It probably won't lead to anything.

Did you check whether each word of your '8 word phrases' does appear inside the BIP39 wordlist (https://github.com/bitcoin/bips/blob/master/bip-0039/english.txt)?


Feel free to message me your words. But if these aren't BIP words and are really from a market place, your coins are most probably lost.

Don't you have several backups of your wallet file?
Because either your password is wrong or your wallet file is corrupt.




Because it is not the correct seed.
Or it may be the correct seed but previously used in another wallet with another derivation path.

But according to your story it is most probably not the correct seed.




98%+ of problems appearing on a computer are caused by the user in front of it.
Electrum is safe, if you do follow each step conscientiously.

You need to pass the argument (TX ID) to your script. Put %s at the end:




Mind posting your shell script to see if you have made a mistake there?

Theoretically, people would NOT notice that a 51% attack is ongoing.
An attacker would mine on the private chain WITHOUT revealing it, until he decides to do so.

Only at that point in time (when a new longest chain has been broadcasted and transactions of X blocks are mixed up (or just a few of these)) it is obvious that someone has been mining on a private chain with 51%+ of the hashrate.

Additionally there is no 'blacklist'. It doesn't matter WHO shares the block. The network doesn't know from who the block came.
As long it is a valid block, resulting in the longest chain, it is considered to be the (only) valid chain.

You might try it with


Then inside your script.sh you can access the TXID with $1


Note that walletnotify is called when you (1) receive a transaction, (2) send a transaction and (3) a received transaction got its first confirmation.
blocknotify is called each time a new block is received. In this case the block hash is being passed as the argument.

If you have 'just' entered your lastpass master password the extension should NOT be able to grab any passwords inside of it.
It should also NOT be able to upload files from your harddrive (e.g. lastpass database file).

Generally such 'mining malware' does not steal any passwords/sensitive information. They just 'steal' computational power.
This does NOT mean that a mining malware which also does steal sensitive information doesn't exist.. it is just not that common.




Remove the extension. I hope you already have done this.
To be on the safe side, you might check your system for malware.

And you should definitely be more cautios when installing browser add-ons (or any other software).

Thats definitely true. I never intended to claim they are entirely safe. 100% safety and security does not exist.
I just wanted to point out that using the 'best AV software' is not enough to keep funds safe, since OP seems to be wanting to secure his holdings.




This is definitely a thinkable (but also less-probable) way of compromising an 'air-gapped' wallet.
But the question is also whether you would consider such a system as truly air gapped. Replace the flash drives to transmit transactions with 2 webcams and you have one less attack vector.

I am not saying this would be a perfect solution. It may still be possible to compromise this system with a buffer overflow in the screen capturing software (using the TX QR's to transmit data).
The chance of getting compromised does always exist.. it just gets really really small. It is about how low the probability has to be until you can sleep good at night 

This depends.

A server of an online wallet provider can be hacked. A desktop wallet itself can not be hacked.

But what usually happens is that your computer gets compromised. And once an attacker has control over your computer, he can do whatever you can.
So if you are opening a wallet (desktop- or online-) on an infected PC and enter the password to unlock it, and you are able to sign transactions the attacker also is able to create transactions (most probably way faster than you can react).

If you are in possession of a hardware wallet on the other hand, it always requires you to physically confirm the transaction on the hardware device itself.
This eliminates most attack vectors (if you dou conscientious check the address you are sending to).


Generally, every wallet can be 'compromised'. Some relatively easily and some only with the exploitation of several (yet) unknown vulnerabilites in a strict order which practically is not efficient to perform.

Cold storage (hardware wallet, air-gapped wallet, paper wallet) is always way safer and more secure than hot wallets (destkop-, mobile-, online- wallets).

I'd say 3. is not an option 
Before accepting such a defeat, 1. and 2. should definitely be tried. I'd personally never delete such a wallet.. it may be crackable in 10 years due to better hardware and eventually a flaw in the wallet :>

OP, if you do have a 'list' of old passwords or if you do have a certain kind of 'pattern' which you frequently use, the recoveryservice might be very promising.
It seems this service is very successfull in restoring wallet passwords from user who don't remember the password, but provide a list of possible combination.


Do you remember how long your password was? Or at least how long it could be at the most?
This heavily determines how 'easy' it is to bruteforce such a password.

This is important.


You can have the best AV software and the 'best' habits using the web.. but (properly) self-coded malware will never be detected by AV software.
And even if your system is always up-to-date (what you should definitely be looking for!), new vulnerabilities are discovered on a daily basis.
Especially javascript/flash/pdf's are a pretty big security concern.

You can never be completely safe on an system which is connected to the internet. For a real secured storage for your coins, choose a hardware wallet or an air-gapped storing solution.

What do you want to achieve?

Do you want to (1) get your full node running or (2) access your bitcoins ?

To get your full node running (1) the best would be to redownload the blockchain since it seems to be corrupt.

