This video https://www.youtube.com/watch?v=nVOlO_24BCo says around 11:25 that we can receive spam inside the ledger live app. And if we click on it, it will drain our wallet. I am absolutely baffled to see that this is possible inside the ledger live app. This is totally unsafe for beginners like me. I feel like I'm going to make a mistake and have my entire wallet drained. I find it totally unprofessional that a company like ledger can not protect users from receiving life threatening spam in their app. So, a few things to explain here. This spam has nothing to do with Ledger, and there isn't anything they can really do to prevent it. On chains like Ethereum, attackers send out worthless tokens to every address they can find, hoping that some people will interact with said worthless tokens and can be fooled in to signing a transaction. It doesn't matter if your Ethereum address is from a Ledger, a Trezor, some other hardware wallet, cold storage, whatever. If your address is public, it will be spammed. Secondly, excluding some massive as of yet unknown critical vulnerability, you can never have your Ledger drained by simply clicking on something on your computer. Any time you want to make a transaction from your Ledger, you must review it on the screen of the Ledger device and then confirm it using the buttons on your Ledger device. If you click on some malware or malicious site that tries to steal your coins, then you will see a transaction on your Ledger that you didn't ask for and don't recognize. Simply refuse it. Thirdly, this kind of NFT spam and airdrop nonsense happens to chains like Ethereum. If you are only going to be buying Bitcoin, then it will not happen to you. In general, I would also caution against using YouTube or other third party guides on setting up your Ledger. The ones you choose might be perfectly legit, but there are also lots of fake ones out there looking to scam you. Stick to the official guides: https://support.ledger.com/hc/en-us/articles/360018784134-Set-up-your-Ledger-Nano-X |
|
|
|
(I really believe that a large number of people don't mind their data being shared - especially the ones that instantly click on "Accept all cookies"). Of course, but if we are talking about apps and services specifically designed to allow non-KYC trading and preserving privacy, we shouldn't be happy with accepting that bare minimum. In an effort to understand this stance with marketing e-mails, I believe that the main purpose of sharing early access users with MailerLite is to more easily distribute weekly newsletters to share what's being developed at the moment and keep in touch with the "early adopters" as a way to also help them promote their service. Weekly updates and so forth could be on a landing screen on the app, which results in no need to share details with third parties. Still, I suppose it is easily countered by just using a new email address. |
|
|
|
Fees dropped a lot, so the transaction should be able to broadcast again. Indeed. OP, the mempool is now empty enough that you could rebroadcast this successfully and get it in to most nodes' mempools. It still won't yet confirm on its own, although in last 24 hours we've confirmed about 30 MvB of 1 sat/vbyte transactions, so if this trend continues it might well confirm on its own in a couple of days. However, by rebroadcasting it you would then be able to perform a CPFP, if you think you will be able to do that? If there is no option to rebroadcast it from Umbrel then let me know and I can rebroadcast it for you. I don't want to do this until you are sure this is the route want to take though, cause otherwise it could potentially get stuck again. |
|
|
|
Before a node submits transactions to another node, you could require it to send you a list of transactions which were signed by a "node key". If there is a transaction this node did not include but had been seen before when communicating with another node,* and is also not in your own transaction list, then you don't transmit your transactions. This all sounds very computational expensive, for every node not just to be verifying and broadcasting transactions, but also verifying each transaction was signed by each node's key. I'm also don't know how you could actually verify that a node had indeed previously seen a transaction it was not broadcasting. Each node would have to store and share a list of every transaction it was broadcasting to every node, but even then, there would be no way to verify that a node actually received what was being broadcast to it. I also don't think it's particularly necessary. One or two nodes participating in censorship is irrelevant - transactions will spread around them without issue. Even if we pick some ridiculous number like 50% of nodes which start censoring transactions, then given that by default each node connects to 8 others, there is only a 0.4% chance that all 8 of the nodes you connect to would be censoring. Given how easy it is to run a node, I don't think this will ever be a problem. There are plenty of people who run nodes who would never implement censorship, and there are plenty of people like me who would quite happily spin up 10 nodes to counteract such censorship. |
|
|
|
No side effects to properly administered homeopathy plus good nutrition. That's true. Also no effects whatsoever, except a smaller bank balance for the poor idiot buying water pills. Unless of course you are buying one of the many homeopathic bullshit pills which have been found to contain dangerous levels of contaminants such as lead, mercury, or arsenic. |
