June has been a dense month for blockchain technology updates, with developers patching privacy holes, rescheduling major upgrades, pushing quantum-resistance proposalsJune has been a dense month for blockchain technology updates, with developers patching privacy holes, rescheduling major upgrades, pushing quantum-resistance proposals

Bitcoin Core’s privacy feature leaked IPs: blockchain technology update

For feedback or concerns regarding this content, please contact us at crypto.news@mexc.com
blockchain technology update

June has been a dense month for blockchain technology updates, with developers patching privacy holes, rescheduling major upgrades, pushing quantum-resistance proposals, and racing to shore up security against a growing wave of supply chain attacks. From Bitcoin Core to Ethereum, Zcash to Polygon, the pace of protocol-level change is accelerating — and some of the decisions made now will define how these networks hold up over the next decade.

Key takeaways

  • Bitcoin Core 31.1 fixes a privacy vulnerability in the -privatebroadcast feature of version 31.0 that could expose a transaction initiator’s IP address.
  • Ethereum’s Glamsterdam upgrade has been postponed to the second half of the year; the Hegotá hard fork is targeting late 2026/early 2027.
  • EIP-8182, a native private transfer proposal, has been officially proposed for inclusion in the Hegotá hard fork.
  • Consensys CEO Joseph Lubin expects Ethereum to become a fully zero-knowledge-proof protocol within 3 to 5 years.
  • Polygon zkEVM Mainnet Beta will cease operations on July 1, 2026 — users must withdraw assets before the deadline.
  • The SlowMist Security Team confirmed malware variants active across 23 npm packages, with 408 GitHub repositories containing stolen credentials.
  • Microsoft’s Majorana 2 quantum chip is reportedly 1,000 times more reliable than its predecessor, with average qubit lifetimes of 20 seconds.

Bitcoin Core Fixes Privacy Vulnerability in v31.1

A flaw hiding inside Bitcoin Core’s newly introduced -privatebroadcast feature went public this month — and the implications for privacy-conscious users are more subtle than most bug disclosures. Version 31.0 contained a vulnerability that, under specific network conditions, could expose the IP address of a transaction initiator to the receiving node.

How the IP Leakage Actually Happens

The vulnerability surfaces when private broadcast selects an IPv4 or IPv6 node that supports BIP324 v2 transport. If the v2 handshake fails, Bitcoin Core falls back to a v1 retry — but that reconnection bypasses the Tor proxy entirely, making a direct IPv4 or IPv6 connection to the peer. The result: a feature designed to enhance privacy ends up doing the opposite under certain fallback conditions.

The affected scope is specific. Nodes running Bitcoin Core 31.0 with -privatebroadcast enabled, broadcasting transactions via the sendrawtransaction RPC, and capable of establishing direct IPv4/IPv6 outbound connections are at risk. Wallet RPC, onion, and I2P connections are not affected.

Before upgrading to version 31.1, Bitcoin Core advises relevant users to either disable -privatebroadcast, disable v2 transport, or route IPv4/IPv6 outbound traffic through Tor. The release candidate 31.1rc1 is already available for testing on the official Bitcoin Core website and includes fixes across validation, P2P networking, wallet migration, MuSig, build system, testing, and CI modules.

Separately, developer rkrux has opened discussion around removing explicit Replace-by-Fee (RBF) signaling from the Bitcoin Core wallet, arguing that BIP 125 signals have become redundant now that full-RBF is standard policy and may leave unnecessary on-chain fingerprints. Community member Murch pushed back, noting that stopping replaceability signals is not a simple removal of fingerprints — each sender still needs to choose a sequence number for every input, with roughly 75% of transactions already using specific sequence numbers, primarily MAX-2.

Ethereum Delays Glamsterdam and Advances Privacy Proposals

Ethereum’s development pipeline is moving on multiple fronts, but the most immediate news is a scheduling change: the Glamsterdam upgrade — which targets ultimate L1 scaling and MEV fairness — has been pushed to the second half of the year. Devnet-5 and Devnet-6 iterations are still in progress, with countermeasures against new EIPs under active development. Core developer Terence confirmed that Glamsterdam devnet-6 has been released, marking significant progress toward testnet deployment.

