There are different kinds of bits. One kind is the number of 1's and 0's. As Dany said a ECDSA private key as used in bitcoin has 256 different of these.
Another kind is a measurement for the amount of information a message contains (this message may or may not be encoded in bits). This measurement is called entropy and is given in bits as well.
There is also the kind of bits used by DeathAndTaxes which is a comparisson between algorithms. What it means is that ECDSA is as strong as a 128bit symmetric encryption scheme. Another common example is RSA, where a 1024 bit key is as strong as ~70 bits. This number can decrease over time as better ways are found to calculate the private key from the public key.
Yes but I was asking for the entropy, hence the title of the thread: I`m a bit confused about the maximum entropy that bitcoin provides.
Alright so private key = 128 bit entropy, finally that is settled 
No.
Ok so then how much entropy security does a spent vs unspent address provide? I think you are looking for security not entropy. Anyway Ill put the names aside and try to answer your question. Im pretty sure Danny will correct me when I make a mistake. The question the way I understand it is, how easy is it for someone to steal your coins if you re use addresses. Scenario #1: You have spend coins received on the address in the past and thus the public key is stored in the blockchain. In this case the attacker would need 2 128 elemantary operations to find the correct private key. Aka a security level of 128 bit. This ignores randomness and chance, e.g. the birthday paradox. Scenario #2: You have never spend coins received on the address, ever. You also have not otherwise published your private key (e.g. due to a payment to pubkey instead of to an address). In this case the attacker has to break the RIPEMD160 hash in order to get to the SHA256 of the public key. Since there are no known attacks to improve from simple brute force its security is 160 bit. Once RIPEMD160 is done, an attacker would need to break SHA256 (256 bit security, unless used with reduced number of rounds) in order to get to the public key and from there try to find the private key. This however makes no sense as its way faster to just try private keys until you found one that results in the same address. As there are only 2 160 different (version 1) addresses due to the 160 bits of RIPEMD160 there are 2 96 different private keys for each address. As such you have a total security level of 160 bits. |
|
|
|
Well, the vouch copy were given to him by the seller himself, and the seller is nowhere to state that he is not allowed to sell his vouch copy.
In essence, a vouch copy is meant to help a seller's sales. If this guy's selling his vouch copy, he could be disrupting sales, etc. Wouldnt this fall under "immoral conduct", trying to pswn off a person's gift to you, in a sense? Well it might not be nice, but does it deserve a negative rating? IMHO not. Another point that seems have gone unnoticed is that the person in question is also selling Starcraft2 and Diablo3 (as well as a time expired WoW EU/NA). So its not only the vouch copy sold, but a total of 3 games. |
|
|
|
A public key is a 256 bit X-value and a 256 bit Y-value, but the Y-value can be calculated from the X-value.
A bitcoin address is 160 bits.
I keep hearing that an unspent address has more security. So if the pubkey adds 256bit, and a bitcoin address is by default 160 bit, then an unspent bitcoin address is 416 bit? No. Why do people say that a private key has only 128 bit because ECDSA provides only 128, see the quotes belowI get it... However, bitcoin already has key stretching. Bitcoin the protocol does not use key stretching. Bitcoin-core "the client" uses key stretching to harden to the WALLET DECRYPTION PASSPHRASE against brute force attack. Nothing more. Electrum doesn't copy that code from bitcoin-core wallet so it isn't key stretching "again". edit: actually i dont think it would increase the entropy, just add more stretching, since the seed has less entropy than a 160 bit "normal" priv key
Private keys only have 128 bit key strength. Not 160 bit and not 256 bit.256 bit ECDSA keys have 128 bits of key strength. It requires 2^128 operations to brute force the privKey from the PubKey. This assumes the PubKey is known. If it isn't the an attacker would need to attempt a hash collision against the PubKeyHash, looking for any privKey which produces the same PubKeyHash. That would require on average 2^160 operations. Yes the PubKeyHash is oversized. Bitcoin would have similar security (when PubKey is known) is the PubKeyHash was only 128 bits (i.e. RIPEMD-128 or XOR the left and right 128 bit sequence of SHA-256).
As for key stretching reducing entropy is depends on how it is implemented. I haven't looked at Electrum source code but PBKDF2 was created to remove the entropy loss associated with PBKDF1.
It's kinda hard to tell who is right and wrong, so please enlighten me There are different kinds of bits. One kind is the number of 1's and 0's. As Dany said a ECDSA private key as used in bitcoin has 256 different of these. Another kind is a measurement for the amount of information a message contains (this message may or may not be encoded in bits). This measurement is called entropy and is given in bits as well. There is also the kind of bits used by DeathAndTaxes which is a comparisson between algorithms. What it means is that ECDSA is as strong as a 128bit symmetric encryption scheme. Another common example is RSA, where a 1024 bit key is as strong as ~70 bits. This number can decrease over time as better ways are found to calculate the private key from the public key. |
|
|
|
I wish to unsubscribe to old topics, cause they keep coming back in my unread replies page. But i can't find an option for it. Is it even possible?
