Anything that is going to increase my privacy when I use it. Perhaps the ability to look up a dozen or so transactions at once, and display all the results on the same page. By doing so I can hide the actual transaction I am interested in among a bunch of others I don't care about, so the block explorer cannot link my browser session to a specific transaction.

Having any page with transactions or addresses displayed auto-refresh every minute or so for all users, so again, the explorer is not aware that the user is obviously waiting for a transaction to be made or to confirm.

And dark mode. Every website in existence should have dark mode.

True. When a careless 17 year old manages to break in to a huge tech company like Twitter, it goes to show just how lax their security practices are. We often see hacks and breaches of crypto companies being made a big deal of on this forum - Ledger's data breach, Binance's data breach, various exchanges and web wallets being hacked for funds, lists of email addresses from ICOs and airdrops being sold, and so on. What a lot of people forget is that such data breaches are commonplace throughout the entire internet, and that even massive tech companies often have terrible security. Google stored passwords in plain text for 14 years. 50 million Facebook accounts were compromised in 2018. Just today an unpatchable exploit to Apple's Secure Enclave has been revealed, meaning an attacker can potentially decrypt and steal all your information and data.

This is why it is so important that people take their privacy and security seriously.

It seems Twitter only picked up on it after they flooded many famous accounts with their bitcoin scam. Given that, it could have been much worse. They could have read or sent private messages to and from world leaders, or tweeted as various CEOs. Remember how much TSLA stock fell when Musk tweeted he thought it was overpriced?

Turns out they actually sent coins directly to Coinbase. Not only that, but they sent to Coinbase accounts which were fully verified with copies of their own IDs, used the same email addresses as they used on their OGUsers and Discord accounts where they were selling the hacked Twitter accounts, and logged in to Coinbase from the same unobscured IPs that they used when breaking in to Twitter accounts. A simple request from law enforcement to Coinbase and now three people have been arrested. Not exactly the smartest move by the hackers.

Coinbase is an open book as far as privacy goes. Everyone should be working on the premise that anything information you send to Coinbase and all your activities on Coinbase are available to be examined by your respective government and/or law enforcement agencies.

That's not quite accurate. You can never be 100% sure for a couple of reason.

First of all, you have to take in to account network propagation time. This is usually very fast, but there may be a couple of nodes or miners who take longer to receive your transaction depending on network conditions.

Secondly, and more importantly, you have to take in to account how often miners will update their candidate block. Since most miners mine in a pool, this is dependent on how often the pools craft a new candidate block and distributes it the miners. This could be anywhere up to every 30 or even 60 seconds. So for the first minute or two after your transaction has been broadcast, it still may not be included in the candidate blocks that some miners are trying to solve.

There are also fringe cases like double spends or two blocks sharing an equal height which can affect which miners are including your transaction.

Well, Bitcoin Core uses m/0'/0'/i' as default, so hardened keys all the way down to the address index.

I suppose some other older wallets which still use BIP 32 for their derivation paths rather than the more common BIP 44/49/84 may still use hardened keys at all levels, but given almost all wallets now follow BIP 44/49/84, I'm not familiar with any.

Standard transactions made from Bitcoin Core use a nSequence value of 0xfffffffe as default, which disables RBF but does not disable nLocktime. This allows them to use nLocktime to prevent fee sniping.

You can see the relevant code for it here: https://github.com/bitcoin/bitcoin/blob/8443fb11ad6462362b0ef9c029d778b28b1de82e/src/wallet/wallet.cpp#L3007

Here are a couple of random transactions I pulled from the mempool which use 0xfffffffe:

6bd3f92f47008419394bbbee256c8e29178b6da5ca75d7074c0504300e09ed31
75d003ae719e20585d56f4ffe46255b5244e8cf88bd0f52f35f23d4167cf1e0a
b274f1ef25b269e68b4f0541bcfdcfeaa0c1ed30dfbb3ab90338857bf7df3f49

If they have different seeds, then your options are either:

• Use one instance of Ledger Live, add all the accounts from both devices, and just label them as "BTC S Legacy" and "BTC X SegWit" or similar so you know which is which, or
• Have two separate copies of Ledger Live. I would achieve this by using virtual machines, but you can also do so very simply by using different accounts on your operating system.

I also happen to think Ledger Live is pretty trash and prefer to use Electrum, but more importantly than installing apps, Ledger Live is also used to verify the authenticity of your wallet when you first set it up. It is a vital first step.

Electrum does not have "official support". Anyone claiming to be Electrum's official support on here, twitter, medium, telegram, discord, etc., is trying to scam you.

If you have problems with Electrum, the first thing to do is to search in the following two places:
https://electrum.readthedocs.io/
https://bitcoinelectrum.com/

If you cannot find an answer, then you can ask your question on the Electrum board of this forum (https://bitcointalk.org/index.php?board=98.0), or open an issue on Electrum's GitHub (https://github.com/spesmilo/electrum/issues).

You misunderstand how mining works.

We don't know which miner is going to solve the next block as they are all competing to solve it first. Each miner will also be solving their own individually crafted block with their own selection of unconfirmed transactions in it. The transactions they select will be dependent on which transactions they have personally seen and which transactions pay the highest fee. There is no way to know which miners are including your transaction in their "potential" block, and there is no way to know which "potential" block will become the next actual block.

