Agreed. I use a mobile wallet for a few hundred dollars worth of bitcoin, which I carry around daily. I know it is far from being secure, but it's an amount I can easily afford to lose and an amount I would happily give to an attacker to prevent any physical harm to myself. The amount in that wallet is in no way linked to my main cold storage via blockchain analysis. My various cold storage wallets are also in no way linked, are of various types (hardware, paper, old laptop which has been airgapped), and are all stored separately.

Obviously the best way to mitigate a wrench attack is to maintain your privacy wo you don't become a target, but I've often wondered what the best way to survive it would be provided the attacker has already overcome that first step.

Unless they know for a fact your wallet set up (which is incredibly unlikely), then there is no real difference in using multi-sig and just telling them you are using multi-sig. However, if they are willing to physically attack you for money, is having everything you own locked away in multi-sig wallets really the best way to go? Perhaps you actually want to have some bitcoin available you can hand over for your own sake. Also, there's nothing really stopping them from forcing you to tell them where you've stored all your multi-sig keys instead of the keys themselves.

So do most fiat systems, and no one has issues discerning the difference between $1.50 and $15.

Who said anything about a BIP? I even agreed Satoshi is likely to become the denomination of choice in the future. I'm not trying to force anyone else to use mBTC, simply stating that I find it the easiest denomination to work in at current prices.

And I could show you similar pictures or screenshots of sites with prices in mBTC. Each to their own. The only time I personally use sats is when talking about fees.

This guy sounds like an idiot.

According to the article, he had "long been obsessed with the value of privacy".

And yet, he has a very active twitter account with over 200,000 followers. He posts pictures and videos of himself on his twitter account. He has a onename page that links to his twitter, his Facebook, his LinkedIn, his Instagram. He has a car license plate that said "BITCOIN". He didn't even use a VPN. He is so desperate to live privately, that he gets a story about himself published in the New York Times.

If you actually want to be anonymous, this is not the way to do it.

So for this attack to be successful, an attacker would need the technical knowledge to build such a device, shrink it to a size that would fit inside a USB cable, physical access to my house to switch out my USB cable without me knowing about it, wait for me to use my device, and then physical access to my house a second time to retrieve the altered USB cable with the data stored within?

Surely if they have both the technical knowledge and the physical access to do all that, it would be far easier for them to just install a hidden camera to watch me type in my PIN? This isn't a vector of attack I am going to be getting too worried about.

I prefer denominating things in mBTC for the time being. BTC is too large for small USD values, and sats is too small for large USD values, whereas mBTC lies somewhere in the middle.

USD	BTC	Sats	mBTC
$1	0.000094 BTC	9,400 sats	0.094 mBTC
$10	0.00094 BTC	94,000 sats	0.94 mBTC
$100	0.0094 BTC	940,000 sats	9.4 mBTC
$1000	0.094 BTC	9,400,000 sats	94 mBTC

Try saying all of those out loud. Zero point zero zero zero zero nine four is awkward, as is nine million four hundred thousand. mBTC is (at current prices) the most easily workable denomination, and also avoids having to count zeros, which you have to do when dealing in BTC or if someone doesn't include the commas in satoshi.

Satoshi could well become the denomination of choice in the future, but at the moment, I think mBTC is the easiest to work with both visually and verbally.

Theres certainly a precedent for it, and a very recent one at that.

Just last month, Marriott International (the hotel chain) were handed a fine of over $120 million after hackers stole the personal details of several million customers. A few days before that, British Airways were fined over $220 million after a similar hack and security breach.

The GDPR allows a maximum fine of up to €20 million or 4% of annual turnover. The hacks above involved hundreds of thousands individuals, though. If Binance were fined, i would suspect it would be a much lower sum.

I'm obviously not going to link to them, but you can view the pictures online. All the ones I've seen are dated 24th February 2018. All the other articles I have read also say 2018. I suspect this is just poor reporting by coindesk.

There are also a couple of articles which say that all these photos are from Binance phishing sites. It seems a number of Binance users were previously emailed to say their account was locked, and they were required to upload KYC documents to unlock it, along with a link in the email to a phishing site. Binance's statement on the matter is far from reassuring though. It sounds like they have no idea whether or not they were hacked, or how it might have happened.

