Can I suggest some corrections? I suspect you already know these things, but it is better to be precise rather than to attempt to simplify things and end up presenting inaccurate information.

The range is not 1 to 2²⁵⁵, but rather 1 to just under 2²⁵⁶. If you wanted to be really precise, 1 to 2^{255.999999999999...}. By saying 2²⁵⁵, you are actually cutting the number of valid private keys in half. 2²⁵⁵ also doesn't match with the 115 quattuorvigintillion figure you then use (which is indeed 2²⁵⁶).

That's not accurate either. If we assume all private keys are generated randomly, then half of them will have a leading zero and therefore be at most 255 bits. A quarter of them will have two leading zeroes and will be at most 254 bits. And so on. These keys aren't any less secure. If you force all private keys to be 256 bits long (i.e. start with a 1 rather than a 0), then again you are excluding half of all possible private keys.

I think you mean "fully functional public key" here. That one number is your private key. The private key does not need to be generated from that number, only the public key does.

This should read "private keys".

This isn't strictly correct since with a 12 word seed phrase, 15 of every 16 possibilities on average can be immediately discarded due to an invalid checksum. The number used should be 2¹²⁸, not 2048¹² (which is 2¹³²).

Yeah. As I said to you in another post, the wait time for remixing is by far the biggest downside to Whirlpool. Getting unlimited free remixes for an output is obviously very attractive, but much less so when you can be waiting weeks for a single remix.

If you don't need your coins mixed quickly and can leave your node and wallet running 24/7, then you can just leave them there and forget about them. They will get remixed eventually. But if you need them remixed quickly, then you need to look at either JoinMarket (but this will cost you to pay for 5+ remixes) or a mixer.

And yeah, I wouldn't even bother downloading and testing Wasabi. It doesn't matter what their software is like when they are actively colluding with blockchain analysis behind the scenes.

Also check out their anonymous view feature.

Their privacy policy says everything you would want it to say though. No logging of IPs, no logging of search queries.

Still, if you still don't like using a third party, then set up your own instance of SearXNG.

They are offering refunds: https://www.reddit.com/r/mullvadvpn/comments/13utbmd/removing_the_support_for_forwarded_ports_blog/jm6j7aa/

You can:

• Wait
• Create a new transaction with a higher fee
• Broadcast it anyway and hope for the best
• Broadcast it anyway and create a new transaction with a higher fee to replace the existing one should it not confirm in a reasonable time
• Direct the change to a single sig wallet you control so you can use CPFP

I always suggest backing up xpubs alongside each seed phrase. For a m-of-n multi-sig, you can back up n minus m specific xpubs alongside each seed phrase and still have full redundancy while preventing a single back up from revealing all your xpubs and therefore allowing an attacker to spy on you wallet.

Taking a 3-of-5 as an example, then alongside each seed phrase you need to back up 5-3=2 specific xpubs. My 5 back ups would look like this:

Back up 1: Seed A, xpub B, xpub C
Back up 2: Seed B, xpub C, xpub D
Back up 3: Seed C, xpub D, xpub E
Back up 4: Seed D, xpub E, xpub A
Back up 5: Seed E, xpub A, xpub B

Any three back ups provide everything needed to fully recover my wallet, whereas the compromise of one (and sometimes two) back ups does not allow an attacker to either steal my coins nor spy on my wallet.

Not a hash of the transaction, but the transaction itself. But yes, you can do this.

You would simply create the transaction on the first wallet, and sign it with that wallet, before exporting the transaction (the specifics of this will depend on the wallet you are using). You can usually export it as some form of raw text, save it to a file, generate a QR code, etc. Then you can send that partially signed transaction to another destination electronically, or put it on a USB drive, SD card, your phone, etc., and carry it with you. Once you have access to the second wallet, you import it, sign it with this second wallet, and then you are ready to broadcast it.

Although the best option would either be your own cold storage or a Passport hardware wallet, I would definitely still keep your coins on your Ledger over a centralized exchange.

I think the best way to approach this would be to initialize your Ledger, update it, and install the bitcoin app, all via Ledger Live as normal. Make sure you don't go anywhere near enabling Ledger Recover. Once you've done that, uninstall Ledger Live and use your Ledger exclusively via some open source third party software such as Electrum or Sparrow. Use one or more passphrases. Although not ideal, doing this reduces the risk from Ledger Recover to a minimum, and it is still far safer than using a centralized exchange.

