Yes, definitely beneficial in that case, or any case in which the wallet and the 2FA app are on separate devices. As I've said many times before in various threads, the whole point of a 2FA set up is that it is a second factor that is required to authenticate you, your transaction, your account, whatever. If both wallet and 2FA can be compromised by compromising a single device, then it isn't a second factor at all - it is the same factor.

A similar case is when people receive a confirmation email or an email with a code in it to the same email address they have used to register the account in question in the first place. That is not 2FA at all, as if an attacker compromises the email address - a single factor - then they can reset the password and receive any 2FA code.

I think this is far preferable to paying excess fees and sacrificing privacy to use TrustedCoin. Marginally more complicated to set up and use, but worth it for the benefits.

Do most mobile wallet apps not already do this and require unlocking via a password or PIN (or biometric, but those are notoriously insecure and shouldn't be used)? And most people have some sort of locking mechanism on their phone. So for someone to access your wallet they must first bypass/crack/know your master phone security lock and then bypass/crack/know your wallet security lock as well. Which is why I made my point above - if someone can already do this to access the wallet app, then presumably they can also do it for any 2FA setup using the same device.

This is the right answer. If you would carry x amount of bitcoin in cash in your pocket, then store that in a hot wallet. If you wouldn't, then store it somewhere safer.

This already exists by using Electrum's 2FA via TrustedCoin. However, having both the wallet and the 2FA app on the same device is meaningless, as explained below.

If someone can compromise the wallet on your phone, then they will almost certainly also be able to compromise your login details for a website you access via your phone (which, to be honest, 99% of users would simply save in their browser's built in password manager anyway), or your 2FA app.

I don't see how you can make a hot wallet on a phone any more secure without requiring a second physical device, be that another phone for multi-sig, a hardware wallet, or even a hardware YubiKey or similar for 2FA. Any 2FA using the same phone as the wallet itself, be that a code, a login, a second wallet, receive an email, etc., adds almost zero additional security.

Looks like the trial is finished for today, and will be back on Wednesday. I'm not sure what is happening tomorrow.

By the looks of the tweets, Hodlonaut's team have started with a very good closing statement. I believe there will be more from them on Wednesday. For example:

Also worth pointing out that CSW claimed he shared early drafts of the whitepaper with a number of people last week, including Dustin Trammell: https://www.youtube.com/watch?v=_zkweFcpQMs&t=3985s
Dustin Trammell has today made a post calling that out as yet another complete lie from CSW: https://blog.dustintrammell.com/faketoshi-craig-wright-lies-exposed/

Ledger Live will scan the standard derivation paths with a default gap limit of 20, as Pmalek has pointed out. So m/84'/0'/0'/0/0-19 for segwit. Any addresses beyond 20 empty addresses would not be picked up by default.

In terms of accounts, Ledger Live will allow incremental account numbers only if it finds some history in the preceding account. So if it finds coins or transactions in m/84'/0'/0', then it will allow you to create an account at m/84'/0'/1', and then will again look at addresses m/84'/0'/1'/0/0-19, continuing upwards with the gap limit of 20 if it finds any history. If you skip an account then you will be unable to recover your coins. So if you never used m/84'/0'/1', but did use m/84'/0'/2', you will not be able to recover m/84'/0'/2' using Ledger Live until you send some coins to m/84'/0'/1'.

Ledger Live does not allow checking of arbitrary derivation paths like Electrum does, so if you have deviated from this scheme then it will never find your addresses.

All in all, better to just not use Ledger Live. It does not allow proper coin control anyway.

Yeah, that's when it becomes difficult to quantify, hence my statement of "depending on which source you read". I've previously spoken about some studies which simply multiply the electricity usage of bitcoin by the average carbon dioxide production per unit of electricity to reach their value of how much CO₂ bitcoin is responsible for. But from other reports we know that this is inaccurate, as bitcoin uses far more renewable energy than average, and so its carbon dioxide production per unit of electricity will be far lower.

