If the change address ends up being different then I guess it will be considered a double-spend.
Yes, thats correct. At least as a double-spend attempt. But if after "abandon" the change address is freed and will be reused for the next tx, when sending the same UTXOs to the same recepient wouldn't it effective be the same as an "increase" tx?
Yes. A RBF-transaction is basically a double-spend transaction which uses the same UTXO from previous tx (additional UTXO's are allowed) to the same recipient with a higher fee. |
|
|
|
do you think this would also be the case for RDH40's problem? did he ever say anything about pairing Ledger+Electrum?
his seed mnemonic might have been generated by electrum, which might also be a valid BIP39 Mnemonic phrase
so when he tried it on iancoleman's page it gives out the BIP39 version instead of Electrum version
Thats probably not the case. OP mentioned the address has been generated by his ledger. Regardless of whether you use the nano s with the chrome application or electrum, the device will still generate the seed/private keys itself. Electrum is just a UI to access the nano s. Therefore the seed/keys generated by the nano s are always BIP39, regardless of which software is used to access the wallet. |
|
|
|
Since the "dumpwallet" command is allowed over RPC and will print out all your private keys (which equals complete access to your coins regardless of the wallet password), ...
Using RPC's does NOT allow to directly dump all of the private keys if the wallet is encrypted. Authenticating RPC's does not equal the decryption of the wallet. If you want to dump the wallet via RPC, you need to unlock the wallet with the walletpassphrase first. HCP has mentioned this directly above your post. |
|
|
|
First ,get your concepts clear, POS is not mining.
For 51% attack, if you read the URL topic, you will understand that. For 51% attack in POS, I need to hold 51% of coin. Should I attack the coin in which I am the majority holder. Ok Give me an example in which a POS coin suffered or threatened by 51% attack.
No, PoS is not mining. PoS is an consensus algorithm. But there is a process called mining. You should read my post more carefully. Mining is achieved via staking (Makes sense, doesn't it ?). Mining does not mean to dig bitcoins out. Mining is the process of creating a new block and adding it to the blockchain (irrelevant whether PoS or PoW). Mining does (logically) work differently in PoS compared to PoW. POS:
One who has large stash of the coin will get big share, making rich more richer.
The same applies to PoW: One who has large stash of money will get a lot of asics (and therefore more hashrate), making rich more richer. If coin forks itself and start using new algorithm then all the ASIC will be worthless. Creating a hardfork is a senseless argument to bring. The same can be applied to PoS: 'If coin forks itself and start using PoW then..'. Rubbish. POS:
If coin holders want to keep somebody out of network they are able to do so by not distributing there coins outside their network.
Don't Mind, I am just saying if coin creator and his group of friend decided that they will keep all the supply and do transactions between them only , then no body else will get the coin.(Hypothetically possible). This does only work if the 'coin creator' and his group do not share any coin from the beginning (i.e. from the first block). This would be similar to a private chain/fork. A small stake outside of the group would enable people to generate more 'outside of this group'. How is this either a pro/con regarding PoS ? If it is a 'private chain': Who cares? Only the small group could care. Noone else would care about this coin. If its not a 'private chain': It is not possible to achieve it in this case. It is irrelevant. |
|
|
|
I just wanted to ask why there isn't a seed given/created when you import a wallet using private keys?
I imported my wallet with them and I did set a password but can't seem to find anything about a seed. Is that normal?
First, you have to understand how seeds work. A mnemonic seed is a 'big random number'. This number is then encoded into words (your 12/18/24 word mnemonic seed). All private keys inside a wallet created with this seed are derived from this 'big random number'. You only have imported a private key. There is no way to find out if there is a seed which would reproduce this address. So.. yes. It is normal. If yes,is there a way to get a seed so that I have another way of backup of my funds?
The only way to 'get a mnemonic seed' is to create a new (HD) wallet. Most wallets nowadays are BIP39-compatible HD wallets. So, to backup your coins with a mnemonic seed, choose a wallet software, create a new wallet, backup your seed and send your funds over to that wallet. |
|
|
|
I counted bitcoin address length, it is 34.
You maybe counted correct. Is this all the same always?
No, the length from 'legacy' addresses (starting with 1.. or 3..) varys from 27 to 34 characters. The length of new bech32 format addresses (starting with bc1..) is at ~ 42 chars. And how about other coin's case?