|
|
|
"This block was mined by monkeys"
Does it automatically mean that there were 1 trillion monkeys doing hashes that solved that block? A modern version of the infinite monkey theorem. A monkey hitting random characters between 0-9 and A-F for an infinite amount of time will almost surely solve the next block.  I find it's unusual Braiins Pool bother add that message to coinbase transaction We talk about a pool, there is no way for them to know what electricity their miners use Given that Braiins uses Stratum V2, is it not possible that an individual miner added this OP_RETURN output and it had nothing to do with the pool at all? |
|
|
|
As I have said many times when the topic of tainted bitcoin comes up: The correct response to some centralized service stating that your coins are tainted and they won't accept them is not to modify your behavior and sacrifice your privacy to acquiesce to the arbitrary demands of said service. Rather, it is to find a better service which does not enforce such absolute arbitrary nonsense. This applies equally to centralized exchanges as it does to Wasabi, both of which support mass surveillance, fund blockchain analysis, and arbitrarily refuse certain UTXOs based on secret criteria. Here's an analogy: I am a merchant. You want to buy some things from me. You try to pay with cash. I say "I cannot see the full history of this cash, so I refuse your money". So instead, you tap your debit card. I say "I cannot accept this money without knowing the full history of it". I demand access to your bank account so I can see where all your money comes from. You leave and come back with your bank statements, but I don't like what I see, so I refuse payment. You then try to pay with PayPal. I demand access to your PayPal account so I can see where all your money comes from. You unlock your PayPal account on your phone and hand it over for me to look at. This PayPal money looks OK to me, so I accept it. You then leave the shop and start telling all your friends "Make sure when you shop there you have all your bank statements with you so the merchant can look at them, and make sure none of your money comes from anywhere except your employer, since they can't trace those funds." Your friends all look at you like you are crazy, and then simply choose to shop with the merchant next door who doesn't do any of this nonsense. Whenever this situation comes up, with the discussion of centralized exchanges and privacy, it always seems that the default position is "Sacrifice all your privacy and let people spy on you so that you can use a centralized exchange". In any other financial situation that would be seen as utterly crazy, as I've just shown above, but for some reason with bitcoin people just accept this nonsense? The problem here is not mixers, or coinjoins, or Monero, or any other privacy technique - the problem here is centralized exchanges. If you don't want a centralized exchange to seize your coins, then don't use a centralized exchange. There are plenty of decentralized exchanges to choose from. The logical position when faced with entities which are stealing coins is not "I should bend over backwards and sacrifice everything to hopefully mean they don't steal my coins!", but rather to simply not use the entity which is stealing coins. Most of the power of authoritarianism is freely given. In times like these, individuals think ahead about what a more repressive government will want, and then offer themselves without being asked. |
|
|
|
it's so low amount that we doesn't will see any big effect on market, some website said arround 4million btc are lost, is it a speculation? Complete speculation. We have no idea how many coins are truly lost, and many coins which are indeed lost will be able to be retrieved in the future with advances in quantum computing and reenter circulation, so shouldn't be considered lost at all. All the estimates you see of 2 million, 4 million, etc., are simply based on how long it has been since some coins have moved, but this is a very poor indicator of coins being lost. For example, a few years ago 145 address containing over 7,000 bitcoin which have not been active in 10+ years woke up to sign a message calling CSW a fraud. Many of these addresses still haven't moved the coins on them, which have been there since 2009, but we know for a fact they are not lost. |
|
|
|
How do you know the coordinator is not censoring you and checking to see if you fulfill their arbitrary and unknown criteria? You don't choose the coordinator as the maker, the coordinator chooses you: zkSNACKs, the very same default coordinator as Wasabi Wallet, can be the coordinator of your JoinMarket transaction and you would have no idea. Because in JoinMarket it does not matter. If a taker wants to show up and start enforcing their own arbitrary rules, then all they achieve is limiting their own liquidity pool, and then getting their UTXOs banned for aborting too many transactions. As a maker it does not affect me in the slightest, and I'll continue to coinjoin with every other taker normally. In Wasabi if the coordinator censors me, then my only realistic option for a coinjoin is to go and use JoinMarket or Whirlpool instead. "Doing nothing" is the result of being censored as a maker in JoinMarket. Your coins just sit there instead of being coordinated. Wrong again. As above, if one taker decides to enforce their own rules, it does not affect makers in the slightest. They can all take absolutely no action and their coins will continue to be coinjoined with regular takers. What do you mean "then tough shit"? I've told you multiple times that you can use a different coordinator for WabiSabi coinjoins or run your own Running your own coordinator is outside the skill set of 99.9% of users and you know it, so maybe ease off on repeating that stupid soundbite. In terms of third party coordinators - how much volume do they have? |
