As BlackHatCoiner has said, it sounds very much like you have simply decoded your address to the pub key hash (or maybe not even got that far since you appear to still have the 0x00 network byte at the start). Can you tell us how many characters you have?

I'm afraid knowing the public key or the pub key hash is useless to you. If either of things made it possible to recover your private key, then bitcoin would be completely insecure and the whole network would have collapsed years ago. Further, finding other addresses similar to yours is equally useless. There is absolutely no correlation between two similar addresses, and their private keys will be just as different as any other two private keys.

The only way you are going to recover your coins is remembering the words/phrase/string you used to create the brain wallet in the first place.

Correct. You would create what is called a watch only wallet on your online computer, which contains only your addresses but no private keys. This wallet can be used to watch your addresses, balances, transactions, etc., but cannot be used to actually sign any transaction or send any coins, since it contains no private keys. You use this watch only wallet to create an unsigned transaction, and then either display that unsigned transaction as a QR code on the screen, or export it to a text file. Then with your airgapped computer with your cold Electrum wallet, you either scan this QR code or transfer over the text file using a USB drive or similar, and use your cold wallet to sign the unsigned transaction. Then reverse the process to move the signed transaction back to your online computer and broadcast it to the network.

If you want an classical single key paper wallet, then I would simply use Core on an airgapped computer to generate a private key and then copy the private key and address to a piece of paper to be printed with a dumb printer. I prefer to use seed phrases to generate HD wallets, though, rather than individual key pairs. For this I would either use Electrum, or generate the seed phrase manually by flipping a coin. Write that seed phrase down, and then use Electrum to derive the relevant addresses from that seed phrase to either also be written down/printed off, or transferred over to an online machine via QR code. Once you have the seed phrase written down and some addresses to send coins to (and double checked everything!), you can wipe all traces from your airgapped computer.

Because as we all know, fiat banks are the epitome of trustworthiness. Certainly no insider trading, tax evasion, money laundering, market manipulation, dodgy loans, money printing, etc., etc.

Going bank further than FTX, the thing which kicked off this run of insolvent exchanges was Three Arrows Capital being liquidated, which then led to Voyager and Celsius, which then spread to others, and so on. And it doesn't even have to be another exchange. Some critical bug in an altcoin which results in the price tanking could be more than enough to bankrupt an exchange holding a large amount of that altcoin.

Even something completely unrelated to your chosen exchange can result in you losing all your coins. Doesn't matter the exchange - if your coins are not in your own wallet, they are not safe.

I can't really comment about their lending platform as I have never used it. Nor will I. I have no interest in risking my bitcoin in some questionable loan collateralized with centralized, fractional reserve (un)stablecoins.

They have always been P2P, but many years ago they swapped from a site purely listing peer-to-peer trades (much like HodlHodl is now), to requiring accounts, verification, KYC details, and centralized wallets. So although you still trade peer-to-peer, it is entirely centralized and therefore, like all centralized exchanges, neither private nor secure.

Well, because PayPal will log your bitcoin purchases and transactions against your real name and identity and hand all that information over to blockchain analysis companies. But as mentioned I would steer well clear of PayPal at all times.

Nope, not too harsh at all. In fact, doing exactly this is already in the rules stickied to the top of the Services board:


As far as I am aware, this has literally never happened. Even when we had the absolute flood of YoBit spammers, it took months of the forum being an absolute shitshow and multiple threads in Meta and Reputation complaining about it before we finally got some intervention.

Just enforce the rules. 7/14/30 day escalating bans for 1st/2nd/3rd offenses for spammers, followed by a permaban. Same for campaign managers and campaigns themselves. Actually do this and the problem is solved. Spammers are banned, and new spammers joining are massively reduced because there is no incentive for them to do so, since any campaign manager which accepts them will also be banned. Campaigns are incentivized to use good campaign managers, because if they choose a bad one they will also be banned from advertising here.

The solution already exists. It's just the mods and admins ignore it. I don't know why.

What do you mean by "host storage" wallets? With both Core and Electrum, you generate your own private keys and you are the only one who can access them. This is generally referred to as "self custody" or "non-custodial", to differentiate from web wallets or exchanges where a third party holds your private keys for you.

Both Core and Electrum can be used as a simple hot wallet on an online device, which is the least secure way to use them. Similarly, both can also be used as a cold wallet on a permanently airgapped device, which is a much more secure way to use them. And if you are using them on an airgapped machine, you can also use them to generate key pairs or seed phrases that you then print out or write down to create paper wallets.

