Is your question how the transactions are being sent via internet without risks ?
Or is your question how the nano s (the hardware wallet you have) creates the transactions without leaking your private keys ?


Regarding the first:

If you have received 1 BTC to an address from the nano s, this 1 BTC is 'assigned' to a public key (here called public key A).
In order to spend this BTC, you need to create a transaction which says 'send 1 BTC from public key A to public key B'.

Since anyone can create such a transaction (saying 'send 1 BTC from public key A ... '), you need to sign the transaction.
Signing is done with the private key which corresponds to the public key. So in this case you would need to sign the transaction with private key A.

Signing is a cryptographic process, which ensures that noone can change information inside of the transaction without the signature being invalid (signatures depend on the content they sign).
Since transactions are only valid if the signature is valid, you can now send the signed transaction via the internet without any risks of tampering etc..


The only sensitive information here is the private key. Anything else can be seen / accessed by everyone without any risks.



Regarding the second:
The nano s has a secure element. This is not simply a memory chip, but a micro chip which can sign transaction with the private keys it has stored.
If you want to send BTC, your computer creates a transaction (non-sensitive information) and sends it to the nano s.

Then the nano s reads the transaction and displays the information for you to approve.
Once you click the 'accept' button, the secure element signs the transaction and sends it back to the computer (no sensitive information).

The sensitive information (private keys only) are stored inside of the secure element. They never touch your computer or anything outside of the secure element.



If this still didn't answer your question, feel free to describe your concerns more precisely.

What do you mean with 'authentic' ?

You did generate the seed yourself, right ? If not, regard the seed as compromised and move your funds to a new one (generated by you) as soon as possible.




And you are 100% sure that you used that exact mnemonic code ?
You might try entering it into a desktop wallet again. But regard that seed as compromised afterwards. If you will be able to access your coins, move them to a new seed.

But i doubt it will be accepted as a valid seed in a different wallet, if the nano s doesn't accept it.

Not directly a p2p mixer, but coinjoin probably is what you are looking for.
This is a method to combine multiple transactions (from multiple senders) into one large transaction to obfuscate the the recipient.

Wasabi (https://github.com/zkSNACKs/WalletWasabi), a desktop wallet for windows, linux and mac, has this feature included.
Currently the minimum amount to queue for coinjoin is 0.1 BTC.

In this process, there is no centralized entity which is required to be trusted.

If you want to participate in the lightning network without any trust, you need to run a full node.

You don't need it on your mobile. A simple connection to your full node is enough. But a full node is mandatory if you don't want to rely on 3rd parties.


However, i don't see any reason to have a full node running on your mobile. Rather set up a small raspberry pi at home and connect to it with your mobile.
Saves CPU power and therefore battery.

There doesn't even need to be a real backdoor.

Just a purposely included vulnerability would be enough to completely compromise your server which you are running the exchange software on.

This would be hard to detect. Especially in a non-running environment.
Also, no one guarantees you that the developer knows how to create such a software properly. Even if no vulnerability has been placed in there on purpose.


If you really want to use that template, you should set up a test environment and purchase a full security audit / penetration test for webapp.
And don't choose a test which only lasts 5 days. You'd need 10 - 15 at least. With an average price of 1k - 2k$ per day, that would be between 10k$ and 30k$.

If you don't have enough money to perform such an audit, don't start an exchange.

The chances that a fully working and secure template for an exchange is available for free.. are almost zero. Why would someone give it away for free if they can earn money by selling it?
What is their business model? How do they make money from that template ? Selling it is lucrative.. what would be more lucrative?.. Just think about it.

You made 2 mistakes.

1) Brain wallets are always bad. The entropy is way too low to not be guessable by a computer.

2) You probably have chosen the most error-prone way of generating a brain wallet in electrum.
What you should have done is to create a 'big random number' with your brain. For example with taking a sentence, words, whatever and hashing it to get a 128 bit number.
Then you'd encode this 128 bit number as a mnemonic code which is accepted by electrum.

This way you would have to memorize / backup your 12 word mnemonic code, which you can always use to derive your xpriv.
But using a random phrase, converting it to hex, deleting the new-lines and pasting that into electrum can easily go wrong (and it unfortunately did).


Since you already tried 'millions' of variations of your seed, i can't come up with an idea to recover your funds.
Checking the address type, as mentioned by HCP, is probably one of the last things you can try.

A birthday attack is applicable to hash functions, not encryption or signatures.

Further, with the birthday paradox you would calculate the probability of creating 2 messages which result in the same hash (any random hash!).
Not a second message with the same (given) hash which the signed one has.


This is not applicable in this case. Neither theoretical nor practical.

So what ?

An IP address is public information. If anyone wants to communicate with you, he needs your IP address.
This includes all other nodes you are connected to, all websites you visit, your email provider/server and all other online services you are using.

Giving out an IP is not a problem at all.. at least not if you aren't doing shady business.


And the port is the standard port for the bitcoin protocol. It is set in the specification. Every BTC node listens on port 8333. That's part of the protocol specification.

To quickly check that, download a tool which reads out the S.M.A.R.T. values of your hard drive.

For windows, you can use HDD Health or CrystalDiskInfo. Both are able to exactly show you what the problem with your HD is (if any at all).

Might be faster than reinstalling core, and you will know whether you have to backup your whole drive / buy a new one.

