CSW, his immediate family, Calvin Ayre, the people they employ at CoinGeek (although I'm sure there will be at least a few who dump any BSV they receive immediately for bitcoin), scammers, and idiots. Remember that there are people willingly using Bitconnect 2.0 and Terra Luna 2.0. There are no shortages of idiots to whom to sell a shitcoin.

Most stablecoins are centralized and can arbitrary steal/freeze your coins, and yet have volumes of tens of billions of dollars.

Oh, and don't forget that Ayre reported the actual longest chain to the police: https://nitter.it/CalvinAyre/status/1422655123147399172

A good idea. There is certainly scope for a guide on how to "uncentralize yourself" if you are already involved in centralization exchanges. As you say, using Bisq and cold wallets moving forward is an obvious step, but you also need to break the link between your identity and all the bitcoin you have already bought from centralized exchanges, via mixing, coinjoining, or even just selling it all and buying it back peer-to-peer. You will also want to request that as much of your data as possible is deleted, although centralized exchanges will legally have to retain it for some number of years (depending on your jurisdiction), and who knows how much or how little care they will spend processing deletion requests.

Almost certainly. As I mentioned above, I'm sure blockchain analysis firms are already hard at work using this data to link addresses and wallets to specific individuals, and that data will then be sold to data brokers around the world. With one study showing that 99.98% of completely anonymized data could still be used to identify the specific individual it came from, then these data brokers will have no problem whatsoever working on data with just the address redacted. It won't be long before the majority of individuals in this Celsius data will have their exact bitcoin addresses and holdings linked directly to their real identities, for anyone who is interested to see it.

Then it sounds like you have sent coins to an address you never controlled, which would explain why A) they never turned up and B) they have since been moved on without your input. Whether this was from a bug on the Safello platform, your account being hacked, or some local malware, I can't say.

If the wallet you are recovering with your seed phrase is showing no transaction history whatsoever, then the address(es) you previously used are quite simply not generated from this seed phrase. Whether they are generated from a different seed phrase, or from an additional passphrase, or whether they were imported from an external source, we can't say.

The only way to tie these two issues together (your seed phrase not recovering your address, and the funds on that address being stolen), would be if an attacker had interfered with how you set up the wallet in the first place, allowing you to generate a seed phrase and a wallet, but then replacing your wallet with one in which they know the seed phrase and/or private key(s).

There is one. You just follow pooya87's instructions to decrypt the private key on your offline, airgapped system. Once you've done that, import it in to Electrum on the same airgapped system. Grab the address it generates, take the address only (and not the private key) over to your online system, and import the address in to a brand new watch only Electrum wallet. Let that watch only wallet sync up all the transactions, then create a transaction sweeping all the coins to wherever you want them to go. Move that transaction to the airgapped wallet to be signed, then move it back to the watch only wallet to be broadcast.

By doing this you import the encrypted key, decrypt it, and use it to sign a transaction, all without it ever touching the internet.

I would have thought a better way to get an xpub from Electrum would be to go to the console and use the command:
And then use that seed phrase to set up a multi-sig wallet.

I don't think you can create a multi-sig wallet on Electrum using your method. After you use Electrum's seed phrase for the first signer, if you then try to import xpubs for the other two signers you will be met with an error telling you the key type is incorrect (Their key type is 'standard', we are 'p2wsh'). If you instead import the xpub you generated from your Zpub rather than a seed phrase, then you will end up with a watch-only multi-sig wallet without any private keys.

As I understand, physical addresses, email addresses, and phone numbers were also supplied, but these have been redacted from the publicly published version.

Maybe, but since this data also includes individual deposits and withdrawals, it will be possible to use it to identify high net worth individuals as well as the specific addresses and wallets they own, which was not possible with the Ledger leak.

So you still had access to the original Electrum wallet when you received the coins from Safello, and they never arrived? Did you double check the address you sent to was correct and part of that wallet?

So using the same seed phrase back up you previously successfully recovered the correct wallet from, you are now recovering a completely different wallet, with zero history?

