Personally I understand why people trade BTC for XMR, as since last year I'm one of those who reduce continuously their BTC bag and increase their XMR one over time.
I am doing that too... I have also upgraded my wallet security, generating my wallet and signing TXs offline. However I will maintain most of my stash in BTC. Are you only using EXCH? Because I believe we should use multiple tools for privacy reasons. Am I wrong? |
|
|
|
How do you know if these addresses are produced by a "brain" key or not? I don't know, but it doesn't matter. If someone creates his own private key instead of using a proper random generator, he should know his funds can be stolen at any time. Haha we re saying the same thing. Of course his funds can be stolen. But stealing them is not right. That's what I am saying. Anyway, I think we agree on everything. |
|
|
|
Trying to do something is not the same as actually stealing. I'm not worried about It's a different story when checking brainwallets: there's actually a chance to find funded ones. You can bet many people are trying to "hack" them. Of course checking is not stealing. Only spending is stealing. How do you know if these addresses are produced by a "brain" key or not?  Or a dictionary perhaps |
|
|
|
Let me just say something. Not for OP, but for a friend If someone had 200+ million addresses: 1. trying to find if these addresses have a balance and spending from them is considered stealing. Of course it's impossible unless he they had 200+ million key-pairs instead of 200+ million addresses. 2. finding a match between these 200+ million addresses (if they are not known to be funded and are completely randomly generated) and the addresses from the "List of all bitcoin addresses with a balance" is not as easy as it seems. The address space is huge. The addresses are produced using RIPEMD160, so the number that is produced is 160 bits long. This gives a space of 2^160 ~= 1.46 * 10 ^ 48. Your number is 200M = 2 * 10 ^ 8. I think you get the point. 3. trying to trace these addresses is considered at least unethical. |
|
|
|
Has anyone installed the Sparrow wallet with the Tails operating system yet? I know Sparrow are working in other Linux distros like Redhat/Ubuntu/Debian and CentOS, so it should also work with Tails (Persistent volume enabled)
Tails does work on Electrum and even came with it as a default crypto wallet in some versions of it.
I get "permission" problems when I try to use Sparrow with Tails.
Hi. Can you be more specific on where you get these permission issues? Also, have you configured the "persistent storage"? Have you rebooted after enabling the persistent storage? |
|
|
|
I must inform you that I have not received a response, so you can delete your signatures.
I always do everything possible so that when such situations arise, my campaign participants feel as comfortable as possible. But at the moment my options are limited to continue paying from my own funds. And unfortunately, I will not be able to transfer you to other campaigns since they are full (if I find several slots you will receive PM). It was a pleasure working with all of you and I think you guys are some of the best posters here on the forum.
Thank you icopress. |
|
|
|
|
Hi all.
I just added Nested Segwit addresses.
I also changed the output files to:
1. keys.gpg: encrypted keys directory
2. addresses.txt: file that includes P2PKH and P2SH addresses in text format.
3. segwit_address.png: QR code for the segwit address.
4. legacy_address.png: QR code for the legacy address.
|
|
|
|
This is a great work apogio, Bash script was my first coding language, so, i will try it this week and see if a can add some cool stuff to it.
it would be nice to have all the diferent kind off addres for the same Hash160, i know i have that script somewhere, but have to search it.
Hello and thanks mate. Yeah I can certainly do that. In fact the only thing that changes is the prefix when you create the address. Instead of using 00 you must use 05. I will certainly try it and update the project. Thanks |
|
|
|
Both. With some cool art work.
Print it more than once, in case part of the paper gets damaged.
There used to be a nice paper wallet website, which unfortunately turned into a scam after it was sold so I won't link it. But the design was nice, and something like it, running from the command line would a very cool thing to have. And with Segwit, of course.
Good idea! I will implement it. By the way I just implemented the qr code generation for the address. Now, the script generates: 1. A file keys.gpg which includes the sensitive data (keys etc.) of the wallet. The file is encrypted with the password that you set at execution time. 2. A file address.png which displays a QR code for the wallet's address. 3. A file address.txt which includes the address in text format |
|
|
|
I like bash, but never looked into how to create a WIF private key. I like it  If you're bored enough for a challenge: how about using qrencode and ImageMagick to create a really cool looking printable (PDF or high resolution image), ideally with Segwit address and redundancy in printing the keys? Thanks! Well I am sick, so I am really bored. So you would like to have the address printed on a QR code? Or the WIF key too? Also what do you mean by saying redundancy in key printing? |
|
|
|
|
I just added a new section to the OP, for generating the wallet straight into a password encrypted file.