Yes, exactly that. I have a small amount of "daily spending" bitcoin which I carry on a mobile wallet. Insecure, but very convenient, and only ever an amount I can easily afford to lose. The vast majority of my coins are in a variety of more secure wallets, including hardware wallets, airgapped cold storage, paper wallets, and some multi-sig wallets involving a combination of these things. All my wallets are synced from my own node to minimize any privacy leaks.

No it doesn't. Screen capture malware could have stolen your seed phrase as soon as it was displayed to you.

All that these can do is test software against a known database. They are not infallible, and there is malware out there which can evade such detection.

Again, this doesn't mean anything. Exodus is closed source, so actually you have no idea at all what you downloaded. Perhaps some malicious Exodus employee inserted some code to steal coins. Perhaps the app pulls from some library which has been replaced with a malicious version. Perhaps their download server was hacked and you downloaded a malicious app even though you were on the official site. Perhaps you weren't on the official site at all, and were redirected to a clone site without realizing. Perhaps you were victim of a homograph attack.

This is why it is important to use open source wallets which can be reproduced from the downloaded code, and which can be verified against signatures of their developers. It still doesn't make you immune to a malicious wallet software, but it certainly helps.

What does your secret exponent look like? How many characters does it have? What character set does it use (hex, Base58, etc.)? What are the first two characters? Why do you even think it is called the "secret exponent" in the first place? Did you have it written down somewhere?

Have you tried entering it in the "secret exponent" box on https://brainwalletx.github.io/ (downloaded and ran offline)? What results did you get?

Depends on the wallet. But there are plenty of wallets in the past which have generated insecure entropy and users have ended up losing coins, and plenty of people who have tried to come up with their own solutions and ended up losing coins. By far the safest thing to do is to stick to some tried and tested, open source, and verified software, such as Bitcoin Core or Electrum.

Most good wallets will be based on entropy directly from the OS and the computer's hardware. Bitcoin Core, as an example, draws entropy from /dev/urandom (which is from the OS, or the equivalent on non-Linux systems), RDSEED/RDRAND (which is from the processor), and a whole host of data from the computer itself, such as current resource usage, timestamps, kernel parameters, network data, version data, etc. All of this is then combined through a variety of techniques such as XORs and hashes, so if one source of entropy is weak or compromised then your final result should still be secure.

You can read more in the code here:
https://github.com/bitcoin/bitcoin/blob/master/src/random.h
https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp

There is a difference here in that a centralized service such as a bank can much more easily swap to a new quantum resistant technology than we can on bitcoin. They can simply update their back end, as opposed to needing to hard fork an entire decentralized network. Further, they don't have to care about some of the same considerations that we do. Take Lamport signatures as an example. They should only ever be used once, as each subsequent signature makes it easier and easier for an attacker to forge a signature. For bitcoin this would mean a huge overhaul of how wallets (or even the whole network) works to prevent anyone from using the same address more than once. For a bank, then can just generate new keys as needed. Or the fact that Lamport public keys and signatures can be dozens of kilobytes in size. Irrelevant for a centralized service, but catastrophic for bitcoin blocks.

While quantum computers pose no risk to bitcoin at the moment, and won't for many years to come, we will have some of the most specific demands when it comes to selecting a quantum resistant algorithm to use.

You are asking a human to enter a sequence of characters on the keyboard. Even although you are asking them to enter something random, many won't. They'll use a name, a date, a reused password, a song lyric, something like that. Your own example even uses your username. Further, humans are not capable of being truly random. Even when you think you are being random, you aren't. Human chosen "entropy" is never random, and as such, is weak. There is a reason that no good piece of software uses human chosen strings to seed a wallet.

God damn I hate like 99% of YouTube. 2:20 in to the video before he actually said anything useful.

But he does (eventually) touch on what I've said already in this thread - the stack feature makes absolutely no sense. Including it as a second thought would be strange enough, but naming the device after it as a flagship feature is just completely bizarre. 99% of user will not own more than one device, especially not at $280. For the tiny minority of users who do own more than one device, encouraging them to stack them together and therefore store them in the exact same place is the opposite of security. Why would you want all your wallets in the same location, all subject to the same risk of loss or theft?

The fact that apparently an entire team of people at Ledger thought this was a good idea really makes me question what other stuff goes on behind the scenes there that we are unaware of.

This looks like a really cool project. Have you used it, and does it work nicely? Can you use it to send Lightning payments to anyone, or only to other accounts within their system? The biggest obvious downside here is that it is entirely custodial. Would be great if you could instead run your own wallet on your phone, and instead simply send and receive transaction data and the like with their service via SMS.

You are confusing airgapped wallets with broadcasting transactions. It is of course entirely possible to run an airgapped wallet and transfer signed transactions to an online computer in order to be broadcast. What OP is asking is what to do if you do not have an online computer in order to broadcast your transaction. In this case you need to use something like radio (as I've discussed earlier in this thread) to send your transaction to someone who does have an internet connection and can broadcast your transaction for you.

