Wallet: - identity.json (NIP-49 ncryptsec) now written 0600 in a 0700 dir so a local user can't grind the wallet password offline (+ regression test). - Wallet password held as a ZeroingString through init_nostr so it's scrubbed on drop instead of lingering in a plain String for the session. - Replaced 4 .unwrap() on re-read tx_meta with graceful guards (archive wipe mid-send could otherwise panic the nostr/task thread). - Tor::http_request/post: bind the client once via let-else and propagate TLS builder errors, fixing a TOCTOU unwrap panic on concurrent Tor restart. goblin-nip05d server (redeployed to goblin.st, verified live): - One-name-per-pubkey now enforced by a partial UNIQUE index (closes the check-then-insert race); INSERT rows-affected==0 returns 409 not a false 201. - NIP-98 replay protection: one-time auth event-id enforcement within the freshness window; tightened forward skew to +5s. - Rate-limited the unauthenticated GET endpoints; SQLite in WAL mode. - Verified live: replay rejected, second name for a pubkey blocked. Audit verdict: fund-safety invariants (never auto-pay Invoice1; S2/I2 finalization bound to counterparty npub) and Tor-from-day-one all hold. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Grim

Cross-platform GUI for GRiN ツ in Rust for maximum compatibility with original Mimblewimble implementation. Initially supported platforms are Linux, Mac, Windows, limited Android and possible web support with help of egui - immediate mode GUI library in pure Rust.
Named by the character Grim - the shape of a large, black, menacing, spectral giant dog.
Build instructions
Install Rust
Follow instructions on Windows.
curl https://sh.rustup.rs -sSf | sh
Desktop
To build and run application go to project directory and run:
git submodule update --init --recursive
cargo build --release
./target/release/grim
Android
Set up the environment
Install Android SDK / NDK / Platform Tools for your OS according to this FAQ.
Build the project
Run Android emulator or connect a real device. Command adb devices should show at least one device.
In the root of the repo run ./scripts/android.sh build|release v7|v8|x86, where is v7, v8, x86 - device CPU architecture for build type, for release specify version number in format major.minor.patch.
License
Apache License v2.0.