Post-Quantum Public Key Registry Proposal

Ethereum researchers Thomas Coratger and Tom Wambsgans published a framework for establishing a post-quantum public key registry for validators — a phased migration path away from BLS signatures toward post-quantum secure signature schemes. The approach envisions a registry fork first, allowing validators to pre-register post-quantum public keys, followed by several subsequent forks before the signature mechanism officially switches.

The leading candidate is the hash-based XMSS signature scheme, which offers a compact 52-byte public key — though individual signatures weigh in at approximately 3,112 bytes. Addressing that overhead will require leanVM and post-quantum SNARK aggregation. This is not a near-term upgrade, but the fact that Ethereum researchers are already scoping the migration architecture signals how seriously the network is treating the quantum threat.

EIP-8182 Native Private Transfer Proposal for Hegotá

EIP-8182, developed by Tom Lehman, has been officially Proposed for Inclusion in the Hegotá hard fork — the upgrade targeting censorship resistance, privacy enhancement, and node slimming, currently on track for the late 2026/early 2027 window.

The proposal aims to bring privacy natively to Ethereum’s base layer without additional fees, token governance, or multi-sig coordination. It uses fixed-address system contracts and ZK verification precompiles to create a shared, protocol-level anonymity pool accessible to all wallets and applications. That shared pool matters: fragmented privacy apps currently split liquidity and anonymity sets across separate implementations, weakening the practical privacy guarantees for everyone. By embedding privacy at L1, EIP-8182 would break that fragmentation without requiring application-level changes.

The proposal has entered competition for a slot on the Core Developers’ hard fork schedule — a process that involves significant technical and community debate before anything gets finalized.

Consensys CEO on Ethereum’s Zero-Knowledge Future

Consensys CEO Joseph Lubin offered a longer-range view, stating that Ethereum could become a fully zero-knowledge-proof-based protocol within 3 to 5 years. Lubin pointed to Layer 2 networks already achieving real-time ZK proof generation as evidence that the technology is maturing fast enough to reach L1. He envisions a future where multiple formally verified provers support Ethereum at the base layer, eventually enabling a bridge-free, single atomic execution environment that unifies fragmented liquidity.

Lubin also addressed the Ethereum Foundation’s future structure, stating there will not be a “second foundation” — instead, at least three groups will spin off from the existing foundation, focusing respectively on core protocol work, usability and scalability, and institutional outreach.

Ethereum Layer 2 Advances and Polygon zkEVM Shutdown

Ethereum’s Layer 2 ecosystem saw both new launches and hard deadlines this month. The most urgent development for existing users is Polygon zkEVM Mainnet Beta ceasing operations on July 1, 2026 — leaving roughly two weeks for users to act.

Starknet’s STRK20 Privacy Framework

Starknet launched STRK20, a zero-knowledge proof privacy framework that enables any ERC20 asset within the network to support private balances and confidential transfers. Unlike traditional coin mixers, STRK20 embeds privacy functions directly into the asset flow rather than routing transactions through a separate mixing layer. The framework includes a Viewing Keys mechanism, allowing users to selectively disclose transaction data for compliance purposes. The first asset to adopt it is strkBTC.

The framework can be applied across transfers, trading, lending, staking, and payments — a broad scope that suggests Starknet is positioning STRK20 as infrastructure rather than a feature.

Polygon zkEVM Mainnet Beta Ceasing Operations

Polygon’s zkEVM Mainnet Beta will officially shut down on July 1, 2026. Assets held in wallets that have not completed cross-chain transfers will automatically migrate to Ethereum mainnet and can be claimed through a dedicated interface. However, assets locked in DeFi protocols cannot be automatically migrated — those users must manually withdraw LP positions and assets before the deadline or risk permanent loss of access.

The Base L2 network meanwhile deployed its Beryl upgrade to the Base Sepolia testnet, with mainnet activation planned for June 25. Beryl introduces the B20 token standard for issuing stablecoins and other assets natively within Base’s node software, shortens the withdrawal window from Base to Ethereum from 7 days to 5 days, and brings Reth V2 to reduce node disk footprint.

Zcash Ironwood Upgrade and Network Security Improvements

Zcash is preparing a significant network upgrade aimed at resolving one of the more serious vulnerabilities to surface on a privacy-first blockchain this year.

