Also you can import Ledger seed in Electrum,to do that just use File - New/Restore - Standard Wallet - I already have a seed - ...
I would not suggest to do this! This will destroy the whole purpose of a hardware wallet (keeping the private keys in a save environment). Connecting the ledger with electrum (as a GUI) is the safer way. Importing the seed of a hardware wallet into a desktop wallet should be the last (very last) step after nothing else worked to access your BTC's. I'd rather first try out a different OS / PC before exposing the seed to theft. Once the seed has been typed/entered into another wallet it should be considered as compromised. |
|
|
|
I was aware that I would probably not be able to send or receive from non segwit addresses, but I decided to go for this option anyway, since I heard they are more efficient, so I preferred them over the "transitional" P2SH addresses.
My question is, will I be able to send/receive coins between my bech32 P2WPKH, and the P2SH addresses?
The thing is that segwit adoption is taking a lot of time, so I'm afraid that the "transitional" P2SH addresses get more "popular", and it will take a while for me to be able to really use my bech32 P2WPKH addresses.
Bech32-type addresses are more efficient, yes. But you don't have any problems with sending/receiving to/from any address. You can send/receive to/from any address you wish. Everything will work as before. The problem with the slow adoption is that some wallets/exchanges/service provider won't allow you to enter a BTC address starting with bc1.. simply because they have a check-function to make sure you enter a "valid" btc address. And as soon they check your address is neither starting with 1.. nor with 3.. they will give you an "wrong format" error. This is just a problem of the exchanges/wallets/... This has nothing to do with bitcoin/segwit itself. |
|
|
|
So bitcoin uses sha256, litecoin scrypt, dash x11.
Where is revision location(source code filename, approx line position) of this algorithm?
Simply google. Those algorithms (SHA, scrypt) weren't invented for those cryptocurrencies. They existed before. SHA: https://en.wikipedia.org/wiki/SHA-2scrypt: https://en.wikipedia.org/wiki/ScryptX11 is concatenated algorithm composed of BLAKE, BMW, Grøstl, JH, Keccak, Skein, Luffa, CubeHash, SHAvite, SIMD and Echo. How change to x11 algorithm? Some site says x11 is best algorithm.
Changing the algorithm would require a hard fork ( https://en.wikipedia.org/wiki/Fork_(blockchain)#Hard_fork). There is no "best" algorithm. Simply because there is no definition of a "best" algorithm. Additionally you should not believe what you read on "some site". |
|
|
|
Only chance is for using tools like android recovery.
Recuva is ok ? What are You think?
Recuva should be fine. But i would highly suggest you create a (forensic) image (better: two) of your phone before you try to recover stuff. I personally would simply use DD ( https://en.wikipedia.org/wiki/Dd_(Unix)) to create such an image. Afterwards you can try whatever software you want (on the image). The other image should be held as an backup, which you can later copy again to try another forensic tool (if you somehow messed up with your first image). |
|
|
|
Hello, my wallet (Ledger Nano S) changes the address after every transaction. I know that it is because of security reasons (worse to track, I guess) but I want to have fixed address.
Its not for "security reasons", its for privacy reasons. You can use your address as often as you want. Just don't use the new receiving address. But there is not a single advantage of using the same address over and over again. Not one. Can you tell me the right Bitcoin software wallet with fixed address or how to disable this on Ledger?
Generally every wallet will create a new receiving address. This is made to encourage the use of a new address for every transaction. But you can still use the old address. I would suggest electrum ( https://electrum.org/#home). Electrum can be used as a GUI for your nano s. Electrum creates 20 addresses at once. You can stay with only 1 used address without any problems. |
|
|
|
I know but when taking into account Bitcoin's main usage as deep web drug trade enabler...
That was a joke, am i right? Bitcoin is by far not the best crypto currency (still better than any other 'standard' blockchain currency) for illegal activites. Bitcoin addresses used on silk road 6 years ago can still be traced. There has been a study released where researcher found a coherence between those addresses used on silk road and transactions tied to their real identity. The only way to stay fully anonymous while purchasing any illegal stuff is to either 1) Use a coin tumbler ( https://chipmixer.com/) or 2) use monero But with 70%+ hashrate of monero being held by botnets.. that might be the more risky option. |
|
|
|
You probably won't find one-click-install arbitage bots. But those are coded relatively simple. You can use one of the 100 libarys available online. You can google to find those. One would be here: https://github.com/ccxt/ccxtBut make sure to read the code and check everything. I did not read/use this and i don't know whether it is safe to use! If you are technically non-skilled you can ask someone to code one for you. This should be doable for about 100-200$. |
|
|
|
Is there a specific reason to use core to access those private keys? If not, you can use pywallet [1]. According to your statement: Python is modern day version of 90ties Visual Basic.
you might not want to use python (because of whatever reason). But as i already awnsered in the other thread this statement is rubbish. This is probably the fastest way of accessing all of your private keys. Pywallet should work with all versions of wallet.dat. You might try that out. Afterwards you could simply import those private key into a newly generated wallet in core. [1] https://github.com/jackjack-jj/pywallet |
|
|
|
As a interpreted language instead of compiled, it is not good for anything serious. Python is modern day version of 90ties Visual Basic.
