Why are they doing this voluntarily? Because they want to protect their income stream against future regulations. So they chose to preemptively sell out their users rather than go down a more difficult route which might affect their profits. I think they received a silent post like Truecrypt did, but Truecrypt decided to stop the project instead of installing a backdoor. Which is what Wasabi should have done if they actually care about privacy in any way. They don't. They care about making money. About JoinMarket:
It is extremely time-consuming and complicated, I hope they simplify it in this bull market, it has to be more user-friendly I agree, and I've spoken about this before. JoinMarket, although great, simply isn't suitable for the majority of users as it is too complicated to set up. There is a great UI for JoinMarket called Jam ( https://jamdocs.org/) which makes using JoinMarket easier, but the installation process is still not straightforward. And Samourai should release a desktop version without needing any mobile app for it.
But well, there is Sparrow. Yeah, Sparrow is a great piece of software. |
|
|
|
In Electrum wallet, nothing is called as wallet passphrase. It is referred to as a passphrase extensively throughout the Electrum code. For example, here is where the prompt is defined: https://github.com/spesmilo/electrum/blob/f4f88f42942e7cc3d4bc67ba4fa8a24bbb996e83/electrum/base_wizard.py#L494-L498 def passphrase_dialog(self, run_next, is_restoring=False):
title = _('Seed extension')
message = '\n'.join([
_('You may extend your seed with custom words.'),
_('Your seed extension must be saved together with your seed.'), And here is where the passphrase is combined with the seed phrase: https://github.com/spesmilo/electrum/blob/f4f88f42942e7cc3d4bc67ba4fa8a24bbb996e83/electrum/mnemonic.py#L169-L174 def mnemonic_to_seed(self, mnemonic, passphrase) -> bytes:
PBKDF2_ROUNDS = 2048
mnemonic = normalize_text(mnemonic)
passphrase = passphrase or ''
passphrase = normalize_text(passphrase)
return hashlib.pbkdf2_hmac('sha512', mnemonic.encode('utf-8'), b'electrum' + passphrase.encode('utf-8'), iterations = PBKDF2_ROUNDS) It is common practice to use the term passphrase to refer to seed extension words, regardless of which wallet or derivation scheme is being used. |
|
|
|
But that new chain would get rejected by the majority of the network, meaning nodes, right? No, not at all. Nodes will follow the chain with the most valid accumulated work. The whole point of a 51% attack is that a malicious miner can produce blocks faster than the rest of the network. So while the rest of the network mines the original transaction and x number of blocks on top of it, the 51% attacker can mine an alternate chain in secret which double spends the coins in the original transaction back to themselves and x+1 number of blocks on top of it. Once you have released the goods or whatever, the 51% attacker can then broadcast their alternate chain they were mining in secret. Assuming that this chain remains consensus valid (and there is no reason it wouldn't be), then nodes will immediately switch to this chain upon learning about it, since it is longer than the honest chain and therefore has more accumulated work. At that point the original transaction and all its confirmations disappear from the network, and are replaced by the double spend transaction. Nodes do not police which chains are "honest" or "dishonest", and really, have no way of making that judgement. They simply follow the valid chain with the most accumulated work. |
|
|
|
Can't they make a valid transaction invalid? Not for transactions which do not belong to them, no. They can refuse to mine any transactions they don't want to, but the transactions they don't mine remain perfectly valid and as soon as the 51% attack ends those transactions can be mined as normal. Isn't it double spending? They can double spend their own coins only. For example, the 51% attacker might make a transaction paying you 100 BTC. You wait for 6 or 10 or 20 confirmations, and then hand over whatever expensive goods you were selling. The 51% attacker can then mine an alternate chain to replace the last 20 blocks and include in that chain a transaction which sends the same 100 BTC back to one of their own addresses. They have double spent their own coins. They cannot do this for anyone else's coins, since having 51% of the hashrate does not give them any special ability to forge your private keys, break ECDSA, force nodes to accept invalid signatures, and so on. |
|
|
|
It is very unlikely that that person got robbed because of this, so, to my mind, there is no connection between Swiftkey and lost coins. I say as much in that thread. OP made a number of other mistakes which are more likely the cause of his lost coins. However, he did use SwiftKey to enter his seed phrase, and SwiftKey does sync everything you type in it to the cloud, meaning his seed phrase is absolutely stored on at least one (although more likely several) unknown servers in unknown locations with unknown security and accessible by unknown persons. That is a massive security risk. So, to sum up, even stock keyboards aren't a good option to my mind! Agreed. Hence my FOSS recommendations. -snip- My bad. I've removed the link. I searched for keyboard on the site you linked however and found nothing useful. And if it were actually open source, then why isn't the source available? Privately requesting source code is meaningless - they could send you any code they like and you cannot verify that the code they send matches the code running their devices. |
|
|
|
