Skip to content

Releases: DoktorShift/NUTbits

v0.8.0

04 Apr 14:29
@DoktorShift DoktorShift
v0.8.0
e33d0b1
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.8.0 Latest
Latest

NUTbits v0.8.0

This release introduces dedicated balances per connection, deeplink onboarding, and major security improvements.

Homepage

NUTbits Landingpage

Dedicated Connections

Connections now use isolated balances by default.

  • Each connection has its own balance (starts at 0 sats)
  • Apps can only spend assigned funds
  • Shared wallet access requires explicit opt-in
  • get_balance is now connection-specific
  • Incoming payments credit the connection balance
  • Revoking returns remaining funds to the main wallet

Deeplink Integration

One-tap connection flow for external apps.

  • GET /connect?appname=X&callback=Y handled by API
  • No QR codes or manual steps required
  • Works without GUI (headless)
  • App registry with predefined permissions
  • Unknown apps are restricted by default

Fund and Withdraw

Move sats between wallet and connections.

  • API:

    • POST /fund
    • POST /withdraw

  • CLI:

    • nutbits fund
    • nutbits withdraw (--all supported)

  • GUI and TUI support included

Security

Broad security hardening across the system.

  • Fixed path traversal, race conditions, and open redirects
  • Added rate limiting and SSRF protection
  • Removed secrets from standard endpoints
  • Improved auth timing safety (constant-time compare)
  • Added CSP, clickjacking protection, and secure file permissions
  • Input validation and CSV injection protection
  • Self-hosted fonts (no external requests)

CLI, TUI, GUI

General improvements across all interfaces.

  • Balance type selection (dedicated/shared)
  • Correct balance display per connection
  • Fund/Withdraw actions added everywhere
  • GUI updates: badges, balance display, modal improvements

Documentation

  • New deployment guide (DEPLOY.md)
  • Deeplink protocol and app integration docs
  • Updated README and all major docs
  • Improved contribution guidelines

Architecture

  • Deeplink flow moved to API (no GUI dependency)
  • Added deeplink registry and standalone connection page
  • Cleaned up and removed legacy components

Breaking Changes

  • Dedicated balances are now the default
  • get_balance is connection-scoped
  • Secrets removed from standard connection list responses
Assets 2
Loading

v0.7.0

04 Apr 13:36
@DoktorShift DoktorShift
0.7.0
1b8f211
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.7.0

Initinal Release

Loading