Gimp masks Scotch on stand by!

A m-of-n multi-sig provides the exact same redundancy in its back ups as an identical m-of-n SSS, without all the disadvantages of SSS. You can then add a passphrase on top of either system if you so choose.

If your device breaks down then any back up will recover your wallet, not just SSS. But the process of setting up SSS in the first place is vastly inferior to multi-sig, and to recover your SSS wallet you need to rely on your replacement device being free from compromise since it is a single point of failure, which is not the case for multi-sig.

Once again, you are coming up with fantastical scenarios which are in no way based on reality. It's easy to come up with theoretically immune systems, but I am not aware of a single person who has microscopically engraved their seed phrase on to some object, and I'm guessing you aren't either. People don't do this. People write down their seed phrase on a piece of paper, and store it somewhere with varying amounts of security. Even stored somewhere very secure, it will not be immune to discovery, so an additional passphrase provides useful additional security.

Yes, you should be hiding your back up somewhere very secure, and yes, you can make it very unlikely to be accidentally discovered, but this assumes universally good security practices throughout the entire community (which will never happen), and even then, there is not a 0% chance of compromise. Even one of the bitcoin devs recently lost hundreds of bitcoin through poor security practices. If a bitcoin dev can trip up, then the average user can definitely trip up too.

Have you not heard of SLAPP lawsuits? The whole point of them is to make the defendant rack up high costs, even in cases where the claimant knows they aren't going to win.

It is incredibly naive to say the devs know more about bitcoin than CSW, so it will be easy for them to win. I'm sure they can hand their legal team pages and pages of hard evidence of CSW's lies, forgeries, technical incompetence, and so on, but the legal team will still be charging hundreds (if not thousands) of dollars an hour to go through it all to generate a winning case, not to mention the trial itself can drag out over several weeks. Legal costs, even for such a case where the opposing side is clearly and provably wrong, can still mount to millions of dollars.

Except often it is. A side which is clearly wrong (CSW) will have a harder time defending itself, but a side which is clearly wrong with a multi-million dollar legal team can easily beat someone who is right with no funding. And even if/when the devs win, CSW doesn't care about winning. He cares about intimidating people with these frivolous lawsuits and the cost of defending them.

So if you buy bitcoin via PayPal, then you don't even have an IOU like you do at a centralized exchange, but you have an IOU of an IOU. Some unknown third party promises to pay PayPal x amount of bitcoin, and PayPal promise to then pay you that amount of bitcoin. Somehow, they have made buying bitcoin involve even more third parties than using a bank, rather than the zero third parties bitcoin was designed for. That's so awful it's almost impressive.

The SEC document is very clear, though - coins are not yours, PayPal have absolutely no idea how secure or not the coins are or what the unnamed third party is doing with the coins, and in the event of bankruptcy/scams/hacks/whatever you will almost certainly get nothing back (just like the users of FTX, Celsius, Voyager, etc.). No doubt when it all comes crashing down then just like every other centralized exchange in the past few months there will be plenty of angry users who did not bother to read any of this and realize what they were signing up to.

I suppose you are right. When CSW and his buddies can arbitrarily move any coins, then at best on BSV you have an IOU from CSW. It's really not that different to a centralized exchange - CSW owns everything, you can only use "your" coins with his permission, and you can lose everything at a moment's notice and there is nothing you can do about it.

And because of a huge community campaign which raised $1.5 million to fund Hodlonaut's legal team: https://opensats.org/projects/opensats_legal_defense

Maybe no one in the community does, but that doesn't stop him lodging frivolous lawsuit after frivolous lawsuit, with huge financial implications for the developers he is suing, not to mention the time and stress involved with defending themselves against these bullshit claims.

They've already done this. BSV now has a mechanism in which they can arbitrary seize coins which do not belong to them. The whole point of them pushing 4 GB blocks in BSV and other such nonsense was to make it prohibitively expensive to run a node and prohibitively expensive to mine. When there are only half a dozen nodes, and CSW and his buddies control them all, then they can dictate the rules. A transaction which moves Satoshi coins without providing a signature? Totally fine in CSW's scamcoin!

He is being funded by rich people he has conned. The longer he keeps up the con, the more money he makes.

And therein lies the problem. CSW with his millionaire backers can hire a team of 9+ lawyers and take to court a school teacher with no resources to hire lawyers or mount his own legal defense, which is exactly what happened in the Hodlonaut trial (which CSW still managed to lose spectacularly). A case such as this can be enough to financial ruin someone, even they win.

This doesn't help OP, but Luxor are consistently mining transactions which are replacing non-opted-in transactions, i.e. they are running full RBF. If you can get your replacement transaction to them, then you will be able to use RBF even if your original is not opted in. They are only mining around 1 block a day at present, however.

The mempool usage of my node running default mempool settings is currently around 260 MB. That's very close to the limit of 300 MB at which point low fee transactions start being evicted. It seems other nodes also hit this limit yesterday, and would have started evicting transactions: https://statoshi.info/d/000000020/memory-pool?viewPanel=1&orgId=1&from=now-7d&to=now (note that 286 MiB is equivalent to 300 MB).

Coinjoin is not a mixer, it is a protocol. They are very different things. There are multiple implementations of the coinjoin protocol, some of which are far better than others, and some of which are actively malicious and spy on their users.

Not to mention that two out of the three of them use Cloudflare. Nothing quite like having a global corporation man-in-the-middle themselves in to your connection and spy on your mixer use!

This. LBC was a shadow of its former self. Anyone who actually cared about privacy or security left LBC years ago. I know I did. They were little more than a CEX using "P2P" as a buzzword for advertising reasons.