Did you mean Windows Program? I did, haha, but the typo is appropriate. Windows is a problem.  Is the 3rd party 2fa thing available in Electrum, which may cost extra transaction fees? Yes. You can set up a 2FA in Electrum, in which case you require the authorization of a third party called TrustedCoin in order to make a transaction. You will need a 2FA authenticator app on a separate device to your wallet. In addition to paying a higher transaction fee because your transactions are larger since they are now a 2-of-3 multi-sig instead of a regular single sig, you also have to pay a fee to TrustedCoin for co-signing every transaction that you make. I dislike this solution because I dislike involving third parties in my wallets, and I definitely don't want to pay them a fee for being involved in my wallets. If you want the security of a multi-sig, then you can set up a multi-sig yourself using multiple devices. |
|
|
|
Isn't there a risk that Whirlpool and JoinMarket will come under the same pressure from the government as Wasabi did? Sort of. With Samourai, yes, although their team are so vehemently opposed to surveillance I'd be very surprised if they capitulated, and they are also working on a decentralized coordinator which would bypass any such pressure. With JoinMarket, not really since there already is no centralized coordinator. It's also worth pointing out that at present there are no government laws or regulations which forced Wasabi to surveil and censor their users. Wasabi admitted they are doing it voluntarily and preemptively. Sparrow & Samourai Whirlpool share the same coordinator right? Yes. Does JoinMarket have its own coordinator or is it the same as Sparrow and Samourai's Whirlpool?
No. Each JoinMarket user runs the software themselves and coordinates their own coinjoins if they are the taker. |
|
|
|
What about Samsung keyboard? The same as I described above - closed sourced and operated by a huge corporation which makes large amounts of money from your data. I wouldn't trust it. Gboard: https://reports.exodus-privacy.eu.org/en/reports/com.google.android.inputmethod.latin/latest/SwiftKey: https://reports.exodus-privacy.eu.org/en/reports/com.touchtype.swiftkey/latest/All of these keyboards require internet access. I wonder why?  I found fleksy also available on playstore and they clearly mentioned that app doesn’t collect user data and we can trust them since its UK-registered company[1]. This is next to meaningless. Every big corporation has been caught breaching their privacy policy. They all gather data they aren't supposed to. They may collect some of your data but personally, I don't think that Microsoft tries to steal seed phrases of their keyboard users. No, I don't think Microsoft are deliberately trying to steal seed phrases. But if your keyboard is syncing what you type with random third party servers, then that is a massive security risk and you have no idea who else is going to be able to access that data. I'm saying that if we don't trust Swiftkey which is owned by Microsoft, then we shouldn't trust stock Android (Google), stock Apple, stock Samsung and other keyboards. Correct. If it's closed, then don't use it. There are FOSS alternatives such as Openboard, AnySoftKeyboard, and Florisboard. |
|
|
|
Would it make a difference if you connect Wasabi to your own node? No difference. You can connect to your own node, but you will still be using their coordinator, which will be handing all your UTXOs and the fees you pay directly to blockchain analysis companies. Probably, yes. It's beyond the skill set of the average Wasabi user to disconnect from the default coordinator and connect to yours. Running your own coordinator is a different question to connecting to your own node. But given there are zero third party coordinators with any volume, and given both JoinMarket and Whirlpool both have good volume, then as you say - why would anyone bother? |
|
|
|
There have been a number of occasions in the past where a single pool has controlled >51% of the hashrate, but they have not used this to attack bitcoin. Deepbit in 2011 - https://bitcointalk.org/index.php?topic=26656BTCGuild in 2013 - https://bitcointalk.org/index.php?topic=152296.0GHash.IO in 2014 - https://bitcointalk.org/index.php?topic=645056.0Obviously back then the total hashrate was a tiny fraction of what it is now. The current level of Bitcoin hash rate is around 437.01M TH/s and the 51% is 222.9M TH/s. The best Bitcoin miner which is Antminer S19 pro only has 110 TH/s and it cost 3000$ for one. Imagine, you have to get 2M Antminer S19 pro in order to make 222.9M TH/s, which is around $6B and that's too expensive. I think there's no bad organization want to take risks on that. That wouldn't be a 51% attack. If someone was to add new hashrate to the existing hashrate like that, then they would need to add more than all the already existing hashrate. In your example, if there is 437 TH/s and a malicious party comes along with 223 TH/s, then now there is 660 TH/s altogether. Of that 660 TH/s, the malicious party owns 223 TH/s, which is only 33.8% - not enough to perform a 51% attack. The malicious party would instead need 438+ TH/s, at an even greater cost. Your math is accurate only if you are taking hashrate which already exists (such as a mining pool) and turning it from honest to malicious, not if you are adding new hashrate. |
|
|
|
|
Ideally, you should only use open source wallet apps which use their own virtual keyboard for entering seed phrases, where you can verify exactly what the keyboard is doing. Electrum is one such example. Even using the stock Android or Apple keyboard isn't completely safe. These stock apps are usually not open source and are so deeply embedded in the phone's firmware that it is near impossible to verify if anything suspicious is happening in the background. And neither Google nor Apple exactly have a great reputation when it comes to privacy, data harvesting, and spying on users/collecting data they promised they wouldn't.
