That.

What's the benefit of pegging your Lightning balance to USD? And how exactly is this supposed to work? Like, creating 1 L-USD for each 3,000 Lightning sats? Doesn't make any sense. Bitcoin is free money; a currency on its own. And so is USD. Whoever wants to switch, utilize trading.

Reminds me of something. What can have possibly happened to that old soul, nullius, I wonder.

The thing I like about bitcointalk is that it only has constructive criticism, from what I've seen two years now. If you don't understand all this bitcoin terminology, just make an account here, that's what I did; I nearly knew a thing before. Now I know that I know nothing. 

There are lots of helpful folks. Stackexchange is also useful, but that's a little much for techie stuff only.

Yes, but I guess what @oryhp says is that if you communicate without a secure connection you can't be sure there isn't someone spying on you without you knowing it. Sure, he can take the money, but what's more valuable? Depends on your threat model. 

You only need to derive millions of addresses from one master public key, and save those with a balance.

This wasn't my point. My point was that if an entity perpetually brainwashes everyone and tries to create a bad picture of bitcoin for their own benefit, you shouldn't bow your head and admit you're doing things wrong. For example, if few politicians state that bitcoin wastes too much energy and advise against its usage, don't try to change the code; the problem isn't into the code. We've spent hours on this debate, and we've debunked it.

Same goes for KYC. There's no study that reveals less criminal activity due to this undoubtedly extravagant requirements of personal info. Pretty much the opposite, it's extremely dangerous; it encourages identity theft, scams and helps scammers stay undetected. The reason the governments want it, and exchanges often intentionally add it, is control. It makes mass surveillance work more easily and effectively, it's moneymaking from the CEX's perspective, it's advantageous for chain analysis which brings even more money etc., all these entities cooperate for control.

So, when a CEX imposes KYC or some other arbitrary rule, such as "tainted coins", don't try to figure out a technical solution, such as improving privacy on a protocol level with cryptography. Just don't use the exchange.

If Alice and Bob communicate through a secure transfer protocol, such as with SSL certificates, then MITM attack becomes more difficult to execute. And they should, with or without silent payments. Otherwise, their internet provider and the server they use to communicate can de-anonymize them.

So why they don't just generate a brand new address in each refresh, for each visitor?

Yes, because it doesn't take space in the UTXO set. OP_RETURN outputs are simply ignored.

I ordered it from gobrrr.

Yep, but I thought the default would be a better option. Proved wrong. 

Which thing isn't random nor secure exactly? Pi's RNG? urandom?

But, I don't blame them for my possibly less unpredictable entropy. Of course and it's my responsibility to ensure the dice is fair. But, you don't get to force me go with your way, just because you think it's right. This attitude is translated to a little disrespect, one might say, towards actual cryptographers who've studied more than you've done, and have concluded to using a CSPRNG.

Let me choose a "Use Pi's RNG" option, and if you don't recommend it, show a warning.

Why do I have a feeling that this is the wrong path? I agree with all you've said, and bitcoin can, indeed, become more private overtime, but answering with "let's just write a better code" implies that what's causing this taint propaganda is the code.

I sort of agree with this:

Bitcoin solves no political problems, but only practical and technical. And we're seeing this everyday. I can move millions of dollars for a nickle (practical) or move money across the world anonymously (technical). But, there's no such mechanism that can give a solution to the abrupt rise of KYC. No, decentralized exchanges don't. They mitigate trust, same as with bitcoin, because things work more properly that way; because trust costs. But, both solutions are apolitical.

See monero. It's, supposedly, more private than bitcoin. What has happened? Most CEX's have blacklisted it, less and less merchants dare to accept it, people beyond the crypto space are constantly brainwashed etc. Is the problem in the code?

It's necessary. Without the camera you can't scan the PSBT from your computer's monitor.

