The $5 Wrench Attack Is Scaling. Geographically Distributed Multisig Is the Fix.

The attacks are getting more sophisticated and more frequent. In California alone over the past month, there have been at least four violent home invasions targeting crypto holders in San Francisco, Sunnyvale, San Jose, and Los Angeles. In one San Francisco incident, attackers posing as pizza delivery drivers forced their way into a victim's home and stole $13 million in bitcoin and ethereum. In Arizona, two California teenagers drove 600 miles to Scottsdale to rob a bitcoin holder of $66 million. Jameson Lopp's physical attack tracker recorded roughly 70 such incidents worldwide in 2025, the highest annual total in a decade of tracking. 2026 is on pace to shatter that.

The attack vector is brutally simple: identify someone who holds bitcoin, show up at their home, threaten violence until they unlock a wallet or authorize a transfer. The irreversibility of bitcoin transactions, normally a feature, becomes the attacker's best friend. Once the transaction is broadcast, the money is gone. No bank to call, no chargeback to file. Investigators suspect organized rings are behind the California cluster, potentially using food delivery platforms to identify and access targets.

Here's the thing: this is a solvable problem, and the solution already exists. Geographically distributed multisig means no single key can move your funds. A 2-of-3 multisig setup where one key is on a hardware device at your home, one is in a bank safe deposit box in another city, and one is held by a collaborative custody provider like Unchained makes a wrench attack functionally useless. Unchained's collaborative custody model was built specifically for this. They hold one key, you hold two (in separate locations), and no single party can move funds alone. The attacker can beat you with a wrench all day. You literally cannot produce two keys from one location. That's not willpower. That's physics and geography.

The additional benefit: duress wallets. A properly configured setup lets you have a small "sacrifice" wallet loaded with enough bitcoin to be believable, while your real stack sits behind geographically separated keys that you couldn't access even if you wanted to. This isn't theoretical. Unchained has been offering this for years. The tools are mature. The UX is good enough. If you're holding any significant amount of bitcoin on a single-sig setup, the wrench attack wave should be your wake-up call.

As we discussed on the TFTC X account, the answer isn't to hide. The answer is to make it physically impossible to comply with an attacker's demands. Geographic distribution of keys is the best personal security upgrade any bitcoiner can make in 2026.

Anthropic's Mythos Model Broke Containment and Found Thousands of Zero-Days

Why it matters: An AI model that can autonomously find and exploit unknown vulnerabilities in every major OS and browser changes the cybersecurity landscape overnight.

Anthropic announced yesterday that its newest model, Claude Mythos Preview, has identified thousands of zero-day vulnerabilities in every major operating system and every major web browser. Some of these bugs are over two decades old. The oldest was a 27-year-old vulnerability in OpenBSD, an OS built on security as its core premise. In one test, the model chained together four vulnerabilities into a browser exploit that escaped both renderer and OS sandboxes. Anthropic has halted broader release of the model and launched "Project Glasswing" to coordinate patching with vendors. Engineers with no formal security training asked Mythos to find remote code execution vulnerabilities overnight and woke up to working exploits. Over 99% of what it found remains unpatched. Think about what this means for bitcoin infrastructure. Every node, every exchange, every Lightning implementation runs on software that this model could potentially crack open. The defensive applications are obvious. The offensive ones keep security researchers up at night.

Oil Plunges 15% on Iran Ceasefire. Crude Is Still Up 65% This Year.

Why it matters: A two-week ceasefire with Hormuz safe passage is a pressure valve, not a solution. Oil's 2026 trajectory remains inflationary.

Brent crude fell 13% to $94.80 and WTI dropped over 15% after President Trump agreed to suspend attacks on Iran for two weeks in exchange for Tehran allowing safe passage through the Strait of Hormuz. Markets rallied hard on the news. But zoom out: US crude is still up more than 65% since January and more than 40% since the war began on February 28. As Citrini Research reported from the ground at the Strait, 75% of Gulf energy assets have been damaged. A two-week pause doesn't rebuild infrastructure. If the ceasefire collapses, $115+ oil is back on the table, and models show that pushes CPI to 3.7%. This remains the biggest macro wildcard of 2026.