To the courts. And the court documentation is public. This is normal for a Chapter 11 bankruptcy. This is the same as if you had bought shares in Amazon and they filed for bankruptcy, although this is the first time it has been applied to crypto, as far as I am aware (although now a precedent has been set, any data you have shared with any exchange or platform is now similarly at risk of public disclosure). Without a public list of creditors, then it would be impossible to transparently process claims. As noted in the court documents:

I mean, this is absolutely true, and the whole Celsius issue has shown repeatedly that they did a multitude of shady or downright illegal things, but this is not one of them. This is a legal requirement. Any exchange which goes through a similar process will also be forced to submit such a list of names and transactions. Having your data exposed in such a way is a risk you accept when you use a centralized exchange.

As much as I would love to see the end of centralized exchanges, when we can't even convince the majority of people to stop using them when it is clearly in their own best interests (security of their coins and avoidance of losing coins via scams/hacks/bankruptcies/insolvencies/bad loans/seizures/account freezes, security of their data and avoidance of identity theft or personal information otherwise being shared/sold/hacked/leaked, censorship, high fees), then we are unlikely to be able to convince them on ideological reasons such as them being anti-bitcoin. Won't stop me from trying though.

Whatever you create will not contain the "longest persistent chain of blocks accepted by this Software" ("this Software" being CSW's BSV software). Therefore, you will have modified the code in such a way that it is no longer being used on the BSV blockchain, and therefore CSW would claim that you are in breach of this license and likely try to sue you for it. I mean, obviously the license is complete nonsense since the code he is trying to license was not written by him and was instead plagiarized/stolen from Satoshi and other real bitcoin devs, but that wouldn't stop him from trying I'm sure.

On the contrary - it is a mandatory part of Chapter 11 bankruptcies that entities submit a list of creditor names and addresses. It is US law that demands that this happens, as opposed to any US law preventing this from happening. And again, I don't want to link to the court documents which contain the list of names, but the judge did mention specifically that he would not treat EU citizens any differently to US citizens.

So yeah, if you sign up to any centralized exchange and hand over your bitcoin to them, then assume your coins and your data are permanently up for grabs.

It means you can only modify the software in such a way that it is still compatible with BSV, and then it defines BSV as the chain which forked at block 556,767 and is accepted by the software put forward by Bitcoin Association. In other words, it says that BSV is whatever chain they say it is, regardless of network consensus, and so if you refuse to follow their fork to implement this stupid code, then they will take legal action against you.

So, just to clarify:

• You created a wallet using Electrum, and backed up the 12 word seed phrase (although you never tested that the seed phrase was correct)
• You used this wallet for over a year, receiving and sending coins normally without any issues
• You most recently sent some coins to this wallet from Safello (Did you see these coins arrive in your Electrum wallet normally?)
• You then recovered your Electrum wallet, and now have a completely different wallet with no transaction history at all
• But now according to blockchain explorers the coins you recently sent from Safello have been moved to another address?

Is this all correct? Can you answer my questions above?

Address? Or wallet? If you created a wallet using a seed phrase, then you should have many different addresses, not just a single one.

Time for part 3 in what now seems to be an ongoing series. Who would have thought centralized exchanges could fuck up in so many different ways!

Parts 1 and 2 are here:
Recent events should make everyone withdraw all their coins to their own wallets - Centralized exchanges censoring users and seizing coins
Recent events should make you withdraw all your coins to your own wallet: Part 2 - Centralized exchanges going bankrupt, users losing everything

Part 3 is doing to be a two-parter.

The first issue is a follow on from Part 2 above. As part of Celsius' bankruptcy proceedings, not only have all their users lost all their coins, but Celsius have now published a complete list of every user's full name alongside their account balances and a list of every deposit and withdrawal they have made. I'm not going to link to it for obvious reasons. Given what we know from previous data leaks, these people will now be prime targets for phishing, malware, other malicious digital attacks, or even physical threats. And you can guarantee that blockchain analysis companies have already downloaded this list and will be linking deposits and withdrawals against blockchain data to start linking previously anonymous addresses to real names.

The second issue is as raised by gmaxwell in his thread here: PSA: Get your Bitcoin off any exchange supporting "BSV" (due to insolvency risk). The TL;DR is that (as we have already seen above with Celsius collapsing secondary to the Terra Luna scam) even if you don't trade in shitcoins or scamcoins, by using an exchange which does support these coins all your bitcoin is at risk of being included in their bankruptcy proceedings. The next biggest threat at the moment is any exchange which is supporting the BSV scam, but any sufficiently large enough altcoin could collapse and take an exchange down with it, resulting in their customers losing everything.