|
|
|
What do you want? Money, and a good name, of course. Absolutely. That's why we push vaccines which cost a buck or two, rather than let people get critically unwell and rack up hundreds of thousands in bills. Oh no wait, you are talking complete bullshit as usual. But don't forget to buy this bottle of homeopathic bullshit water pills for $199.99 plus tax!  |
|
|
|
Yes, it will be a good idea to have a site that focuses on lost BTC wallet We have one: https://bitcoin-supply.com/The provably lost number of bitcoin numbers 2,828. Everything else is pure speculation. It doesn't matter if coins haven't moved in 1 year, 5 years, 10+ years. It doesn't matter if someone claims they've lost their private keys. Such coins are not provably lost, and you should not assume they will never move again. This is the way blockchain analytics operate. These companies make probable statistics and predictions and a 1 year old address with no outputs is going to be put in a group they suspect to be lost. Sorry, but this is a nonsense metric. Even addresses which are dormant for 5-10 years cannot be assumed to be lost, but only 1 year? Given that the general knowledge regarding importance of back ups and seed phrases is continually increasing, and given we know that more and more people are holding for the long term, then the vast majority of coins which have not moved in one year are simply being held. |
|
|
|
I might have understood this wrong, but if you take a closer look at their privacy policy[1], on chapter 4.1 (Lawful basis for processing your information) there's this entry: It says you can opt out of receiving emails, but not that you can opt out of your details being shared with their marketing agency. Either way, I see no reason they should be sharing my details with marketing agencies at all. |
|
|
|
The way to prevent being censored as a maker in Joinmarket is to coordinate the transaction yourself (become a taker). No, it isn't. The way to prevent being censored as a maker in JoinMarket is to do nothing. If one taker wants to support mass surveillance and attempt to censor you it literally doesn't matter; there are thousands more who don't. When Wasabi censors you, then tough shit. |
|
|
|
I'm pointing out how the exact same solution for being censored in Joinmarket coinjoins is the same solution to being censored with WabiSabi coinjoins: Run your own coordinator. You fundamentally do not understand how JoinMarket works. As the taker, I coordinate the coinjoin by selecting a variety of makers. If a maker wants to censor me, then my software will automatically pick another maker and I won't even realize it happened. If Wasabi wants to censor me, there is nothing I can do unless I want to spend days to weeks setting up and running my own coordinator and trying to entice a few hundred users across to it. Why is remixing coins not desirable? I never said remixing is not desirable. I said remixing the same coins over and over with themselves is not desirable. So many people running two instances of Wasabi with the same seed! Still, makes for convenient excuse for literally every problem. ...Which can happen to you in Joinmarket as well. You can get censored by the coordinator and you can't even detect they are doing this. No, you can't. Makers can choose not to join your coinjoin, and so you can pick different makers instantly. They absolutely cannot ban you from coinjoining altogether like Wasabi can do. (I know you are going to repeat your nonsense soundbite about "run your own coordinator" here, but as I explained above, that simply is not an option for 99.9% of users). Once again, no, those are not WabiSabi coinjoins. Excuse after excuse. It's multiple clients, it was Wasabi not WabiSabi, it was Version 1 not Version 2, it was "acceptable" address reuse, it was a "whale", on and on and on. Maybe once try accepting ownership and say "Yeah, that's a bug, here's how we are going to address it"? |
|
|
|
I spotted you a few months ago on https://kycnot.me/. Always a good thing to see more non-KYC and real peer to peer trading platforms popping up (not centralized exchanges advertising themselves as P2P). Hope you do well! A few questions if you don't mind: 1 - Your privacy policy states that you collect the details of fiat payment methods, as well as receiving bitcoin addresses. How long do you store this data for? 2 - Your privacy policy states you share email addresses with MailerLite for the purposes of marketing. Why can't users opt out of this? 3 - Your FAQ says the following: When making a sell offer, the seller sends the bitcoin to an address that is controlled by him and Peach: the bitcoin can only be moved from here, if he and Peach both sign off on it.
...
