Skip to content

Instantly share code, notes, and snippets.

View ttiiggss's full-sized avatar

tigs ttiiggss

16 followers · 72 following
View GitHub Profile
@ttiiggss
ttiiggss / fips_sec_audit.md
Last active February 25, 2026 10:42
security audit of FIPS

Executive Summary

FIPS is an unusually well-specified protocol for alpha software. The cryptographic foundations are sound (Noise framework, secp256k1, ChaCha20-Poly1305 — all battle-tested primitives, no novel crypto). The layered encryption model (hop-by-hop IK + end-to-end XK) is correctly designed and mirrors proven architectures (WireGuard, Lightning, Tor).

The vulnerabilities I've found are primarily in the routing and mesh self-organization layer, which is where novel protocol design lives. The IPv6 adapter, despite your instinct, is actually the least concerning component — it's a thin shim with a well-constrained attack surface. The real risks are in spanning tree manipulation, bloom filter poisoning, and metadata leakage.

@melvincarvalho
melvincarvalho / nip135.md
Last active January 19, 2024 01:30
nip135.md

NIP-135

DNSTR - Domain Name Mapping for Nostr Public Keys

draft optional author:melvincarvalho

This NIP defines a way to associate a Nostr public key with a domain name.

@aidik
aidik / Nostr NIP-05 Nginx Only Configuration.md
Last active July 20, 2023 14:53
A simple way how to serve multiple NIP-05 Identifiers using only Nginx

Nostr NIP-05 specification makes it a bit harder to serve identifiers from a simple webserver without CGI to run an external program handling the name URL query parameter. I really didn't want to do all that, so instead I focused on how to handle everything just in Nginx itself.

Prerequisite

  • A server with Nginx responding to basic requests. (minimal configuration should be enough)

Config

Inside the http block insert map and map_hash_bucket_size directives:

map_hash_bucket_size 256;

map $arg_name $nostr_key {

@windsok
windsok / receiving inscriptions and ordinals with sparrow wallet.md
Last active April 25, 2024 08:07
receiving inscriptions and ordinals with sparrow wallet
@dergigi
dergigi / nostr-tips-and-tricks.md
Last active June 9, 2024 02:45
@methanoliver
methanoliver / doc.md
Created October 18, 2022 06:16
DuckyScript commands supported by Flipper's BadUSB

DuckyScript commands supported by Flipper's BadUSB

Explanations are only given for commands not present in the original DuckyScript, for everything else refer to DuckyScript documentation.

Keys

These mean exactly what one would expect and should need no further explanation.

  • Modifiers: CTRL, CONTROL, SHIFT, ALT, GUI, WINDOWS
  • Combos: CTRL-ALT, CTRL-SHIFT, ALT-SHIFT, ALT-GUI, GUI-SHIFT
@corintxt
corintxt / DuckyVergeLoader.txt
Last active August 25, 2025 14:30
REM Navigate Chrome on macOS to The Verge website
DELAY 2000
ATTACKMODE HID STORAGE VID_05AC PID_0220 MAN_HAK5 PROD_DUCKY SERIAL_1337
DELAY 1000
REM Open Launcher
F4
DELAY 500
REM Launch Chrome
STRING Chrome
DELAY 200
@matthewmueller
matthewmueller / osx-for-hackers.sh
Last active November 24, 2025 13:29
OSX for Hackers (Mavericks/Yosemite)
# OSX for Hackers (Mavericks/Yosemite)
#
# Source: https://gist.github.com/brandonb927/3195465
#!/bin/sh
# Some things taken from here
# https://github.com/mathiasbynens/dotfiles/blob/master/.osx
# Ask for the administrator password upfront