Here's a previous answer I gave to this question:


The answer is a single seed phrase can generate 2.5*10²⁴⁵⁶ possible child keys when following the BIP32 protocol.

I'll refer you to an answer I gave in another thread on this topic:


If the answer to generating true random numbers was as simple as "Take any old non-random and biased process and just repeat it a bunch of times", there would not be an entire field of research dedicated to it.

We have methods were are provable and verifiable. Why risk everything by coming up with your own ad hoc scheme?

We discussed this back on the first page of this thread. Taproot support was first added in 0.21.0, so if you are running 0.20.x then you will ignore all taproot transactions.

If you wish to filter ordinal transactions, there are other ways to do this without running software which is several years out of date.

I am of the opinion that a properly airgapped old laptop is more secure than the majority of hardware wallets out there, if you know what you are doing. And there is no need to buy a new device just for this. The hardware requirements to run an airgapped wallet are absolutely tiny - any old device will do. You could even build a device from old components you have lying around.

No. Unless you are one of the few people using a modular phone, then the WiFi, Bluetooth, NFC, etc., modules are integrated in to the circuit boards in your phone and nearly impossible to remove without damaging the phone. You can turn all these things off and turn on airplane mode, but as I've said above, a software level airgap is not a true airgap at all.

The whole point of phones is to be able to communicate wirelessly in as many ways as possible. Trying to airgap such a device will never be completely successful. Is it better than a random hot wallet? Yes. Is it as good as a proper airgapped device which has no connectivity hardware? No.

Then we disagree. Funding blockchain analysis and lying about being open source are not honest and trustworthy actions in my book. And again, I'm not comparing these things to the far worse things Ledger have done, but they are more than enough to mean you shouldn't be using their devices either.

Here's a list: https://kycnot.me/search?q=vps&xmr=on

You can certainly buy a SBC for this, but you can also use an old laptop (or any other old computer) you have for this without spending anything. It's fairly easy to open up a laptop and strip out the WiFi card, etc., and turn it in to an airgapped device.

Ledger are obviously the bottom of the barrel when it comes to hardware wallets, but let's not pretend these other devices are all without flaw. Trezor devices have a seed extraction vulnerability and Trezor cooperates with blockchain analysis. ColdCard and Keystone lie about being open source. Nowhere near as bad as what Ledger have done, but enough to not make me want to use any of their products either.

I am by no means a Ledger fanboy, but it is a simple statement of fact that any other company could try and do the same thing. There is no inherent property in their devices (if they aren't airgapped) stopping them from doing so - only the trust you have in that company and its developers.

This is why I said above I would only ever use open source and permanently airgapped devices. Open source so you know what code is running on your device, and airgapped so that even if the developers wanted to try to extract your seed phrase as Ledger have done then they wouldn't be able to anyway. I would definitely +1 for SeedSigner (and can't wait for this fork to be fully developed: https://monerosigner.com/). Entirely open source so you know exactly what code is running on your device at all times, and even if there was malicious code on there to try and extract your seed phrase, it couldn't achieve anything anyway because it is permanently airgapped. This is what you want from a hardware wallet.

I have also said for a while now that I have largely moved away from all hardware wallets and back in favor of self made airgapped cold storage. I sleep easy knowing that my wallet software isn't spying on me, and that there is zero possibility of some company pushing an update to any of my airgapped devices which means my seed phrase can be extracted, or my wallets will start cooperating with blockchain analysis, or so I can start linking my KYC to my wallets' addresses, or some other such nonsense.

The only hardware wallet I would ever consider using again is one which is both open source and permanently airgapped.

Both the official CLI/GUI wallet and Feather wallet work with hardware devices. The Monero subreddit is a good resource for Monero info: https://www.reddit.com/r/Monero/

Ledger Nano S devices are not compatible with phones.

You can use Electrum to interact with your Ledger device by following the guide here: https://support.ledger.com/hc/en-us/articles/115005161925-Set-up-and-use-Electrum

Once you've created your wallet, it's a simple as taking the next receiving address from Electrum and sending coins which you have bought to this address.

Phew! You must have dynamite glutes by now.