The script asks for a password. If you add the password, it will create a keys.gpg file where the keys are password protected.
Then the script will print the address to the standard output where you can copy it from and use it as you wish.
Essentially, now, the script doesn't expose any key data to the end user. The output is forwarded to gpg and is password encrypted in a file. The only detail that is exposed is the address.
|
|
|
|
This is super important! Thanks for notifying me! I will try to find a way to avoid openssl. I can use sha256sum instead of openssl sha256 but I don't know what to use for ripemd160 and ec. Anyway, good catch! Edit: From what I read, there hasn't been an event that caused this change, but rather the fact that the attack space against openssl is much larger, due to its huge feature set. I mean, Core devs said that openssl does much more than the validation of the ECDSA signatures and therefore they changed it to something that does "just the validation". I agree with the choice, but perhaps it is an overkill to change it for this simple script I have written which only generates a public key from the private key. Core devs needed 3 years of development to produce libsecp256k1. I will look more into it! Don't be discouraged. I use Linux daily, but i almost never create Bash script. And when i do, it's not as good as yours.
Very flattering, thanks! |
|
|
|
Don't know if I'm being too emotional here but I think my activity's stuck when it's just 2 left for me to achieve my senior member rank. Anyone here has an experience of what makes mine stuck  ? I tried reading through the forum about merits and activity and it seems activity is supposed to add up every 14 days so does this mean I have to wait for 2weeks 🥺 Yes you have to wait 2 weeks. Activity grows +14 every 2 weeks, provided that you have posted at least once a day in these 2 weeks, according to this: The activity number is determined in this way:
time = number of two-week periods in which you've posted since your registration
activity = min(time * 14, posts)
Rough summary of what this means: If you post once per day on average, then you will eventually get the maximum number of activity points that you can get. Posting more than once per day on average is useless for increasing activity. The maximum number of activity points you can get is 1 per day, but your activity score only updates every two weeks. Therefore, it will take about 100 days to get 100 activity if you post once per day on average.
The most difficult part is when you have acquired the necessary merit to upgrade, but you have to wait for the activity to pile up |
|
|
|
I saved a "copy" of my code in gitlab here (for anyone interested in taking a look at the code):
I will definitely check it since I am good in C. I will let you know if I have any suggestions. I didn't know about that site you mentioned to test keys and I just tried one of my generated key and it seemed to work!
Well I think it is a very reputable website with multiple tools regarding Bitcoin. Take a look at it. Some people use it offline in order to generate wallets too. I don't, but I am just saying. |
|
|
|
Background:I have been sick for the past couple of days, so I decided to test my coding skills. I took some inspiration from this post. To be honest, I don't like paper wallets, but I thought I could learn more about how bitcoin works, through implementing a paper wallet in bash. Disclaimers:1. I have no experience in Bash scripting. 2. I will not use this program and I also advise you to use it only for educational purposes. Prerequisites:sudo apt install base58
sudo apt install xxd
sudo apt install qrencode
#! /bin/bash
###############################################
################# FUNCTIONS ###################
###############################################
calculate_checksum(){
prefix=$1
value=$2
suffix=$3
s1=$(echo -n "${prefix}${value}${suffix}" | xxd -r -p | openssl sha256 | awk '{print $2}')
s2=$(echo -n ${s1} | xxd -r -p | openssl sha256 | awk '{print $2}')
checksum=$(echo ${s2} | head -c 8)
echo ${checksum}
}
hash_160(){
input=$1
sha=$(echo -n ${input} | xxd -r -p | openssl sha256 | awk '{print $2}')
echo -n ${sha} | xxd -r -p | openssl ripemd160 | awk '{print $2}'
}
generate_p2pkh(){
hash160=$1