If you are using the watchlist, then you can just click the "unwatch" link. If you are using the "Show new replies to your posts", then you should switch to using the watchlist, and you won't have such a problem anymore. Then you can just click the "unwatch" link. Alternativly if you insist to keep using "show new replies to your posts" for some reason, delete all your posts in the respective thread. Seriously, use the watchlist its great. |
|
|
|
Wie im Titel zu lesen ist steht bei mir "Synchronisation "2 Jahre im Rückstand"". Das heißt also wie ich denke er aktualisiert gerade, aber das dauert einfach extrem lange.
Ich bin absoluter Neuling, habe mir gerade zum ersten mal per bit4coin BTC holen wollen und eine Wallet Adresse eingetragen, aber anscheinend muss ich so lange Warten bis das durch ist, bevor ich die BTC bekomme. Ich kann nicht irgendwie wechseln oder?
Nein, die Transaktion ist wie sie ist und kann nicht mehr geändert werden. Sonst wären die BTCs weg richtig? Oder kann ich das verschnellern?  Jaein. Es gibt ein paar Dinge die Du tun kannst. #1 Je nach system core schneller syncen lassen, siehe z.B. hier -> https://bitcointalk.org/index.php?topic=1357766.0#2 den privaten Schlüssel in eine andere Wallet exportieren die keine vollständige Kopie der Blockchain benötigt (z.B. electrum) #1 Setzt voraus das Du dich zumindest ein bisschen auskennst, welche Hardware du hast und wie Du bitcoin core über die Befehlszeile startest um parameter zu übergeben. #2 Bedeutet das Du einen ungeschützen privaten Schlüssel sicher handhaben musst. Dieser Schlüssel ist alles was nötig ist um über die Bitcoin zu verfügen. Je nach Menge an BTC und den deinen Fähigkeiten ist das auch nicht ratsam. Wenn Du Fragen zu einer der Möglichkeiten hast, findest Du hier sicher antworten. |
|
|
|
Is it possible to guess the mnemonic phrase with the mnemonic I have? 12 words. Maybe I have misplaced them during writing.  Maybe, I dont know. Only ever tried it for electrum, try following the "seed recovery guide". To your initial problem: The number of passwords is too large for btcrecover to test. There is a build in limit where it wont even start. You can use --no-eta -d -d -d -dto avoid the password counting as well as all dup-checks. This will also circumvent this limit. Other than that you can follow the tip and set --max-eta to a higher limit. If you are unsure about the tokenfile you made, you can use --listpass --token yourtokenfileto let it show you the passwords. This should give you a rough idea if the passwords generated are correct. Yours looks fine though. |
|
|
|
Everything below was written with bitcoin core in mind since its the only wallet I know that uses files called "wallet.dat" how to backup a wallet data?
File -> Backup
Hi guys not new there but can't remember my nickname nor my registration email. Simple question: Let's say Monday I have 15 btc. Monday night I backup my wallet.dat on an external drive. Thursday I get 5 more btc, so total btc on my wallet = 20. Wednesday my computer crashes, I reinstall Windows, then Bitcoin-qt, then put back the wallet.dat I backed up on Monday. Will I have 20 btc or only 15? This happened for real and I'm not sure I got back all my coins :< 20 BTC course, because bitcoin you go online and recorded in the data base of your wallet. because bitcoin does not go into your pc, but to your wallet. Thank you , no, no. Stop posting bullshit for a few satoshi. #1 "bitcoin does not go into your pc, but to your wallet" OP is talking about a local wallet, namely bitcoin core as indicated by the wallet.dat filename. Thus, the crucial private keys are stored in the wallet file, which is not "online". #2 The correct answer is not "20 BTC (of) course", but maybe 20 BTC maybe 15 BTC. Bitcoin core - by default - keeps up to 100 private keys pregenerated and hidden from the user. If the 5 BTC have been received on an address that was generated with the private key 101 after the last backup (or any later key), the answer is 15 BTC. If the 5 BTC have been received on an address that can be generated with one of these 100 private keys, the answer is 20 BTC. Bitcoin core requires periodical backups, as the pool of private keys still covered by the last one constantly decrease, e.g. due to change addresses or new receiving addresses. |
|
|
|
Thanks for your help - I decided the best route was to re-install ubuntu. Haven't yet re-created the wallet but I appreciate your help. Thanks!
One thing - if I go ahead and install directly 2.6.4 instead of 1.9.8 will it make any difference, considering that my public key and seed are from a .9.8 wallet?
