1
0
forked from GRIN/grim
Claude ce1c071f3c Security hardening from adversarial audit
Wallet:
- identity.json (NIP-49 ncryptsec) now written 0600 in a 0700 dir so a local
  user can't grind the wallet password offline (+ regression test).
- Wallet password held as a ZeroingString through init_nostr so it's scrubbed
  on drop instead of lingering in a plain String for the session.
- Replaced 4 .unwrap() on re-read tx_meta with graceful guards (archive wipe
  mid-send could otherwise panic the nostr/task thread).
- Tor::http_request/post: bind the client once via let-else and propagate TLS
  builder errors, fixing a TOCTOU unwrap panic on concurrent Tor restart.

goblin-nip05d server (redeployed to goblin.st, verified live):
- One-name-per-pubkey now enforced by a partial UNIQUE index (closes the
  check-then-insert race); INSERT rows-affected==0 returns 409 not a false 201.
- NIP-98 replay protection: one-time auth event-id enforcement within the
  freshness window; tightened forward skew to +5s.
- Rate-limited the unauthenticated GET endpoints; SQLite in WAL mode.
- Verified live: replay rejected, second name for a pubkey blocked.

Audit verdict: fund-safety invariants (never auto-pay Invoice1; S2/I2
finalization bound to counterparty npub) and Tor-from-day-one all hold.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
2026-06-10 02:13:15 -04:00
2026-03-10 02:02:15 +03:00
2026-05-03 10:05:03 +03:00
2026-05-01 02:18:47 +03:00
2026-02-18 13:38:11 +00:00
2026-02-18 13:38:11 +00:00
2026-05-21 00:04:22 +03:00
2024-04-14 14:04:34 +03:00
2026-01-09 23:54:39 +00:00

Grim

Cross-platform GUI for GRiN ツ in Rust for maximum compatibility with original Mimblewimble implementation. Initially supported platforms are Linux, Mac, Windows, limited Android and possible web support with help of egui - immediate mode GUI library in pure Rust.

Named by the character Grim - the shape of a large, black, menacing, spectral giant dog.

image

Build instructions

Install Rust

Follow instructions on Windows.

curl https://sh.rustup.rs -sSf | sh

Desktop

To build and run application go to project directory and run:

git submodule update --init --recursive
cargo build --release
./target/release/grim

Android

Set up the environment

Install Android SDK / NDK / Platform Tools for your OS according to this FAQ.

Build the project

Run Android emulator or connect a real device. Command adb devices should show at least one device. In the root of the repo run ./scripts/android.sh build|release v7|v8|x86, where is v7, v8, x86 - device CPU architecture for build type, for release specify version number in format major.minor.patch.

License

Apache License v2.0.

S
Description
No description provided
Readme Apache-2.0 26 MiB
Languages
Rust 95.9%
Java 2.7%
Shell 1.3%
Python 0.1%