Yes, Anyone who has access to your seed phrase can spend your bitcoin without your permission and without any need to the 2FA code. As mentioned by nc50lc, that's why you should create the seed phrase on an airgapped device.
As you need to be online for registering on trustedoin, you should be careful that your seed phrase always stays offline. Otherwise, you almost defeat the purpose of the 2FA wallet.

For creating a secure 2FA wallet in electrum
1. Create the wallet on an air-gapped device.
2. Move the wallet file to an online computer.
3. Open the wallet file and Register on trustedcoin.

If you want a wallet only for ERC20 (ethereum tokens) and BEP20 (binance smart chain tokens), MetaMask may be a good option for you.
On desktop, you can install its extension on Chrome or Firefox browser.

As Metamask is open-source, I think it's better than close-source wallets like Coinomi and Exodus.
Note that MetaMask is a hot wallet and it's not recommended to use it for big amounts. As mentioned by Lucius, if you want more security, you should use a hardware wallet.

Both blocks are valid and both transactions exist in the blockchain.
The blocks number 91842 and 91880 were considered as exceptions and bitcoins generated in them should be spendable.  

Visit the link below for more information.
Apply BIP30 checks to all blocks except the two historic violations.

The wallet you are talking about is close source and there is no way to know what is exactly happening in the wallet.
As long as the source code isn't available, I assume that it's not secure.

I haven't ever used the wallet in question, but I am sure it's not decentralized, because you always have to connect to their centralized server for making transaction or checking your balance.
Note that being non-custodial is different from being decentralized.
They allow you to have access to your private keys. So, it's a non-custodial wallet, but that doesn't mean it's decentralized.

Even in theory, that's impossible. BIP30 doesn't allow a block to include a transaction with a same ID as an existing a not-fully-spent transaction.
(The post has been edited. Thanks o_e_l_e_o for the correction.)


Before implementing BIP30, transactions could have the same ID.

The coinbase transactions on blocks number 91,722 and 91,880 have the same transaction ID.
The coinbase transactions on blocks number 91,812 and 91,842 have the same transaction ID.

For more information, visit learnmeabitcoin.

If you are looking for a service giving you interest, there is no secure option for you.
For getting interest, you have to give your coins to a third party and I wouldn't recommend anyone to do so.  


An exchange (as its name suggests) should be used for exchanging your coins. You shouldn't use an exchange for holding your coins.
With using an exchange, you give a third party full control over your fund.

It's always recommended to use cold wallets. It can be a hardware wallet or a paper wallet.
Note that if you want to use a software as a cold wallet, you should generate the private keys (or the seed phrase) on an airgapped device and your private keys (and your seed phrase) should never touch the internet.
If you want to spend your coins every day, a cold wallet may not be a good option for you. But note you still need to make sure that the wallet has been created on a secure device. Never keep big amounts on hot wallets.

A good wallet which I can recommend to you is electrum. It's an open-source wallet which gives you full control over your fund. Electrum can be used as both cold and hot wallets. Just note that electrum only supports bitcoin and if you want to hold altcoins, you need other wallets. If you are looking for a multi-currency wallet, it's better to go for a hardware wallet.


Both Atomic and Exodus are close-source and we don't know what's exactly happening in those wallets. It's possible that they have access to your private keys.

It's not.
When we select the last word from the 2048 words, the chance to have a seed phrase which passes checksum is 1/16 on average. It seems that we both agree on this.

Now assume that we have 12 words instead of those 2048 words. The chance is still 1/16 on average. Because those 12 words have been selected randomly from the 2048 words.
The only difference is that instead of selecting each of 12 words from the 2048 words separately, first we selected 12 words from the 2048 words randomly and then selected each of the words from those 12 words.
This doesn't change the chance of having a seed phrase which passes checksum. In both cases, we selected 12 words from the 2048 words randomly.

I'm not saying the chance is always 1/16. That's 1/16 on average.
For example, any combination of following words give you a seed phrase which passes checksum.

I think the chance is still ¹/₁₆ on average. Because all the 12 words have been selected randomly. (Even the last word is random, because it's a function of a random number.)

If you select the last word from the 2048 words, there's 1/16 chance on average that the seed phrase passes the checksum.
There wouldn't be any difference, if you select 12 words from the 2048 words and then select each of the words from those 12 words.
Correct me if I am wrong, please.

I know it's unlikely, but it's possible that checksum is OK, even if you enter the words in the wrong order.
If you enter the 12 words in the random order, on average there's ¹/₁₆ chance that it passes checksum.

