There is no safe non-KYC method to buy stocks, and so there is no safe non-KYC method to buy stocks with bitcoin. I'm sure you could find some dodgy two bit broker or individual who would be willing to "sell" you some stocks anonymously, but you will almost certainly end up being scammed.

I wouldn't touch anything on DeFi with a 60 foot pole. You have no way of verifying that the token you are being sold is matched to a share or stock, and buying these tokens does absolutely nothing to the supply or demand of the actual stock. And how are you going to get paid your dividends? You won't. What are you rights in a merger or buy out? Likely zero. At best you are getting a worthless IOU which can be taken from you at any moment for any number of reasons. At worst, you are just being scammed.

If you want to buy stocks using bitcoin, then the most private way of doing it and keeping your bitcoin activities private will be to sell the bitcoin for fiat in a decentralized peer-to-peer manner, and then deposit that fiat in to your standard broker account and buy stocks as you usually do.

They say on their landing page that they will be keeping all data for 5 years, which is pretty standard for various KYC/AML requirements around the world. You should use the link they provide to delete your account to set the 5 year timer ticking as soon as possible to get your data deleted.

You don't. There are a number of properly decentralized exchanges out there (not exchanges like LBC which used "DEX" or "P2P" as marketing while being completely centralized) which do not require KYC or indeed any personal information at all. Seek them out and use them - https://kycnot.me/

Exactly. They survived for years when bitcoin was worth a few hundred dollars, but now a price of ~$24k is too low for them? This is because every serious peer to peer trade abandoned the platform when they became just another centralized data farm.

I have never used a CEX and I trade between fiat and bitcoin regularly. It is not difficult at all. It is certainly far easier than having a centralized exchange freeze my account, seize my coins, and leak my identity on the dark web.

Where have you looked? Try some of the exchanges listed here: https://kycnot.me/. In particular, Bisq, AgoraDesk, and RoboSats are the best at the present time. And if there isn't someone in your local area, you can still trade via bank transfer with people further afield.

None of these are cryptographic proof, however. You might be able to "prove" it in a court, but as we both know from our discussions regarding CSW, courts aren't exactly great arbiters of truth. And the words in your seed phrase should never be picked because they have meaning for you and should always be generated randomly, so that's a poor suggestion.

No, because that method will never find a used seed phrase or address, even if you used all the computing power in the world and ran it until the Earth is engulfed by the dying sun.

No, because this would require every node to simultaneously update to the malicious version, which will never happen.

There is no auto-update mechanism in bitcoin and no mechanism to push updates or code changes on nodes. Node operates must voluntarily choose to download and run the new version. Looking at https://blockchair.com/bitcoin/nodes right now, there are 11 different versions of Bitcoin Core which have more than 100 nodes running them. Only around 25% of nodes are running some form of version 24, which was released over 2 months ago, and 75% of nodes are still running older versions. So even if a malicious version was published and 25% of nodes moved to this malicious version, the other 75% of nodes would continue running non malicious versions. Assuming a similar split of hashrate, then all that would happen would be the average block time would increase by a few minutes until the 25% of miners realized they were mining a malicious fork and switched back to bitcoin.

Yeah, this is the issue. As hardware becomes more powerful, then it becomes possible for malware to match an increasing number of characters. And if an attacker knows in advance which addresses you might be sending to, then they can grind for hours or days to find a very similar malicious address. Really the only way to be safe is to check the whole address.

So the easiest way that I find to do this is to put the address you want to send to physically next to the address you have pasted in to your wallet. So this might mean resizing the exchange's deposit webpage and aligning it with your wallet software window, or holding your phone or hardware wallet up to your computer screen, or something like that. Once you have the intended destination address and the address you are sending to physically within an inch of each other, it is very easy to check all the characters.

Which, when you think about it, I'm not sure that makes much sense.

If you are changing the password on your wallet file, then the vast majority of times it will be because you think the old password is either too weak or has been (or is at risk of being) compromised. Not that many people rotate passwords just for the sake of it. And so if you are changing the password, then you presumably want all future keys to not be able to be generated from any old back ups using the old password, since they are at risk of compromise.