You don't need to know an address in order to attempt to brute force. The checksum will only be valid for 1 out of every ~4.3 billion possibilities, meaning you can easily simply look up the address of any valid key that you find.

None of this is relevant to you. It does not matter what type of wallet created the WIF private key you are trying to recover. It is either a valid WIF key, or it isn't. The only thing that might change is the locking script related to your private key, but you won't be able to even start thinking about that until you have successfully brute forced the private key.

You certainly want that to be the case, but the reality is that almost no one can independently verify that is the case, and there could well be other attacks we simply don't know about yet which are still able to bypass any protections in place.

I think that 99.99% of people who try to design their own paper wallet generator will end up with something insecure. Your method combines a brain wallet, which are very insecure, with SecureRandom, which has also suffered from critical vulnerabilities resulting in people having their coins stolen - https://www.theregister.com/2013/08/12/android_bug_batters_bitcoin_wallets/.

A far safer option to generate raw private keys would be to use Bitcoin Core. If you don't want to use a piece of software, then flip a coin 256 times.

You are confusing separate concepts here. A seed phrase does not encode an individual private key. A seed phrase is used to generate a near unlimited number of private keys in a deterministic manner, meaning backing up the seed phrase backs up all the private keys that it generates.

Oh cool. Tax dollars being used to bail out scammy centralized exchanges which are busy gambling/losing all their customers' deposits.

A bail out also doesn't mean they are safe. Plenty of large companies have received bail outs and still gone under. BlockFi even received a bail out only weeks prior to their collapse (from FTX, no less). And as I understand it, there are many other centralized exchanges which use Silvergate, so if they do collapse then again we could easily see a large domino effect spread to other exchanges.

So as always, get your coins in to your own wallets. Who in their right mind is still using centralized exchanges at this point!?

Play stupid games, win stupid prizes.

It is trivial to set up most hardware wallets to work via Electrum's GUI, so the only additional hurdle for you to access your coins is plugging in your hardware wallet and entering its PIN/passcode/etc. This is such a trivial step for the extra security that a hardware wallet brings you, that it really is just plain stupid to own a hardware wallet but not use it, especially when talking about other people's money.

Exactly this. The only "flaw" in Electrum was it allowed servers to display arbitrary text to clients which connected to them. It was entirely the fault of the users who followed random links shown to them, downloaded malicious software, did not verify it like they should have, and then installed and used it, all without ever performing basic common sense checks. Electrum was no more at fault here than a web browser would be if you used that web browser to visit a phishing site.

Any method in which the cash can be immediately withdrawn prior to the trade, or immediately deposited after the trade. For smaller amounts, the easiest way to do this is to meet at an ATM and for the party buying the bitcoin to withdraw the cash directly from the ATM and immediately hand it over. For larger amounts, you can either do the same thing but at a bank where you can withdraw more than at an ATM, or you can meet at a bank and have the bitcoin seller deposit the cash prior to releasing the bitcoin from escrow. I remember you mentioning a casino before, and it is a nice option. I do wonder if a casino would take issue if they discover what you are doing, though, as you are essentially converting currencies on their premises.

This is another bonus of what I was talking about above regarding trading with the same person dozens or even hundreds of times. At some point, you build enough trust to stop doing this.

Most banks have plenty of security and CCTV cameras, or you choose an ATM in the middle of a busy public mall in the middle of the day, or similar.

Just don't use a US IP address. HodlHodl don't know otherwise since you don't have to register any information with them. I wouldn't touch LBC though, since they are just another centralized KYC exchange.

Just to point out that LocalMonero and AgoraDesk are two fronts of the same service.

Word spinning does a very poor job at this, since you keep the same sentence structure, grammar, etc. But still, none of the spamming accounts using word spinners are word spinning some text that they wrote themselves. They are plagiarizing.

But equally it is trivial for the bot to do all this anyway and only require human interaction for <10 seconds to solve the captcha. If you are not using Tor or something else that means you end up having to solve the same captcha twenty times or more, then one human can still mass spam with multiple bot accounts with little hindrance.

Just ban the spammers.

The other option is mods and admins actually enforce the few rules we do have. How much better would the forum be if we actually followed this in any way: Signature Campaign Guidelines (read this before starting or joining a campaign)

There is a very clear distinction between allowing freedom of speech for controversial opinions (which I will always defend) and banning outright spammers.

Using a word spinner is plagiarism. Additionally, using one is deliberately trying to circumvent the rule regarding plagiarism. Word spinning should be an instant perma-ban. I cannot fathom why it isn't.