BIP47 payments get decentralized directory, Lightning middlemen face fraud proofs

Sunday, May 17, 2026 · from 2 podcasts

On-chain inscriptions create a permanent, censorship-resistant directory for Bitcoin's reusable payment codes.
Fraud proofs slash Lightning middlemen by making cheating expensive via public blockchain referees.
Timestamp fuzzing breaks correlation attacks that unmask dual-homed nodes.

Max Tannahill’s BIP47DB.org project hardened privacy against seizure by moving the entire PayNym directory on-chain. After the original Samurai server went dark following arrests, the Ashigaru team resurrected it, but Tannahill argues centralized metadata is a structural vulnerability. His protocol compresses payment codes into witness space inscriptions, creating an append-only database any wallet can rebuild. Securing 20,000 existing codes cost only $150 at current fee rates.

"Moving this data onto the blockchain is the only way to ensure resilience against state interference."
- Max Tannahill, Ungovernable Misfits

The database solves a recovery gap. BIP47 enables private, repeated payments without address reuse, but wallets couldn't rediscover outgoing notification transactions after a restore using only seed words. PayNym servers acted as lookup tables, becoming a metadata crutch. Now wallets like BlueWallet can scan a specific ‘numbers address’ locally, potentially eliminating the notification transaction entirely.

Thomas V, founder of Electrum, proposes using the blockchain as a referee to slash trust from Just-In-Time Lightning channels. His fraud proof scheme requires Lightning Service Providers to burn bitcoin to establish reputation. If an LSP receives a payment but refuses to open the channel, the user publishes the payment’s pre-image on-chain, creating public evidence. Thomas argues this adversarial trust model could help providers avoid custodial classification.

Researchers Daniela and Naoma are testing timestamp fuzzing to stop attackers linking Clearnet and Tor nodes. Dual-homed nodes leak identity because they respond with identical timing data. Their solution sends different timestamps depending on which network the requester is on - real data for IPv4 peers, older or fuzzed data for Onion addresses. The challenge is avoiding zombie addresses flooding the peer-to-peer table.

Bitcoin Core merged PSBT version 2 after five years in limbo, enabling modular collaborative transactions. BIP451 standardizes dust disposal, letting users batch tiny UTXOs into a single zero-value OP_RETURN output via SIGHASH_ANYONECANPAY, handing the value to miners as a fee.

2 Sources:

Ungovernable Misfits Bitcoin Optech

#Privacy #Protocol #Lightning

Bitcoin Bitcoin Core Partially signed bitcoin transactions

Source Intelligence

- Deep dive into what was said in the episodes

Ungovernable Misfits

Max Tannahill Reveals BIP47DB.ORG | FREEDOM TECH FRIDAY 40 • May 16

Max Tannahill explains BIP47 was proposed in 2015 as a non-interactive payment code standard to replace reusable addresses and provide a base privacy layer. It enables private, repeated payments without requiring a server to generate new addresses.
Samourai Wallet implemented BIP47 in 2017 alongside other wallets like Billeater and Stash. The ecosystem aimed to combine BIP47 with CoinJoin for a comprehensive privacy stack, though this collaborative vision didn't fully materialize.
Samourai created the PayNym directory to improve BIP47's user experience. It provided human-readable pseudonyms and avatars, acting as a trusted lookup service for unwieldy payment codes similar to PGP key servers.
The PayNym directory served a critical recovery function. Wallets like Samourai and Sparrow could not rediscover outgoing notification transactions after a restore using only seed words, relying on the directory to rebuild connection metadata.
After Samourai's legal issues in 2024, the Ashigaru team scraped the PayNym directory, acquired the domain, and resurrected the service. This prevented a total collapse of BIP47's network effect but highlighted centralization risks.
Max Tannahill built BIP47DB.org to decentralize the storage of BIP47 payment codes by inscribing them on-chain using Ordinals. The protocol compresses codes into efficient batches, creating an immutable, append-only directory.
BIP47DB enables wallets to scan a canonical address to build a local database of payment codes, potentially removing dependency on centralized PayNym servers. It could also allow new payment directories to bootstrap from on-chain data.
The Ashigaru team inscribed approximately 20,000 payment codes on mainnet for a cost of roughly $135-$140. This demonstrates the low economic barrier to backing up the entire directory on-chain.
BIP47DB is designed as infrastructure for wallet and directory operators, not for direct retail use. Max Tannahill hopes it provides resilience, allowing the ecosystem to survive the loss of any single PayNym server.
The protocol's simplicity allows it to function without a full Ordinals indexer. Tools can query a single unspendable address via APIs like mempool.space to fetch and decode the inscribed payment code batches.

#Protocol #Privacy #Payments

Bitcoin Optech

Bitcoin Optech: Newsletter #404 Recap • May 13

Daniela explains that Bitcoin node fingerprinting exploits correlation: dual-homed nodes share addresses between networks, and timestamps strengthen this link.
Naoma outlines five proposed timestamp fuzzing solutions. Adding noise breaks correlation but risks making old addresses look fresh, which floods the network.
Daniela prefers a hybrid solution: send real timestamps for requests on matching networks, but fuzz timestamps for requests on different networks.
Thomas V argues JIT channels create centralization. Phoenix wallet only works with ACINQ because the non-trustless model forces users to trust a single provider.
Thomas V's fraud proof scheme requires LSPs to commit UTXOs, clients to publish preimages on-chain before a deadline, and a Nostr network for clients to share commitment data.
Thomas V adds that LSPs must sacrifice bitcoin to enter the reputation system. A fraud proof burns this stake, creating economic skin-in-the-game.
Gustavo notes Bitcoin Core PR #33796 adds BTCK_check_transaction endpoint. It runs context-free consensus checks on transaction structure.
Gustavo explains PSBT v2 (BIP370) is now default in Bitcoin Core. It allows modular transaction construction, supporting adding inputs/outputs mid-process.
BIP451 defines a DUST UTXO disposal protocol. It uses SIGHASH_ALL|ANYONECANPAY, letting anyone batch dust inputs into a single zero-value OP_RETURN output.
Murch notes the protocol's OP_RETURN includes 'ASH'. A legacy input creates a ~65 byte transaction, while a SegWit input creates a transaction of exactly that size.
Eclair PR #3144 updates simple taproot channels to use the official feature bit, aligning with LND's production implementation from Newsletter #401.
Eclair PR #2887 adopts the official splicing protocol from Bolt specs. It maintains backward compatibility but upgrades wire messages, keysend, and RBF handling.
LDK now checks for sufficient reserves before opening zero-fee commitment channels. It counts them as anchored channels to guard against simultaneous force-closes.
LND adds a 'source_pub_key' field to route construction. This allows calculating routes from another node's perspective, not just your own.
RustBitcoin adds a V1_message_header constructor. It lets developers build P2P message headers without requiring network transmission.
The new 'extension bolt' Bolt 995 defines simple taproot channels. It uses MuSig2 and excludes gossip announcement specs, which will come in a follow-up.
Zero-fee commitment channels (Bolts 1228) use a 240-sat ephemeral anchor output. The specification caps HTLCs at 114 due to the 10KB transaction size limit.
Bolts 1327 updates RBF logic. It ensures fee bumps meet both Bolt's 25/24 multiplier and an absolute 25 sat/kwu minimum, aligning with BIP125 replacement rules.

#Protocol #Lightning #Privacy #Adoption