Ironwood Targets the Orchard Privacy Pool

The Zcash Ironwood upgrade is planned for activation in July, designed to fix vulnerabilities in the Orchard privacy pool that previously threatened the network’s fixed supply guarantees. The Zcash Foundation had already released Zebra 4.5.3 and 5.0.0 as emergency responses — Zebra 4.5.3 temporarily disabled Orchard actions on mainnet via an emergency soft fork at block height 3,363,426, while Zebra 5.0.0 activated the NU6.2 hard fork at block height 3,364,600, re-enabling Orchard with a corrected circuit. The foundation confirmed the vulnerability was discovered before any known exploitation and that no unauthorized value creation occurred.

Ironwood takes this further. It will introduce a newly fixed privacy pool and gradually retire the old one. Once complete, users and nodes will be able to aggregate balances from both pools to independently verify that total ZEC in circulation does not exceed the hard cap of 21 million coins — restoring decentralized confidence in Zcash’s supply mechanism.

Zcash core developer Sean Bowe confirmed that at least three major auditing firms are reviewing the Orchard circuit, multiple AI auditing tools are scanning the codebase, and formal verification work is progressing. The Valar Group has launched a testnet and begun implementing wallet-side changes. Progress, according to Bowe, is currently going smoothly.

Security Alerts and Quantum Computing Advances

Two developments this month sit at opposite ends of the threat timeline: one is an active attack happening now in the npm ecosystem, the other is a quantum hardware milestone that remains theoretical for blockchain security — but is moving faster than many expected.

SlowMist Warns of npm Malware Exploiting Stolen Developer Credentials

The SlowMist Security Team issued an alert about new malware variants — identified as Shai-Hulud, Miasma, and Hades — linked to the stolen developer account “czirker” and active in the npm ecosystem. The attack vector is precise: malicious code triggers during npm install via a pre-configured binding.gyp file, making it easy to miss in standard dependency audits.

The confirmed numbers are notable. 23 affected packages have been identified, with one — leo-logger — reaching 3,140 weekly downloads. Additionally, 408 GitHub repositories containing stolen credentials have been discovered. The malicious activity spans theft of GitHub and npm tokens, cloud credentials across AWS, GCP, and Azure, local environment data, and abuse of GitHub Actions pipelines.

SlowMist recommends that security teams immediately inspect lockfiles and package records, remove affected packages, rotate all critical keys, and enforce two-factor authentication. The attack pattern underscores a persistent risk in open-source ecosystems: credential theft at the developer account level can contaminate hundreds of downstream repositories before detection.

Microsoft’s Majorana 2 Quantum Chip Unveiled

At its annual Build conference, Microsoft unveiled Majorana 2, its second-generation topological quantum chip. The company claims the chip is 1,000 times more reliable than its predecessor, with an average qubit lifetime of 20 seconds — and some qubits lasting up to 1 minute. Microsoft anticipates moving closer to scalable quantum computing by 2029, with AI Agent tools reportedly helping accelerate material screening, measurement automation, and manufacturing optimization.

The announcement renewed external discussion about quantum computing’s long-term implications for Bitcoin’s digital signature security. That conversation is worth having seriously, but context matters: the gap between current quantum hardware and the computational threshold required to threaten Bitcoin’s elliptic curve cryptography remains very large. Majorana 2 is a meaningful step in qubit reliability, not an imminent threat to live blockchain networks.

What it does represent is a credible reason for Ethereum’s post-quantum migration research to accelerate — and for projects like the Algorand Foundation, which has published a post-quantum security roadmap targeting broader quantum resistance by the end of 2027, to stay ahead of the curve. The practical question for every major blockchain network is no longer whether quantum-resistant cryptography is needed, but when the migration needs to be complete.

FAQ

What privacy issue was fixed in Bitcoin Core version 31.1?

Bitcoin Core 31.1 fixed a privacy vulnerability in version 31.0’s -privatebroadcast feature. Under certain conditions involving a failed BIP324 v2 handshake, the software would fall back to a v1 connection that bypassed the Tor proxy, potentially exposing the transaction initiator’s IP address to the receiving node.

When is Ethereum’s Glamsterdam upgrade expected now?

Ethereum’s Glamsterdam upgrade has been postponed to the second half of the year. Development continues through Devnet-5 and Devnet-6 iterations, with the separate Hegotá hard fork targeting a late 2026/early 2027 window.

What is EIP-8182 and its significance?

