so you are confirming that this type of interaction is sort of platform-related, meaning that it won't be the address to stop you from moving your funds but rather the platform which hosts that address if that platform is not up-to-date yet. Right?
I don't like the term 'platform-related', but in the end that's how it is. I am convinced that the wallet which the platform (in this case: bitstamp) is using, accepts bech32. It is just the website/webserver which checks if the entered address is a valid one which returns 'false' upon a bech32 address being entered. So.. in the end.. yes. This is just because the platform/website didn't update their webserver code yet. This should explain your suggestion in the end: i.e. a P2SH <--> bech32 transfer from BitStamp to Ledger will not work; but a P2SH <--> bech32 transfer from Ledger to Ledger will work because Ledger's software is "ready" to that. Right?
Yes. Each half-way up-do-date software will allow you to send coins to a bech32 address. This includes hardware-/mobile-/desktop- and some webwallets.
|
|
|
~snip~ how is that even possible to perform the kind of action suggested by these users? - Withdraw to P2SH address
- Send to bech32 address
[...] If the BitStamp address (which is in the P2SH format as we confirmed) is not able to send funds to a bech32 address in the first place, how can I send them from BitStamp to a P2SH address and THEN send them to a bech32 once again? If these two kinds of address don't interact with eachother from BitStamp towards Ledger, why would they interact from Ledger to Ledger? I would have done this in the first place straigh from BitStamp, wouldn't I? You can send from any address type to any address type. When you try to withdraw coins from bitstamp (or any other site), the website itself does a check to see if the address is valid. For example, if you paste "helloo" into the address field, you get an error message that this is not a valid bitcoin address. Bitstamp simply didn't update their software for a long time, so that once they see the string you entered starts with "bc1..", the software says "whoa whoa.. it is not starting with 1 or 3, so can't be a valid address", and therefore refusing to proceed with the withdrawal. They simply didn't update their code. Each wallet accepts transactions from each address type to each address type. This is not an issue at all. Protocol-wise, it definitely is possible. Each desktop-/mobile-/hardware- walllet supports that. Just quite a few shitty outdated online-services don't, because they didn't update their webserver code where the sanity check is happening.
Address Format | Beginning with | Age & Diffusion | Synonim to | BitStamp Supported | Ledger Supported | P2SH | 3 | The "classic" one, the matter-of-fact standard as to adoption | Nested Segwit | yes | yes |
P2SH is not segwit. P2SH can also be a multi-signature address. You won't know what kind of address this is after coins have been spent from it and you can take a look at the redeem script. Nested segwit is P2WPKH nested into P2SH. P2SH itself does not mean the address is a segwit-type address. Change the address format in this line to P2SH-P2WPKH and your table is correct. The column "ledger supported" is quite senseless too.
|
|
|
Then your computer is infected with malware. Did you verify the transaction after pasting the address ? Clipping malware is quite common. They check your clipping board for BTC addresses and replace them with the attackers one. Try copying the following address and paste it somewhere (e.g. notepad): 136jLgnKfTsp94XdPdZqeHzspAqdPc5pLW
If the pasted address is not the same you have copied, you are a victim of such clipping malware. If the pasted address is the same as the one you have copied, your machine is infected with a different kind of malware. In this case, check your electrum version. Are you using the installed or standalone version ? Verify the signature (e.g. standalone executable or installer).
|
|
|
Did you follow the security guidelines to only download electrum from https://electrum.org and to verify its signature as stated on the website ? Verifying the signature is the only way to be sure you have the original (non-malicious) version of electrum. This is a mandatory step. You say your BTC's haven't been delivered. Did they 'leave' your wallet ? If you look at the history-tab, what do you see ? Do you see an outgoing transaction ? If so, does it have the correct details (e.g. output address) ? If the transaction details are correct, head over to a block explorer (e.g. https://live.blockcypher.com) and enter the transaction ID, then check whether it is confirmed. If the TX details are not correct (i.e. not what you have entered), your computer is somehow infected with malware (either malicious electrum or some other kind of malware).
|
|
|
any wiser suggestion?
- Withdraw to P2SH address
- Send to bech32 address
But it isn't really necessary to pay an additional fee just to have them on a bech32 type address. You might just use P2SH for all service and sites which do not accept bech32 yet (e.g. bitstamp), and use bech32 for all other transactions.
|
|
|
Hope many will read this subject and would make for themselves conclusions.
Yep.. we are also trying to encourage anyone to not save the mnemonic code (especially unencrypted) on an online computer. Unfortunately you - and only you - are to blame. You didn't even follow the simplest security guidelines. Sorry, but the developer are not at fault here. Would you consider the manufacturer of your purse at fault if you leave it inside of a train with a few hundred $ inside of it ? Imagine you come back to the seat 24 hours later and find out that your money is gone. Who is at fault ? Obviously only you for leaving it there. Same happened here. The mistakes you made: - Stored mnemonic code on an online computer
- No encryption of your mnemonic code
- Probably using windows in addition ?