Then a malicious actor just needs to gain access to your master public key (xpub) to derive all of your private keys belonging to this HD wallet (non-hardened only).


Signing messages is fine to prove ownership.


Of course you wouldn't sign a message like "i own this address".
You would include your name, the current date and the reason for signing this message. And eventually even a random token from the person who wants you to prove the ownership.

A MitM wouldn't be useful in any way here.

1. If your ledger would be hacked, all funds would be gone already.

2. If the total amount of your coins inside of your wallet still is correct, it indeed is a change address of yours.


Bitcoin transactions work with inputs and outputs.

For example:
You (A) have 1 input (i.e. received 1 transaction) with 1 BTC.
You want to send 0.1 BTC to B.

The transaction looks like this (ignoring fees here):

Input:

• 1 BTC

Outputs:

• 0.1 BTC (to B)
• 0.9 BTC (to yourself)

Your wallet will show 0.1 BTC being transferred.
On a block explorer however, you will see that your whole BTC has moved (which is true, but 0.9 of them moved to a different address of yours).

Why is your conclusion that something is wrong with coinbase ?
Coinbase can't protect you if a 3rd party gains access to your credentials (did you use 2FA ?).

The preferred way to accept BTC on a website is always to do it yourself. And if this is not an option because the effort wouldn't be worth the amount you expect to get, use a payment processor. But if possible do it without WP plugins.

Only very few of them have an security audit being done. Vulnerabilities in WP plugins wouldn't be something new.

Are you somehow worried that you might have to enter your mnemonic code ?

You have asked that quite a lot whether you will have to enter them.

You should always(!) have a backup of your mnemonic code. Are you missing those words ??



Yes, you need the guest additions installed.
Then navigate into the setting folder -> USB -> add an filter "empty".
Then all USB devices which will be plugged in while the VM has the focus will be auto mounted in the VM.

Can you verify that all words can be found in the electrum word list (https://github.com/spesmilo/electrum/blob/master/electrum/wordlist/english.txt) ?
If one word can't be found in this list, search for similar ones inside of the list. In this case you got a word wrong.

If multiple words are not in this list, chances are high you got a BIP38 seed. In this case, please check whether all words are in the BIP39 word list (https://github.com/spesmilo/electrum/blob/master/electrum/wordlist/english.txt).
The same applies, if you are missing one word, check for similar ones.

Private keys don't contain the address type. This is just a feature in electrum to let it know what addresses you wan't to derive.
The private key is for each address type the same.

You can simply import your private key into electrum and then change the script type by clicking on the QR (should show: Tap for Bech32  /  Tap for P2PKH   /  Tap for P2SH below the QR).
Just tap it (minimum 1, maximum 2 times) until you get your bech32 address.

There is just one button (call it refresh or reload).

But there is no button which re-imports everything (why should it, this doesn't make sense).

You just need one button, to 'refresh' (i.e. check for new transactions related to the addresses inside of the wallet).


@OP
This seems to be a connection issue.
Do you connect via TOR or VPN ? If so, try without.

Sometimes (but rarely) mycelium server are kind of busy, delaying the appearance of new transaction for a few days.

But, in windows or the linux VM?

HCP mentioned you might try to connect it via your windows host, which you replied with the mentioned message being shown.
If this message comes when you access it with your VM, that's weird.

Can you try the following (if you haven't already in this particular order) on your VM:

• Start ledger live
• Connect the nano s with the button pressed
• Activate the USB connection to your VM
• Try to start the firmware upgrade

What happens then? Do you get the message which says ".. device should not be in bootloader mode.." ?

Note that it might take a few minutes to update the firmware. Especially if their server are busy currently.




Usually just unplugging and re-plugging it.

Roughly 15 minutes after registering, the one and only post is this here.

Seems legit 


Just a general warning for everyone:
Never trust closed-source applications from a newbie. You can't know whether there is some backdoor / malware or whether he actually knows how to securely write an application which handles sensitive information.

Delivering android updates can be made illegal (at least in the US)... I don't think there is anything (in the US) which can't be made illegal 

Never heard of the guy who tried to kill himself, survived and afterwards was sentenced to death for his attempted suicide? 

Props.

That's probably the first (real) merit-worthy thread from a newbie account.


I really like your idea. It counters quite some attack vectors in comparison to simply a bootable linux live distro etc. (keyword: trusted hardware / bootloader).
Even though hardware wallets already are very user friendly and can be accessed without much hassle, if you are storing a very high amount of BTC on your hardware wallet you might want to use this as a 2nd wallet (to circumvent some 0day HW exploits).


I just have 1 thing to add:



One could simply set up an ssh agent to be started upon booting, then connect to it via live usb boot for example.
IMO it is more convenient to power up the PI, boot your PC from a live linux and connect via SSH to it, instead of re-plugging monitor/keyboard (but maybe that's just me because of my setup at home  )

If you make sure to not permit root-login, set a strong-enough password and shutdown the ssh agent after ~3 failed login attempts (or simply use fail2ban, etc.. ), this also results in a pretty secure setup (not as secure as without any connection between your PC and the PI, but very close to that).


This idea of a 2nd wallet / banking station (regardless of whether with or without SSH connection) is already way more secure than the 'main' wallet of the majority of BTC user.