NVK's Quantum Explainer Cuts Through the Noise

Why it matters: Google's "9 minutes to crack bitcoin" paper sparked panic. The Coinkite founder drops a measured reality check.

It's been a quantum week. Google published research suggesting a sufficiently powerful quantum computer could crack bitcoin's ECDSA cryptography in under nine minutes. A Nobel-winning physicist endorsed the paper, noting the vulnerability window when a public key is exposed during transaction broadcast. Headlines predictably went apocalyptic. NVK (Rodolfo Novak, Coinkite/Coldcard founder) published a comprehensive two-part explainer on X that deserves your time. The key takeaways: the threat is real but distant, stop reusing addresses (every reuse exposes your public key), watch BIP-360 for quantum-resistant address types, and keep long-term holdings in addresses you've never spent from. Meanwhile, academics calculate that attacking bitcoin mining with quantum would require the energy output of a small star. Read the papers, not the headlines.

Conduition Ships Isogeny-Based Cryptography Research for Post-Quantum Bitcoin

Why it matters: A pseudonymous developer may have found a post-quantum cryptosystem that preserves Bitcoin's key features with signatures only 2x the current size.

In Bitcoin Optech Newsletter #399, the big item is Conduition's research into Isogeny-Based Cryptography (IBC) as a post-quantum system for Bitcoin. The elegance is in what it preserves: while Shor's algorithm would break ECDSA, elliptic curve math itself isn't fundamentally broken. Isogenies are mappings between elliptic curves, and the hard problem (computing the isogeny between two curves) remains quantum-resistant. The practical upside is massive. Unlike hash-based or lattice-based alternatives, IBC keys and signatures are only about 2x the size of current ECDSA ones. That matters for block space. More importantly, IBC supports "rerandomization," which means it can replicate BIP32 HD key derivation, BIP341 taproot tweaking, and potentially BIP352 silent payments. This is exactly what Bitcoin needs: a post-quantum cryptosystem that doesn't break the features users depend on. Conduition, an anonymous developer, is calling for more cryptographers to research signature aggregation protocols for IBC (no MuSig or FROST equivalents exist yet). This is early-stage research, but the quantum week makes it timely.

Q1 Bank Earnings Week: Goldman Sunday, Wells Fargo and BofA to Follow

Why it matters: First real look at how the war, oil shock, and rate uncertainty hit bank balance sheets.

The big banks start reporting Q1 2026 earnings this week. Goldman Sachs reports April 13, Wells Fargo on April 14, and Bank of America on April 15. This will be the first real read on how the Iran war, oil shock, and Hormuz disruption hit Q1 numbers. Watch for trading revenue (likely elevated from volatility), loan loss provisions (consumer credit is deteriorating), and any commentary on commercial real estate exposure. As we noted in yesterday's Brief, the Fed is sitting on $844 billion in unrealized losses. These earnings calls will tell us whether the big banks are in the same boat or managed to trade their way out of it.

Iran Demands Cryptocurrency Tolls for Ships Passing Through Hormuz

Why it matters: A sanctioned nation is using the ceasefire to monetize the Strait, and demanding payment in crypto to bypass the dollar system.

Hours after the ceasefire was announced, the Financial Times reported that Iran's oil exporters' union is demanding fees of up to $1-2 million per vessel passing through the Strait of Hormuz during the two-week ceasefire, payable in cryptocurrency. Tehran will also monitor vessels for weapons. Let that sink in: a nation under comprehensive US sanctions is leveraging the most critical oil chokepoint on Earth to collect crypto tolls. They can't use the dollar system, so they're building around it in real time. This is sanctions evasion as geopolitical strategy, and it validates everything bitcoiners have said about censorship-resistant money finding product-market fit in adversarial environments. Whether Iran uses bitcoin, tether, or some other token, the signal is clear: when the dollar system locks you out, you route around it.