Which wallet do you use? In Electrum, enter OP_RETURN and, right after, your hexadecimally represented message. For example, this message:


Check the transaction, made in testnet, on a block explorer: d1cc92eb8af8e21f11177886a95ccda37c5236eafa170a446c031da6f8834a1d

• blockchair.com
• mempool.space

Prologue
So, a month ago, I was trying to find out which hardware wallet should I buy. My conditions were simple; it had to be open-source and I had to make the purchase in the most private way possible. My only option was to buy BitBox 1, but it happens to be old, deprecated and their developers aren't known for being privacy seekers, which really underwhelmed me.

My only choice was to purchase a hardware wallet outside my country using a poste restante, which I didn't want to do for personal reasons. But, then dkbit98 suggested something I hadn't thought of; do the job with a Pi.

And so I did. I bought a RPi Zero, a camera, a little screen and a few other stuff, and built a SeedSigner; an air-gapped hardware wallet signing device, which takes security into the next level.  

Disclaimer: There's no affiliation with SeedSigner and this thread isn't sponsored. I just bought it and share my thoughts.

---

---

In summary:

Pros:

• Open source, github page: https://github.com/SeedSigner/seedsigner
• Air-gapped
• Relatively cheap ($50~$100)
• Separation between private key storage and signing
• Can be bought anonymously (without KYC, AOPP etc.)

Cons:

• Little hard setup
• Experimental software; the project is, well from what I can judge, in an early stage
• Works only with BlueWallet, Nunchuk, Sparrow, Specter Desktop
• It's forcing you to generate the entropy yourself

---

---

Alright, let's begin.

SeedSigner aims to give a solution to one problem; the cost and complexity of multi-sig usage. However, at the same time, it can be used for single-sig setups, lowering the cost of your "hot" storage as well. There's nothing saved inside the SD card, besides your settings which is optional, therefore there's less danger for funds' loss. When you shut down SeedSigner, it erases the seeds; they're meant to be kept temporarily in memory and you have to import the seed on each startup. And that's basically one of the features that makes SeedSigner differentiate.

This has the following advantage: You can have the device on plain sight (don't, but you get the idea). As far as I understand, this is implemented to reduce the risk of money loss. For cold storage, create the QR code and find a good hiding spot. For daily transactions, you can just insert it into your drawer etc., without minding much.


For quick imports, use QR scanning:

---

Unfortunately, you can't create a new seed with an internal RNG. SeedSigner somewhat forces you to generate the entropy yourself. Either with a picture or dice rolls.


I get the spirit of "trust none!", but that's just wrong. It should allow you to generate random entropy, even with a warning. Furthermore, it gives a false sense of security. If you don't test the dice is decently fair, then you shouldn't generate a wallet. Period. Quoting a forum legendary is needed here:

Hashing a picture can also be problematic, see thread: Turn photos into Bitcoin wallets. So, here's a feedback: Include /dev/urandom. Simple. Do it for those who want to avoid this fuss.

This is how they justify it:

One thing I also don't understand is how the rolls are 50/99 exactly. Doesn't each give 1.66 bits of entropy on average?  

---

These are the features:

One thing I've forgotten to say is that, besides open-source, the code is also easy to read. It's 100% written in Python, and there aren't many files to check. It doesn't take more than an hour. The src/seedsigner/models is what's all about.

---

How to use it

These are the steps to spend money:

• Create a seed.
• Export the master public key with a QR code.
• Import the master public key to a wallet software. (From the available, I prefer Sparrow*)
• Create a transaction.
• Export the PSBT in QR code from your computer's screen.
• Scan the QR code from SeedSigner.
• Sign the transaction from Seed Signer.
• Export the signed transaction in QR code.
• Scan the QR code from your computer.
• Broadcast the signed transaction

Ta-da! Transaction signed in the air!  

*Sparrow is a wallet I'd never used, as I put Electrum above others, but I'll have to admit it's good. Perhaps even better than Electrum. The reason you can't use Electrum (at least not easily) is because it doesn't support animated QR codes, which is the way SeedSigner exports xpub keys and signs transactions. That's because the screen isn't big enough.