Binance have been hacked multiple times and have lost millions in crypto and hundreds of thousands of users' data. Remains one of the biggest exchanges.
Coinbase actively sell user data to third parties and inside trade against their users. Remains one of the biggest exchanges.
Platforms like Voyager, Celsius, FTX, all go bankrupt or outright scam. People continue to lose their coins on many other such platforms going bankrupt or scamming in the months since then.
Shitcoins like Luna collapse to nothing because they were outright scams, and then people continue to buy Luna 2.0.

I agree it is literally insane that anyone is still using Atomic wallet, but I also have no doubt that they will have no problem continuing to exist and not just keep current users but attract new ones too. I also have no doubt that hot wallets will never stop being hacked.

Then you can use Startpage or SearXNG for free to return Google's results to you privately.

No, having it enabled is not intrinsically dangerous. The risk comes by allowing any external media such as DVDs or USBs to automatically execute whatever software happens to be on said media. If it's a DVD you burned yourself of some home movies, then no harm done. It it's a USB drive you just received from a friend or colleague, then you actually have no idea what is lurking on it and if their devices were free from malware when using the USB drive previously.

I would +1 to DireWolfM14's suggestion above of Linux Mint. It is as simple to set up as you can get, and has a very "Windows" feel to the GUI, making the transition much easier. There are pretty comprehensive guides available as well: https://linuxmint-installation-guide.readthedocs.io/en/latest/

It's not difficult, just time consuming to let your node sync for the first time. If your node and Sparrow are on the same device, then Sparrow will connect to your node with a couple of clicks, and connecting to the Whirlpool coordinator via Tor is a simple as having Tor running in the background and Sparrow does the rest.

If you are serious about your privacy, then you should be running your own node anyway. There's not much point coinjoining if you are then going to link all your coins together again by relying on an Electrum server (for example) which is run by the NSA.

Sparrow does indeed use Samourai's Whirlpool.

Agree completely with DaveF above. Sparrow is the best choice by far. The most important thing with Sparrow is to ensure it is pointed at your own node and connecting to the Whirlpool coordinator via Tor, but this is all very easy to set up (literally a couple of clicks).

Wasabi use the fees you pay them to actively fund blockchain analysis and pay the company Coinfirm to analyze your UTXOs, spy on your transactions, and decide whether or not you are even allowed to use their coinjoin implementation at all. Here's some fun code from Wasabi (https://github.com/zkSNACKs/WalletWasabi/blob/795496595fae2f52730e1556bb6cafd2c649bb97/WalletWasabi.Tests/UnitTests/WabiSabi/Backend/CoinVerifierTests.cs#L133-L142):

Are your coins "naughty"? Once Wasabi have spied on them and made that decision, then you will be banned from coinjoining them with Wasabi. Add in the fact that they suffer from endemic address reuse (https://bitcointalk.org/index.php?topic=5419000.msg61220171#msg61220171, https://bitcointalk.org/index.php?topic=5286821.msg62085316#msg62085316), and I would steer well clear of ever using Wasabi.

A nation-state level attack does not need the identity of 60% of the population - the identity of a small handful of the right people is more than enough to pose a national security threat. The protections against such an attack are from the final destination not being fooled by the false identity - it is already far too late to prevent the leakage of KYC data. But the vast majority of attacks are not from nation-states looking to compromise national security, but from individuals looking to take out $200,000 in your name.

That matches the data I shared in this post: https://bitcointalk.org/index.php?topic=5452900.msg62337285#msg62337285

A multi-sig decreases the possibility of locking yourself out of your wallets; it does not increase it. If I can lose two keys from my multi-sig wallet before I lose my coins, then that is safer than only being able to a lose a single key from my single-sig wallet.

In a 2-of-7 you would need to lose 6 keys to lock yourself out of your wallet.

The same is true of seed phrases, and yet we all write those down. Just ensure it is stored somewhere securely.

They definitely can by coming up with some memory system, but that doesn't mean anybody should. You shouldn't rely on your memory for anything really sensitive, be that seed phrases or long and complex passwords/passphrases.

That's a fair point, but making a blanket statement of "do not use passphrases" is not helpful, I think. Rather you should avoid them initially but spend some time learning about how they work to make you confident to use them one day.

This is insane logic. The majority of people in the world have publicly revealed their identity in some form or another in the past. That doesn't mean that sharing and spreading that information which they do not wish to be shared is now morally fine.

