From a security audit of our own nostr/identity code (no P0/P1 found; these close the P2 hardening gaps): - NIP-05: only goblin.st identities skip the "pay an unverified key?" gate. A third-party domain's well-known could point at any key, so those now route through the same confirm gate as a bare npub. - NIP-05: validate the domain as a bare hostname before building the well-known URL — closes a path/host-smuggling (SSRF-over-Tor) vector. - Avatars: decode server-fed bytes under explicit image Limits (<=1024 px, 8 MiB) so a hostile or breached avatar host can't exhaust memory on the texture path. 34 lib tests green (incl. new hostname-rejection cases).
Grim

Cross-platform GUI for GRiN ツ in Rust for maximum compatibility with original Mimblewimble implementation. Initially supported platforms are Linux, Mac, Windows, limited Android and possible web support with help of egui - immediate mode GUI library in pure Rust.
Named by the character Grim - the shape of a large, black, menacing, spectral giant dog.
Build instructions
Install Rust
Follow instructions on Windows.
curl https://sh.rustup.rs -sSf | sh
Desktop
To build and run application go to project directory and run:
git submodule update --init --recursive
cargo build --release
./target/release/grim
Android
Set up the environment
Install Android SDK / NDK / Platform Tools for your OS according to this FAQ.
Build the project
Run Android emulator or connect a real device. Command adb devices should show at least one device.
In the root of the repo run ./scripts/android.sh build|release v7|v8|x86, where is v7, v8, x86 - device CPU architecture for build type, for release specify version number in format major.minor.patch.
License
Apache License v2.0.
Credits
Goblin — the Cash App-style, Nostr-native payments experience layered on top of this wallet (end-to-end encrypted NIP-17 payments over Tor, in-app identity, and the goblin.st identity service) — was designed and built with development assistance from Claude (Anthropic).
The underlying cross-platform grin wallet is the upstream Grim project.