I don't recommend using a wallet with 2FA.
If you want to have 2FA, you have to use a custodial wallet and give a third party full control over your fund.

The only wallet allowing you to have 2FA and have full control over your fund at the same time is electrum which only supports bitcoin.
The 2FA wallet in electrum is actually a 2 of 3 multi-signature wallet in which transactions are signed by the user and trustedcoin (a third party)
Electrum gives you a seed phrase allowing you to disable 2FA at any time.

Note that for making transaction with electrum 2fa wallet, you have to pay additional fee to trustedcoin, so they sign your transactions. (Click here to see how much trustedcoin charge.)
The network fee will be also higher due to using multi-signature addresses. (The network fee will be still higher even if you disable 2FA using your seed phrase)

Warning:
Download electrum only from its official website and do not forget to verify your download.


Again, I don't recommend using a wallet with 2FA.
Bitcoin has been created to give you full control over your fund. With 2FA, you lose your full control.

Even if you can prove that you haven't joined any bounty campaign with multiple accounts, admins will not remove the negative trust. The users who gave you negative trust are the only ones who can remove it.

This is called ban evasion and is against the forum rules.

Even if bitcoin core is fully synced, change addresses are not shown in receiving addresses.
To see all your addresses (receiving addresses + change addresses), you can use the following command in console.

There are 12! combinations if there are 12 known words and there are no duplicate words in the seed phrase.

In the case the seed phrase has been generated by electrum, it provides 132 bits of entropy, not 128.
There is no checksum in the seed phrase generated by electrum.


Right.  With increasing number of the words to more than 12, you don't really increase the security of your fund.
For example, a 15 word BIP39 seed phrase provides 160 bits of entropy. (165 bits of entropy if it has been generated by electrum)
Instead of trying to brute-force your seed phrase, the hacker can try to brute-force your private key which provides 128 bits of entropy.

That's probably because wallet A includes multiple addresses, but in the block explorer you are checking a single address.
You are confusing wallet with address. Note that a wallet can include numerous addresses.


Address X is a part of your wallet and there is no need to make any transaction.
That will be used whenever you make a transaction.


Address X to address A. Not wallet X to wallet A.

Every time you receive a transaction, a new UTXO is added to your wallet.
Let's say you have received 0.1 BTC in transaction A and 0.2 BTC in transaction B.
Now you have two UTXOs.
UTXO A: 0.1 BTC
UTXO B: 0.2 BTC

Any of UTXOx must be spent completely.

If you spend all the fund, your wallet will use both UTXOs and there will be no change.
If you spend 0.2 BTC and only use UTXO B, there will be no change.
If you spend 0.15 BTC, you have to have a change address.

The seed phrase can be easily exported from blockchain.com wallet, but it can't be used for recovering the fund.
OP is referring to an imported address which is not backed up by the seed phrase. OP should import the private key of the address into electrum.

Contact their support. Tell them you have made a deposit which hasn't been credited to your account.


That's normal.
As I already said, your tokens have been sent to the exchange wallet. As you see on ftmscan, your previous deposits have been moved to the same address too.


The address is owned by an exchange and that's completely normal.

These transactions don't prove anything.
Can you please share your order IDs, so we can see your trades details? And why did you make three more trades, if they scammed you at your first trade?

I haven't ever used crypto.com exchange. But assuming you have sent the tokens to the correct address, the address your token were moved to should be crypto.com hot wallet address.
It's normal that the tokens/coins are moved to the exchange's hot wallet address after you make a deposit.

If you have sent the tokens to the correct address, you should see the balance in your account. If the balance hasn't been credited, the only thing you can do is to contact their support and ask them to credit your balance.


You can upload your image on an image hosting website like imgur and post the link here.

Your imported address(es) are not backed up by your seed phrase. Your seed phrase can only generate addresses belonging to your HD wallet.
If you have the private key, as mentioned by LoyceV, you should create a new wallet in electrum and select "Import Bitcoin addresses or private keys".

Note that you need to add a prefix to specify the address type when importing the private key into electrum.

If your address starts with 1, use the prefix "p2pkh:".

If your address starts with 1, you can also enter your private key without any prefix.


If your address starts with 3, use the prefix "p2wpkh-p2sh:".



If your address starts with bc1, use the prefix "p2wpkh:".

I doubt you can sell those tokens.
Most probably, they are worthless tokens that have't been listed on any exchange and can't be traded at all.


I'm not sure I am getting you correctly.
Your friend tried to sell the tokens that have been received freely and then lost all his tokens. Am I getting you correctly? If so, why do you want to do the same thing?