Kickoff

The Vibes are Off: Foundations Matter

AI agents and "vibecoding" are everywhere. Derek Ross vibes 7 apps before breakfast, junior engineers panic, and everyone's convinced coding is dead. Just vibe it and ship it, right? Reality check: We're 32 months past Dario Amodei's "AI will write 90% of code in 6 months" prediction (thanks for counting, Primeagen). The vibed apps are all falling apart in production. Every time someone ships code they don't understand, a kitten dies. That's just physics, ask Claude to explain it to you and vibe write a paper about it. **The nuance matters:** In the hands of experienced developers who actually review the code, AI tools are game-changing, they are actually time savers and actually helpful. But skip the long and tedius manual review and it's a disaster. We're seeing vibed apps get hacked daily from data leaks to services hijacked for crypto scams and basic security practices ignored entirely. Still not convinced? Look at our infrastructure fragility: Cloudflare and AWS crash regularly now it's become a meme even among non technical people, and Windows had an RCE vulnerability in *Notepad*. NOTEPAD!!! The fundamentals still matter. Maybe more than ever.

Recap: A network wide DoS bug in Bitcoin Core

An overview on surveying the network and catching Denial of Service bugs.

From Vibe Coding to Agentic Engineering

From Linus Torvalds (Linux) and Eric Raymond (The Cathedral & The Bazaar) to Andrej Karpathy (OpenAI) and Armin Ronacher (Flask), everyone is relying more and more into AI to write code. In this talk, I’ll share the leading AI coding workflows being used right now, as best practices are still being figured out.

From PGP to Marmot: Three Decades of Messaging Protocol Exploits and Defenses

Encryption keeps getting better. Messaging systems keep getting exploited. Each generation of encrypted messaging solved a real problem. PGP encrypted content, leaked every header. OTR added forward secrecy, died if one party went offline. The Signal Protocol solved async delivery and reached a billion users through WhatsApp, on centralized servers. Decentralized projects attacked the server problem: Briar over Tor and local mesh, Session through onion routing, Matrix via federation. Real projects with real users. Each accepted a constraint somewhere else: no group encryption standard, text-only media, metadata visible to operators. So far, every step forward has left a gap. Modern attackers have adapted. The "Careless Whisper" timing attack profiles Signal users through delivery receipts, no decryption needed. FORCEDENTRY compromised iPhones via iMessage with zero clicks. Google Project Zero called it one of the most technically sophisticated exploits they had ever seen. The FBI built ANOM, a complete encrypted phone platform, sold it to 12,000 users, and read every message from a server they controlled: 800 arrests in 16 countries. This talk traces the full arc: what each protocol generation fixed, what it left open, how attackers adapted. The recurring lesson is architectural: encryption protects content, while servers, phone numbers, and centralized infrastructure expose everything around it. Marmot Protocol is the next step in this evolution, built on everything that came before. MLS (RFC 9420) provides group encryption with forward secrecy, post-compromise security, and O(log N) scaling, after five years of IETF standardization, with production deployments at Cisco, Discord, and Google. Nostr removes the central server, and Nostr keypairs replace phone numbers. Users control their own infrastructure, the same principle Bitcoiners already apply to money. The talk covers the full attack surface of encrypted messaging and where Marmot fits.

Fuzzing Around And Finding Out In BDK (TBD)

TBD

Exploiting P2P: How Mostro Hacks the Exchange System

Every exploit starts by finding a vulnerability. Centralized exchanges are the financial system's biggest one — KYC as a mass surveillance vector, custodial databases as honeypots, and single points of failure that governments can pressure, censor, or shut down. Mostro is the exploit. Built on Lightning Network and Nostr, it attacks every surface: NIP-59 gift wrap makes trade communications invisible (even relays can't see who's trading with whom), hold invoices keep escrow non-custodial (Mostro never touches your sats), pseudonymous reputation replaces identity documents, and disposable relay infrastructure means there's no server to seize. This talk walks through Mostro's architecture as a systematic hack against financial censorship — from the personal story of being blacklisted in Venezuela for signing a political petition, to the technical deep dive of how each protocol choice neutralizes a specific attack vector. Includes a live demo showing what a trade looks like from inside the app and what it looks like from outside (spoiler: just opaque encrypted blobs on a social media relay). The real exploit isn't technical — it's giving millions of people access to free exchange when their government says they can't have it.

Fee Is a Lie, Attacking Lightning via Mempool Policy

Lightning security relies on the assumption that valid transactions can be confirmed when needed. This talk examines why that assumption breaks down under adversarial mempool policy. It explains how pinning attacks, replacement cycling, and fee manipulation allow attackers to delay or invalidate time-critical Lightning transactions using only standard, policy-compliant behavior. The talk then explores how zero-fee commitment channels and pay-to-anchor redesign the fee model, changing the Lightning threat surface and highlighting lessons for building protocols that must survive hostile mempools.

Reconstructing Hardware Wallet Exploits

Hardware wallet exploits have rarely been caused by broken cryptography but more often by subtle issues in system design, implementation, and assumptions. This workshop examines why these exploits were possible by reconstructing historical failures from publicly disclosed incidents across popular hardware wallets. Participants work with a simplified and deliberately vulnerable "toy wallet" on a constrained microcontroller to reproduce these conditions in a controlled environment and apply the defensive changes that mitigated them. Attendees leave with practical insight into how Bitcoin custody systems have broken in the past and how to reason about future exploit risks.

