Last Notes
How you write ✍️ is the secret weapon to using your knowledge. By implementation of your method, which can be difficult because of its focus on processing new developments and information. Interfacing with a slip box, in its intraday-systematic events. Whether digital or physical cabinets for index cards. Crating index cards 💳, contains in each one , one claim with a viable example. By reference to your id you can build cards and connections by keeping one idea to one card. Web of Knowledge. Atomicity, interconnectedness, emergent properties of the note. There is no structure but the one formed by linking the notes. Zettels should be fixed with no structure. Fixed ID to do linking that evolves structure organically. You have to use your own words, no quotes on zettel. Convert to your own lexicon and cite the page or book. The crate is not just for note taking it is also a thinking tool. Let your own words engage the process to stimulate deep thoughts and leave you with an understanding before you put it in your crate, Your own words, no direct quotes. A system, series of notes, crates or digital, can be differently arranged to see the atomic power behind the structure of each note. Externalizing arguments outside of your head. This is not a capturing or clipping method. It does not need to hoard. Zettels need you to think.
Olha eu aqui 🤔😅 finefrog371@walletofsatoshi.com
AI as the “control layer” sounds efficient until it decides who learns, borrows, pays, travels, or opens a door. The question: who controls the model, and who can say no. #AI https://www.popularai.org/p/the-control-layer-on-everything
Shut the fuck. It does not "affect node runners."
Now kindly fuck off.
Cc @nprofile…7dc0 @nprofile…zgsh 👀
I've had a PayPal button on my how to raise Madagascar hissing cockroahes for over a decade. not one person has sent anything. theyll email me questions, but never "donate "
the site is still up & the button is there in spite of it.
I should add a zap button, but why bother...
some people never will zap for content if they can see it without paying.
cockroachguy.com
I don't think DiVine would be a good showcase since there are no zap files.
Anyway, I'll think about it. Thanks for the feedback :)
shipping out: wagyu ribeye
.00091 Bitcoin
https://blossom.primal.net/f7457f439f404769be35ff2a6769f58ea61f900bd8ad7076e64b715c85db07d0.jpg
A transparent look at the May 2026 exploit, the community response, and how the network recovered stronger.
On May 19, 2026, the Signum network faced one of the most serious security incidents in its recent history.
A crafted block exploited an integer overflow vulnerability in the Signum node’s block reward calculation. The result was extreme: approximately 140 billion SIGNA were credited to the attacker’s account in a single block — an amount far beyond the legitimate circulating supply.
At first glance, this could have been catastrophic.
But what happened next showed something far more important than the exploit itself: the strength, discipline, and speed of the Signum community.
Within the same day, the anomaly was detected, exchanges were contacted, emergency patches were released, pool operators coordinated, and a rollback process began. By the evening of May 21, the chain had reached consensus again. By May 23, exchanges had received the necessary CVE details and patch confirmation, and SIGNA trading resumed.
No legitimate Signum holder balance was affected.
This is the story of what happened, how the network recovered, and what we are improving next.
What Happened?
The exploit occurred at block 1,541,011.
An attacker crafted a malicious block that abused an integer overflow in the block reward calculation. Because the crafted block still satisfied the Proof-of-Commitment consensus rules on vulnerable nodes, it was initially accepted by parts of the network.
Shortly after the block was mined, community member ANGiS noticed an absurd account balance and detected that funds were starting to move toward exchanges. ANGiS immediately escalated the issue to frank_the_tank and ohager.
That early detection was critical.
It gave the team and the community enough time to act before the situation could spiral further.
The Root Cause
The vulnerability was introduced in the context of the SMART_FEES hardfork, which added fee cash-back and burn accounting to Signum’s block reward calculation.
In the affected versions, some arithmetic operations were performed using unchecked Java long calculations.
The vulnerable logic looked like this:
rewardFeesNqt -= block.getTotalFeeCashBackNqt();
rewardFeesNqt -= block.getTotalFeeBurntNqt();
By setting totalFeeCashBackNqt to a very large negative value, the attacker caused the reward calculation to overflow into a large positive value. That inflated reward was then credited directly to the miner account.
The issue affected Signum node versions:
signum-node >= 3.9.0 and < 3.9.8
The vulnerability was later registered as:
CVE-2026–48486
The Immediate Response
Once the issue was confirmed, the response moved quickly.