But perhaps this would encourage people not to just create a new wallet if they think their wallet may be compromised, which is of course the best option.

If you aren't telling your spouse you are involved in bitcoin at all, then you are hiding all your exchange accounts and forum accounts from them too? Do they not question why you have bank transfers to and from centralized exchanges or random individuals if you trade peer to peer? Or do you have a separate hidden fiat bank account that you use only for bitcoin? And yeah, how do file your taxes without your spouse knowing?

Absolutely this. I preach complete privacy when it comes to the wider public and corporations. There is no need for Facebook or Google to know that I own bitcoin, and there is also no need for Facebook or Google to know what my hobbies are or where I like to shop. But when it comes to your close family members, then it is a different story. I trust my wife to make life or death decisions about me if I were incapacitated; why wouldn't I trust her to know we own bitcoin?

Even if you live in an area with no earthquakes, tornadoes, floods, etc., your home is still not immune to a simple fire. The point is that if your only back up is stored in the same place you store your actual wallets (be they hardware wallets or software wallets on a computer), then your entire system has a single point of failure.

Yeah. Just tell them not to share any information about your back ups and to keep everything in a public thread and don't respond to any PMs. There are many examples of such threads on this forum and the community are always very willing to help someone recover their coins.

As long as they know how to access your back ups, it isn't a difficult concept to figure out.

If they came on this forum and said "Hey, I have a seed phrase which I have recovered but the wallet is empty/almost empty. I also have a password but I don't know what to do with it.", then they would very quickly be directed to use the password has an additional passphrase and recover the coins.

You can't.

In the scenario where you both know one or more private keys from the wallet, but only you know the seed phrase, then it is possible to prove that you are the real owner of the wallet by providing a proof (ideally, a zero-knowledge proof) that you are in possession of the seed phrase which was used to derive those private keys, while the other party is not.

In the scenario where you both know the seed phrase, there is no way to prove who was the original creator of that seed phrase.

Except they do. Every major centralized exchange has leaked customer data. Binance has been hacked for customer data. Coinbase admitted they sold customer data to third party without customer's knowledge or consent. Bitfinex, Bittrex, Kraken, you name an exchange, it's leaked user data.

Just means that if their third party KYC processor is hacked, then your data is stolen that way instead. And we've seen time and again that most centralized exchanges are very lackluster when it comes to the security of their users' data. They simply do not care about your data or your safety, and are unwilling to spend any real money to make the process safer.

The only safe KYC is no KYC.

It's obviously preferable if you can keep your node up 24/7, but I don't think you must be able to do that to run a node. There are plenty of personal reasons you might want to run a node, from the security it brings by allowing you to independently verify the blockchain, to the privacy it brings by not having to connect your light wallet to a third party node or server. It is perfectly reasonable to run a node only during the day, or even just for a few hours at a time when you need it. You'll just have to wait for it to catch up with all the blocks it missed while it was offline.

nc50lc beat me to it - walletexplorer works for this. Usually down to 6 characters, but you will get a lot of duplicates with only 6 characters so better to use a few more, and obviously double check that it has indeed found the right address/transaction and not another one with starts with the same string.

Note that they are often not fulled synced with the blockchain. If you scroll to the bottom it will tell you they are currently synced to block 777,528, which is around 250 blocks from the current tip. So any transactions more recent than this won't be indexed by them yet.

It is very dependent on your country, state, or jurisdiction. Most places will require a breach of physician-patient confidentiality in the case of violent crimes, rape, child abuse, realistic threats of any of these, that kind of thing. There are also times where we would breach confidentiality but not to law enforcement, such as telling a public health authority like the CDC if you were diagnosed with a notifiable disease. Generally financial crime would not be included in any of this, but I can't speak for every jurisdiction. Further, some places can require a physician or other healthcare professional to testify against a patient in court; others cannot.

It is often important information in order to make an accurate diagnosis or provide safe treatment. Illegal drug use is the most common. But no, I don't see any reason that you would ever tell your doctor that you are holding large amounts of bitcoin.

