Quantum ASICs don't protect against quantum computers attacking individual key pairs, though. If we ever get to the stage where quantum computers can solve the discrete logarithm problem in a reasonable amount of time and calculate a private key from a known public key, then it doesn't matter what hardware is securing the network - we will need to fork away from ECDSA to a quantum resistant algorithm. This is entirely doable, and for most people would simply mean moving their coins to a new address type, as we have already done with segwit.

And even when we finally get a quantum computer capable of breaking ECDSA, it will still take it weeks or months to reverse a single public key. It will be decades more before they are fast enough and powerful enough to do so in <1 hour and consider attacking a public key which has only been revealed for the first time when a transaction has been made.

There is no point arguing with Peter Schiff. He does not care about facts or figures in the slightest. He is all in on gold, and so will constantly try to pump gold and shit on bitcoin.

Here is a post I made 2 years ago (almost to the day) about Peter Schiff and his terrible predictions: https://bitcointalk.org/index.php?topic=5177767.msg52236976#msg52236976

When I made that post, gold was valued at $1,520 per ounce and bitcoin was valued at $10,300.
Today, gold is valued at $1,796 for a gain of 18%.
Today, bitcoin is valued at $47,400 for a gain of 360%.
If you had ignored Schiff and bought bitcoin instead of gold when I made that post, you would be 20 times better off.

He's been calling for gold to hit $5k for 10 years now, and yet in those 10 years, it has barely hit $2k. He's been calling for bitcoin to hit $1k for 5 years now, and well, we all know how that turned out. He is a broken record trying to pump his own bags, little more than an altcoin shiller just with a bigger audience.

He'll keep going for another 2 years I'm sure. If the percentages above repeat, then gold will just get over $2k as bitcoin hits $150k.

We could already solve poverty in America if we wanted to. The cost of solving poverty is far less than the amount we spend on bombing civilians around the world. If we switched to a single payer health care system, we would not only save enough money from our taxes to solve poverty but we would also get better health care and not have to buy personal insurance. A win-win-win for the average person. But we both know those things will never happen, because soup kitchens and homeless shelters don't buy our politicians - healthcare conglomerates and weapons manufacturers do.

With other ridiculous news like the EU wanting to ban all "private wallets" (yeah, good luck with that ), I definitely wouldn't put it past the US Congress to try to levy more taxes from cryptocurrency in some manner or other.

Linux Mint is a very easy step from Windows, along with a huge community to help with any troubleshooting you might have. You can always partition off a portion of your hard drive and dual boot so you have Windows to fall back on if you need to. The privacy and security improvements are worth it on their own, not to mention how much faster and lighter on resources it is.

Yeah, I would be pissed if my details had leaked in the Ledger hack, as I'm sure plenty of forum users are. It's another reason I think airgapped wallets have the edge over hardware wallets, if you are able to set them up and use them correctly. Buying a hardware wallet? Obviously you own crypto. Buying a Raspberry Pi or second hand laptop? Reveals nothing.

This is all correct. The whole point of a SSS Scheme is that any number of shares less than the threshold number reveals no information about the final secret. If you split a seed phrase in to m Shamir shares, and require n of those shares to recover the seed phrase, then anything up to n-1 shares reveals nothing and does not make brute forcing any easier; an attacker might as well have no shares and be trying to bruteforce every possible valid seed phrase.

The single point of failure with SSSS isn't in the compromise of a single share, though. When combining your shares to recover your seed phrase, you must bring them all together on a single device to do so. If that device is compromised, then your coins are lost. You are similarly at risk with the SSSS implementation that you use. There is not a standard implementation like there is with BIP39, so if the implementation you use is poorly designed than you could potentially leak enough information for an attacker to steal your coins.

It doesn't matter to him now. He retires at the end of this term, so he doesn't care about what people think of him, he doesn't care about getting votes come next election cycle, and he doesn't care about doing the right thing. All he cares about is the fat paycheck he gets from his banking and Wall Street donors. There is zero accountability.

Don't let them fool you in to thinking that infrastructure spending is behind these crypto provisions. The taxes which would be raised from decimating the cryptocurrency industry would amount to ~1% of all the spending in this bill alone, never mind the trillions of dollars of spending in other stimulus bills which have been passed recently or will be passed in the near future. And, at the end of the day, what is an extra $20 billion in tax revenues when the Fed is printing trillions out of thin air? This isn't about raising taxes; it is about controlling bitcoin.

That's part of the problem: An assumption that if you want to preserve your privacy then that automatically means you are doing something to disobey the government, i.e. illegal. I just want to have the freedom to live my life and spend my money without being spied on or harassed.