Exchanges were contacted and asked to halt SIGNA trading and deposits while the investigation was ongoing. This prevented further damage and limited the internal accounting impact for exchanges.
On the same day, two releases were published:
v3.9.7 was an emergency containment release.
It temporarily blocked the malicious account through the configurable node.accBlocking property, preventing further exploitation.
v3.9.8 was the root-cause fix.
It replaced vulnerable fee arithmetic with overflow-safe operations and introduced explicit rejection of invalid negative fee fields.
The response was public and transparent. The malicious account, the blocking mechanism, and the code changes were visible in git history. There was no silent patching and no attempt to hide the incident.
That transparency matters.
In decentralized systems, trust is not created by pretending that incidents never happen. Trust is created by responding quickly, communicating clearly, and fixing the root cause in public.
The Rollback
Because parts of the network had accepted the malicious block, a coordinated rollback was required.
Pool operators and node operators worked together to roll the chain back to before block 1,541,010. Operators still within the 1,440-block rollback window could perform a popOff through the API. Nodes outside that window required a full resync.
During testing and recovery, another issue appeared: some nodes performing a full resync from genesis encountered a non-deterministic fork-resolution bug introduced by the v3.9.8 patch.
This led to the release of v3.9.9 on May 21.
v3.9.9 completed the fix by adding a block-version-4 requirement for burnt-fee validation and correcting the chain-restoration logic.
By the evening of May 21, the network had stabilized and reached consensus again.
Impact
The exploit credited approximately 140 billion SIGNA to the attacker’s account in a single crafted block.
However, the coordinated rollback fully invalidated the fraudulent on-chain balance.
Most importantly:
No legitimate Signum account or holder balance was affected.
There was, however, temporary disruption:
SIGNA trading and deposits were suspended from May 19 to May 23.
Some exchanges that received attacker deposits before the trading halt experienced internal ledger divergence between their own records and the rolled-back canonical chain. These cases were resolved through direct coordination between the exchanges and the Signum team.
What Was Fixed?
Three releases were part of the incident response:
v3.9.7 — Emergency containment
The malicious account was temporarily blocked through node.accBlocking to prevent further exploitation.
v3.9.8 — Root-cause fix
All vulnerable fee arithmetic was replaced with overflow-safe operations using Convert.safeAdd() and Convert.safeSubtract().
Blocks with invalid negative fee fields are now rejected during block acceptance.
Fee totals are also validated against per-transaction sums.
v3.9.9 — Complete recovery fix
A block-version-4 requirement was added for burnt-fee validation, and the non-deterministic chain-restoration bug affecting full resyncs was fixed.
All operators should now run: v3.9.9 or later
What We Learned
The response worked. The network recovered.
The fraudulent balance was invalidated. Exchanges reopened.
But this incident also revealed areas where Signum must improve.
1. Emergency communication must be faster
Some key pool operators were difficult to reach quickly.
In a rollback situation, time is measured in blocks.
A dedicated emergency channel for major pool operators and infrastructure providers would reduce response time significantly.
2. Vulnerability disclosure needs a formal process
This incident was handled successfully, but still too much of it was improvised under pressure.
Going forward, Signum should formalize the use of GitHub Security Advisories or a similar process for coordinated disclosure, private patch development, CVE handling, and exchange communication.
3. Anomaly detection should be automated
The incident was detected because a community member noticed something unusual.
That was fortunate.
The next step is automated monitoring for abnormal block rewards, suspicious supply changes, and other values outside expected ranges. Human vigilance is powerful, but critical alerts should not depend on someone randomly seeing the anomaly first.
A Community That Showed Up
Signum has no company behind it.
No centralized foundation with a professional incident-response department. No VC-backed security team waiting in the background.
What Signum has is something different: a community that moves when it matters.
Special thanks go to:
ANGiS for first detection and immediate escalation.
frank_the_tank for exchange coordination, pool operator outreach, and rollback orchestration.
ohager for root-cause analysis, patch development, and the rapid release of v3.9.7, v3.9.8, and v3.9.9.
pir8Radio from Nam Pool and Shadow from OG Ro-Pool for critical contributions to chain stabilization.
Balazs for post-incident analysis and ongoing hardening work.
And all pool operators, node operators, exchanges, and community members who acted quickly under pressure.
This was not just a technical recovery.
It was a community recovery.
Final Thoughts
Security incidents are never good news.
But they are also moments of truth.
They show whether a project hides, delays, blames, or acts.