EIP-8182 is a native private transfer proposal for Ethereum developed by Tom Lehman. It would introduce a non-mandatory, protocol-fee-free private transfer mechanism directly at Ethereum’s L1 layer using fixed-address system contracts and ZK verification precompiles. It has been officially Proposed for Inclusion in the Hegotá hard fork and is significant because it targets protocol-level privacy rather than relying on fragmented application-layer privacy tools.

What threats does the SlowMist malware alert highlight?

SlowMist identified malware variants (Shai-Hulud, Miasma, Hades) exploiting the stolen npm developer account “czirker” to infect packages during installation. The attack steals GitHub and npm tokens, cloud credentials from AWS, GCP, and Azure, and local environment data, while also abusing GitHub Actions. 23 packages and 408 GitHub repositories have been confirmed affected.

Article produced with the assistance of artificial intelligence and reviewed by the editorial team.

Market Opportunity
Major Logo
Major Price(MAJOR)
$0.03356
$0.03356$0.03356
-4.90%
USD
Major (MAJOR) Live Price Chart

World Cup Combo: Aim for 200x

World Cup Combo: Aim for 200xWorld Cup Combo: Aim for 200x

Combine up to 20 World Cup matches in one order

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact crypto.news@mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.

You May Also Like

Lovable AI’s Astonishing Rise: Anton Osika Reveals Startup Secrets at Bitcoin World Disrupt 2025

Lovable AI’s Astonishing Rise: Anton Osika Reveals Startup Secrets at Bitcoin World Disrupt 2025