---

I'm not even going to bother responding to Kruw anymore since he consistently ignores any requests for evidence and just repeats the same nonsense which has been addressed by me and others in this thread a dozen times already. For reference, my replies to the three points he just made:
Doxxing - https://bitcointalk.org/index.php?topic=5286821.msg62418800#msg62418800
Whirlpool example - https://bitcointalk.org/index.php?topic=5286821.msg62413682#msg62413682
Wasabi example - https://bitcointalk.org/index.php?topic=5286821.msg62085316#msg62085316

---

They don't have any real selling points for their own product, given that they've completely sold out their users' privacy by cooperating with and actively funding blockchain analysis. All they have left is attacking their competitors.

---

Also, since you guys brought up sockpuppet accounts, I'll just leave this here: https://nitter.it/i/status/1661394653365641216

Read the section here regarding Tor: https://sparrowwallet.com/docs/mixing-whirlpool.html#starting-the-mix

You want Sparrow to connect to the coinjoin coordinator via Tor to maintain your privacy.

Firstly I would say that spending coins after a single coinjoin is not best practice. Far better to leave them and let them be remixed for free as many times as you can to increase your anonymity set. Secondly, judging by your screenshots, I'm not sure they've been mixed at all yet. After the initial coinjoin, it should say 1 mix, not 0. Has your initial coinjoin transaction been broadcast and confirmed?

It's common for nothing to happen for a while. Free remixes are dependent on new liquidity entering the pool, as well as your UTXOs being randomly selected from all the UTXOs in the pool. This is the biggest downside to Samourai in my experience. You can sometimes be waiting days for even a single remix. Having more UTXOs in the pool and leaving your wallets running 24/7 will make you more likely to get remixed.

The progress bar beside one of your UTXOs should increase to around 30%, and if you mouse over it it should say "Registered input". This way you know you are waiting for a remix. In your screenshot with the progress bar completely empty, then I suspect your wallet is not properly connecting to either the coordinator or the network.

Here are a couple of example transactions.

https://mempool.space/tx/39f7408cce01667633e28e76fb824ebf3f671d861f2a174596accde2ea858a49
This is a fairly standard 1-input 2-output transaction which uses all standard P2WPKH segwit addresses. If you scroll down and click on "Details", you'll see the actual transaction data which is being paid for by the fees. The total size of the data for this transaction is 140.25 vbytes.

https://mempool.space/tx/68abd912ebd0e0303c803e61a70418cb6fd56fd4700a1d4f1560b26e06dd9249
Here is another segwit 1-input 2-output transaction. However, this one uses a 2-of-3 multi-sig for the input, and sends the change back to the same 2-of-3 multi-sig. Click details on this and you'll see the transaction data is much larger. Instead of the input containing one signature from the one public key as it did above, it now contains 2 signatures from 3 public keys. This means instead of the input being 68 vbytes, it is now 104.5 vbytes. You'll also notice that sending the change back to the multi-sig address also uses slightly more data. A P2WPKH output takes 31 vbytes, while a P2WSH output takes 43 vbytes. All in all, this transaction is 188.5 vbytes, so around 48 vbytes larger than the one above.

I disagree with a few of your points.

If you cannot write it down and cannot remember it, then what? No password at all? That's even worse. I have no problem with people writing down long and complex passwords - the key is to store that password safely. If you can store a seed phrase on paper, storing a password on paper is less risky, since the seed phrase is enough to compromise your coins on its own whereas with the password an attacker also needs access to your computer.

I assume by BIP39 password you mean extending your seed phrase with a passphrase. I would suggest everyone uses this. It is a fantastic tool. Write it down on paper separately to your seed phrase and back it up securely in a separate location to your seed phrase. It provides another layer of safety should your seed phrase be compromised, and provides you with plausible deniability in the event of a physical attack. Even better to use multiple passphrase if you can, as well as helping you keep coins from different sources entirely segregated and therefore better for your privacy too.

The transaction must have been signed before you shut down. If you want to continue remixing, you'll need to keep both Core and Sparrow running (and hopefully you are also using Sparrow over Tor).

That's correct. Badbank holds your unmixed changed from Tx0. You will need to mix this separately or spend it in some other way which does not compromise your privacy. Here is some advice: https://bitcoiner.guide/doxxic/

The fee is static regardless of much you coinjoin. You can see the fees for the different pools here: https://docs.samourai.io/whirlpool/basic-concepts

Take the 0.01 BTC pool as an example. You can enroll a single output of 0.01 BTC and pay 0.0005 BTC in fees (which is 5%), or you can enroll 70 outputs of 0.01 BTC and pay 0.0005 BTC in fees (which is 0.07%).

You don't need to do anything except leave Core, Tor, and Sparrow running. Any outputs in your post-mix wallet should be automatically remixed.