Regardless of what you do with updating the firmware... if you can't remember where your recovery phrase is, or you have lost it, then I would recommend that you get your assets moved to a new wallet as soon as practicable. Then wipe the device, generate a new recovery phrase and store it safely, then move the coins to the new wallet on the device.

That 24 word recovery phrase IS your wallet, without that, your coins are going to be lost should anything happen to your device!

If your friend knows one of their very first Bitcoin addresses generated by the Trezor... they can use the "seedrecovery.py" script that comes as part of the "btcrecover" package.

NOTE: if your friend's Trezor was using "3"-type addresses (aka P2SH-P2WPKH), they will need to use a forked version of that package that is available here: https://github.com/madacol/btcrecover/tree/p2wpkh-p2sh and use the commandline options to specify the correct --bip32-path of: m/49'/0'/0'

Thanks for the update...

It should also be pointed out that these mods are likely to only work properly for dumping the wallet... I would advise that users do not attempt to use any of the other wallet "modification" features as it will most likely corrupt the wallet.

Simply reading/dumping the wallet should be fine. But as always... work on a copy of your wallet.dat!

The current state of the altcoin market is... poor But it's nice to see that my XRP is hanging in there as at least a "break even" value

Still... at least the thread title lived up to it's name... "Roller Coaster" is the best way to describe this!

That's not how it works... it can't know that address X and address Y are from same seed. What Walletexplorer is essentially doing is looking for situations where UTXOs from different addresses (technically public keys) are being spent in the same transaction.

For instance... this recent transaction: ce09079b0588205ceb5c33e3378677d8a6f4eea826b7ec44a29f84c6c1e42c16

We can see the UTXOs came from the following (unique) addresses:
1AxkKhTPHULorCp7weHNCzNsnu7daiQpS9
1HxQg5f5hCi1R6QLme5AnhxxJp9dekEgXN
17nt1tAH2HZYkpzeu89WPQax1Z14itSZEM
1DhrGMNaAPXibS3w37xd7brmBche8fpTmY
1P1P9NTiN69nZas2VtNGcC1SXuABswy4ZN
12PZiFyf4Fzy981M9tiu6Hirzdd6tFYK9t
1GyejomGpaTndNiXdjstTjjMvvVoVonKGd

It is therefore reasonable to assume that ALL of those addresses came from the same wallet (but not necessarily the same "seed", it's quite possible they were just random private keys in the same wallet). Walletexplorer is basically just looking at relationships like this.

They can't just start with say 1AxkKhTPHULorCp7weHNCzNsnu7daiQpS9 and then claim that 1GyejomGpaTndNiXdjstTjjMvvVoVonKGd comes from the same seed... unless you actually know the seed or master private/public key, you can't derive the other public keys.

If you use the Windows installer, it creates .lnk files in the "Start Menu". For instance, on Windows 10, I have "Electrum.lnk", "Electrum Testnet.lnk" and "uninstall.lnk" in the following directory: C:\Users\YOURUSERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electrum

If you use Standalone or Portable version, these shortcuts are not created.


As for the OP's original question:
Bitdefender is "crazy"

It's most likely just a false positive... It's a known issue due to the Electrum devs using PyInstaller... If you have a look on the electrum.org download page... and read the "Notes for Windows users":

If you are 100% sure you downloaded from electrum.org and you have verified the digital signature, then it should be fine to add an exception to your antivirus to allow it to run.

What was the actual issue in the end? Was it a derivation path issue?

It might be helpful to others if you explained what you had to do to solve your problem.

No... Guessing one word out of 12 is fine... Assuming you know an address that is fairly close to the beginning of the derivation path... AND the words you have are in the correct order.

Anything additional to that and the time required to generate and check combinations starts to increase at an exponential rate.

Even if you know the words are in correct order:
Time to find One word - measured in seconds
Time to find Two words - measured in minutes/hours
Time to find Three words - measured in days
Time to find Four words - measured in months
Time to find Five words - measured in years
Etc etc

If you don't know the order is correct... These times become orders of magnitude greater.

To brute force 12 words? Measured in lifetimes!

No... It wasn't the "admins or workers". Unfortunately there was a "bug" in the Electrum code that meant that a "bad" server could return any message it liked to a client and include links. Scammers found the bug and then exploited it to send phishing messages advertising the fake versions from fake github sites This bug was then patched to prevent the phishing messages from being displayed.

Refer: https://github.com/spesmilo/electrum/issues/4968


Unfortunately, yes... that much is certain

It's not under "Advanced Settings"... it was just under the standard settings when you click the little "gear" icon. Perhaps try and delete the app data and then restart it and see if it gives you the option again.