checksum=$(calculate_checksum "00" ${hash160} "")
echo -n "00${hash160}${checksum}" | xxd -r -p | base58
}
generate_p2sh(){
input=$1
hash160=$(hash_160 "0014${input}")
checksum=$(calculate_checksum "05" ${hash160} "")
echo -n "05${hash160}${checksum}" | xxd -r -p | base58
}
print_keys(){
echo "Entropy: $1"
echo "PK: $2"
echo "WIF: $3"
echo "Public Key: $4"
echo "Compressed Public Key: $5"
echo "HASH160: $6"
echo "Legacy Address: $7"
echo "Segwit Address: $8"
}
encrypt_keys(){
print_keys $1 $2 $3 $4 $5 $6 $7 $8 | gpg -c -o keys.gpg
}
print_qr_codes(){
qrencode -s 6 -l M -o legacy_address.png $1
qrencode -s 6 -l M -o segwit_address.png $2
}
print_addresses(){
echo "Legacy Address: $1"
echo "Segwit Address: $2"
}
create_addresses_file(){
print_addresses $1 $2 > addresses.txt
}
###############################################
################# MAIN ########################
###############################################
# CONVERT ENTROPY TO WIF KEY
entropy=$(cat /dev/urandom | tr -dc '[:graph:]' | fold -w 64 | head -n 1)
pk=$(echo -n ${entropy} | openssl sha256 | awk '{print $2}')
checksum=$(calculate_checksum "80" ${pk} "01")
wif=$(echo -n "80${pk}01${checksum}" | xxd -r -p | base58)
# CONVERT PRIVATE KEY TO COMPRESSED PUBLIC KEY USING OPENSSL SECP256K1
public_key=$(openssl ec -inform DER -text -noout -in <(cat <(echo -n "302e0201010420") <(echo -n ${pk}) <(echo -n "a00706052b8104000a") | xxd -r -p) 2>/dev/null | tail -6 | head -5 | sed 's/[ :]//g' | tr -d '\n' && echo)
x_coord=$(printf ${public_key} | cut -c -66 | cut -c 3-)
last_byte=$(printf ${public_key} | cut -c 129-)
last_int=$(printf "%d" 0x${last_byte})
is_odd=$(expr ${last_int} % 2)
if [ "$is_odd" == 1 ]; then
compressed_public_key=03${x_coord}
else
compressed_public_key=02${x_coord}
fi
# CONVERTING PUBLIC KEY TO COMPRESSED LEGACY ADDRESS
hash160=$(hash_160 ${compressed_public_key})
legacy_address=$(generate_p2pkh ${hash160})
segwit_address=$(generate_p2sh ${hash160})
# PRINT DATA
encrypt_keys ${entropy} ${pk} ${wif} ${public_key} ${compressed_public_key} ${hash160} ${legacy_address} ${segwit_address}
print_qr_codes ${legacy_address} ${segwit_address}
create_addresses_file ${legacy_address} ${segwit_address}
Create a .sh script file anywhere on your computer: Copy paste the code and save it. The easiest way is with nano: nano paperwallet.sh
<paste the code>
Ctrl+o (save)
Ctrl+x (exit)
Make it executable for the current user: Run it: Execution results:1. A file keys.gpg which includes the sensitive data (keys etc.) of the wallet. The file is encrypted with the password that you set at execution time. 2. A file legacy_address.png which displays a QR code for the wallet's legacy (P2PKH) address. 3. A file segwit_address.png which displays a QR code for the wallet's segwit (P2WPKH-P2SH) address. 4. A file addresses.txt which includes the addresses in .txt format. keys.gpg file format:Entropy: D_}L1jJie.'&p~@GS<@/~Yr;?uj69lm!vT^V`h1uxW!nhYU"'D>H@`7NP]#e7<?{
PK: c46b641982fd74f10a1607d01e70e4d4c7a5aed2c01c7b09bd66044ce26f0913
WIF: L3oXPPp62gS6NtxopBGoGDhvs6g4ovGp4oX34nLXa566d6qNSMyJ
Public Key: 048f92eb77547bc8b1f5e1e62b683399d75bfc1e98621fef0e253f36baf27891d8c07e72e095cd5b298bc94182a050e80b66a64d0f76967bd1d44077430289dae4
Compressed Public Key: 028f92eb77547bc8b1f5e1e62b683399d75bfc1e98621fef0e253f36baf27891d8
HASH160: 9ba03f824e7883027d07fb15a627a82a897195ba
Legacy Address: 1FBshy1TaRCoWM2ChiJ6dyDZdPmEfDAHHq
Segwit Address: 37gzjcd6wssRB2igUWDYNB4cp546ksFXXo
- The entropy is produced from /dev/urandom.
- The methods I used are included in the openssl library. I have used sha256, ripemd160 and ec.
- Coding-wise, it sucks, I know... But as I said, it's my first effort with bash scripting.
- I have tested the results on Ian Coleman's website. I have also imported some of the WIFs in Electrum and made sure it produces the correct addresses.
- I could have only printed the WIF and the Address, because that's what paper wallets do, but as I said, it's for educational purposes only, so I printed all the steps of the process.
Changelog:| 24/01/28 | || | Adds QR code for legacy address, using qrencode linux command. | | 24/01/29 | || | Refactors code. Adds more functions. | | 24/01/30 | || | Adds Segwit (p2wpkh-p2sh) address. Minor code changes. |
|
|
|
|
Hello, im new thanks for having me. I reside and am an Australian citizen.