Not using centralized exchanges at all is the best thing you can do, but getting your coins off them if you are already using them is a close second.

There would be no way to write a piece of software which could detect every possible way a wallet could be malicious, and even if someone attempted such a piece of software, then an attacker could also download it and find a work around.

If you are completely paranoid about how your seed phrase was generated and do not trust any piece of software, then the best option would be to do it manually, using 128 coin flips and an airgapped Linux machine to calculate the checksum.

Don't even get me started on this. At work we have to use about 8 different systems, all with the same username, but all with their own password requirements. Some mandate 8 letters, some 10. Some mandate at least one uppercase letter. Some mandate at least one number. Some mandate it must be at least "strong" on their unknown algorithm. And here's the best bit - all require mandatory password changes, but at different frequencies. The outcome is that you first set up access to all the systems with one good password. After 3 months, you have to change that password on a few of the systems, so you increment the number in the password by one. 3 months latter, you have to increment that number again, but also now increment the number on all the systems which mandate 6 monthly changes. Also, one of the systems will say this new password is too similar to the old one, so for that system you have to pick a new password altogether. 3 months later, do it all again. Very quickly you end up with 5 or 6 slightly different passwords, and you forget which one is for which system. And oh, if you enter the wrong password 3 times, your account is locked and you have to spend 20 minutes on the phone to IT to get it unlocked. What is the outcome of this? A very few people like myself use a password manager to deal with this for us. The vast majority have all their passwords written down on a piece of paper in their desk, their wallet, or (my favorite) stuck on the back of their ID badge.

Complex? Sure. Secure? Not at all.

I can understand this being an issue with raw private keys, but I've never understood why it is an issue with seed phrases. The whole point of the BIP39 word list is to minimize issues like this, and you should be writing down your seed phrase in simple block capitals, and not cursive or anything else more difficult to read.

Yeah, but either you run this new modified code which allows him to help himself to any BSV he likes, or you continue to run the current code at which point him, Ayre, CoinGeek, and the rest of the BSV scammers call you a fork and threaten you with lawsuits. Who knows which chain the exchanges would follow in such a scenario.

He's already committed everything from identity theft to fraud to tax evasion. A few charges of theft won't bother him. He's also banking on the fact that Satoshi is not going to return, and so will not file charges of theft for the coins CSW is stealing. (Like Satoshi would even care about his BSV tokens being stolen in the first place.)

Seems like you have a valid seed phrase but for the wrong wallet. Short of you simply backing up the wrong seed phrase, I can think of three other possibilities:

• You used an additional passphrase (also known in Electrum as "extending the seed with custom words")
• You are accidentally restoring an Electrum seed phrase as a BIP39 seed phrase or vice versa
• If you are restoring it as a BIP39 seed phrase, you are using the wrong derivation path

He would no doubt advance sham litigation accusing you of running code which you didn't have the rights to or accusing you of attacking his business.

But this is not relevant to what is going here. He will succeed in seizing BSV which are not his, because the entire BSV chain is so completely centralized and ran only by him and his buddies. It is little more than a glorified (and horrendously bloated) spreadsheet at this point. He will succeed in seizing BSV, which will result in exchanges either losing coins or the entire chain collapsing, which will result in exchanges having to cover their losses from other funds.

Sure, but also not that difficult for an attacker to plug your seed phrase in to any multi-coin wallet and scan for hundreds of coins in a few minutes.

Because now, in addition to your number pairs, you have to remember/back up the specific username and date, as well as the method/code you used to turn them in to your deterministic list. Complexity is the enemy of security, and this is all getting very complex.

It's probably worth pointing out that this is completely intentional. As Greg has pointed out above, CSW's team will be releasing code which allows him to arbitrarily seize BSV. This will only work if the majority of nodes run this idiotic code. This would obviously be impossible on a decentralized network such as bitcoin, where >99.9% of nodes would simply refuse to run such code. But since they've deliberately made it so difficult to run a BSV node (there are currently a grand total of 9 nodes at the chain tip), it becomes much easier to get a majority of nodes to implement these changes, particularly since the majority of nodes are being running by CSW, Ayre, or another member of his team.