Sure, it's all me. That's why everyone here except you is on my side of this discussion. That's why there are entire campaigns being ran on Reddit and Twitter to get people to call their representatives. That's why multiple Senators tried to amend the language of the bill, and now multiple House Reps are trying to do the same thing. That's why every news site, crypto or otherwise, is talking about how bad this bill is for bitcoin. That's why people like Brian Armstrong, Mark Cuban, and Elon Musk have spoken out against this bill. I sure do have a lot of influence to do all this myself.

Or maybe, just maybe, you are the one who is wrong here?

The maturity of the network is irrelevant. There still exists a possibility of an attacker being able to reverse a 1 block deficit, even without 51% of the hashrate. Even an attacker with only 10% of the hash rate has a 20% chance of reversing a single confirmation. We still get stale blocks even without any active attacks on the network (although these rarely result in successful double spends, the possibility still exists). If $100k is small change to you, then sure, accept 1 confirmation. But if $100k is a significant amount of money to you, I'd be waiting for 3-6 confirmations.

Credit card transactions do not result in money reaching the merchant for 3-5 working days, and can be reversed for 90-180 days after the transaction, and yet almost everywhere accepts credit card transactions because the majority of people are honest and will not try to scam. It is entirely reasonable for merchants to accept zero confirmations for transactions which are not that valuable, pay a reasonable fee, and are not opted in to RBF. If they are uncomfortable doing that, then they can open a Lightning channel.

It is no accident that he only "changed his mind" and starting supporting the amendment after it reached the stage of requiring unanimous approval from the Senate (rather than just a simply majority), which he knew was never going to happen.

The man who doesn't know how to send an email and communicates with this staff by leaving them hand written notes. And we expect these people to reach an informed decision on cryptocurrency. Absolutely laughable.

Politicians needs to be held to a higher standard. If you are about to pass laws and regulations which could complete destroy an entire industry, then you should be duty bound to do at least the bare minimum research on that industry.

Some definitely have other motives. I was more than a little surprised that Ted Cruz was on our side here, so much so that he even tried to stop Shelby from attaching his ridiculous military spending amendment to the crypto amendment. Almost certainly there is something else going on in the background, given Texas' position to attract huge numbers of miners and develop their renewable energy infrastructure because of them. I wouldn't be surprised at all if Cruz has huge numbers of shares in Texas energy companies, or is receiving some kind of incentive from them.

Still, I like to think our democracy isn't completely useless just yet, and if millions of people start calling their Representatives about this, that something will be done about it.

I've said it before on these forums - "Land of the free" is government propaganda at this point. Free to be spied on by your government. Free to elect one of the two candidates that Wall Street has picked for you. Free to be shot and killed for minor misdemeanors, or indeed, no crime at all. Free to spend your life in a for-profit prison for a victimless crime such as smoking some weed. Free to be made bankrupt for having the sheer audacity to get sick, despite spending more of your tax dollars on healthcare than any other developed nation. Don't worry though, as long as we get all school children to recite their praise for our glorious leader "liberty and justice for all", maybe they'll not notice.

We can't expect the general public to care when even people on this forum don't care. Hell, people on this forum, a forum dedicated to a project whose entire ethos is to get away from trusting third parties, not only don't care about privacy invasion but actively encourage it. "KYC is a good thing" and "More regulations mean crypto is going mainstream" are opinions you often see parroted on here.

A little bit of both. The vast majority of Senators and House Reps have no idea what a cryptocurrency is, but they are bought and paid for by the bankers and Wall Street, so will just do as they are told.

Everything you download or install is a potential security risk. I remember reading about someone who downloaded an emoji pack for their phone, it asked for permission to access their keyboard which they obviously granted since it was required to work, and it ended up being a keylogger in disguise. I would encourage everyone to go in the app permission settings on their phone and have a look at just what apps have what permissions. You'll be surprised by the security risk of having so many apps accessing your keyboard and data, and the privacy risk of have so many apps unnecessarily accessing your location, microphone, camera, etc. Also take a look at what all your browser extensions are doing, since everyone seems to install dozens of unnecessary ones.

Just switch to a Linux distro which is constantly updated.

As much as I prefer using airgapped encrypted cold storage, you have to appreciate that it is harder to do, and much harder to do well, than using a hardware wallet. Not everyone has an old device lying around they can dedicate to be an airgapped device. Not everyone is comfortable using a different OS, or live booting, or really knows how to airgap a device in the first place. Whereas everyone can plug in a hardware wallet and follow the instructions.

It shouldn't be. It should be the same server seed with a incrementing nonce until you choose to reveal it and get a new one.

