Say I have no skills that can translate into online world , other then faucets , what are some other ways (can't find any signature for newbies , I rather not do that until I am high up in ranks) ?
Sell stuff. If you have some junk lying around your house, try selling it and you can get some Bitcoin that way. One man's junk is another man's treasure. You could also make things and try selling those.
|
|
|
The fiat is stored in their bank account. Usually their bank will take care of any fraud and such. The money is also usually insured. Since fiat is controlled by a central authority, then can easily reverse fraudulent transactions. Your fiat will be fine. On the other hand, with Bitcoin, you should only keep on the exchange as much as you are willing to lose.
|
|
|
A multisig address would ideally require multiple signatures from keys that are not stored in your wallet. That is the whole point of multisig. So, you would ideally have one key on the server wallet, one key locally on your desktop, and one key on a piece of paper locked up somewhere. Thus, if your server is hacked, no one can steal the Bitcoin from the multisig address. However, in order to spend, you must manually process the transaction.
Yes you are right knightdk . Then How can I implement multisig address for my every users? (As I mentioned in question "I want to develop BTC wallet website where my user can create BTC address and can send and receive BTC.....") Many website provide multisig address to their user and how they manage that manual process ? They don't. AFAIK, typically it's one private key that is the user's that is encrypted. Then another private key is the service's private key. The last key is given to the user at account creation and that key is to be kept offline. When sending, it's done automatically. The user's browser decrypts the encrypted keys and signs. Then it passes the half-signed transaction to the server which signs it as well. Then it is broadcast to the network. Usually they use BIP32 to generate the keys so that only three root keys are needed. Bitcoin Core doesn't do this yet, but Electrum does. More important if they create multisig address using `addmultisigaddress` command then that address is attached one particular account which is saved in wallet.dat file. and it is possible to send BTC from that account by `sendfrom` command. there is no need to sign transaction using that keys. So where is multi signature security / functionality? Here I can send BTC from any account, doesn't matter that address is multisig or normal addresss.
I think I have to create multisig address using `addmultisigaddress` command. Please correct me if i am wrong because i don't find any security of multisig address if it is multisig address created by `addmultisigaddress` command.
Unless all three private keys necessary to spend from the multisig address are in the wallet, then it should not be possible to send from that address. If Bitcoin Core is somehow doing that, then the transaction will be invalid.
|
|
|
IIRC HaoBTC offers interest.
|
|
|
If for some reason -upgradewallet doesn't work, the source for the older versions is available. Likewise, pywallet is an option to extract the keys if needed. E.g. these are links to the pages where various versions are available: https://github.com/bitcoin/bitcoin/tags?after=v0.3.23https://github.com/bitcoin/bitcoin/tags?after=v0.5.0rc3so you could download, compile, then send to a new address. Or go version 0.3.x to 0.4.x (which, iirc is where the format changed). Whatever you do at this point, make a few backup copies of your wallet.dat just to be safe. I tried the upgradewallet command and got this result: Method not found (code -32601) "upgradewallet" is no longer listed in the available commands when I type "help". It is not an rpc command but rather a startup option. See http://www.achow101.com/2016/07/Bitcoin-Core-Troubleshooting#option-startup for help on how to start Bitcoin Core with startup options. Use the -upgradewallet option instead of whatever example I wrote in that link.
|
|
|
Please provide the entire debug.log. The section that you showed is not enough and only contains the standard messages for when a block is downloaded. Do not post screenshots of the log file, please post the entire thing. If it does not fit in a post, past it in http://pastebin.com/ and post the link to the paste here.
|
|
|
Of course it is possible. If you change the protocol to include a message that allows you to send arbitrary data to someone and encrypt that with their public key, it is possible to do so. In fact, I think BitMessage already does that.
|
|
|
createmultisig does not add the address to your wallet, so it will not track that address. addmultisig adds the address to the wallet so it does track the address. Thus you will get notifications for addresses added using addmultisig but not createmultisig. addmultisigaddress command will save redeemScript and attache it to that address. this is work for me and I can get notification.
So here i also want to know how secure is my multisig address if i create it using `addmultisigaddress` command? Suppose my server hacked, Attacker easily get redeemscript(using validateaddress command) and also can get sign address associate with it and privet key of that addresses. My BTC can be easly Theft.
A multisig address would ideally require multiple signatures from keys that are not stored in your wallet. That is the whole point of multisig. So, you would ideally have one key on the server wallet, one key locally on your desktop, and one key on a piece of paper locked up somewhere. Thus, if your server is hacked, no one can steal the Bitcoin from the multisig address. However, in order to spend, you must manually process the transaction.
|
|
|
You don't necessarily need to generate Bitcoin addresses to get your point across. Just show them the math and the probabilities. The number of possible addresses is 2^160.
If you actually do want to write a program to do this, then you could use python, but it probably won't be very well optimized. Just use python with openssl and have openssl generate the keys. Then do the base58check encoding on the public key in order to get the Bitcoin address. Lastly, you can use it with cURL to send api requests to whatever REST API you want to use.
|
|
|
Truthfully I going to redo everything from scratch because I get all types of errors (now, I'm getting the "No source" error again). I feel like it's not really "secure" anymore... Before I get into the whole process again, is there a specific wallet that you would recommend?