Not sure. There is BIOS malware though.

On the contrary - I think it is mandatory. A software level airgap will never be completely secure, since you are one misclick or one accidental setting change away from re-enabling some form of connectivity and breaking your airgap. A hardware level airgap (i.e. connectivity hardware removed) will always be a safer option.

It's not. Your computer could be filled with malware which makes it generate pre-determined seed phrases or use weak entropy when generating new wallets. If you want to airgap a device which has previously been connected to the internet, then you need to format it and install a clean Linux OS.

It's rare, but it is certainly possible. Many airgapped devices will use QR codes instead when transferring transactions back and forth in order to avoid this possible attack vector.

I can confirm I hold the following keys locally:

Emzy - 0x9EDAFF80E080659604F4A76B2EBB056FD847F8A7, with subkey 0x637DB1E23370F84AFF88CCE03152347D07DA627C

SomberNight - 0x0EEDCFD5CAFB459067349B23CA9EEEC43DF911DC

ThomasV - 0x6694D8DE7BE8EE5631BED9502BD5824B7F9470E6

These three keys match the keys which have signed your Electrum download, so you are safe to install. As nc50lc says, if you want all three to verify fully you'll need to import and verify Emzy and SomberNight's keys as well.

It's not hard coded:


If Knot users stop censoring Whirlpool transactions by changing their OP_RETURN limit, then Dojo users can very easily choose to connect to Knots nodes again by changing this setting.

Lied about the security of your data.
Lied about the security of your coins.
Lied about how many people had their data stolen.
Lied about seeds never leaving the device.
Lied about being open source.

Did I miss any?

Perhaps the exception to the rule, but I would argue that no matter how hard you try it is next to impossible to remove all Google code, dependencies, spyware, and so on. Far better to start with a clean slate (i.e. Firefox) and work from there.

I don't disagree with this at all. As I've said repeatedly through this whole saga, I think the correct approach here is to work on scaling, and not to arbitrarily ban certain transactions in order to allow other transactions to be processed more cheaply. I have no doubt that increasing the effective block size at some point will be part of that solution, but it cannot be the only solution for the reasons discussed above. Just ramping up the block size by a couple of orders of magnitude destroys bitcoin's long term security and completely centralizes the system, as has happened with shitcoins like BSV.

If one of your peers was rejecting all Segwit transactions, would you not drop them for a peer which was not placing arbitrary limits on completely standard transactions?

Exactly. If they are free to censor transactions from their nodes, then I am free to refuse to connect to their nodes.

As I mentioned, this is largely irrelevant at the moment since Knots are such a tiny fraction of all nodes, but it sets a terrible precedence. What you if end up with the majority of your peers censoring your transactions or refusing to relay all transactions? You compromise your own security, privacy, and ability to use bitcoin for no reason? Better to fight back against this kind of nonsense right now before it becomes more widespread.

We don't use that limit. The upper limit is now 4 MB on disk, although in reality most blocks are around 2 MB.

Monero uses dynamic block sizes, and so fees remain low at all times. However, Monero has a tail emission of 0.6 XMR per block for ever more.

Economically speaking, both achieve the same thing - users pay miners. The difference is whether the user making the transaction pays the miner directly (Bitcoin) or whether every user pays the miner via a very small amount of inflation (Monero). Either way, you need some way to fund miners or the chain becomes insecure.

For 4 years. Then it halves again. And again. People have this distant figure of "2140" in their head as when the subsidy goes to zero and we can just kick the can down the road and we don't really need to care about fees until then, but in reality most people using bitcoin today are going to live to see the point when the subsidy becomes negligible. It's only going to take 20 years for the block subsidy to fall below 0.1 BTC. Even if we think bitcoin will be $100,000, then you are down to only $10k per block which is around 2-3% of what miners are earning right now per block. And it only goes down from there. Unless you believe bitcoin is going to be worth $10 million or more within in the next 20-30 years, we need a competitive fee market.

---

I do think that block size will increase again, probably multiple times, but we can't just jump to the initial suggestion of having blocks large enough to let every transaction process at 1 sat/vbyte without greatly decreasing the future security of the network.