I have just realized a new version of Electrs has been published (https://github.com/romanz/electrs/releases/tag/v0.10.0-rc.1)

It is just a RC1 so probably we will have to wait a bit longer for the final release, but it is good project is evolving. I am curious what we may expect in v 0.10, as it is no longer 0.9 patch.
Anyone already gave it a chance and installed a new server?

Do we know when the word "bitcoin" appeared for the first time? Are we 100% sure it was in THE PAPER?

I was wondering why it is "bitcoin". (Someone with more advanced linguistic skills could probably help a lot). "coin" seems be the easier part. It clearly indicates the thing has something to do with currency. Is "coin" the only word which could be used? "note", "check", "bill"? Maybe that could be interesting, as unspent output is usually an effect of many previous operations and depends on their result - any faulty previous operation makes the final result faulty.
Talking about "bit" I am not sure if it should mean the concept is related to IT (computers, digitalization etc) or it has something to do with computer bits as a unit. I think already a decade ago "e-" was used for "electronic" versions of given words, like e-mail or e-market. On the other hand I think "byte" was a more popular word related to computer thinks. And we have also the root of the whole concept, elliptic curve. If we would take "sec" from secp256k1, "seccoin" could be also extended to "secure coin".

I am curious what do you think about it, why these two words "bit + coin" were selected?

A new version of Electrum has been released on April 18th.
Release notes:

Code:

   - New onchain transaction creation flow, with configurable preview
   - Various options have been moved to toolbars, where their effect
     can be more directly observed.

Code:

- lightning: support for option scid_alias.
    - Qt GUI: UTXO privacy analysis: this dialog displays all the
      wallet transactions that are either parent of a UTXO, or can be
      related to it through address reuse (Note that in the case of
      address reuse, it does not display children transactions.)
    - Coins tab: New menu that lets users easily spend a selection
      of UTXOs into a new channel, or into a submarine swap (Qt GUI).

Code:

  - Lightning invoices are regenerated everytime routing hints are
      deprecated due to liquidity changes.
    - Script descriptors are used internally to sign transactions.

And for the corresponding Android application:

Code:

- Using Qt 5.15.7, PyQt 5.15.9
   - This release still on python3.8
   - Feature parity with Kivy
   - Android Back button used throughout, for cancel/close/back
   - Note: two topbar menus; tap wallet name for wallet menu, tap
     network orb for application menu
   - Note: long-press Receive/Send for list of payment requests/invoices

Source: https://github.com/spesmilo/electrum/blob/master/RELEASE-NOTES

One and only download page: https://electrum.org/#download

A week ago Chainanalysis has published  a report about their view on crypto money laundering and ways which funds from suspicious sources go. Honestly speaking what I see are just graphs and numbers and I have no idea how they know a given coin comes from scam, ransomware etc, but maybe they know what they do.

More info: https://blog.chainalysis.com/reports/crypto-money-laundering-2022/

Hello

Is there any working mobile wallet which allows TOR connection to custom Electrum server?
I ask because until now BlueWallet was my favourite one (using normal IP), but using TOR server is impossible, connection fails. I have seen many complaints, apparently that feature is broken. At least for me it is unusable, so that's why I look for alternatives.

Anyone recommends any other tool?

Mailchimp, company which manages newsletters and mailing lists has one more problem (the same each time, I would say). They confirmed they had another leak:
https://mailchimp.com/january-2023-security-incident/

Mailchimp is used by many companies which are lazy enough to create/use their own mailing system and recently many users had received emails like that:

[you have been warned]

NEAR Web Wallet Security Update
 

Hello NEAR community,

We are reaching out to notify you of a security incident at Mailchimp that may have impacted members of the NEAR ecosystem. 

On Thursday January 12th, Mailchimp, one of our external email management tools, notified us that as a result of a breach of Mailchimp’s systems, an unauthorized actor accessed a Mailchimp account. We are contacting you because your email address is stored in this affected Mailchimp instance.

According to Mailchimp, this breach only involved email addresses and did not include breach of passwords or credit card data. Based on Mailchimp’s public disclosure on January 13th, at least 133 Mailchimp accounts across its platform were affected in a broader incident targeting the Mailchimp platform. Mailchimp’s related blog post can be read here. 

At the current time, Mailchimp has been unable to confirm whether the email address data in the affected Mailchimp instance was downloaded. However, out of an abundance of caution, we wanted to flag this breach to the NEAR community.