I'm a strong advocate of never doing KYC for anything crypto related, and this is why.

How do we know they have "top notch security"? Has there been any independent audits of their security practices? Have any external experts reviewed their security set up? We only have Binance's own word to go on, and they are hardly going to come out and say "Hey guys, out security is pretty questionable, but it's not our KYC documents so we don't care."

This is some mental gymnastic nonsense. They say they haven't been hacked because the images don't contain their watermark. Then in the next paragraph, they say the images came from a time when they were using a third party to process KYC, which wouldn't be applying Binance's watermark in the first place. They call the leak "fake", but then offer 25 BTC for any information regarding it. It sounds like they don't really know what's going on. There are, however, some suggestions floating around that these documents may all have come from a Binance phishing site, which told users their account was locked until they uploaded KYC documents.

If you have ever completed KYC on Binance, then you should consider doing the following as a minimum:

Place a fraud alert on your credit report. This is free to do. This will flag up to any third party which is approached for a loan or credit in your name, and should prompt them to contact you before extending said loan or credit.
Keep a close eye on your credit report. Anything which shows up there which you didn't initiate yourself is a major cause for concern. Dispute these with the bank or lender involved as well as with the credit agency.
Keep a close eye for suspicious activity on any of your accounts, such as attempted password resets or address changes.

Under "Pro" for a custodial wallet, you write:
Be aware that his is also a con. If they can reset your password for you, they can reset your password for anyone else as well. A little bit of social engineering or an email hack may be all an attacker needs to convince the third party to let them in to your account.

Talking about your phone/computer being infected with malware - this is one of the main benefits of a hardware wallet such as a Ledger or Trezor. You can use them safely even on infected devices without the risk of your private keys being exposed. They also force you to confirm any transaction on the device itself, which helps to mitigate against clipboard malware (provided the user is following the proper steps and double checking the address).

You also don't mention that many third party and custodial services, including both wallets and exchanges, turn out to be complete scams, and will disappear with your coins and there is nothing you can do about it.

Speaking of scams, I would be careful about recommending freewallet. There have unresolved scam accusations against them, couple with active negative trust and warning flags. See here for more information: Freewallet.org is a fraudster who cheated me out of 15.2BTC.

Your transaction is showing up just fine on the following blockchain explorers:

https://blockstream.info/tx/c544e9636628e0ad4527e2791fcc377b70cb5cf2bfe7e5552a633e1b44a5eddd
https://blockchair.com/bitcoin/transaction/c544e9636628e0ad4527e2791fcc377b70cb5cf2bfe7e5552a633e1b44a5eddd

Your fee is set at 30 sat/vByte, which works out the same as 0.0003 BTC/kVB as you say. Currently your transaction is sitting around 2.5MB from the tip, so it the mempool starts to clear out a bit as it usually does at this time, then you can expect to be confirmed within the next few hours.

I assume this has been lost in translation and you are referring to RBF. Your transaction is opted in to RBF, but without a change output, you will be unable to use it.

I completely agree, and have talked about this before. Half of the spam posts are machine generated or text spun plagiarism. They can generate new posts in less time than it takes to report them. Reporting starts to feel like banging your head against a wall, when for every post you get deleted the spammer makes 3 more, and we don't actually take any action against the account. It's just a never ending game of whack-a-mole, when we should just be unplugging the machine at the wall.

Seeing the same name pop up on your report statistics again and again is frustrating, to say the least. I'm starting to think that having a set number of posts deleted within 30 days should prompt a manual mod review of your account for consideration of an escalating ban.

This is by no means unique to bitcoin. The IRS want to stick their noses in everything. Bitcoin may seem different since it is actually a currency in its own right, but since the IRS class it as property, it will be taxed as property.

Let's say we are trading basketball cards. I swap you a rare Kobe Bryant card for a rare LeBron James card. No fiat changes hand. No values are even discussed. As far as the IRS is concerned, we both sold our cards to the other person for fiat, and then used that fiat to immediately buy the other person's card. We both owe taxes on the capital gain made, which is the difference between what we bought the card for originally, and what its market value was when we traded it to each other.

