SECOND IS NOW ON MAINNET.

Bark, our implementation of the Ark protocol, is available for anyone to start making bitcoin payments.

Included in the launch are our mainnet Ark server, the Bark SDK, and multiple wallets to try from day one.

More details, and our vision for bitcoin payments, from Steven Roose: blog.second.tech/bark-now-on-bitcoin-mainnet/

Recent Bark releases 0.1.4, 0.2.0, and 0.2.1 have been packed with updates. The highlights: Slim VTXO storage cuts wallet memory use 20–100x, real-time notifications replace polling so wallets update the instant something happens, and a single payment request now bundles Ark, Lightning, and on-chain into one QR. And to ensure Bark slots nicely into existing stacks, emergency exits and boarding can now both be driven by an external on-chain wallet with its own signer.

Full changelog: second.tech/docs/changelog

Nested MuSig2 now has a Python reference implementation. Beulah Evanjalin built it on secp256k1lab with tests, examples, and protocol notes—generally in a good state for review and discussion. This is the blueprint that will inform the secp256k1-based C work.

https://github.com/BEULAHEVANJALIN/nested-musig2-python

Barkd is what you run when you want to enable bitcoin payments server-side. On a standard cloud VM, the provider, hypervisor, and co-tenants can theoretically read your signing keys from memory. We decided to run some tests to see if TEEs were the solution.

Intel SGX was a dead end. AWS Nitro Enclaves worked but needed excessive custom plumbing. Azure's confidential VMs seemed to be the sweet spot, achieving the convenience of a hosted wallet while minimizing trust in the host.

https://blog.second.tech/running-barkd-in-a-tee/

New page up: a directory of wallets building on Bark. Most are open source, so you can see how teams are handling the Bark SDK and Barkd to deliver bitcoin payments over Lightning, Ark, and on-chain.

https://second.tech/docs/built-with-bark

Small but mighty changelog for 0.1.3. Bark now ships an IndexedDB StorageAdaptor—the missing piece for browser-based wallets. Combined with the WASM and gRPC-web support from 0.1.0, you can now build Ark wallets that run entirely in the browser with persistent state.

Bark can now also connect to access-controlled Ark servers via bearer tokens. You know what this means. 😉

Full release notes available at the usual place: second.tech/docs/changelog

Double changelog today for bark-0.1.0 (you know we’re getting closer to mainnet when the “beta” tag is dropped!). Highlights include event-driven notifications replacing polling, a fee estimation API for all operation types, Tor connectivity, barkd security hardening with auth tokens and CORS, HTLC preimage recovery from on-chain exits, and WASM compilation for browser-based Ark wallets.

Full changelog: second.tech/docs/changelog

Nice one AJ Towns. Your signet reorg simulations caught a nasty bug lurking in unusually deep reorgs. Thank you for passively torturing our code with edge cases 👍

"This was a genuinely fun build. The Bark integration was way smoother than I expected going in. Being able to accept Lightning payments without running my own node, and having native Ark payments work alongside that, made the whole payment layer surprisingly simple to wire up." - PiHiker, ArkAPI dev

Cool new project for charging for API calls: https://community.second.tech/t/arkapi-a-pay-per-call-api-gateway-with-lightning-and-native-ark-payments-built-on-bark-and-live-on-signet/193/1

We caught a capacity overflow bug in Bark before it ever hit a user—thanks to the fuzz testing @luca0x46 has been running around the clock. A malformed VTXO could have requested an arbitrary vec size during deserialization, triggering a panic. Now it's patched.

Bark's client-server architecture means the server has to gracefully handle anything thrown at it—malformed VTXOs, malicious client requests, unexpected edge cases. Fuzzing helps make sure the server stays up and keeps serving rounds no matter what comes in.

The vec allocation bug is a good example of something easy to miss in review—stable Rust doesn't yet support try_with_capacity, so the bounds check has to be done manually. Our first fuzz target was a straightforward deserialize/serialize pass, and it surfaced the issue immediately.

The fuzzer runs 24/7 now, with minimized corpora pushed to our bark-qa repo alongside test vectors used throughout Bark's development. More targets coming—serialization/deserialization expansions first, then method-level fuzz targets.

Full writeup: https://blog.second.tech/fuzzing-bark-for-server-reliability/