Pretty much nobody changes their client seed every bet. Most people are assigned one or pick one themselves and run for an entire betting session on the same seed. Some people may change it if they are having a run of bad luck, erroneously deducing that they have an "unlucky" seed or something similar, and some people may change it after x number of bets or x amount of time, but no one is changing it every bet.

With that in mind, let's say I use the same client seed for 100 bets. The server obviously knows what my client seed is. If they give me a unique server seed for every bet, then they can simply brute force a bunch of seeds and then choose to give me server seeds which, when combined with my client seed, will result in losing bets. This is avoided by the server seed being the same from the first bet, and a nonce which increments by 1, giving the gambling site no control over the final outcome.

Amendments at this stage were always going to be unlikely. We can still fight this with future amendments or future legislation to overturn the ridiculous crypto provisions. It is not too late to be calling your Representative.

Lots of good info here, along with template letters and contact details: www.dontkillcrypto.com

To expand on arallmuus's already great answer: There is no RNG directly involved in calculating the outcome of your spin/roll/whatever. The site generates a server seed and shows you a hash of the server seed. You can then pick a client seed. Usually, the site then combines the server seed and client seed along with a nonce, hashes the whole thing, before taking the last x number of characters from the resulting hash and turning that in to the result of the spin/roll/whatever. The equation that they use to do this should be freely available. At any time you can choose to reveal the server seed. Once you know the server seed, which you can verify is correct by comparing to the hash of the server seed which you already knew, you can perform the calculations involving the two seeds and the nonce yourself, and confirm that the outcomes of your bets do indeed match what they are supposed to match.

The only thing that can be random is the selection of the seeds. Once the seeds are selected, then every outcome, regardless of how many times you bet, is already predetermined.

It comes back to the same argument that we see often repeated regarding quantum computers.

If (and it's an enormous if) we ever reach a point where we can crack 128 bits of security, we are not going to reach it overnight. It will take decades, if not centuries, of constant progress towards that goal, and everyone who is actively using bitcoin will have decades to move to more secure seed phrases, private keys, and addresses. Further, if someone can crack 128 bits of security on a whim, then we have much bigger problems than partially exposed seed phrases being cracked.

I'm not a fan of splitting seed phrases in the method outlined in OP, and I'm also not a fan of SSSS. If you want to have multiple back ups which need to be compromised to access your coins, then either go for a seed phrase with an additional passphrase of minimum 128 bits security, or use a multi-sig wallet.

No. Because:

The server seed differs between users.

On any good gambling site, you can choose to reveal the server seed at any time you like. Once you have done this, you can use the revealed server seed along with your client seed to confirm the results of all your previous bets, hence making the site provably fair. Obviously, after you reveal the server seed, the server must generate a new hidden seed for your next rolls, otherwise you could calculate the results before you bet.

If the gambling site only generated a single server seed for every single customer to use, they would have to update it constantly whenever any customer clicked "reveal", meaning that every other customer would be constantly using different server seeds and therefore be unable to confirm that all their bets were provably fair.

Electrum seed phrases are not compatible with most wallets. In fact, there are very few wallets which will successfully restore Electrum seed phrases. Blue Wallet is one of them, but I'm pretty sure Samourai won't (unless they've implemented that feature recently).

Yeah, it is a big omission from the mobile version that it does not have coin control. As a imperfect work around, you can click on the Settings icon and then on Addresses, and freeze individual addresses in your wallet which you don't want to spend from. If you only use each address once, then this is the same as freezing individual UTXOs.

My freedom to hold a meaningful discussion is already impacted by spammers flooding every thread with trash. I'll absolutely defend anybody's right to express and discuss any opinion or viewpoint, but you actually have to discuss it, not just fire out some meaningless spam to hit a post quota.

The issue here is that if you are irresponsible with your bitcoin, hold it with a third party, save your seed phrase in your email, etc., then it doesn't impact on me in the slightest. If you are irresponsible with your forum account, signing up to scam bounties, churning out spam posts, etc., then it directly impacts on how well other people can use the forum for discussion.

And watch the spammers take over a different board instead.

You keep changing the goalposts as to what you are trying to achieve and what attack vectors you are trying to protect against. If you are concerned about someone stealing your seed phrase, then simply extend it with a long and complex passphrase. This is different to the password which is only used locally to access your wallet file, and is instead combined with the seed phrase when deriving your private keys. If someone steals your seed phrase, they can still recover it but will recover a completely different wallet to the one which is recovered when also using your passphrase. Indeed, they won't even know that a passphrased wallet exists.

Or, you can also use the multi-sig setup I've described earlier in this thread. If someone steals one of the seed phrases, they can't do anything without also stealing a second seed phrase.