If the trade doesn't resolve normally, this address automatically comes into full control of Peach after roughly 30 days (to be precise: when 4320 bitcoin blocks have been mined). I assume this is a 2-of-2 multi-sig. Is this correct? Can you share your additional script on top of the standard multi-sig script which allows you to spend these coins with a single private key after 4,320 blocks? |
|
|
|
You can be censored by Joinmarket coordinators who are using chain analysis companies and there's no way you could even detect it, so why are you using Joinmarket?
...
The taker is the coordinator of the coinjoin, not the maker So as the taker I am the coordinator, but also the coordinator could censor me? Care to explain how you propose I should censor myself? Do I need to report myself to a blockchain analysis firm first? Lmfao. You have no idea what you are talking about. All you proved there is that Wasabi coinjoin outputs have a very high rate of remixing with other Wasabi coinjoin outputs. Continually remixing the same coins together over and over is not desirable. If there were no address reuse bugs found, why has Max Hillebrand been busy deploying bug fixes for address reuse? https://nitter.it/HillebrandMax/status/1586249382097088512#m  |
|
|
|
Is Bisq running on Bitcoin network? Because as Bisq was launching I saw these;
Connecting to Bitcoin network...
Synchronising with Bitcoin Mainnet (via Tor)... It doesn't run on the bitcoin network, but it syncs with it via Tor to fetch blockchain data and therefore improve privacy. Since I now have my backup and seed phrase saved, am I free to use Bisq as a personal wallet? You could, but even although it is non-custodial it is still a hot wallet, which are one of the least secure types of wallet. I would use it as a trading wallet, and move any funds you are not planning to trade to somewhere more secure such as a hardware wallet. Since there is no KYC, if illegal activities are carried out on Bisq, is there a way government will trace it since Bisq doesn't have a CEO and not centralized ? Since Bisq is ran peer to peer, a government cannot shut it down just like they cannot shut down bitcoin itself. Even if they take down the Bisq websites, then individual users can still run the Bisq client. And since there is no KYC or personal data collected, and everything is done via Tor, then Bisq don't have any information to hand over beyond what is already visible on the blockchain. Why do most people not use this type of system that guarantees privacy, rather many people troop into centralized exchanges like Binance and even use it as wallets. Greed and laziness are the main ones. People are too lazy to use the slightly more complex Bisq over somewhere like Binance, even although using Binance gives them absolutely zero security, zero privacy, zero ownership of their coins, and zero protection against scams. And of course people are greedy to put their coins in to high yield accounts or staking or some other nonsense which promises obviously unsustainable returns, despite dozens of such platforms going bankrupt or scamming over the past few months and millions of users losing everything. |
|
|
|
|
Oh sure. If OP actually wants the transaction to go through he could attempt bumpfee first. I was assuming he wanted to cancel it.
It would have to be via RBF though - CPFP won't work in this case since the parent transaction has been dropped by most nodes and therefore they don't know about the unconfirmed children which CPFP would use.
|
|
|
|
Is there such truly decentralized and functioning exchanges. Please point me to it. Bisq is a great example of a decentralized exchange which utilizes multi-sigs like this. Their old system used a 2-of-3 multi-sig, where one key was held by each of the buyer, the seller, and Bisq themselves. All coins being traded, plus a security deposit from both parties, were deposited to this multi-sig escrow. Once the fiat trade was complete, buyer and seller would sign to release the coins to the appropriate party and return the security deposits to both parties. If there was a dispute, Bisq could step in and sign with one of the trading parties to release the funds. Now they've transitioned to a 2-of-2 multi-sig between buyer and seller only, without Bisq having a private key at all. The system is otherwise the same as above, but now additionally both parties also sign a timelocked transaction which empties the multi-sig in to the Bisq DAO, which can be broadcast after the timelock expires in the event of a dispute. |
|
|
|
Lastly I think you should also try to print out your see phrase, including your private keys to be at the safer side. This is poor advice. Firstly, there is no need for the vast majority of users to handle their raw private keys. Doing so is a security risk, as you expose them unencrypted to your device and therefore risk leaking them. Backing up your seed phrase is more than sufficient, given all your private keys can be derived from that seed phrase via very standardized and well published methods. Secondly, it is preferable to write the seed phrase by hand and not use a printer. Almost all printers you can buy these days have internal storage and will store a copy of the last x documents that they have printed (even if you cannot access this storage), as well as a variety of wireless connections such as WiFi and Bluetooth. All of this presents a variety of unnecessary attack surfaces to your seed phrase, which can all be easily avoided by just writing it down with pen and paper. |
|
|
|
|
Show Posts