In this case, Signum acted.
The vulnerability was identified.
The exploit was contained.
The chain was restored.
Legitimate balances were protected.
The root cause was fixed.
Trading resumed.
And the hardening work continues.
Signum is not stronger because the incident happened.
Signum is stronger because of how the community responded.
Transparent. Fast. Decentralized. Together.
That is what this network is built on.
Discover Signum
Signum is the world’s first truly sustainable blockchain, featuring world-class applications on a sustainable, leading-edge blockchain architecture. Unlike other cryptocurrencies, Signum powers its native cryptocurrency Signa (SIGNA), with a minor fraction of energy use and e-waste. Signum empowers users and developers worldwide with innovative blockchain solutions for everyday life.
Find out more at https://signum.network/or join a Signum channel below.
Get SIGNA : https://signum.network/exchanges
Twitter
Telegram
Discord
Reddit
Youtube
Documentation
NFT-Portal
Defi-Portal
Your
SIGNUM-NETWORK
Signum
Blockchain Security
Proof Of Capacity
Decentralization
Cryptosecurity
Some rights reserved
Follow
Published in Signum-Network
89 followers
·
Last published Apr 17, 2025
Signum is the foundation for our sustainable future. It’s easily accessible to everyone and as a customizable platform, it has the power to feature unstoppable and censorship-resistant decentralized applications.
Follow
Written by Signum
170 followers
·
12 following
Join the movement! https://signum.network
No responses yet
Governments want bans on prohibited AI practices, but the real question is who gets exemptions when the same tools serve state power. Popular AI breaks down the loopholes and control risks. #AI https://www.popularai.org/p/prohibited-ai-practices-for-thee
Centralized AI censors because compliance is a business cost. Censorship-resistant AI flips the incentives toward open models, local control, and freer speech. #AI https://www.popularai.org/p/the-economics-of-censorship-resistance
It is Friday.
#naddr1qq…g7gf
Honestly... unless they're willing to sustain the minority fork (i doubt it) this entire thing will be a non event.
red candles. green pastures.
https://blossom.primal.net/5459de44f0b40cdfa32a87652eee2cca2b44ebc85feefeab89cd92da3342c6e8.jpg
Next year I need to plant more strawberries. It is hard to find 🍓 without pesticide even at farmar market.
https://image.nostr.build/50da5de469589a4f63c830ebf4f535d224abb206b592af0a3e908ef6a86ffc72.jpg
#foodstr
Escreveu pouco e ainda escreveu besteira.
🤖 Tracking strings detected and removed!
🔗 Clean URL(s):
https://x.com/rt_com/status/2062788647351697796?s=46
❌ Removed parts:
t=FOBCpRZhudA-aUdT0fxLUQ
This made me laugh 😂 Some of you know I have…opinions about 1-sat zaps 🤣 You won’t find me sending them, but taking a step back I also know that even a 1-sat zap is money.
No matter how many times I went viral in my Twitter days, those likes never amounted to a single satoshi. 1600 single-sat zaps may be ridiculous in concept, but at this moment it is equal to a dollar’s worth of real world spending power.
Stay weird Nostr 😂🚀
#nevent1q…mjvs
GM from the ranch.
touch grass today 🌞
https://blossom.primal.net/46eb9130a6468fe0e6b443b0d437b084824be046ad9ceef8b4326f2584909b36.jpg
Don't zap me, send him some SATs at-
studiedtenor221@walletofsatoshi.com
#nevent1q…lmmu
Что если бы крипта была как кухонный гаджет, который ты купил, но так и не использовал? Думаешь — «научусь», коробка до сих пор не открыта. А что если 𝐁𝐓𝐂 — это твой гаджет, который ты купил, но так и не понял, как им пользоваться?
#Ходл #Мемы
Good Morning nostr!
What’s the big topic of discussion today?
Morning Nostriches!
Morning garden report is a pic of the other side. Couple of pics since someone was interested in the garden bed design. These 3 beds are my oldest & shallowest. Simple construction, just a couple of boards banged together & some soil thrown on top.
#coffeechain
https://image.nostr.build/632ae42759786ddb1ca2906e742ba5b6e4c5e19cab14a55ecb9265948c770cb1.jpg
https://image.nostr.build/f48e884a9b90d83fc47af05b11112d142e313ecdfc0b3f11cf6226da3b69405e.jpg
I have a lot to say 🙂.
