Funnily enough when I bought the old laptop that I use for my "offline system" here in China I got my wife to ask them to remove the WiFi card which surprised the store owner a lot (prompting him to ask why). She looked at him blankly for a few seconds and then explained that the problem is that when she gets online she always ends up in fights with people on the internet so her husband doesn't want her to be able to get online.

Not sure what you mean by this - but just to be clear you can have as many "keys" as you like using CIYAM Safe.

This is what I really don't *get* when Armory (in particular) talk about offline signing for "cold storage" - it always seems as though they are trying to solve problems for "idiots" (but they seem to forget that "idiots and ingenious" and are going to lose their BTC no matter which software they use - and yes I don't recommend CIYAM Safe for "idiots").

Why on earth would I have "40 donations" to a "cold storage address" that should never have never published.

CIYAM Safe works perfectly on the assumption that you "know what you are doing" and you don't go "publishing your cold storage addresses publicly" (so there should only be 1 UTXO to deal with every time which works perfectly with just QR codes - one to receive the unsigned raw tx and one to send the signed raw tx).

Assuming it is using the method that involves "nLockTime" the problem is that "you can't send refund txs to the network in advance" (they won't be accepted due to concerns of an attack vector - so it only works properly on "testnet" which doesn't have this restriction). If it is instead some sort of "multi-sig" thing then it is "not trustless" (therefore questionable).

This might be of interest: http://swapbill.readthedocs.org/en (but again is *testnet only*).

So AFAIA the only way you'll be able to do "trustless atomic cross-chain transfers" for now will be the AT way.

Just to clarify a few things - AT is *open source* (under the MIT license) and was originally written in C++ by myself (the prototype is available if you scroll down to the last link in http://ciyam.org/at).

The language that ATs use is an artificial "machine code" (that I invented) and yes we do hope down the track to be able to build higher level languages on top of it (but for now very useful ATs can be written in machine code as our use cases have already proven so we are not rushing into the development of any higher level languages).

Assuming enough funds are raised during the "crowdfunding" period then these funds will then be used to pay for time and effort on behalf of the AT team to help Qora to implement it (in a manner that will be *compatible* with other AT implementations). A portion of those funds would also be used to help get the "lottery" created and promoted (with a decent "first few rounds reward added" to help encourage participation).

We will also be developing a very exciting new "use case" for AT that could well be its "killer app". It will be an "atomic cross-chain transfer" AT that will allow transactions to effectively occur across two blockchains that are using AT.

I fully expected such a response from Nxt (and not surprisingly from a *newbie*) - AT does not and never has *belonged to Nxt*.

The NxtAT Asset was for the Nxt version of AT which will be delivered in one week. Asset holders will be able to benefit from that *assuming that Nxt adopts AT*.

He is lucky - I am *still receiving SMS messages even after I changed to using Authenticator this morning (one SMS about every hour now for 48 hours).

I can't get my Mastercard debit card to work (complains that the billing address is wrong despite the fact I've entered it *exactly* as my bank shows it) but that might be because my account is from Australia.

Just posting here to confirm that assuming the "crowdfunding" for the project is a success then the AT development team (myself, vbecas and btc2nxt) will be working along with the Qora development team to integrate AT.

Their 2FA has some serious bugs (not good for a company trying to promote itself as being *as safe as a bank*).

I've never had any problem with 2FA with SMS with my internet banking but circle.com just keeps *rejecting* the code (even after they *reset* my account to the point that it thinks it is the first time I am doing this).

I might end up using Google Authenticator just to "get things working" but I am rather disappointed at their software quality (clearly we are the *guinea pigs* and they did not do enough testing).

Again it now keeps sending me SMS messages (despite the fact I am not requesting them) and again I hope that costs them something (as it's rather annoying to keep being sent the same useless SMS).

The idea of writing a good software platform is *to test it first* not *let the end-user's be the testers* (reminds me of all Microsoft version 1 products).

If using vanitygen then I'd advise that the "output" be encrypted immediately rather than "appear on the screen" (that could be fatal if there is a camera "over your shoulder").

If your offline computer has a webcam then you might consider using CIYAM Safe to do 100% "air-gapped" offline tx signing (https://susestudio.com/a/kp8B3G/ciyam-safe).

It is a SUSE distro and is not a "point and click" UI (sorry) but does have instructions and has been in use (by myself and at least a few others) for quite a long time (no bugs have been reported).

CIYAM Safe using QR codes for 100% "air-gapped" security (https://susestudio.com/a/kp8B3G/ciyam-safe). It does involve running "bash scripts" (instructions are provided but it is not friendly enough for just "point and click" at this stage).

Their support is not much use either (Eriks instructed me to do a "device" reset which just results in it sending my phone the *same number again* which it *again says is invalid*).

I hope the SMS costs them something as they've sent me over 100 so far (for some reason it seems to just keep on sending me SMS after SMS).

Its 2FA login stuff is *broken* - it keeps sending me the same verification code which after I enter it keeps telling me is "invalid".

You are always going to be less safe using "some known text" (be it from a book, poem, song, etc.) than creating something 100% original and this is actually part of the real problem to creating brainwallets - it requires the same sort of degree of "creativity" that writers or composers have (and for those curious I majored in music at university).

Smart wallets won't even *display* the dust (let alone use it for a tx) so I don't think it is a big worry (in the end you might be able to *spend it* if BTC goes a lot higher in value).

I guess the only real issue here is that if people get sent many thousands of such *dust txs* then it might be a problem for the "listunspent" API.

Agreed - I can only say that my brainwallet still has the 1 BTC that I put there (years ago) so either I'm:

(a) extremely lucky or
(b) smart enough to have created a passphrase that no-one can brute force

Of course this could change at any time (so I do check my address often) but my point is that "it is not *impossible* to create a good "brainwallet" *(but I do agree it is not the best idea for most people).

I just think that saying that *no-one can create a good brainwallet is wrong* (as it at least seems that I have been able to do that).

Again I'll state that I have a brainwallet that *has not been hacked for more than 2 years".

So your statement that "your brain can't actually make a good enough random passphrase" does not seem to actually be correct (otherwise my BTC should have disappeared).

If anyone thinks they can *hack my brain* then *go for it* (there is at least 1 BTC you can make from this).

The biggest problem with a "brainwallet" is that "you need a good brain" to create it.

Assuming that you have one then actually you don't have a problem (all the advice *against* brainwallets is aimed at people that *don't have a good brain" and that is fair enough as most people "don't").

I have stored funds in a brainwallet for years and they still haven't *gone anywhere* (and that is used as a "test" for further brainwallets to let me know if someone might have discovered my first one - so go for it *brainwallet hackers*).

The biggest worry is that you develop "Alzheimer's" or something similar and simply *forget your brainwallet* (so some sort of paper backup would still be recommended).

Luckily diseases such as Alzheimer's tend to leave "your oldest memories" intact - so I did develop this: http://ciyam.org/memory_key.html as a method to ensure you use something "that is old but memorable to yourself".

A long time between posts (sorry) but there is some exciting news.

Firstly I have now worked out how to do "bitcoin raw txs" *without* using bitcoind (took a while to get it right but at least the "normal" kind of tx is now working fine - things like "multisig" will need to be added later).

I am currently working on a Wallet package for CIYAM that will allow for many different kinds of wallets (including those for *alts*) and that work is now progressing well (it may take another week to complete).

I have also developed a "new kind of proof" for a blockchain (called "proof of hash" which uses the principle of a "hash chain").

(mods - please note that CIYAM is not *becoming an alt* even if and when it has its own blockchain as it has been designed primary to work with Bitcoin)