|
|
|
|
What would happen if the owners recovered it's private key now or in the next years and suddenly woke up and moved some of its coins?  Perhaps it would be Satoshi? What would happen is that a bunch of Twitter bots would tweet "WHALE ALERT" or some other such asinine bullshit, a bunch of newbies would panic and sell, the price would go down a little, most of us here would buy more during the temporary sale, and all would be back to normal within a week. Nothing about bitcoin itself would change in the slightest. I believe once given a hard choice of "change or die", the community could come behind the consensus of removing the supply limit and choose to see the currency become inflationary to keep incentivizing the miners than break the concept of not your keys not your coins. Is that not just stealing a little from everyone rather than stealing a lot from a few? Making it inflationary makes everyone's coins worth less. I don't really see that as being a better solution. |
|
|
|
Once a UTXO is in an unconfirmed transaction, it can't be used to make another one because it's going to be spent very soon But that's exactly what RBF is - taking a UTXO which is already being spent in an unconfirmed transaction, and spending it again with a higher fee, therefore replacing the original transaction. The Electrum setting "Spend unconfirmed outputs" should be switched off for this reason. This setting only prohibits you from spending unconfirmed outputs you are receiving in to one of your addresses. It does not prevent you from using already confirmed outputs which are being spent elsewhere in an RBF replacement transaction. I'm not sure I agree about turning it off since then it limits your option and prevents you from using CPFP. Better simply to learn how transactions and UTXOs work so you understand what is going on. |
|
|
|
But I don't understand why. More specifically, why would miners not replace three transactions at 10 sat/vB (for example) by a single one at 11 sat/vB ? Because of course it's less fees overall, but also less space used, so the important metric should be the fee/space_used ratio (that is, the sat/vB rate). What am I missing? Great question. There are two main reasons why a replacement transaction must pay higher fees than all the unconfirmed transactions it is replacing. The first reason you almost figured out yourself in the sentence I quoted above. Taking your example - let's say I have a chain of three unconfirmed transactions paying 10 sats/vbyte each. I want to replace the first one with a new transaction paying 11 sats/vbyte, which would evict the other two, freeing up space for the miner to include other transactions. But maybe the next highest fee paying transactions in the mempool which the miner can include only pay 3 sats/vbyte. It then makes more sense for the miner to ignore my replacement and mine my three original transactions at 10 sats/vbyte each, than it does for them to accept my replacement and mine one transaction at 11 sats/vbyte and two transactions at 3 sats/vbyte. My replacement must therefore pay more than all the transactions it is evicting to ensure it is always economical for miners to accept it. The second reason is DoS protection. Let's say I broadcast a transaction at 1 sat/vbyte when the mempool is quite full and I know it isn't going to be confirmed any time soon. I then broadcast 20 more transactions building on this transaction, with a combined size of tens of thousands of bytes, all paying 1 sat/vbyte. Every node in the network has to receive, validate, and then broadcast my huge transactions. I can then immediately cancel all of those transactions by replacing my original transaction at a fee of 1.01 sats/vbyte. I can then broadcast another 20 more new child transactions with a huge size building on this replacement, which again, every node has to receive, validate, and broadcast. I can then cancel them all by replacing my original transaction again with a new one paying 1.02 sats/vbyte. I can repeat this thousands of times for almost zero cost and completely spam out the network. But by making me pay a fee higher than all the transactions I am evicting, this kind of attack rapidly becomes prohibitively expensive. |
|
|
|
guys you rock Glad you got it working! there is still an unconfimed transaction but i think it's on the way That's the transaction you just made. It's very close to the tip of the mempool given the high fee, so it will almost certainly be confirmed in the next block. I can confirm all your child transactions have been evicted from the mempool. Edit: It's already been confirmed. All unconfirmed transactions should now have been cleared from your wallet. |
|
|
|
Does it mean the transactions that have the same input(s) as the replacing transaction or their unconfirmed children are also included? The "original transactions" are all the transactions which are currently in the mempool which will be evicted by the replacement. So if the unconfirmed transaction you intended to replace has 5 unconfirmed children, then you must pay a fee higher than the total of all 6 unconfirmed transactions which are to be evicted. The total size of OP's 4 transactions is 2,933 WU. The total fee paid is 3,891 sats. The combined fee rate therefore is 5.307 sats/vbyte. To replace the first transaction and evict the other 3 child transactions, his replacement transaction would need to pay a fee of at least 4,031 sats for a 140 vbyte transaction, which would be a rate of 28.8 sats/vbyte. So I would agree with hosseinimr93, and pay 30 sats/vbyte to be on the safe side. |
|
|
|
In the year 2140 we start stealing the coins which have been not moved since January 2009.