- Probably downloading any software which is either free or earns you a few bucks ?
- Most probably no proper threat modelling
Accept it as a loss and learn from it. Ignorance won't help you at all. If you don't lean from it, i can guarantee that this will happen again.
|
|
|
Do you want to elaborate your exact issues with the risk of ledger exit scamming ? Like, what scenario are you afraid of exactly ?
One of the most secure options would probably be to buy a new laptop, remove each wireless interface (wifi, bluetooth, ... ) and install a linux distro on it. Then use any preferred desktop wallet (e.g. electrum) to store your private keys.
You just need to make sure that this computer never goes online and that you never plug in any device/storage which has been connected to an online computer once.
You'll need to move unsigned and signed transactions between your online and your cold storage computer. Using webcams would be an option.
But you know.. there might be an exploit in the QR code scanner. So effectively, you are never 100% secure. However, using a dedicated computer just for storing the private keys is definitely one of the most secure options.
|
|
|
There are multiple approaches to double spend a transaction. - Relay the original TX to the victim while relaying the double-spending TX to the rest of the network
- Start a race attack by 'separating' the network
- Cooperate with a miner
- RBF
But based on your actual knowledge regarding bitcoin, i heavily doubt that it is for 'educational purpose'. Fortunately you won't be able to make use of it outside of a testing environment. If ever there are two transactions that are trying to spend the same UTXO was accepted by a mining node, one of them will eventually get a confirmation and one will be discarded. The only exception is: if both of them have too little fee to get a confirmation within (default) two-weeks time, both will be rejected.
Just because they will be dropped from the mempool, this doesn't mean that it got rejected. Actually, only one transaction should (if following the protocol specification) be allowed to enter the mempool. The first one. The second one should get rejected.
|
|
|
so, I got the answer from BitStamp Support. They confirmed that at the moment they don't support withdrawals to Bech32 address formats, and suggested me for a P2SH format address: does this sound somewhat new to you or is it one of those kinds we already mentioned?
P2SH is nested segwit (addresses starting with 3..). It is quite sad that a lot of sites didn't upgrade their software yet to support bech32, but i guess why bother investing 5 minutes if you simply can stay outdated and risk losing customer in the future Also, nested segwit is not a synonym to segwit (at least it should not). Bech32 = native segwit = (real) segwit P2SH = nested segwit = P2WPKH nested into P2SH P2PKH = legacy
|
|
|
General reminder:
- Giving away your API keys is dangerous as the person with control over them can basically steal your funds. - There are free bots for automated trading available, which require you to create/implement your own strategy.
|
|
|
Look, as far as I remember on the forum is not allowed to have multiple profiles.
You are right, it is not. Yes, it was my account. If the bounty says that you can not participate with multiple accounts, then I personally never did it.
Good, so you didn't cheat bounties. Okay close the topic
You can close it yourself. it's disgusting to listen to you,
Fortunately you no longer will have to, without an account as if you have only one account on this forum.
I do only have this account. What do i need a second one for ? Chasing cents in bounties ?
|
|
|
I am blind. I didn't see that the author of that quote was greatdn
|
|
|
greatdn is a banned account as per BPIP, the address posted by greatdn in 2017, was also posted by shimbit recently
Where? I didn't fine it with a 1-minute-forum-search.
I don't see the connection between greatdn and shimbit yet.Skip this post. It is dumb.
|
|
|
Ban evasion. Connected account greatdn [ BPIP] Do you have a proof for this ?Ignore please.
|
|
|
Not only that.. but didn't write a single russian post between 2014 and 2017 too. Only english and german (and one chinese). Well, alright. Mystery solved. It was ban evasion. @suchmoon, go delete your post admitting you don't always find the plagiarisms.. fast, before o_e_l_e_o sees it. Claim there was no in this case Edit: Can't be ban evasion. gasparik87 got banned 8/2/2019 2:29:25 AM (according to bpip) shimlbit got banned 8/1/2019 9:53:45 PM (according to bpip) So.. might be roughly the same time (i don't know how bpip polls the mod log). Therefore it can't be ban evasion.
|
|
|
Where are you from and what languages do you speak ?
|
|
|
Happens more often than you think, it's just that usually I don't admit it. Don't tell o_e_l_e_o I see. Now i understand the cases where someone was ' faster' than you in finding the plagiarized post
|
|
|
Can't help you with the reason for the ban, sorry.
Wait.. is this actually the first case EVER where suchmoon does not have the plagiarism on hand ? Either this was not for plagiarism or suchmoons performance is slowly decreasing
|
|
|
All 3 accounts have also cheated the Localcoin bounty: ( archived) ( archived) ( archived) The rules of the campaign say: 4| Using multi-accounts, cheating, using someone else to do the work and spamming or any kind of unethical behavior when participating to one of the campaigns are not allowed and will get you disqualified from all bounties.
|
|
|
|