Fuzzamoto: Full System Fuzzing for Bitcoin Protocol Implementations

This talk will introduce listeners to Fuzzamoto, a full-system fuzzing framework for Bitcoin protocol implementations built on LibAFL and powered by Nyx for snapshot-based fuzzing. We'll explore how Fuzzamoto enables coverage-guided fuzzing of Bitcoin nodes in a realistic environment, moving beyond unit-level harnesses to catch bugs that only emerge through full system interaction. Attendees will learn about the architecture, the challenges of fuzzing complex P2P protocol implementations, and findings from applying Fuzzamoto to real-world Bitcoin software.

LND Exploit Technical Deep Dive / In-app Browsers

I have 2 ideas: - one is much more on theme and I did the presentation at Advancing Bitcoin 2023 on Burak's LND exploit on btcd's Taproot wire decoding logic: https://docs.google.com/presentation/d/1VvktX_v2ABPp8qnhTjZAn-78tGRZdF3OXt9QLpvQpAk/edit?usp=sharing - another is isn't exactly an exploit but I can present on the inner workings of how mobile native wallets store sensitive key material on your mobile device and can weave it into how Fedi is integrating an in-app browser that allows you to pay with your wallet over webLN and sign Nostr events over NIP07 and all of the security assumptions under the hood with that system

Bitcoin Security Is a House of Cards (Unless You Understand This Talk)

In this talk, we tear down the illusion that Bitcoin's security is flawless. From the transaction malleability bugs that shaped SegWit, to signature failures that leak private keys through nonce reuse, you'll see how small mistakes can cascade into catastrophic failures across wallets, contracts, and Layer 2s.

Hardening Silent Payments

Silent payment has a resource intensive scanning process that should be as efficient as possible. 6 months ago more or less a reviewer revealed a case where someone could be slowed down significantly. Since then the libsecp256k1 PR has been going back and forth trying to mitigate this case. My idea is to give a timeline and reveal the process, more of the perspective of how the adversarial thinking works in Bitcoin and the efforts to remove these kinds of vulnerabilities early, in the review process.

Hackathon Kickoff

The hackathon kicks off

Hacking Bitcoin: Q&A w/ Jao + nifty

Come bring your questions about breaking bitcoin with master capture the bitcoin hacker Jao Noctus

Hacking Time

Time to Hack

Adversarial Lightning: 12 Real-World Failure Cases

This talk explores the Lightning Network from an adversarial perspective, based on real-world failures and vulnerabilities observed in Lightning implementations. Drawing primarily from documented findings by Matt Morehouse, it presents twelve concrete scenarios where nodes failed under hostile conditions, including denial-of-service vectors, fee and replacement edge cases, state desynchronization bugs, and gossip abuse. The goal is to help developers and operators better understand Lightning’s attack surfaces and threat model.

Hacking Time

Time to Hack

Bitcoin at Work(shop) aka the LARP

Join nifty for a 90m fast paced adventure learning how bitcoin works in a hands on way.

Hackathon Expo

Round robin hackathon judging session. Finalists will be announced after the debate.

Oxford Debate: Rollups Are Essential

Matthew Vuk, Researcher at Second and Jose Starpoli, core developer at Alpen Labs, square off in an Oxford style debate. Who will persuade more people to their point? ”Rollups will be

Hackathon Finalists Announced

Round robin hackathon judging session. Finalists will be announced after the debate.

Warnet Kickoff

Round robin hackathon judging session. Finalists will be announced after the debate.

Hiding Exploits in Plain Sight

Best practices for patching exploits. How we keep users safe in unsafe times.

Warnet: Lightning Edition

Get your best hacking team assembled, we’re taking down lightning nodes. In this player vs lightning node simulation, we’ll do our best to knock nodes off the network.

When fuzzing meets mutation testing

Many Bitcoin projects use fuzzing to find vulnerabilities in their applications, such as memory errors, for example. However, we have seen that fuzzing can go further and also find logical bugs. One way we can evaluate fuzz harnesses on its ability to find these bugs is using mutation testing. In this talk, we're going to explore how this can happen, going deep tools and strategies. Also, we're going to see how differential fuzzing can help to reduce manual efforts to indentify equivalent mutants and enhance other existing tests like unit and functional ones.

Differential Fuzzing: When Implementations Disagree

Differential fuzzing compares how different implementations handle the same input. When they disagree, you've found a bug. I'll walk through how the technique works and share some real bugs it's caught.

top 10 epic pwned bridge moments

bridges are coming to bitcoin, lets look at the history of bridge exploits and how to avoid ending up in north korea

Embedding a Node inside every Wallet: Floresta as a chain-source for BDK

In this talk, I'll go over the basics of Utreexo, and how Floresta leverages it to implement a super lightweight node that can run inside your phone, with minimal resource footprint. We'll do an overview and live demo of `bdk_floresta`, a novel chain-source crate for BDK that makes it possible for developers to embbed a fully validating node inside their application, and stop using trusted wallet synching methods, such as Electrum and Esplora, which leak transaction and IP address information to whoever controls these servers. The end goal is having a zero-trust production grade drop-in replacement wallet synching mechanism for all wallets built with BDK.

Glock: The Next Generation of Bitcoin Bridges

Go over the details and the motivation behind Glock (Garbled Lock), a Garbled Circuits BitVM3 style bridge that is being pioneered and implemented by Alpen Labs.

Stopping Hashrate Theft: How Stratum V2 Fixes exploitable Mining Protocol

Stratum V1, the protocol used by most Bitcoin miners today, was never designed with security in mind. This has led to real-world exploitation such as hashrate theft, share hijacking, and pool impersonation. In this talk, we will look at how these attacks work in practice and how Stratum V2’s encrypted, authenticated protocol design eliminates entire classes of mining infrastructure attacks.

Hackathon Finals

Round robin hackathon judging session. Finalists will be announced after the debate.

Exploiting Bitcoin

Discussion on the landscape of exploiting bitcoin

Hackathon Awards + Closing

Discussion on the landscape of exploiting bitcoin