In the year 2144 we start stealing the coins which have been not moved since February 2009. So at an average rate of 4,320 blocks per month, this means you would release coins at a rate of 3 blocks per day every 4 year period. So that first day will see (we assume) 150 BTC released. Now, let's say the total block reward from fees alone is 0.5 BTC, which is probably a high estimate. This means 72 BTC a day from fees, and 150 BTC a day from releasing old coins. Every large miner is therefore incentivized to ignore blocks from other miners claiming the old coins, and instead continue to mine blocks on their own chain claiming the old coins for themselves. Also, the very fact you use the word "stealing" explains it all, really. At no point should the protocol ever steal coins from other people. There is a huge difference between a random malicious actor with a quantum computer stealing coins, and baking stealing coins in to the bitcoin protocol. In the year 8428 we start stealing the coins which have been not moved since January 2140 What happens when bitcoin has become so valuable that the total amount of coins not moved since January 2140 is a few hundred sats at most? The whole system collapses and you are back to only relying on the fees. This is not a solution - only a delaying tactic - and one which would fundamentally alter the entire concept of bitcoin. |
|
|
|
I am not sure if I will understand the new interface. Moreover, I am afraid of losing my current files and software that are available.
I don't know if I will be able to find this software for Linux. For people moving from Windows, I usually suggest Linux Mint as a starting point. It is (as far as I am aware) the Linux distro with the most similar look and feel to Windows, so it eases the transition. It is also fairly newbie friendly and has a good amount of guides and troubleshooting online, as well as a good sized community which will help with any problems you might run in to. In terms of software, then there are four options available to you if your particularly piece of software won't run on Linux - - Find an alternative piece of software which does run on Linux (bonus here is the alternatively will probably be FOSS)
- Use Wine to run Windows programs inside Linux
- Dual boot, although doing this means you still end up with Windows on your device and you lose a lot of the benefits of moving to a Linux OS
- Have one Linux machine, and one Windows machine
|
|
|
|
I prefer to use coinjoins with Sparrow wallet or JoinMarket (I don't care if coinjoins take a longer time; I can separate short-term from long-term coin use; what I want to make more private by coinjoining are rarely coins to be in a hurry with). I hit this milestone in Sparrow a few weeks ago, and decided to screenshot it for posterity:  I've added a few more to that count since then, and I've got a couple of such inputs in the same ballpark. It's turned in to an experiment now where I will just refuse to spend at least one of these outputs unless absolutely necessary just to see how high we can go. With every remix after the first completely free, of course.  I lack the time and coding knowledge to do my own research and code audit on Wasabi. You don't need to. They openly admit they are cooperating with blockchain analysis and directly funding state sanctioned surveillance and censorship. That alone is more than enough to mean nobody in the right mind should ever use Wasabi. |
|
|
|
(suppose the seed.txt file is in desktop then what will be the path? [ ./PATH/TO/YOUR/FILE.txt ] < Confused with this ) Well, it depends on if you are talking about the desktop of your computer or the desktop of your virtual machine, what OS you are running, what your account name is, and so on. Try finding the file in a file explorer and your OS might tell you path somewhere near the top of that window. The easiest thing to do will be to put the file in the same directory as you extracted btcrecover to, then your path will simply be ./FILENAME.txt |
|
|
|
|
Show Posts