Thanks again,
Adrian
No, the seeds work for both versions (1.x and 2.x). In the spirit of a true cold wallet you might want to create a new one regardless and transfer the funds.
why did you not upgrade for years? sorry to not be a help... but this is likely your issue..
Its an offline system and as such intended to stay offline. An update however requires the system to be online or data to be transfered to the online system and executed. Its good practice to keep online systems updated, but its a bit different for offline systems as each update might compromise the offline state. |
|
|
|
-snip-
C:\Users\XXX\Downloads\bitcoin-0.11.2\bin\bitcoin-qt.exe bitcoind -zapwallettxes
Aber das Programm startet immer noch wie gewöhnlich. Was mache ich falsch?
Hast Du tatsächlich in deinen Downloads Ordner installiert? Falls ja: #1 "ausführen" öffnen (Win + R) #2 C:\Users\XXX\Downloads\bitcoin-0.11.2\bin\bitcoin-qt.exe -zapwallettxes eingeben #3 "ok" drücken, warten Falls nicht, Pfad entsprechend anpassen. Alternativ (geht vermutlich auch schneller): Bitcoin interne console öffnen und abandontransaction c393d25e2167e368b51b9e864d36a032d13b8d2e2c6e38089d1b0bf225812c3e eingeben. Falls das nichts tut, updaten auf 0.12.x |
|
|
|
put it this way, in regards to the possible "subscription", "out of bounds", "future parallel market" BTCC right now has a "deal" with its customers that use its exchanges and other services. and that deal is...... free transactions AKA "block priority" http://www.coindesk.com/press-releases/btcc-launches-blockpriority-service/knowing that BTCC gets a block atleast once an hour. makes their customers relaxed that even without a fee they are going to get their tx into a block within the hour, just because they are BTCC customers. nothing more, nothing less. For one this! Its not as absurd an idea as Quantus tries to make it. @OP do you have any more information on the TX or the pool that found the blocks they got confirmed in? Other than an external deal I can think of a few things that might have cause this. E.g. a very high priority either due to large amounts, old coins or both. Its also possible that a created several TX to fuse a couple of smallish inputs into a single large one. |
|
|
|
You claim to be having 2000 BTC in reserve.
Do you have a substantial proof of it?
Anybody can write a figure anytime but that's not what we are looking for.
Care to show them if you have that much in reserve?
We value our reputation and we want to build it upon trust. It's a good idea to prove our reserves and we're ready to PM up to three most trusted forum users (i.e section moderator) with the message signed from our cold wallet. -----BEGIN BITCOIN SIGNED MESSAGE-----
This is shorena from bitcointalk.org and today is 2016.06.17.
I received a list of addresses and signed messages from [banned mixer].
The signed message was the following single line of this signed message
We, [banned mixer], hereby confirm that this address belongs to us
I was able to confirm all signatures as valid with bitcoin core 0.12.0
The combined, current balance of the addresses is 1799.9928 btc.
After publicly posting this signed message all information regarding these addresses will be deleted from my systems
as will be the PM I received regarding this matter.
-----BEGIN SIGNATURE-----
18uTXyQubfaYrkbQDdaXhzd2ALEY5YN77B
H8gLc7cbTKMqcUAVkmzaOSqz1OvMuTE9NgGis2++YGhaYEFqcXrdGkESx9rbm7RLsO2zjfTsjz7CKhXpyYFGz3I=
-----END BITCOIN SIGNED MESSAGE-----
|
|
|
|
-snip-
Here are the transacton ids 84cd46f65556c56342db0270095f9dff0c2216561fb6097b41c6433cc0a252bc and bc0ce842fe1d80a1df83e6672b6d1437b322b9b47c7605de3efa6600598096d8
txid #1 has a double spend that has >32k confirmations. txid #2 I didnt find any information on. To fix your wallet: #1 close core #2 make sure its closed #3 start it with -zapwallettxes (I or someone else can give you more details how to do that if you tell us the OS you are using) alternativly (I tend to forget about that command) instead of #1-3 use abandontransaction txidhere in the internal console for those TX that show as conflicted. I have Windows 10. I will attempt these steps but I will probably need more help. I cannot start working on this until 11pm pacific when I get home from work. Thanks for helping me. This is really stressful thinking that I lost my money. Thanks again. Bitcoin are not lost, they might be difficult to use thats all. For Windows #3 is: #3.1 open run (win + r) and enter (modify path if you installed it to a different location): #3.2 c:\Program Files\Bitcoin\bitcoin-qt.exe -zapwallettxes #3.3 confirm with ok #3.4 let bitcoin do its thing |
|
|
|
Hallo, habe auf einem alten Win7 PC, der mittlerweile offline ist (nutze jetzt Ubuntu/Linux) noch einen qt-Bitcoin client v0.8.5-beta, mit Bitcoins. Den Befehl "dumpwallet" gibt es dort nicht.Hier heißt es: type: walletpassphrase "your walletpassphrase here" 600
type: dumpprivkey [your public key here]
this will return the private key, you can copy it now; Muss ich hier [your public key here] eine (neue) Empfänger-Adresse, die ich in Electrum erstellt habe einfügen? Ich verstehe den Vorgang nicht. Nein, Du ersetzt [your public key here] durch die bitcoin Adresse für die du den privaten Schlüssel haben willst. Das musst du für alle(!) Adressen machen, also auch für Wechselgeld Adressen. Die sind nicht immer klar oder bekannt. Daher gibt es inzwischen dumpwallet. Ggf. reicht es dir die Schlüssel für einige weniger Adressen zu erhalten, ansonsten updaten oder jemanden bitte die wallet.dat für dich zu leeren. Die aus qt-Bitcoin exportierte wallet.dat kann man nicht in Electrum unter: "File -> Datei -> Neu/Wiederherstellen", importieren?