And, I don't think you need to be offline to see the option... as it shows up fine on mine when connected to 4G. As per the popup, it just needs to be offline to be able to use it as "Bither Cold":

Unfortunately, without the private key you cannot sign a message.

You will need to contact the support for freebitcoin and advise them of the problem. Or perhaps you can try and contact the site where you made the withdrawal from and see if they are able to assist by confirming, on your behalf, that the deposit came from your account there.

No one here can help you.

Just a bit of free advice, especially if you want an exception to be made... You might want to fix that part of your application

What I've seen so far, tells me that my initial thoughts were somewhat correct... in that there are quite varied views on Trust, what it means (Positive vs. Negative), how it should be used and how it currently is being used.

Unfortunately, it looks like the pretty decent debate that we were having is starting to degenerate into off-topic/name calling etc. That being the case, I think I'll just stop it here before the thread gets any worse that it already is.

Thanks for all the responses, I appreciate it... it has certainly given me some food for thought.

Given the Meta/Reputation drama revolving around some PM's being made public in recent times... You might find a few people quite reluctant to put anything in a PM

No... the "self-made" moniker is used by some folk who have earned 1000 merit after the airdrop happened.

It's basically a claim that even without the airdropped merit, they would still be a Legendary today... as opposed to some of the Legendary accounts which ranked up prior to merit... and now have like 1001 merit

Quite possibly a gambling site (maybe an exchange?) that offers "instant" withdrawal... if you follow all the way back to the "start" you'll find a transfer from what is most likely cold storage into a bunch of 15 BTC outputs, like this: https://www.blockchain.com/btc/tx/093abc15e60f811f147763f86c2e773d5037a0b7ac764451ec5536eed4029a5c

Then each of those 15 BTC outputs is slowly 'ground down' as payments are sent out.


While it is true that they may save on fees, if a service offers "instant" withdrawal and as soon as a user clicks "withdraw", that transaction is not showing... users get VERY anxious. I've also seen some services that just simply didn't have the technical knowledge of how to implement batched withdrawals.

That is not how it works. It doesn't matter when the backup was made. They will regenerate the same wallet every time you restore from the seed mnemonic. That is the entire point of "HD" wallets and 12/24 word seed mnemonics.

If you attempted to restore the wallet, and it did not show your original wallet, then the 12 word recovery phrase, while valid, is not the "correct" backup phrase. Somehow you have the 12 word seed mnemonic for a different wallet.

Yes. Trust wallet appears to use BIP39 compatible 12 word seed mnemonics, and also appears to be using standard BIP44 derivation path (m/44'/60'/0'/) for determining your ETH address.

This means that you can use the "seedrecovery" script that comes as part of the "btcrecover" package to bruteforce the correct word... It will require you to download and install Python and a couple of libraries... but isn't super complicated if you follow the installation instructions carefully.

The main requirement is that you know what the ETH address used was... if you know the ETH address, the script will find the missing word within seconds.

I've just downloaded Trust Wallet, created a test wallet and got the 12 word seed. I then tested running seedrecovery using the "Ethereum Standard BIP39/BIP44" option, along with the ETH address from the wallet and only the first 11 words... and it found the missing word in a matter of seconds. So, I would say that chances are very good that it'll work for you... assuming you have the ETH address.

Feel free to ask here or via PM if you need help setting up btcrecover/seedrecovery.

Just FYI, uninstalling Electrum won't remove the wallet files... it's a feature to prevent loss of wallets due accidentally uninstalling etc.

You can find the wallet files in your "%AppData%\Electrum" directory... quick shortcut on Windows is:
- Press "Win+R"
- In the textbox, type: %AppData%
- Press enter
- You should see a folder named "Electrum" and in that will be a "wallets" folder, containing the wallet file(s)

Even if you attempt to install Electrum to your external drive, that will only place the application files on the drive. Windows will most likely still attempt to use this AppData folder for Electrum's data storage.

If you want the application AND all the wallet data to be on the external drive, you need to download and use the portable .exe version of Electrum... The portable .exe version creates a data directory in the same location as the .exe and stores the wallet files there.

The "installer" and "standalone" versions use the Windows %AppData% folder structure for storage by default.

So should the "Positive Trust" description be changed then and the "You trust this person" part be removed? I find it somewhat confusing that on the one hand, people are saying "Negative Trust ratings should only be used for scammers"... yet seem happy enough for the positive trust description to include a very generic "You trust this person or had a successful trade" description.

So, Positive Trust for someone you simply consider trustworthy = OK... but Negative Trust for someone you consider untrustworthy = not OK?


I guess, the point I'm trying to make is that the descriptions for positive and negative trust are not consistent... hence, I am not surprised at the lack of consistency in how they are interpreted and applied.