The best you can do is to pay a fee that places your transaction near the tip of the mempool. Paying a very high fee can make you reasonably certain that your transaction will be included in the next block, but as we don't know when the next block will arrive, that could be anywhere from 1 second to 1 hour or longer.

Lol, these kids weren't smart.

They used the same email addresses to hijack twitter accounts as they used to create Coinbase accounts, which they then verified by uploading copies of their driver's licenses. They also linked addresses from said Coinbase accounts to their OGUsers and Discord aliases, and logged in to all the services via the same IP addresses. Obviously, Coinbase handed over everything to law enforcement, including names, addresses, emails, dates of birth, copies of KYC documents, addresses, and transaction histories.

People need to learn that anything that touches a centralized exchange is immediately and completely de-anonymized, linked to your real life identity, and shared with dozens of third parties.

That is a correctly verified signature.

The line "Good signature from "Thomas Voegtlin (https://electrum.org) <thomasv@electrum.org>"", tells you that the Electrum file you downloaded was indeed signed by Thomas Voegtlin.

The line "WARNING: This key is not certified with a trusted signature!" simply tells you that you have not certified the key in GPG. As long as you are sure the key is correct (and I can also confirm that the key you listed - 6694 D8DE 7BE8 EE56 31BE  D950 2BD5 824B 7F94 70E6 - matches the key I have for Thomas Voegtlin), then you do not need to worry about this.

That's not quite right. To have opted in to RBF, the nSequence value must be less than MAX-1, in other words, less than or equal to MAX-2, or 0xfffffffd.

Both 0xfffffffe and 0xffffffff disable RBF. 0xffffffff also disables nLocktime.

If you are decoding a transaction as you suggest, then sequence can't be 4294967295 or 4294967294.

If they do, then you shouldn't be using them. Why would you try to increase your privacy by using a company which tracks, links, and de-anonymizes your deposits and withdrawals?

How? How can a mixer keep logs of everything you are doing while at the same time claiming that your privacy isn't compromised? That sounds like all the free VPN providers which harvest your data and sell to third parties. As soon as logs are kept, your privacy is zero.

There is no way to differentiate between the "correct" use or the "incorrect" use of a mixer. As soon as a mixer starts monitoring and spying on their customers to make sure that every deposit is "correct", then all privacy is out the window and there is no point in using that mixer anymore.

Mixers are like encryption. The majority of people using them are using for perfectly legal reasons. Yes, some a small minority people use them for illegal reasons. There is no way monitor who is using it and stop them from doing so without completely breaking or rendering useless the entire system. No, ordinary people shouldn't be force to give up their privacy under the guise of "safety".

Why are you repeating this false statement after I provided you with evidence to disprove it in your last thread? A minority of funds which pass through mixers are stolen or otherwise tainted. The majority of coins being mixed are being sent directly from exchanges, by users trying to protect themselves from centralized exchanges' mass surveillance.

Bitcoin is decentralized, but exchanges certainly are not. Centralized exchanges freeze accounts and seize coins all the time for a variety of reasons, legitimate or otherwise. If there is a suggestion that some coins are stolen, then many exchanges will freeze those coins. Binance, for example, frozen a bunch of funds which were thought to be related to the Cryptopia hack.

The parent extended public key is not used at all in the generation of hardened children. Hardened children are derived solely from the parent extended private key and the index. For this reason, it is indeed impossible to derive the private keys of hardened siblings by knowing a single private key and the parent extended public key.

Most people use the same email for everything, and many people fall for phishing scams. If this email list is sold, then the addresses on it are going to be bombarded with a variety of official looking scam emails. Some people will undoubtedly lose their coins due to this.

They also say that they "implement appropriate physical, electronic and organizational procedures to safeguard and secure personal data", which is obviously not the case. You should work under the assumption Ledger Live is logging your IP address for your own safety.

Still the case. No reason they couldn't configure CloudFlare or run a .onion mirror, but they have never shown any interest in doing so unfortunately.

Then hold customer data in a different country which is not subject to such ridiculous privacy laws. And anonymize/delete what parts of it you can as soon as you can. And stop sending it to third parties to be processed. And encrypt it! And why on Earth was it being held in an online environment and not an airgapped one!?

Ledger dropped the ball here, big time. They can't hide behind the excuse of "Our legal team said we had to". It's not good enough.

True, and there is also a general lack of knowledge regarding how mining and average block times work.

Don't forget that 95% of the time exchanges are making profit on their network fees too. Most of them are charging anything from from 20,000 up to 100,000 sats per withdrawal. During the majority of the time when average fees are <10 sats/vbyte, and when withdrawal transactions are batched to keep their size to a minimum, these fees are a gross over-payment compared to how expensive the withdrawal actually is. I know they have consolidation transaction to do in the background, but they still make a nice profit on withdrawal charges.

Even when fees are high, as you say there is no incentive to change because their withdrawal charges are so high anyway that they still easily cover the increased fees.

The fee you select in Electrum is in sats/vbyte, although it doesn't say that. In the case of the transaction you linked in your first post, the fee you selected of 25.5 sats/vbyte is what you paid. The incorrect fee of 14.395 is because the explorer you looked it up on is inaccurate. If you look it up on blockchair or blockstream, you will see the 25.5 fee displayed accurately.

Can I ask for the list of users who are involved in this review process?