If you only want to access your coins (2), copy your old wallet.dat into the data directory (usually located in C:\Users\YourUserName\Appdata\Roaming\Bitcoin (windows) or ~/.bitcoin/ (linux)).
Make sure to backup your wallet PRIOR trying to recover your coins.
Afterwards you will be able to dump the private keys and import them into a light-weight client (which does not require to download the whole blockchain; e.g. https://electrum.org/#home).

While it is bad storing all your money on your mobile, it is not safer to store them on a computer.
The biggest part of your holdings should always be held in cold storage. Whether on a paper wallet, air gapped PC or hardware wallet doesn't matter.

A hot wallet (regardless whether mobile or desktop) should always only hold small amounts which you can afford to lose.

Unfortunately AV software won't detect this kind of malware.
And it will always be easy to recreate another version which won't be detected.

The only real way to secure yourself is to (1) use common sense and don't download random files and (2) double checking.


OP, you can be glad it was just a clipping board malware. You could have been victim to a way more-dangerous kind of malware..

Coinbase is not advised as a 'wallet'.
A real 'wallet' does give (only) you full access of the private keys.
When storing coins on coinbase you don't actually have access to the private keys, therefore effectively not owning any bitcoin. You are trusting coinbase to hold your coins.

The best would be to visit https://bitcoin.org/en/choose-your-wallet and look through the wallets available there.

If you don't want to download and process the whole blockchain (~170 GB), a lightweight client (e.g. electrum: https://electrum.org/#home) would be the most suitable for you.
The most secure on the other hand would be a hardware wallet. The most used are made by ledger and trezor.


Electrum, ledgers and trezors hardware wallets do all support segwit. But electrum is currently the only ony of these three which provides native segwit (bech32) addresses.
Trezor/Ledger do support nested segwit (P2PKH nested in P2SH ). Both are segwit, but bech32 is slightly 'better'.

Thats the point. And the clear answer is no.
Bitcoin has proven to be secured against attacks. The more hashrate the whole network gains, the harder it will get for anyone trying to gather 50%+ of the networks hashrate.

Additionally it is hard to value whether an altcoin is 'cheap' compared to BTC. This would imply that BTC is expensive at the moment. And thats pretty much impossible to value accurately.
Considering bitcoins value (not the price), people have different perspectives regarding the price. While it may seem undervalued for the one, it is way too overpriced for the other.

Just because the market cap of an altcoin is 1/100 of BTC, this doesn't mean that it will have bigger gains.

^This.

---

@OP:
What kind of addresses did electrum produce the first time? Did they start with a 1.. (legacy) ?
You might try to open the console (View -> Show console -> Console tab) and enter this command:


It will return true if this address is part of the wallet.


If it does return false and you are sure your seed is correct, then most probably the derivation path is wrong.
You can choose the derivation path when restoring from a seed and clicking on 'options', choose BIP39, and edit the derivation path in the next window.

With 90.000 people and a capital of $2m thats roughly 22$ invested per person (on average). 4$ per month return doesn't sound that bad IMO.
Thats a ROI of 5,5 months. 18% monthly returns from your investment. Thats 216% yearly profit! Thats way better than any traditional investment.

Meltdown and spectre is no malware. Those are vulnerabilities which allow to exploit the modern CPU architecture.
This is not related to the exodus vulnerability.

The vulnerability from exodus was caused by a vulnerability in the Electron protocol handler. This vulnerability (CVE-2018-1000006) in the ElectronJS Framework could have been exploited to achieve a remote code execution.
This allowed an attacker to dump the private keys once exodus was opened.

It might be worthy to add that not everyone has (1) the technical knowledge nor (2) the budget to open an online store.

You at least need one of them.
If you have the technical knowledge you can suceed without a big budget. But this does require to have a lot of knowledge.
From simple Front-ending/UI to back-end and security mechanisms. Each has to be handled by one person.. which does take a lot of time to accomplish.

With a big budget, you don't kneed technical knowledge since you simply can hire experts to do the work.

But with medicore knowledge and a small budget the chances are almost zero to suceed in creating a proper online shop on your own.
Massive amounts of shops (especially those dealing with crypto) get attacked on a daily basis. Without proper risk management and security this might result in a disaster.

A wallet which does create the same address for each crypto currency is not possible.
(Almost) each cryptocurrency does have its own address format.

What you might be refering to is a wallet which holds private keys for multiple cryptos derived from one seed. This is possible. And it does exist. Exodus is such a wallet.
But note that quite a few people have connection issues when using exodus. It also just had a vulnerability discovered which allowed an attacker to dump the private keys out of the RAM once the wallet was opened. I am not sure about which versions are affected.

The ledger nano s does also support multiple cryptocurrencies. And in addition to that the private keys (and the seed generation) are secured by a secure element and a 2-FA through the buttons/screen.
Once they release their native application, you will be able to monitor all your holdings in a dashboard.