Do people report such trades and pay taxes? Largely no, but there is no publically accessible ledger of all basketball card trades.

That's not true. Bitcoin addresses contain a built in checksum, so if you accidentally change a character or two, the checksum will not match up. You will almost certainly end up with an invalid address which your wallet will not accept. The chance of generating a valid but incorrect address from a typo is about 1 in 4.3 billion.

You can read more about it here: https://en.bitcoin.it/wiki/Address#What.27s_in_an_address

You can have a look through all of Satoshi's writings here: https://satoshi.nakamotoinstitute.org/
And you can also have a look through all of his forum posts here: https://bitcointalk.org/index.php?action=profile;u=3

As far as I can tell, he never directly mentioned taxation. Tax is mentioned briefly in a couple of the early email chains between Satoshi and people like Hal Finney and Ray Dillinger. I'll paste the relevant sections here:

I usually look up the transaction ID in a block explorer to confirm that it has been broadcast and all looks as expected.* If it does, then we're all good. As long as you double check your address and amount before hitting send, you have nothing to worry about. A hardware wallet might help you with this if you don't already have one, since the address and amount are displayed on its screen, and you have to confirm them there before the transaction will send.

Why do you get concerned about the wrong address? If you are typing it by hand, know that if you make a small mistake, you will almost certainly end up with an invalid address, which your wallet won't let you send to. If you are copy and pasting it, then you are only at risk if you have clipboard malware which will change the address (usually very noticeably) to a different one. As long as you double check the address you have entered with the one you want to send to as I said above, you will be safe.

*I prefer blockchair.com or blockstream.info, since they both support Segwit addresses and both show fees more accurately in vBytes rather than bytes.

Time to start collecting donations! Perhaps we could rename it Oeleold Trafford.

It's not an altcoin, but rather an exchange. I've never heard of it either, but the news is legit - here is the press release from Newcastle United's website: https://www.nufc.co.uk/news/latest-news/stormgain-named-official-sleeve-partner/

I'm curious as to how much vetting or otherwise football clubs and other sports teams do of their sponsors, or do they not pay too much attention provided they can pay the appropriate fee? The stormgain.com domain was only registered a few months ago, and they are based in Seychelles. I can find very little in the way of reviews or feedback online about people using it successfully. They are not listed on any major crypto site. I can find no data on their volume or number of users. Can Newcastle United say for sure this exchange isn't a scam?

Because new developments are made. We can't just force disable all legacy addresses, and we similarly can't force exchanges and other online services to start using bech32, even though it is strong encouraged to do so.

If you are confused about which type of address to pick, the safest option is to pick a "nested SegWit" address (which you will sometimes see written as P2WPKH-P2SH, P2SH(P2WPKH), P2WPKH-in-P2SH, or a similar combination). These addresses always start with a 3, although there are other types of address which also start with a 3. These address give you some of the benefits of SegWit (somewhat cheaper fees), but maintain full compatibility with all online exchanges and services.

I am almost exclusively using bech32 addresses. Occasionally I still have to use a nested SegWit address for a service which won't let me withdraw to a native SegWit address, but as soon as I spend those coins, I redirect all the change to a bech32 address. No reason not to take advantage of cheaper fees.

Yes and yes.

If you look at the Bitcoin press hits, notable sources thread, which was the precursor to the Press board, jgarzik uses the following phrase (emphasis mine):


I'd say sites like CoinIdol and CoinTelegraph pretty clearly fall under the category of "bitcoin community self-promotion". Sites which are entirely dedicated to churning out (poor quality) content about bitcoin or other cryptocurrency are not a "notable" place for an article about bitcoin to show up on.

I actually wouldn't have an issue with articles from CoinIdol or similar showing up, provided they were of high quality, showing up infrequently, posted by genuine users, and sparking genuine discussion or debate. However, as it stands, one spammer who is presumably being paid by them just floods the board with every non-news, factually inaccurate, piece of word salad they churn out.