BitcoinWorld Lovable AI’s Astonishing Rise: Anton Osika Reveals Startup Secrets at Bitcoin World Disrupt 2025 Are you ready to witness a phenomenon? The world of technology is abuzz with the incredible rise of Lovable AI, a startup that’s not just breaking records but rewriting the rulebook for rapid growth. Imagine creating powerful apps and websites just by speaking to an AI – that’s the magic Lovable brings to the masses. This groundbreaking approach has propelled the company into the spotlight, making it one of the fastest-growing software firms in history. And now, the visionary behind this sensation, co-founder and CEO Anton Osika, is set to share his invaluable insights on the Disrupt Stage at the highly anticipated Bitcoin World Disrupt 2025. If you’re a founder, investor, or tech enthusiast eager to understand the future of innovation, this is an event you cannot afford to miss. Lovable AI’s Meteoric Ascent: Redefining Software Creation In an era where digital transformation is paramount, Lovable AI has emerged as a true game-changer. Its core premise is deceptively simple yet profoundly impactful: democratize software creation. By enabling anyone to build applications and websites through intuitive AI conversations, Lovable is empowering the vast majority of individuals who lack coding skills to transform their ideas into tangible digital products. This mission has resonated globally, leading to unprecedented momentum. The numbers speak for themselves: Achieved an astonishing $100 million Annual Recurring Revenue (ARR) in less than a year. Successfully raised a $200 million Series A funding round, valuing the company at $1.8 billion, led by industry giant Accel. Is currently fielding unsolicited investor offers, pushing its valuation towards an incredible $4 billion. As industry reports suggest, investors are unequivocally “loving Lovable,” and it’s clear why. This isn’t just about impressive financial metrics; it’s about a company that has tapped into a fundamental need, offering a solution that is both innovative and accessible. The rapid scaling of Lovable AI provides a compelling case study for any entrepreneur aiming for similar exponential growth. The Visionary Behind the Hype: Anton Osika’s Journey to Innovation Every groundbreaking company has a driving force, and for Lovable, that force is co-founder and CEO Anton Osika. His journey is as fascinating as his company’s success. A physicist by training, Osika previously contributed to the cutting-edge research at CERN, the European Organization for Nuclear Research. This deep technical background, combined with his entrepreneurial spirit, has been instrumental in Lovable’s rapid ascent. Before Lovable, he honed his skills as a co-founder of Depict.ai and a Founding Engineer at Sana. Based in Stockholm, Osika has masterfully steered Lovable from a nascent idea to a global phenomenon in record time. His leadership embodies a unique blend of profound technical understanding and a keen, consumer-first vision. At Bitcoin World Disrupt 2025, attendees will have the rare opportunity to hear directly from Osika about what it truly takes to build a brand that not only scales at an incredible pace in a fiercely competitive market but also adeptly manages the intense cultural conversations that inevitably accompany such swift and significant success. His insights will be crucial for anyone looking to understand the dynamics of high-growth tech leadership. Unpacking Consumer Tech Innovation at Bitcoin World Disrupt 2025 The 20th anniversary of Bitcoin World is set to be marked by a truly special event: Bitcoin World Disrupt 2025. From October 27–29, Moscone West in San Francisco will transform into the epicenter of innovation, gathering over 10,000 founders, investors, and tech leaders. It’s the ideal platform to explore the future of consumer tech innovation, and Anton Osika’s presence on the Disrupt Stage is a highlight. His session will delve into how Lovable is not just participating in but actively shaping the next wave of consumer-facing technologies. Why is this session particularly relevant for those interested in the future of consumer experiences? Osika’s discussion will go beyond the superficial, offering a deep dive into the strategies that have allowed Lovable to carve out a unique category in a market long thought to be saturated. Attendees will gain a front-row seat to understanding how to identify unmet consumer needs, leverage advanced AI to meet those needs, and build a product that captivates users globally. The event itself promises a rich tapestry of ideas and networking opportunities: For Founders: Sharpen your pitch and connect with potential investors. For Investors: Discover the next breakout startup poised for massive growth. For Innovators: Claim your spot at the forefront of technological advancements. The insights shared regarding consumer tech innovation at this event will be invaluable for anyone looking to navigate the complexities and capitalize on the opportunities within this dynamic sector. Mastering Startup Growth Strategies: A Blueprint for the Future Lovable’s journey isn’t just another startup success story; it’s a meticulously crafted blueprint for effective startup growth strategies in the modern era. Anton Osika’s experience offers a rare glimpse into the practicalities of scaling a business at breakneck speed while maintaining product integrity and managing external pressures. For entrepreneurs and aspiring tech leaders, his talk will serve as a masterclass in several critical areas: Strategy Focus Key Takeaways from Lovable’s Journey Rapid Scaling How to build infrastructure and teams that support exponential user and revenue growth without compromising quality. Product-Market Fit Identifying a significant, underserved market (the 99% who can’t code) and developing a truly innovative solution (AI-powered app creation). Investor Relations Balancing intense investor interest and pressure with a steadfast focus on product development and long-term vision. Category Creation Carving out an entirely new niche by democratizing complex technologies, rather than competing in existing crowded markets. Understanding these startup growth strategies is essential for anyone aiming to build a resilient and impactful consumer experience. Osika’s session will provide actionable insights into how to replicate elements of Lovable’s success, offering guidance on navigating challenges from product development to market penetration and investor management. Conclusion: Seize the Future of Tech The story of Lovable, under the astute leadership of Anton Osika, is a testament to the power of innovative ideas meeting flawless execution. Their remarkable journey from concept to a multi-billion-dollar valuation in record time is a compelling narrative for anyone interested in the future of technology. By democratizing software creation through Lovable AI, they are not just building a company; they are fostering a new generation of creators. His appearance at Bitcoin World Disrupt 2025 is an unmissable opportunity to gain direct insights from a leader who is truly shaping the landscape of consumer tech innovation. Don’t miss this chance to learn about cutting-edge startup growth strategies and secure your front-row seat to the future. Register now and save up to $668 before Regular Bird rates end on September 26. To learn more about the latest AI market trends, explore our article on key developments shaping AI features. This post Lovable AI’s Astonishing Rise: Anton Osika Reveals Startup Secrets at Bitcoin World Disrupt 2025 first appeared on BitcoinWorld.
Share
Coinstats2025/09/17 23:40
Conservative slams Dems for not riding Trump's corruption harder

Conservative slams Dems for not riding Trump's corruption harder

A conservative writer scolded Democrats on Thursday for not focusing on President Donald Trump’s unprecedented corruption in the months leading up to the November
Share
Alternet2026/07/03 09:43
Google Africa Investment Moves Beyond Connectivity into AI and Cloud Infrastructure

Google Africa Investment Moves Beyond Connectivity into AI and Cloud Infrastructure

Google Africa investment surpasses $1bn target, launching AI labs, cloud infrastructure and startup support across South Africa and Ghana. The post Google Africa
Share
Furtherafrica2026/07/03 09:04