I do recommend Bitcoin Core, but seeing as you are having some issues with it, I recommend that you use Electrum. The only downside of Electrum is that it is a SPV wallet which means you have to trust a third party to provide you the right data. Of course, this also means you don't have to download and sync the entire blockchain.
|
|
|
No it is not possible.
You can sign a message with multiple private keys and thus have multiple signatures, as with a multisig address. However, that would not map to a multisig address but rather three signatures with each one mapping to the three public keys used in the multisig address.
Ok. But, then how come the signing takes place for an outgoing Tx from a multisig address? Because it isn't the address that signs the transaction, but rather the public keys of the address that sign the transaction. The reason the address can be identified is because the redeemScript of the multisig address is included in the input. The redeemScript is what makes the address, and it includes some more stuff other than the public keys.
|
|
|
No it is not possible.
You can sign a message with multiple private keys and thus have multiple signatures, as with a multisig address. However, that would not map to a multisig address but rather three signatures with each one mapping to the three public keys used in the multisig address.
|
|
|
Since it is a GET request, you don't need this line which is for post: curl_setopt($curl, CURLOPT_POST, true);
Furthermore, you are authenticating incorrectly. The authentication stuff should be in the headers, not in the body of the request. Instead of $curl_post_data = array( "X-Username" => 'EMAIL ADDRESS', "X-Api-Key" => 'API KEY', ); curl_setopt($curl, CURLOPT_POSTFIELDS, $curl_post_data); you should have something like: curl_setopt($ch, CURLOPT_HTTPHEADER, array( "X-Username" => 'EMAIL ADDRESS', "X-Api-Key" => 'API KEY', )); Note, I don't have experience with Tierion's data api. I just read the documentation you linked to, I highly suggest that you give that a read and fully understand how the API works, and how HTTP Requests work.
|
|
|
Email and captcha to register ? Do you not want users?
Thanks for all answers, yes without no deposit ![Smiley](https://bitcointalk.org/Smileys/default/smiley.gif) . i'm just wondering, how can you get profit if we can playing without any deposit? Also, what's gamblinb? was it typo? Email and captcha to register ? Do you not want users?
It is currently still working on a Cookie Session. Thanks for all answers, yes without no deposit ![Smiley](https://bitcointalk.org/Smileys/default/smiley.gif) . i'm just wondering, how can you get profit if we can playing without any deposit? Also, what's gamblinb? was it typo? The page is not designed for Profit, but rather a pastime, and in addition gambling. This is off topic for this thread. Please move your discussion about OP's service to a new thread for the OP's service in the service or service discussion section.
|
|
|
You have to be a jr. member or above in order for your pictures to appear.
|
|
|
It is possible that bitfinex did have a new cold storage key for every user, but I find this to be very unlikely as it would be hard to maintain for cold storage.
Rather it is likely that they had one cold storage master key and each users cold storage keys were generated from that. They probably had a derivation path of m/0/i where i would be a unique id for each user. Then the internal and external keys would be derived as normal from that prefix path.
|
|
|
Thanks for your detail answer。 1, My steps to complete the handshake as follow, but hash the hex maybe wrong. Is the checksum hash256 the payload twice?
You have to sha256 hash the sha256 hash (so two hashes) of the payload. This is all done as binary data, not as a hex string. step me node 1 version --> 2 <-- version 3 <-- verack 4 verack --> if the node send ping, I reply pong, the payload is the same as ping.
but some nodes don't care your reply, they only send "version", "verack", "ping", "addr" message orderly. I am sure when i connect these node, i follow the steps to complete the handshake.
Interesting. Can you provide the user agent strings of those boxes? If you don't send a version message, then verack should not be sent. If you haven't sent a verack, ping and addr should not be sent. 2, In the version message, there are three sections of services, “services", "addr_recv services", and "addr_trans services". which is the services you refer to?
Thanks a lot.
"services". It refers to the services that the sending node is advertising, which is what you want to know.
|
|
|
From what site? What service?
|
|
|
Thanks a lot. yesterday, i tested many nodes, i found some nodes send "version", then "verack", then "ping", last "addr" message, after they finish to send these messages, they don't reply any kinds of messages.
I think you should use this: https://bitcoin.org/en/developer-reference#constants-and-defaults as your reference. It pretty much explains everything. Anytime you want to connect to a node, you must complete the handshake. The handshake consists of you sending the peer a version message and the peer sending you a version message. Upon you receiving the version message, you must return a verack. When the peer receives your version message, he must send a verack. Only when both peers have received verack messages in response to the version messages can any other messages be sent. Many times if you don't respond to a message even though your protocol version indicates you should, the connection will be dropped. If you receive a ping message, you must respond with a pong. but if the node can send "inv" message initiatively, it can response other message, such as "getaddr" message, the node can reply "addr" message.
It depends on the protocol and software version. IIRC Bitcoin Core 0.13+ will not allow you to request a block or transaction unsolicited unless the peer has sent you an inv first. So, i don't know which kind of nodes i can download full of blocks or headers, can I identity this node according which message in wiki protocol?
No, that is not the way to identify those services. In the version message, there is a section for the services. It is an 8 byte bitfield. If the first bit of that bitfield is set, then the node can send blocks and headers; it is a full node. If that bit is not set, then it is not a full node. Are you sure that you are sending the getheaders message correctly?
Edit: Your checksum hash is wrong. Did you do a hash of the actual bytes or did you just hash the hex string? I'm pretty sure that it should be
|
|
|
|