This depends on the coin. Usually they are different. Depends on what is defined within the protocol.. If same coin, address's length is always same?
See above. |
|
|
|
This still does not work. Do you have another suggestion?
The easiest would be to export your seed and import it into another wallet (e.g. electrum). To export your seed in mycelium: Click the 3 dots at the top right corner -> 'Backup'. Then import it into electrum using the 'I already have a seed'-option. Enter your seed and use the correct derivation path (see my previous post). |
|
|
|
Considering the birthay paradox, there is a 50% chance to find the correct private key after 1/2 of this space.
Surely it is just common sense that searching half the space obviously has a 50% chance of finding the right key  Unfortunately not as common sense as it should be  But you are right. The expression itself is a bit odd. I just wanted to say that you don't actually have to seach the whole space (because thats what most people believe when they hear they are that much combination). On average, it is enough to seach 50% of the space. The maths of the birthday attack suggests that by randomly generating keys (as opposed to sequentially searching the space), the smallest number of keys we'd need to test to have a 50% chance of finding the right one would be:  Which for your calculated search space is only something like: ~3,458,770 guesses... which isn't a great deal to be honest. It is not about a 50% chance to find one correct key, but to find '2 same keys'. ~3,458,770 would be the amount of guesses it would take to have a 50% chance for having generated the same key twice. I'm pretty sure that the Birthday Attack is the reason why VanityGen generates keys randomly rather than sequentially
Actually this should be a reason for vanitygen to not use randomly. My guess would be that it is just way faster to randomly generate them than to create them sequentially + memory storage and I/O. And since vanitygen is used to create addresses with a relatively small prefix (compared to the overall length), it probably doesn't make a huge difference. |
|
|
|
Do you have a BTC transaction stuck due to low fees (  ) or your transfer simply isn't confirming after a long time? Msg me your TX ID and I will gladly accelerate it. I usually can. PM or reply to this thread and I will do my best to help. I know how frustrating this can be, therefore I do this for free to give something back. However, you can send me a donation to say thank you if you like, my wallet address is in my signature. Have a good day! 1) Wrong sub. This does NOT belong into technical support. 2) Mostly just 'scam'. Won't work. The only working accelerator currently is from viaBTC ( https://pool.viabtc.com/tools/txaccelerator/). Anything else does not work. Additionally fees are low at the moment. Less than 5 sat/B are enough to get a transaction confirmed within the next few blocks. |
|
|
|
After reading, I see that I need the 24 words to be able to update it?
If the update works without an issue, no. It may only be necessary to reset your device if the update fails (e.g. got stuck). Edit: And if you are updating to 1.3, like Lucius already mentioned. The reason is that I am not sure yet where are the 24 words :/
Are you still able to access your wallet? What kind of an error message did you get? Or is it stuck in a loop? If you still can access your coins, i would suggest you do send them to another (temporary) wallet until you have initialised your nano s again. Or if you don't want to do that, you could try to restore some 24-word-seeds you can find around your place in an offline environment to check whether they match your nano s seed/addresses. |
|
|
|
That's why I'm implying that they are somewhat similar in terms of this. If Ledger shows you the wrong information, I would say that they wouldn't let you withdraw anything.
The thing is: Ledger doesn't have the control over your funds. Only the person with access to the mnemonic seed (which should only be the owner of the nano s) can sign transactions (at any time with any software). If ledger does show wrong information (either because they turn evil or because of network issues) you can always import your mnemonic seed into another wallet and access your funds there. I fully agree that Ledger/hardware wallets are better than Coinbase/Online wallets by far, as a whole. I am only focusing on the discussion on the safety of only when receiving a transactions. Assuming Ledger's web app and Coinbase, both are equally susceptible to server-side validation attack for which the host could modify information that is being displayed inside of the client. While I do agree that having a second source of information is useful, most people blindly trusts what the client says as correct.
The 'second source of information' is not only useful, but completely negates any kind of such an attack. This is only the case with a hardware wallet. Not with coinbase 'wallet'. Just because most people do not know how to stay safe, this doesn't mean that you can't stay safe. Ledgers hardware wallet does give you the possibility to receive, validate and sign transactions completely independent from any company/service/etc.. Coinbase does not. They receive your coins and show you some numbers they have stored in their database. You are completely relying on them. Those two approaches to 'only receive transactions' are in no way comparable in terms of safety, security and reliability. |
|
|
|
Unfortunately in my case I have no idea of the positions of the lost characters, but I keep trying, because it has been very useful for me to learn new skills and resources.