This is different. If you want to use a CEX to trade fiat, then you must complete KYC. If you want to use a DEX to trade fiat, then there is absolutely no reason to choose one which mandates KYC.

I don't have any concerns about LBC closing. It was peer to peer in name only, and completely centralized in practice. If even a tiny proportion of its remaining users transition to a real peer to peer platform like Bisq or AgoraDesk (like many did when LBC first introduced KYC years ago), then that will be a net positive for the peer to peer marketplace.

That's not great advice.

If the original sender simply uses their wallet software to make another transaction with a higher fee, then chances are that software will create an entirely separate transaction which has nothing to do with the first. And so when the mempool empties out, there will be two separate confirmed transactions both sending the same amount of bitcoin to the recipient, and the original sender will be out of pocket.

If you want to bump the fee of an existing transaction, then you either need to use a wallet which supports RBF to specifically replace the existing transaction, or you need to specifically spend one of the unconfirmed child outputs in a new CPFP transaction.

Maybe not, but thinking Binance or Coinbase are too big to fail is a mistake. Everyone who used FTX thought they were too big to fail, and not only did the fail, but they were actively scamming the whole time.

I never once said bitcoin was a scam. Centralized exchanges are a scam. Bitcoin was used solely peer to peer before centralized exchanges, it can be used solely peer to peer now, and it will continue to be used solely peer to peer once every centralized exchange has exit scammed or been so heavily regulated as to be indistinguishable from a fiat bank.

No. The source of the money is whoever you are trading with. Bisq never handles your money.

Handing your personal information to a random casino or shitcoin project is indistinguishable from handing it to a random stranger.

Interesting. I did not know that Electrum applied this normalization to passphrases, which as you say, doesn't really make sense.

So a bit more testing on the standard Latin alphabet plus diacritics, Electrum will also use NFKD normalization, but it will also do the following: Make everything lowercase, remove all accents and turn the accented letter back to the "base" letter, reduce all white spaces of any length to one space only. This means that the following two passphrases produce the exact same wallet:


At least knowing this you could then apply the same rules to non-English letters and words to regenerate your wallet elsewhere, if you needed to.

So use multi-sig +/- a passphrase.

I have a 2-of-3 multi-sig wallet which I use in a single location as multi-sig between an airgapped laptop and a hardware wallet. The third set of keys only exists on paper. The three back ups are in different physical locations. I can use the wallet from a single place, while maintaining maximum protection against malware or compromise of one of my devices, while still having the redundancy you describe in the back ups. Additionally, I don't have any exposure to bad SSS implementations, weak share generation, or a single point of failure.

I see nothing that SSS provides that a multi-sig set up can't also provide, but I see many pitfalls in SSS. If the device you used to generate your SSS shares or to recombine them later is compromised, then your entire SSS system is useless. And if there was such a thing as a device which is 100% safe and completely immune to compromise, then you don't need SSS in the first place.

And there is no back up which is is immune to unintended discovery either. So if you want to mitigate this risk, then you need a system where the discovery of said back up does not result in immediate compromise of your wallets.

Strongly disagree. You should be considering every realistic avenue in which your coins can be stolen, not just the most likely one.

Good point. BIP39 uses NFKD - what does Electrum use? A very quick test shows that a passphrase of lower case letters and numbers will generate the same wallet between Electrum and an edited version of Ian Coleman, but upper case letters or symbols lead to different wallets.

Still, it's not outside the realms of possibility to edit the code of some other piece of wallet software to use the same normalization method as Electrum does in order to recover Electrum wallets, in the incredibly unlikely scenario that all copies of Electrum some disappear from the internet. Does Sparrow wallet not already support importing Electrum wallets?

It is true of course that anyone can fall for a conman. But after said conman had been exposed, if my testimony/blog posts/statements/whatever were being used by said conman in court as evidence to support suing innocent third parties, I would be eager to rescind those posts as soon as possible.

I always read that like Gavin trying to convince himself. Like, he still had some small logical part of his brain saying "This obviously isn't how Satoshi would behave", and that manifested in him telling CSW not to behave like that anymore to try to ease Gavin's cognitive dissonance.

Sources?

Easy enough to just recover your seed phrase in any old copy of Electrum you have and then export your raw private keys or xprv to be imported in to another wallet, in the very unlikely event that Electrum ceased to be maintained.

And if you don't have any old copy of Electrum, then literally the only difference between turning a BIP39 seed phrase in to a wallet and an Electrum seed phrase in to a wallet is the word that is concatenated with your passphrase prior to PBKDF2. BIP39 uses "mnemonic", while Electrum uses "electrum". You could take any open source wallet and change the code very easily to recover Electrum seed phrases.

Then you would be the first person in world to have a perfect security set up with no risk of compromise. There is no such thing as 100% safe. To quote Gene Spafford:


Maybe your seed phrase back up is "safe enough", but getting complacent and assuming there is no risk of it being discovered is a recipe for disaster. And since there is always a risk of it being discovered, then there is little to lose by mitigating that risk by using an additional passphrase.

I don't think you would.

You would no longer have a claim of 5 BTC, but a claim of 5,000 tokens. If the market rate for those 5,000 tokens is 0.001 BTC (given the market will immediately tank), then good luck convincing anyone that your 0.001 BTC of tokens is still worth 5 BTC. If Celsius somehow manage to transition to a profitable company (not exactly a likely scenario), then instead or paying you back your 5 BTC, instead they can just buy back the tokens for the going market rate, which will result in you recovering fractions of a penny to the dollar.