You do realize that: 1) Python scripts can be compiled and 2) Electrum is written in python Your statement is completely senseless. Unless, of course, you consider electrum as "not serious". Python is one of the (if not) the best scripting langauge to process/handle data and strings. It provides a lot of useful functions which you would have to write yourself in other languages (e.g. C/C++/Java). |
|
|
|
That sounds really bad. So much for security. What's the point of a hardware wallet if it is just as vulnerable as a software wallet?
A hardware wallet is much more secure than a software wallet (desktop wallet). The current attack can't be prevented. This problem is tied to the OS. The only thing which can be modified is what you see on your desktop. This can't be prevented without directly modifying the OS. Ledger already has a 'fix' published. The recieving address has to be confirmed on the nano s. Everything which appears on your nano s (confirming via pressing the button) is safe to use and you can be certain this address has been created by the nano s. |
|
|
|
I just recover my old HDD to find wallet.dat but many files are corrupted.
Also, I cannot recognize name and date of most of files.
~snip~
joel.from.minnesota pretty much gave you a good 'tutorial' on how to recover (or at least try to recover) those files. But i want to say one ahead: Do not access/use this hard drive until you have made an (forensic) image of it!Every access to your hard drive can damage those files you are looking for. Additionally, if you have larger amounts on your hard drive (which you really cant afford to lose), then you should consider using a writeblocker [1] (to be on the sure side). If you need help with the tutorial from joel feel free to PM here / awnser in this thread. [1] http://www.forensicswiki.org/wiki/Write_Blockers |
|
|
|
I would say that if you plan on working on wallet software, learn javascript..
No. Just no. Some reasons for javascript to suck hard: - JS supports "Number" as the only number format -> Supports only 64bit Doubles
The problem with large intergers with floating point variables is, that you won't be able to represent large number correctly.
99999999999999999 == 100000000000000000 evaluates to true in javascript.
Its kinda suicide to use javascript for handling large numbers (private-/public keys). - JavaScript heavily depends on global variables.
You not just can use them.. you have to use them. This makes it a pain in the ass to get a structure over a complex program (e.g. wallet) - There are a lot of traps you have to watch out in JS
For example: -1 < Number.MIN_VALUE returns true, because Number.MIN_VALUE returns the lowest positive number and the real lowest number is -Number.MAX_VALUE, - JS has a TON of vulnerabilities. You don't want to have security vulnerabilities in your wallet. To name the most common JS is so vulnerable to: XSS[1] and CSRF[2]
Those were a few reasons. There are way more. But this should give a small insight why you shouldn't use javascript to code a wallet. In fact, you shouldn't use javascript at all. [1] https://en.wikipedia.org/wiki/Cross-site_scripting[2] https://en.wikipedia.org/wiki/Cross-site_request_forgery |
|
|
|
If you do get any malware on your desktop, your private keys could get compromised, desktop wallets or not.
This statement itself is wrong. If you have malware on your desktop PC, only those private keys which are stored on this pc will get compromised (considering they aren't secured in any other way, e.g. encryption). a malware can be a lot of different things and do so many different things. Thats true, never challenged that fact. it usually is a form of key logger where you create a key randomly and securely but it steals it and broadcasts it to the hacker.
1) Malware usually is not a key logger. Key logger are quite underrepresented actually. 2) A Keylogger would not steal a securely/randomly generated key. A keylogger does that what the name says.. it logs every keystrokes and broadcasts them to the "hacker". So if you don't type that key (private key / seed) nothing will get transmitted. but it can also be changing the key you are making. for example you may install a wallet and after you generate the new wallet safely it simply replaces the wallet file with the one it creates. the malware doesn't even have to be online to do that. it can have the master pubkey hardcoded in it. so your wallet keeps giving you the addresses that the hacker controls  This actually is not that easy. These malware would have to interact with the program creating the seed/private key. This would require to hijack the process generating those keys. Thats just way too much work for such a simple effect. Its way easier to just realize a keylogger/clipboardvirus/exploit(which lets you steal those keys)/reading out memory when private key is being used/ etc... But in the end my statement is still true. Private keys which have been generated BEFORE the infection (and are no longer stored there) won't get compromised. Simply because there is nothing to get compromised. |
|
|
|
The "Bitcoin wallet" for android doesn't have a wallet.dat If you want to export your private keys you have to do the following: - Click 'Menu' -> 'Safety' -> 'Backup wallet'
- Move the backup file to your PC
Next steps require linux: - Decrypt your wallet with this command: openssl enc -d -aes-256-cbc -a -in /PATH/TO/YOUR/BACKUP-FILE -out decrypted-wallet
- Install Bitcoinj from https://github.com/bitcoinj/bitcoinj/archive/master.zip
- Dump your private keys with this command: ./wallet-tool dump --dump-privkeys --wallet=decrypted-wallet > wallet.txt
- Extract the seed with this command: grep "Seed as" wallet.txt > seed.txt
If you need a more detailed guide / some help, feel free to ask further questions. |
|
|
|
If you do get any malware on your desktop, your private keys could get compromised, desktop wallets or not.