Danke!
Nein, anderes Format. Du kannst dort dann aber die privaten Schlüssel statt seed einfügen um die Bitcoin von dort zu deiner neuen Wallet senden zu können. PS: Wenn die Wallet Datei so alt ist soltest Du dich mit "CLAM"[1] beschäftigen, evtl. gibt es da noch was zu holen. [1] https://bitcointalk.org/index.php?topic=623147.0 |
|
|
|
-snip-
Here are the transacton ids 84cd46f65556c56342db0270095f9dff0c2216561fb6097b41c6433cc0a252bc and bc0ce842fe1d80a1df83e6672b6d1437b322b9b47c7605de3efa6600598096d8
txid #1 has a double spend that has >32k confirmations. txid #2 I didnt find any information on. To fix your wallet: #1 close core #2 make sure its closed #3 start it with -zapwallettxes (I or someone else can give you more details how to do that if you tell us the OS you are using) alternativly (I tend to forget about that command) instead of #1-3 use abandontransaction txidhere in the internal console for those TX that show as conflicted. |
|
|
|
I have no idea what the scenario might be? Things "break" all the time. Are there specific individuals we rely on or who have lead the way in past disasters?
Depends who you ask, but those that mainly take care about the underlying network that keeps bitcoin working are volunteers (or not? see franky1's comment below).# those that write the software that defines what bitcoin is # those that run servers on behalf of the network # those that run small and large mining operations I understand we all participate. To clarify I know there are very specific people we can & do rely on for TOR. I could 'drop' screen names or real names. But those familiar with TOR know what I mean. Incase of "bitcoin" emergency - who?
Can you name a single Tor server operator by name? You might be refering to some of the known Tor devs (see e.g. recent press). The equivalent would be the more known bitcoin devs. Who are some of the smartest people in this Coin right now? I am interested in Mining, Technology;Advancements or Investing. Of course this is an opinion. Though there must be some common individuals/screennames.
Note: the italic passage above was modified after the initial post. |
|
|
|
You claim to be having 2000 BTC in reserve.
Do you have a substantial proof of it?
Anybody can write a figure anytime but that's not what we are looking for.
Care to show them if you have that much in reserve?
We value our reputation and we want to build it upon trust. It's a good idea to prove our reserves and we're ready to PM up to three most trusted forum users (i.e section moderator) with the message signed from our cold wallet. I was asked to help out here, PM me with a signed message that holds 2000+ BTC if you consider me trusted enough and I will confirm having received such a signed message here. |
|
|
|
I'm having trouble trying to sweep bitcoins from a paper wallet. I go to blockchain.info and open a wallet. They say there is a feature to import/export for sweeping bitcoins from paper wallets but I have looked for that link and can't find it. Can someone help me with that?
Settings -> Addresses -> Manage Address at imported addresses -> Import Address -> put the private key in the box -> Import -> Close |
|
|
|
-snip-
How many forums do you know that got hacked and lost all the customer funds.
-snip-
How often do you think this forum got hacked? A hint, the number is not 0.
i think the next software of bitcointalk will be support it
Yes, pretty sure there are plans to implement it in the next version of the forum. As of now most people have BTC addresses in their profiles or signatures that you can send to if you really want to tip them. No, theymos said they dont want to get into the legal trouble of holding funds for users. The only reason for OPs solution I see are payment too small to be done on chain. With those kinds of tips, dont even bother. |
|
|
|
You need to wait if your transaction will be unconfimed you will receive your bitcoin back (this work on blockchain online wallet)
i hope so. you ever experienced this before? normally how many days will back to wallet? I send you a PM with more infos, just posting here for public record that I stopped rebroadcasting for now. Let me know if there is anything I can do to help. |
|
|
|
|
Show Posts