In which case, I think the search space is something like (58chars*47positions)*(58chars*47pos)*(58chars*47pos)*(58chars*47pos)... (58*47) 4 = 5.5220891*10 13 possible combinations  ---snip---I think your calculation is a bit off. Also we can save computation power by narrowing down search space, the first 2 chars always start with '5H', '5J', '5K', 51-2 = 49 positions and 49-4 = 45 characters known if exact position of 4 lost characters are known = 58^4 = 11,316,496 iterations if exact position is unknown = 58^4 * 4-combination = (58^4) * ( 49! / 4! (49-4)! ) = (58^4) * (46*47*2*49) = (58^4) * 211876 = 2,397,693,906,496 iterations = 2.39 * 10 12do I get this right? I am pretty sure you made a small mistake there. You do ignore the order of the 4 missing words with your statement: ( 49! / 4! (49-4)! )You do iterate through each position with your words, but you have to iterate within the words too. This should be the correct calculation: There are 58 choose 4 possible combinations to pick the 4 correct chars from the charspace (without considering the order). Now consider the first two characters as already known. Only looking at the private key without the first two chars here: To put the first unknown char into the correct place, you can choose between 1) before of each already existing char (45 possibilities) and 2) behind the last one (45+1). For the second one you choose either before each char in your privkey (46 possibilities) or behind the last one (46+1)... Overall there are 46 * 47 * 48 * 49 possible combinations to place the 4 chars into a private key with 45 known characters (ignoring the first two) into the right order. This assumes the already known characters are in a correct order already. The total search space (for the private key without the first 2 chars) therefore is 46 * 47 * 48 * 49 * (58 choose 4) = 2.1574231*10 12. Multiplied with 4 (combinations the priv key can start with) = total amount of combinations = 8.6296925 * 1012Considering the birthay paradox, there is a 50% chance to find the correct private key after 1/2 of this space. Feel free to correct me if i have made a mistake! |
|
|
|
Just to confirm: Did your ledger show a second transaction or a second output (should have been named 'Output #2' on the ledger i believe) ? (1) If you were shown two outputs in one transaction, then you are using an outdated version. Your coins would be safe in this case, but i would highly suggest updating the firmware of your nano s. A guide can be found on the official ledger site. (2) One plausible explanation in case of two transactions (without initiating the second one on your pc) might be malware. If an attacker has full access to your system he definetely could do that. The screen/2FA of the nano s is the last line of defence in this case. You might have opened the door there I am assuming it is case (1) ? I have never heard of an attack regarding hardware wallets similar to (2). But this does not exclude the possibility. |
|
|
|
I've able to open or do this the first time but after several attempts on the other day, it always failed to load up ... but all the ledger wallet are not opening now this is very strange.
Please be more specific. What is not opening correctly? Could you please provide more information ? Which step from HCP's guide didn't work for you? Are you talking about the ledger chrome applications? Or are you talking about the applications on the nano s ? What cable are you using? You need to use a cable which does have the pins for data transfer (e.g. original ledger cable). Some cables from mobile chargers do NOT have these data pins. Without a proper description of your problem (where exactly it stops working; what application exactly does not open), we can just guess and repeat anything we already have written. |
|
|
|
POW: For Network big like Bitcoin, 51 % attack cost is too high but for some new coin where network is not so big (or do not have many miners) 51% attack can be successfully executed. It make coin fully decentralized and anybody is free to mine. An 51% attack is completely independent from the consensus algorithm (PoS/PoW). Decentralization also does not depend on PoS vs. PoW. Depending on the implementation of the PoS algorithm, mostly anyone can mine. POS: It is cheap method and no specialized hardware is required.
It is not cheap, since you have to lock away a big amount of money. It is like receiving interest. POS:
One who has large stash of the coin will get big share, making rich more richer.