Edit: Privacy and other aspect of cryptocurrency doesn't go together you have to choose whether to go for privacy or Easy to carry out wallets.
Privacy may not be easy (fast as possible to carry out) but it's secured but easy to carry out wallets may not be secured as privacy oriented wallets
Welcome! Please note that what Churchilvv says above is correct. Privacy is difficult to gain and easy to lose. Also which wallet would be the best for this purpose? Especially ease-of carrying out the procedure?
Privacy can't be accomplished without running your own node. Nevertheless, it is good for bitcoin that many new nodes join the network. So it's a win-win case. I suggest you run your own version of Bitcoin Core. It requires 1TB SSD. You can run it on an old laptop or an old computer. Personally I run it on a raspberry Pi. Once you have done that, then you can connect Sparrow Wallet to Bitcoin Core. Then you are much more private. As mentioned by Churchillvv, Electrum is great but it requires one more step to connect to your own node, so I definetely suggest it, but it requires a little more effort with which I won't bother you right now. If all of the above sound difficult, then you can just download Electrum and play... But there will be no true privacy! Which exchange should I choose and what are the best for anonymity/security and ease-of-use to buy BTC and then make a small purchase on an EU or US or other site which requests BTC-only as a payment method?
The exchanges are basically split into 2 categories: 1. KYC exchanges -> You must give a lot of personal information to use them. Actually too much personal information. In this category the most well-know ones are: Kraken, Binance, Coinbase etc. 2. Non-KYC exchanges -> Nothing is required to use them. There aren’t any posts on AUD or Australia on this forum.
There must be Australian members on the forum though! To be honest it doesn't really matter where you are from. The tools that we need are available everywhere! |
|
|
|
|
Tricky question.
How do you define support towards Bitcoin? Is it only promotional, as you said?
In my opinion, the way to "support" Bitcoin is to scale it, running as many nodes and miners as we can. I don't think there is anything else that can be done to support bitcoin. But I am curious to hear your thoughts.
Finally, there is El Salvador that uses Bitcoin as a formal currency (not the primary currency but rather the secondary currency).
|
|
|
|
|
It is proven, as mentioned above, that it is mathetically possible, but the chance is astronomically low.
Adding to that, what is even funnier is that using 12 words as a seed phrase and examining every possible wallet account, you will be able to generate every possible address. Great, isn't it? Starting from the same wallet, changing derivation paths, you will come across every possible address.
|
|
|
|
This is first time i heard this software. Have you tried it in past?
No. In fact I have only used Bitcoin Core. I am competent in C++ & Java. I can also understand C. But I don't have the time to experiment with Rust to be honest. Even with electrs that I use as my main Electrum Server, I haven't dived into the implementation itself. |
|
|
|
It doesn't seem that difficult to me. I just need to generate the private key and public address with an open source script, write the private key somewhere rechecking several times and with different methods of having written the key correctly, test that Electrum recognizes my private key and generates the same public address from it. I can also decide to write the private key with copy and paste onto a USB stick that I formatted myself. I can also encrypt my private key with aes256 (for example) and store it in my backup system.
This is a bad idea, let me explain the issues that can potentially arise. 1. You have to be sure that the software you use generates entropy based on a secure algorithm. To this extent, any JavaScript wallet generator is excluded. If you find one, let me know, for educational purposes only. 2. The backup is harder. I think we all realise that saving 12 english words is easier than saving 52 characters. The reason is obvious. Let's say one of the words is "ability" and you miss some characters from the word. I think it is trivial to find them. But if you miss some random characters from the WIF key, then you have no rational explanation of what the character is. 3. "test that Electrum recognizes my private key and generates the same public address from it" -> This must be done offline, just like any wallet generation must be done offline. The key must never see the internet. 4. All your funds will go to a specific address. So you gotta be careful for privacy reasons. 5. Now the most important question? How do you plan to spend the funds using the key? You must import it to a software that connects to the Bitcoin network, so you can broadcast a transaction. So, you are still obliged to use the wallets that you don't want to use (for some reason). You must spend the full amount to make sure the key doesn't become a "hot wallet". Of course you could technically sign a transaction offline and then use the software in order to broadcast the transaction. But then how will you sign offline? You will still need to use a wallet software. I think it's overcomplicated. Personally, I don't think paper wallets are insecure. But because of the reasons above, I have decided to simply use electrum on an airgaped device and generate 12 words + passphrase that I store safely in different locations. |
|
|
|
|
Show Posts
