Exploiting P2P: How Mostro Hacks the Exchange System
Every exploit starts by finding a vulnerability. Centralized exchanges are the financial system's biggest one — KYC as a mass surveillance vector, custodial databases as honeypots, and single points of failure that governments can pressure, censor, or shut down. Mostro is the exploit. Built on Lightning Network and Nostr, it attacks every surface: NIP-59 gift wrap makes trade communications invisible (even relays can't see who's trading with whom), hold invoices keep escrow non-custodial (Mostro never touches your sats), pseudonymous reputation replaces identity documents, and disposable relay infrastructure means there's no server to seize. This talk walks through Mostro's architecture as a systematic hack against financial censorship — from the personal story of being blacklisted in Venezuela for signing a political petition, to the technical deep dive of how each protocol choice neutralizes a specific attack vector. Includes a live demo showing what a trade looks like from inside the app and what it looks like from outside (spoiler: just opaque encrypted blobs on a social media relay). The real exploit isn't technical — it's giving millions of people access to free exchange when their government says they can't have it.