This statement itself is wrong. If you have malware on your desktop PC, only those private keys which are stored on this pc will get compromised (considering they aren't secured in any other way, e.g. encryption). I don't find it particularly reasonable to say that a paper wallet is more secure as a desktop wallet when it isn't generated securely most of the time, regardless of how big of a risk it is.
It's not wrong to say that paper wallets are secure. But the thing is, most people generate it and spend it online which makes it much less secure that it seems.
Paper wallets are safer than desktop wallets by definition. Desktop wallet: Your private keys are on your PC the whole time. Paper wallets: Your private keys shouldn't ever be on an PC which is connected to the internet. Even if you create it on an online-pc, those private keys are still only stored there for a short amount of time. Infections AFTER creating a paper wallet would not compromise those private keys. Where infections after you created a desktop wallets will lead to compromised private keys. The statements that most people create their paper wallets online / on an online machine is not reasonable for me. People who are taking the step to find out how to create paper wallets and how to use them properly won't create them on an unsecured PC. Most of them are using a linux distro from which they boot to create the paper wallet without an internet connection. In cases where paper wallets are generated on an online pc its the users fault for getting compromised. Where with desktop wallets its (mostly) not the users fault since the only way you can assure your wallets doesnt get compromised is to not get infected with malware. And this can't be guaranteed to never happen. |
|
|
|
Hi. When Im sending BTC i have 2 confirmations on the devices display. 1st - receive address and the amount. And the 2nd Im concern of. There are different address and another amount.
As already mentionoed this is your change address. This was a small 'bug' in an older version of the ledger nano s. I would advise you to update your software. Current versions: Bitcoin Chrome: 1.10.1
Bitcoin app (on your nano s): 1.1.18
Firmware: 1.3.1
After reading about the attack i havent send anything.
The new "attack" is replacing your recieving address in the GUI of your application. Ledger already has a workaround ready where you have to confirm your recieving address ony our nano S. Note: The attack vector covers the GUI of your wallet. Not the wallet / the nano s itself. Everything you confirm on your nano s can be considered as verified and safe. |
|
|
|
If Coinomi creates a new Public address for each "receive", does that also imply another private key for each public address?
I thought keys are asymmetric pairs - i.e. public and private key are strongly tied to each other.
You are right. Private and public keys are 'tied to each other'. Basically what your wallet does is to do a mathematical process on your seed (combined with a counter) to generate a new private key. The public key will then be derived from the private key. If this is the case, then my concern is about losing or destroying this Android device with my wallet on it. Yes, I've got the recovery phrase backed up.
But on the new phone, when I restore the wallet - essentially what I'm doing is recreating key pairs deterministicly.
But let's say I received Litecoin at ten different addresses in my Coinomi wallet.
How does the key generator know that there were 10 addresses? Because I sure wouldn't remember that.
Wouldn't I need to regenerate the same pub/private keypair (10x) again in the restored wallet in order to recover LTC sent to the 10 addresses?
Basically what your wallet does here is the following: - Derive private-/public keypair from seed (with counter=0)
- If you recieved a payment to this 'address': Create another one with increased counter
- If a newly generated 'address' doesn't contain any balance: Stop with creating further addresses
Some wallets let you generate several recieving addresses in advance. In this case the wallet is seraching for the next X unused addresses (thats called the gap limit). |
|
|
|
It is clear that using just a single address for all your transactions increases the chances of being compromised.
Thats not true at all. It doesn't matter wheter you use just 1 address or 1 million. Thats completely irrelevant. This is not raising the chances of getting compromised. Besides, why put all your golden eggs in one basket.
This statement is completely irrational. "Putting all eggs into one basket" would be the equivalent to having all coins stored in one wallet (wallets derive private-/public keypairs from one seed). |
|
|
|
will my Ledger 24 word recovery work with electrum/myetherwallet?
Yes. But you don't have to import your seed into electrum/myetherwallet. And you should not do so! This would destroy the whole purpose of a hardware wallet. The reason for a hardware wallet is to not have the private keys leave a safe environment. You can connect your ledger with electrum/myetherwallet without exposing the private keys to those applications. You will basically just use electrum/myetherwallet as an interface to communicate with your nano s. Regarding your chrome application: Did you check if everything is up-to-date? Bitcoin Chrome app should be 1.10.1Bitcoin app (on your nano s) should be at least 1.1.18Firmware of your nano should be 1.3.1 |
|
|
|
|
Show Posts