---

---

This sounds like a good idea, although I have a doubt, but it's not the core of the problem. The thing is, this proposal, disappointingly, reveals that this forum lacks on implementing these few rules it has. If a person plagiarizes, posts death threats, creates literally zero quality content and irritates the rest in a dozen other ways, we shouldn't just ignore him because there's a "Shitposter" below his username.

He has to to get banned.

You shouldn't expect that an Antivirus will keep you safe from every malware out there. The safest option is probably to have an air-gapped machine that is only used to sign transactions, and that's the thing I'd do if I were you. Do you have any computers or laptops left over? Make them air-gapped. If you can't or don't want to, then the second best option is to buy a hardware wallet, although you might have to submit some personal data.

Ultimately, I think a good quote from Electrum's downloads page is needed here;

What's up with BADecker and why is he here anyway? 96.2% of his posts belong to P&S and Off-Topic. I don't blame him for not talking about bitcoin often; it's obvious that he doesn't know what is he talking about. Also, does anybody know why he ends each post with a "Cool" smiley?

Probably because there's no moderation in neither of the sub-forums he frequents.

Samourai doesn't have a good reputation when it comes to privacy. I wouldn't choose it; if you want to give it a try, do it with a Dojo installed. Otherwise, you'll have to hand out your master public key, which nullifies your mixing. Definitely don't go with Wasabi, as they're now censoring certain UTXOs.

To avoid installing wallet software etc., just use a mixer.

As long as you avoid centralized exchanges, which treat bitcoin as non-fungible and demand blackmail you to give them your personal info to proceed, it's extremely unlikely you will ever get yourself into trouble. No peer looks for your bitcoin's history.

If you don't feel confident with having your peer's history, mix them. And I recommend you to do this more regularly, such as for the money you'll send to your peer; to make yourself untraceable. Mix, for the sake of your privacy.

Here's a list of reputable mixers: 2022 List Bitcoin Mixers Bitcoin Tumblers Websites.

And with single-sig, such dispute can't happen, because Alice doesn't have custody (or part of it) to cheat. He's handed out to the escrow agent.

It mitigates trust, but it doesn't eliminates it, or at least, it doesn't discourage enough. The agent can still blackmail or collude with one of the other parties, as you said, to steal the money and split it half etc. And that's just for Alice's money. Charlie can't divide the possession of his product in a multi-sig.

I find it a little contradictory. Don't you use an escrow because you trust the agent?

If it's an escrow, then you get custody of the money. That's the point of escrow. Alice doesn't trust Charlie, but she trusts Bob, and so does Charlie. Alice gives Bob the money, Charlie gives the product to Bob. Bob confirms the trade and does the switch.

This is how it works in theory. Multi-sig makes no sense unless Alice and Charlie use security deposit, which overrides the purpose of the middleman.

Let's see.

• "Solana is a fast, secure and censorship resistant blockchain", reminds me of something. 
• It isn't innovative. It uses another alibi, which is this meaningless Proof-of-History that is been discussed pages now, to bring more users to the crypto-space. In fact, PoH is their main aspect.
• It has 400 millisecond block times and claims to be able to process up to 710,000 transactions per second. We've seen this in the past; it's neither innovative nor sustainable for decentralization.
• It hypes up NFTs, which also reminds me of someone else' work.
• There has been a network outage which I find justified, since they'd spent most of their time designing the website and improving their social media accounts' growth.
• Solana doesn't have a hard cap. Instead, its supply increases based on this staking yield nonsense.
• There's a "Solana Foundation".

It's the definition of shitcoin.

Again, your machine is likely infected. If you don't format or move to another machine, any coins you deposit are going to be stolen sooner or later. Do format it. Not only for your coins' safety; this can likely gain access to your personal info and even blackmail you.

You don't need to have Kleopatra opened to run Electrum.

---

Verifying signature is such a hustle, especially if you don't know why you're doing it. The tutorial requires some modification, I've said this before.