Reports can twist things, and choose which metrics to report or how they arrive at those metrics to fit their narrative. But even the most biased reports giving the worst possible outlook for bitcoin's energy usage still show that it is utterly inconsequential on a global scale, and doing almost anything else, from eating one less serving of beef a month to swapping your light bulbs for energy efficient ones, will more than offset your personal usage of bitcoin.

All the CoinGeek videos are simply vlogs from well known a CoinGeek contributor and BSV shill. They contain zero footage from inside the court room. Perhaps this is deliberate given how terrible CSW comes across in all the clips we we have been getting from Bitcoin Magazine.

Looks like so far today there has simply been testimony and questioning of other cybersecurity firms regarding the KPMG reports. Despite these firms being called by CSW's team to cast doubt on the KPMG analysis, it seems both were unable to do so and largely agreed with the KPMG findings, only able to offer small criticisms around the edges and not against any of the main findings - i.e. that most of the documents CSW submitted were fraudulent. Seems like quite the fail on the part of CSW and his team today.

Apparently all that is left is closing statements. Would be great to get full videos of these, if anyone from Bitcoin Magazine is reading!

Well yes, but the military industrial complex bribes our politicians. Bitcoin doesn't. So they get a free pass despite being the single largest consumer of oil in the world. Perhaps rather than regulating proof of work we should regulate illegal wars?

The article says that of the energy they consume, 70% is used for movement. Not that they use 70% of all the world's energy. Even for our grossly overinflated and unnecessary military, that would be a bit much.

You have confused your units in your post. A megaton is a million tons. The article says the US military generates 60 megatons of CO₂, or 60 million tons, but not 60 million megatons. Depending on which source you read, bitcoin mining generates around 20 megatons.

Ledger Live is designed to be difficult to go wrong with, which also means it lacks many important features. You can only use addresses in the order they are derived, you cannot derive more than one address at a time, and you cannot even derive a second account if your first account remains empty. While this means that users cannot "lose" funds on derivation paths they can't find again, it also means you cannot just generate new addresses like you want to.

As mentioned above, the easiest way to achieve what you want is going to be pairing your Ledger device with Electrum. The other option would be to extract the xpub from Ledger Live and use that to generate addresses to receive to, and then increasing the gap limit in Ledger Live if needed to cover all these addresses.

Don't forget that ETC's hashrate has gone up by 300% since the merge, other altcoins have seen even larger increases in hashrate, ETHPoW has been forked and continues to use some hashrate, and so on. The merge has achieved nothing in terms of electricity consumption, it just lets Ethereum play even more in to the hands of centralized regulators. I suppose that goes well with their new centralized PoS protocol.

It's almost as if bitcoin wasn't created to submit itself to the will of governments. China have banned bitcoin what, 9 times? And yet still have ~20% of the global hashrate? Bitcoin will survive this regulation, as it will survive all regulation. And at some point in the future when bitcoin mining is essentially 100% renewable, then regulations such as this won't matter.

This may well be true, but it is clear from the document shared that their purchasing of CEL went way beyond what was reasonable to maintain such business activity:

This may also be true, but at the same time, Brain Armstrong (for example) can't artificially pump the price of Coinbase shares just before his preset sell off date. Mashinsky, on the other hand, could absolutely pump the price of CEL by using depositor funds to buy it up, which we now know is exactly what he was doing.

Here are some large renewable bitcoin mining operations:
https://www.abc.net.au/news/2022-09-16/solar-powered-bitcoin-mining-hub-in-whyalla-south-australia/101448784
https://www.coindesk.com/business/2022/06/23/new-solar-powered-bitcoin-miner-launches-operations-despite-difficult-market/
https://www.cnbc.com/2022/04/08/tesla-block-blockstream-to-mine-bitcoin-off-solar-power-in-texas.html

And here are some reports for bitcoin mining being used in demand response as I discussed above:
https://www.smart-energy.com/industry-sectors/energy-grid-management/demand-response-proves-more-profitable-than-bitcoin-mining-in-texas/
https://www.barrons.com/articles/crypto-miners-electricity-grid-51647296483

So what I'm discussing is already happening. It's now just a case of scaling it up and making it more widespread.