The same applies to PoW: One who has large stash of money will get a lot of asics (and therefore more hashrate), making rich more richer. POS:
If coin holders want to keep somebody out of network they are able to do so by not distributing there coins outside their network.
  |
|
|
|
If someone get your private key, sure you will lose everything, but this will prevent some attacks like:
- steal everything from JSON RPC api for web services
- if someone have access to your phone or desktop client, he cant send everything
This doesn't make sense. If your mobile/desktop client doesn't contain the private key, it is not a fully functional wallet. Where is the private key stored in your 'concept' ? But the main question remain, how it is possible programmatically to add this feature.
The 'algorithm' itself is trivial. See HeRetiK's pseudo code for an almost-finished implementation. For json rpc server this will limit the impact of the attack of course, since from json rpc you cant get private key of addresses etc.
How is this related to your 'maximum send limit idea' ? |
|
|
|
To be fair, Coinbase and Ledger utilise server side validation which requires them to be trustworthy.
That's not completely true. Ledger application does use their server to show information about incoming/outgoing transactions and balance. But you always can verify yourself whether a specific transaction has arrived (i.e. block explorer). This does not apply on coinbase. You are given deposit addresses and receive a 'balance' in their database. Since you don't own the corresponding private keys, you don't own the bitcoins. You can't validate anything. You just rely on their database being intact to credit you the correct amount of BTC when you want to withdraw them. With ledger, (only) you have the control over the private keys. Therefore you can always validate transactions/balance without needing to trust someone. This means that they can modify the things that they can show you since they have full control over it.
This means that ledger could show you wrong information inside their application. This also means that coinbase could show you whatever they want and still don't let you withdraw anything. Wallets do not delete addresses without you doing it.
Wallets do not delete addresses because they don't exist on a technical level. The only thing you eventually could delete is a private key. But since the majority of wallets nowadays are HD wallets (which do not rely on storing private keys; they are being derived) thats mostly not an issue anymore. |
|
|
|
Can you provide an PHP example? it seems like you want me to link to a file.php (which then takes args as a input), but i'm using controllers without extensions and would like to simply pass it to that :-)
Your config or startup command: walletnotify = /home/path/to/your/script.php %s
does pass the transaction hash to your PHP script. In your php script: $TransactionHash = $argv[1]
Afterwards you can do whatever you want with the TX ID. Curl example: $curl = curl_init();
curl_setopt ($curl, CURLOPT_URL, "https://www.YourURL.com");
curl_exec ($curl);
curl_close ($curl);
More examples using curl: http://www.hackingwithphp.com/15/10/2/your-first-curl-scriptsi would really like if i could just do it in one line...
What exactly are you trying to do? Not everything can be implemented as a one-liner Curl itself (executed inside a php script) does need 4 lines. |
|
|
|
but it seems like i have to use a bash script.
You should have read my post more carefully  You don't have to use a bash script. Python/PHP would work too, or any other scripting language.
|
|
|
|
What would be the sense of such a feature? What problem does it solve?
It's mentioned in the original post: This will prevent stealing big amount of BTC in a major exchanger and even from owners.
I somehow completely ignored that But this doesn't make sense. 1) Exchanges can create a withdraw limit on appliaction level (e.g. application which checks the current withdrawn balance from their wallet -> allow/refuse) 2) It also doesn't prevent coins from being stolen from a laysman. If Alice has 10 BTC's 'sitting on address' X. And Bob has been able to get Alice's corresponding private key. Bob withdraws the maxium amount possible (e.g. 1 BTC / 24 hours). -> 9 BTC remaining. Now Alice has to wait 24 hours until she can 'save' 1BTC. But Bob is a smart boy and has created a script which will automatically create another transaction after these 23:59:59 hours have passed. This will require Alice to also code a script which (hopefully) will create the TX (with an extraordinary high fee) before bob's script does create his transaction. Thats basically a race condition. Additionally: I wouldn't store my BTC on an address where only (X btc/ Y hours) can be withdrawn from. I'd rather create multiple addresses which all holding a maximum of X BTC. And i guess the majority of users with X+ BTC would handle it this way too. This creates more problem than it is going to solve. How to pay for a house? Wait 20 days, paying 1 BTC each day? How shall an exchange utilize a cold wallet? With 10.000+ addresses rotating every Y hours? IMO, this is a bad approach. The owner should have full control over his funds. And the security should be handled by the user only (which requires the network to be fully secured itself, of course). |
|
|
|
|
Show Posts
