to be driven by lots of transactions like this, committing to a large batch of inscriptions, but also creating a bunch of seemingly pointless 420-sat outputs.
mempool.space/tx/010b7b61208…
the inscriptions that have been revealed so far are recursive references to some 3D orb model.

so I assume this is another mint event for one of these vaporware metaverse projects.
Read 5 tweets
mononaut (tx/acc) Profile picture
Nov 30, 2023
It looks like @AntPoolofficial finally noticed that 83.7 BTC fee sitting in their wallet.

antpool.com/newsDetail/457

Image
It's worth reiterating that this is a woefully inadequate way to verify the rightful owner of those coins.

Especially in light of the claims of a compromised wallet.

So while this might sound like good news for @83_5BTC, there's a serious risk that AntPool ends up returning the overpaid fees to the hacker, not the victim.

(especially if they just send it right back to the allegedly compromised address 😱)
Read 4 tweets
mononaut (tx/acc) Profile picture
Nov 27, 2023
The signature checks out, @83_5BTC apparently controls the key that paid that 83.7 BTC fee.

1/🧵
Image
2/ They say they sent the coins to a fresh cold wallet, which was instantly swept by a third party.

The attacker managed to steal almost 56 BTC while paying 83.7 in transaction fees.

So the victim lost not only the fee, but their entire 140 BTC stack 😭

3/ The most likely explanation is that the wallet was generated from bad entropy - perhaps a brainwallet, or too few dice rolls/coin flips, or an insecure PRNG.

Let this be a reminder not to take shortcuts with your entropy, and ideally to use multisig for very large sums.
Read 8 tweets
mononaut (tx/acc) Profile picture
Oct 21, 2023
How does a lightning replacement cycling attack work?

There's a lot of discussion about this newly discovered vulnerability on the mailing lists, but the actual mechanism is a bit hard to follow.

So here's an illustrated primer...

🧵 1/n


Image
Image
Image
Image
2/ Imagine Bob is routing a lightning payment from Alice to Carol.

While in flight, the payment is protected by HTLC outputs in his pre-signed channel commitments with each peer. Image
3/ An HTLC (Hash/Time Lock Contract) is a conditional payment from sender to receiver.

It can be spent immediately by the receiver by revealing the preimage to a hash H, or reclaimed by the sender after some timeout.

Check out a real HTLC spend here: mempool.space/tx/4ec0f703e08…
Image
Read 20 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(