I think this is only true because the entire electricity consumption of the world is skewed towards fossil fuels. As the push for greener energy continues, bitcoin is well placed to be at the forefront of this (as it already is, given that we know it uses a higher percentage of green energy than almost any other industry on the planet).

Agree with the first sentence, but not as far as the last coinbase reward. For the last 10 halvings (or ~40 years), the block subsidy will be under 1000 sats. For 1000 sats to even be worth $100, then a single bitcoin would have to be worth $10 million. The coinbase reward will be irrelevant in the grander scheme of things long before the last coinbase reward.

Not necessarily. Lightning is currently both more private and more censorship resistant (against the likes of centralized exchanges and wallets enforcing taint and blacklists) than the base layer.

Which is fine. If I'm paying for a coffee, there is no need for me to use the base layer, and Lightning brings advantages in terms of both speed and fees.

This is based on the assumption that total fees per block will remain static, which as I mentioned above, I don't think they necessarily will.

We already know that block space is too limited as it stands to scale bitcoin to global usage, which is why second layer solutions are being developed. Currently, almost all of my transactions pay a fee of <5 sats/vbyte. If I'm paying for a coffee, fast food, or some other small transaction, then a fee much higher than that starts to become a significant amount of the transaction and therefore unacceptable to me. Let's say, however, that I move all my coffee buying on to Lightning. Now I can pay a fee of 50 sats/vbyte to open a channel, and then buy 100 coffees through that channel before I need to close it. In this scenario I have saved money on fees by paying 0.5 sats/vbyte per each of my 100 transactions, but at the same time I have paid 10x what I would usually pay for the block space.

So provided there is enough demand for block space to support things like opening/closing Lightning channels at a higher fee rate (which is still economical for the end user), as well as very large transactions which will pay a higher fee for the added security of being on the base layer, then the fees paid could increase by an order of magnitude or more, while individual users still pay less by moving most of their transactions on to Lightning.

In this scenario then fees per block could total 1-2 BTC, rather than 0.1-0.2 BTC (example numbers), meaning a price of $80k rather than $800k in your example.

You cannot divide in the normal way when working with elliptic curves. Instead you use something known as the multiplicative inverse.

The multiplicative inverse (x) of a number (y) on an elliptic curve with order n, is such that x*y mod n = 1. That is to say, the when a number is multiplied be its multiplicative inverse modulo the curve order, the answer is 1. So on a curve modulo 7, then the multiplicative inverse of 2 would be 4, since 2*4 = 8, mod 7 = 1. On a curve modulo 37, then the multiplicative inverse of 2 would be 19, since 2*19 = 38, mod 37 = 1.

To divide a number by 2, you can also multiply it by 1/2. So to divide a number by 2 on an elliptic curve, you instead multiply it by its multiplicative inverse. So on a curve modulo 37, half of 15 is 26, since 15*19 = 285, mod 37 is 26. And the reverse is also true: 26*2 = 52, mod 37 = 15.

In bitcoin, the curve order n is:

This means that the multiplicative inverse is:

This is because:

So, to half a public key, you multiply it by the multiplicative inverse given above, and take the result modulo n.

The tweaked public key is exposed in the taproot address itself. Spending and witness data is not necessary. A taproot address is simply a native segwit output with version number 1 instead of 0, followed by the 32 byte tweaked public key. If you spend from a taproot output using script path, then the internal public key is also revealed as part of the control block.

Unfortunately Bitcoin Magazine don't seem to be releasing the unedited footage from Friday, so we can only go on the tweets provided, but I've been rereading them and they are absolutely laughable.