So if you don't trust your wife to know about your bitcoin, do you trust her to know about your fiat? Do you have secret off shore bank accounts which you skim some of your income in to each month? What about your other assets together - property, cars, etc.? Better keep her name off of everything and make her pay rent to live in your house?

Because you aren't supposed to deposit your money to an exchange at all. Proper DEXs let you trade peer to peer, and there are no centralized wallets in which to deposit your coins. Since the exchange never has control of your coins, there is no trust required. The fact that so many people think you must give up all control of your coins to a third party in order to trade them is a triumph of centralized exchange's marketing departments, but a complete falsehood. And I have no idea how anyone can seriously question how you can trust a proper DEX when literally no trust is required, while at the same time saying that CEXs are more trustworthy, despite the fact that dozens of CEXs have collapsed and gone bankrupt in the last few months because they were stealing/gambling/spending users' coins without their knowledge or consent.

CEXs are the least trustworthy platform in existence.

So you are willing to give up all your privacy, give up the security of your coins, risk your documents being sold on the dark web, risk your identity being stolen and being accused of money laundering and fraud, all because you can't be bothered to enable 2FA on your exchange account? Wow.

I'm not sure what you think you have linked to, but those aren't links to decentralized or private exchanges. One is a link to a shitcoin, one is a link to a centralized exchange which demands KYC, one is a link to a debit card, one is a link to a payment processor, and one is a link to a 13 year old thread proposing atomic swaps.

A variety. At this point my experience is atypical because I largely trade with a handful of individuals whom I have traded with many times before and we have established a degree of mutual trust.

If I was selling bitcoin to someone I had never traded with before, I would favor a cash option, since it is impossible for them to reverse their payment. If I was buying bitcoin from someone I had never traded with before, then I would be happy with any cash option or some kind of bank transfer. I tend to avoid any electronic payments apps like PayPal, where it is usually trivial for the bitcoin buyer to reverse their fiat payment.

Here are a couple of links which might be of interest to you:
https://bisq.wiki/Payment_methods
https://bisq.wiki/Face-to-face_(payment_method)

No. As I said above, any addresses you have already generated are saved to the wallet, so even after you encrypted it all previously generated and used addresses are still there and able to be used. For a legacy wallet it simply saves any previously generated key pairs as it normally would, but changes the hdseed for all future key pairs. For descriptor wallets your old descriptors (along with their xprvs) are still stored in the now encrypted wallet and simply marked as inactive, so they are still there and can be used to regenerate any addresses they previously generated.

Encrypting a wallet still saves everything the wallet has done up until that point. It is only from the point of encryption forward that all future keys will be different to an unencrypted back up. Although obviously it is better to just encrypt a wallet right from the start and not run in to this problem at all (or the problem of some of your keys being stored in unencrypted back ups).

You are correct.

No, the derivation path is unchanged.

For legacy wallets, it clears the keypool, rotates to a new hdseed, and then refills the keypool from the new seed.
For descriptor wallets, it rotates the key in each descriptor to a new one.
In both cases, all previously generated addresses are saved, and it is only future ones which are changed.

You can try this yourself by creating a new unencrypted wallet, using either getwalletinfo or listdescriptors to see the hdseed or the descriptor keys, then encrypt your wallet and repeat the command. In the first instance, you'll see the "hdseedid" has changed. In the second instance, you'll see all your previous descriptors marked as "active": false, and new descriptors have been generated.

Feel free to open an issue on GitHub if you think this should be changed. I don't think it should though, for the reasons I've given below.

I never said any such thing. I have been very clear in my replies in this thread that generating your own seed phrase or wallet as OP has suggested is highly insecure.

This part of Electrum which allows you to recover non-standard seed phrase, is exactly that - a recovery tool. At no point does Electrum generate insecure seed phrases, nor even allow you to generate BIP39 seed phrases at all, valid or otherwise. There is no telling what errors or bugs other poorly coded wallets have implemented, and it is not Electrum's responsibility to police them, especially for a seed phrase system it doesn't use and in fact recommends against using. The whole point of Electrum allowing you to proceed with invalid checksums, unknown wordlists, wrong number of words, etc., is to allow people to attempt to recover such invalid seed phrases which other bad wallets have generated, or that they themselves have manually generated badly.