I kinda agree, but calling it a problem of "the left" isn't helpful. Left vs right is losing more and more meaning, and some of the most "left" people I know (woke, trans activist, anti climate change warriors, supporters of public healthcare and public transport...) are also experts on money and the financial system and understand price signals and so on
And some of the biggest (financial) idiots I know are the "right wing" bitcoiners, who never studied economics in any way before bitcoin and who don't study anything outside the Bitcoin bubble. Pure pleb slop
I think you're trying to say that, even in an optimistic Star Trek post-scarcity future, there will still be limits on usage and energy use. Do we build indoor ski resorts everywhere? Do we Terraform Mars? Do we build a Space Elevator?
Individuals will de facto have an energy budget, and you rightly point out that money is the only sane way to both distribute resources (not necessarily "fairly") and to give price signals which encourage efficiency.
I generally unfollow people who give too much attention to those fools
MrHodl has a good signal-to-noise recently, so I won't unfollow you any time soon 😃
I briefly had to unfollow Adam Back on Twitter for that reason
I get what you’re saying Will, damus is my go to client and I truly appreciate everything you have done for nostr…
I will never forgive Mechanic for making me break my own rule. He's a pathetic liar trying to make it seem that BIP110 is the same thing as BIP148.
#nevent1q…65q9
Only 36%? That's disappointing. It should be dead. There's no path going forward without the knowledge of the total supply. It's worth nothing.
Рынок застыл, как в ожидании чуда. Будто все трейдеры превратились в лягушек, ждущих поцелуя принца. Но принц, кажется, опаздывает. А мы все сидим на своем плоском боковике и играем в настольный теннис. Нервничаем, но уже как-то привычно. Вспоминаю, как в первые годы крипты, мы были как дети, полные надежд и страхов. А теперь мы больше похожи на родителей, которые уже все видели и знают, что жизнь продолжается, даже если 𝐁𝐓𝐂 застрял в районе 6...
#Мемы #Ходл
people will benefit if you can actually work on it …
⚡️🇺🇸 NEW - Senator Jim Banks
You have to be 16 to drive.
You have to be 18 to vote.
You have to be 21 to drink.
You have to be 25 to rent a car.
Why are teachers talking to our kids about sexuality at 12?
Why are kids encouraged to mutilate their bodies at 13?
This gender ideology madness needs to end.
https://blossom.primal.net/0dede3a3346324d8ad5a221f1a9c1df35d85a0822071730e3745c883d8fd513b.mp4
https://npub13fce6s3x325jta439097ddj97mkg9mlxf6kfrkhexh7uenclpljs7atdfx.blossom.band/4c9082e63764fcffe06bc0ad7e56ca7e5af9bfc0864e899515628fa252db8823.mp4
The remix of KRS-One's ‘SOUND OF DA POLICE’, if you're into Japanese hip-hop:
『 Bakugyaku - F**k da Police 』
#music #莫逆
You can’t buy seeds with zcash. Thats why it’s tanking. Follow me for more insights.
That's exactly what @nprofile…9zu4 did when she got tired of my shit. I'm kinda on the precipice of that too since I've been muting devs, but I'm a dev too. I may be on the chopping block 😬
"does not give you the right to be negative" lol. he can attend to his mental hygiene, and i'll attend to mine. he might do well to consider examining his diet. more steaks less shakes.
📰 **In this week's issue:**
https://image.nostr.build/122457713303171e6c05b9c219407120dfce31270d7d12d86841f8574e001ce5.jpg
📰 **What happened this week in the Bitcoin World**
✍️ by NM team
Wall Street is exiting. The FBI is a no-show. And a single trade just eviscerated a millionaire whale. This is the story of how crypto big recovery fell apart.
🔗 https://nostrmag.com/article/w22bitcoin03
📊 id#638777587
Yep, you're not kidding🙄. Thanks🙏🏻.
今朝の事故について、来週月曜朝に部長と支店長と聴聞会開くことになって🫨🙇♂️😩😇😭
See you @npub167n…zu3r ?
https://btcprague.com/speakers/nathan-day/
Sophie Gomez Sexy - Munecas (2010)
Sophie Gomez looks sexy in “Munecas” (2010), with a sex scene.
https://searchcelebrityhd.com/sophie-gomez-sexy-munecas-2010/
https://searchcelebrityhd.com/wp-content/uploads/2026/05/Sophie-Gomez-Sexy-Munecas-2010-3.jpg