For example:
https://nitter.it/wizsecurity/status/1570773425102397443#m
https://nitter.it/bitnorbert/status/1570765810863575040#m
CSW submitted what he is claiming is pre-release bitcoin source code, but this pre-release bitcoin source code includes a bug fix which was made in version 0.1.0 following a report made by Hal Finney. So to believe CSW you have to believe he introduced the bug, then fixed it, then re-introduced it, then waited on Hal to make his report, and then fixed it again. Lol.

https://nitter.it/bitnorbert/status/1570769461954879490#m
https://nitter.it/wizsecurity/status/1570773434904485893#m
CSW's submitted pre-release .exe file has an identical checksum to the first public release version. The problem here of course is that while the checksum is valid for the first public version, it is invalid for CSW's pre-release version. This shows that his pre-release version was created simply by taking the first public version and changing a few minor things, i.e. a barn door forgery.

https://nitter.it/wizsecurity/status/1570773441061748741#m
Absolute lol. He tried to make it look older simply by changing the version number in the readme file.

https://nitter.it/bitnorbert/status/1570766382048096260#m
https://nitter.it/wizsecurity/status/1570942661959491584#m
And he included a reference to compressed public keys, which weren't used for another 4 years.

So he has obviously submitted forgeries, but what I find hilarious is just how bad these forgeries are. Referencing things which didn't exist at the time, doing something as simple as just changing the version number, apparently completely oblivious to the existence of checksums. This is the technical equivalent of using white-out on a date and writing an older date on top and thinking no one will notice. You are telling me the best forgery the inventor of bitcoin can muster up is changing the version number in a .txt file? Lmao.

Sure, but this question will be become pertinent long before then. Average fees earned per block is somewhere in the region of 0.1 - 0.2 BTC at the moment. By the 9th halving, the block subsidy will be 0.09765625 BTC, which will mean it will be less than the average fees. This will happen around 2044, so only 20 years away. Another few halvings after that and the block subsidy will be ~10% of the total fees. If fees aren't enough to maintain the security of the network alone (as will be the case in 2140), then it is very unlikely that fees +10% will be enough to maintain the security of the network, which is scenario which will be reached in the lifetime of many (or even most) current bitcoin users.

I think the combination of the increasing value of bitcoin coupled with most smaller transactions moving to layer two, resulting in the base layer being used predominantly for larger transactions and channel opening/closing and therefore larger fees being acceptable, will be enough for fees alone to maintain the security of the network.

There is some very interesting discussion about this in the following forum thread and on the dev mailing list:
"Surprisingly, Tail Emission Is Not Inflationary" -- A post by Peter Todd
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-July/020665.html

No, there isn't. You cannot infer anything about the private key from knowledge of only the public key.

A quick example. Private key 4 gives the following public key:

Private key 6 gives the following public key:

As you can see, both x coordinates and both y coordinates have opposite parity.

Again, no.

Depends on the address. If the address is a hash of the public key, such as in P2PKH or P2WPKH, then no. If the address is not a hash of the public key, such as in P2PK or P2TR, then yes.

The other option is if the public key has been revealed via another means, such as a signing a message, openly being shared, or being leaked.

There are plenty of scams in crypto with named individuals at the top who have managed to avoid or evade any punishment. A few that immediately spring to mind are the Quadriga exchange with Gerald Cotten who faked his death, Do Kwon of Terra Luna, and CSW of BSV. Being named does not mean being accountable, especially when you can use all the money you have stolen to pay great lawyers to figure out loopholes or escape mechanisms for you.

I'm not sure it was entirely premeditated from before Celsius was launched, but the fact that these documents show Celsius has been insolvent for over three years and yet continued to offer promotions and interest rates they knew they couldn't pay out in order to encourage further deposits to finance their ongoing Ponzi scheme is very damning.