It is important to note that we do not store data that could be used to compromise NEAR wallets.  We currently have no reason to believe any information other than email addresses might have been accessed. Regardless, as a precautionary measure, we request that you increase your vigilance regarding possible phishing attempts, and malicious actors could be posing as NEAR or any of its ecosystem partners through email communications. NEAR Foundation, Pagoda and the Wallet team will only send emails from @near.foundation, @near.org or @pagoda.co.

Additionally, please note that NEAR will never email you asking to make transactions or soliciting your business. We will never ask for your password or private key, promote airdrops of $NEAR or other tokens associated with the NEAR ecosystem, or solicit any type of payment or request to sell your digital assets.

To ensure NEAR ecosystem user security and privacy, Our security team is continuing to work with Mailchimp in its investigation. We will keep you updated as Mailchimp’s investigation continues to unfold. 

As always, we hope you are currently observing and will continue to observe careful measures with the security of your wallet. Here is a list of best practices as it pertains to self-custody wallets.
 

Best Practices for Self-Custody Wallets

    Utilize a mixture of hot and cold wallets—hot wallets are connected to the internet, cold wallets are not.
    Choose a hot wallet strictly for smaller, convenient NEAR transactions
    Do not store all of your tokens in a hot wallet
    Utilize a hardware wallet, such as a Ledger, to store tokens and make larger transactions.
    Ensure you are utilizing the right URL for your wallet. Inspect links for correct URLs before clicking.
    Avoid wallet names that contain identifying information, such as names or email addresses.
    Use a private browser session for wallet transactions, disabling third-party plugins.
    Check transactions before you sign or approve them.
    Never connect your NEAR wallet or click-through unsolicited links.
    Never store your recovery phrases for wallets with significant tokens  in password managers, emails, or on a computer that may be connected to the internet.
    Only interact with NEAR Foundation via official channels.  Our social media accounts, Discord, and Telegram channels can be found at https://near.org/ecosystem/community/.  Our official accounts are verified and have the verification marks.
    Be suspicious of unofficial channels and offers that appear to be too good to be true.

 

Good news from Europol - some call centres selling fake crypto were taken down.

From time to time we may hear about people who received a phone calls with a very attractive investment proposal. Many of that people accepted the risk and gave their money to scammers. It looks like for some time we will have much less phone calls like that, as many centres has been taken down.

Some details on Europol page: https://www.europol.europa.eu/media-press/newsroom/news/call-centres-selling-fake-crypto-taken-down-in-bulgaria-serbia-and-cyprus

(do I understand correctly they inform about the action one year after, or someone made a mistake with a date? publication date is Jan 12th 2023)

For the ones who do not follow Collectibles forum (https://bitcointalk.org/index.php?topic=5434506.0):
Cold Key owner retrieved private keys of all the sold 'cold wallets' he produced and as he was in need because of gambling he stole all the funds.

Which (apart of obvious sad event for card buyers/owners) is a very problematic for the whole "collectibles" market, any coin/card producer now will be asked twice "how may I trust you?".

Anyone using BitKeep?

Multiple BitKeep crypto wallet users reported that their wallets were emptied during Christmas after hackers triggered transactions that didn't require verification. Company confirmed the problem and linked it to 'unofficial' version of program:

Dear BitKeep users, after preliminary investigation by the team, it is suspected that some APK package downloads have been hijacked by hackers and installed with code implanted by hackers. If your funds are stolen, the application you download or update may be an unknown version (unofficial release version) hijacked.
Now for the safety of user funds, if you downloaded the APK version, please transfer the funds to the wallet downloaded from another official store (App Store or Google Play). In addition, it is recommended to use the newly created wallet address, the address you created through apk may be leaked to hackers.

Anyway - whatever you use, always make some effort to ensure you use the original program, not a hacked copy!

More read: https://www.bleepingcomputer.com/news/security/hackers-steal-8-million-from-users-running-trojanized-bitkeep-apps/

Some of you maybe heard about news which were published first on September; Twitter user PhantomXSec tweeted that the North Korean APT group were responsible for crypto and NFT phishing campaigns targeting dozens of ETH and SOL projects. PhantomXsec provided information on 196 phishing domain names that were linked to North Korean hackers after a thorough analysis.

Now I invite you to read a comprehensive analysis of that event - if you are interested in security and want to know how that kind of attack is created, read more on https://slowmist.medium.com/slowmist-our-in-depth-investigation-of-north-korean-apts-large-scale-phishing-attack-on-nft-users-362117600519

Hello

Was there any chance recently for the process how notifications are triggered?
There is a topic, I send my post, from that moment topic is 'subscribed' and new post triggers notification (email). Until recently all was OK, if there was more than 1 page, I had to go to the end to have topic marked as 'read' (unbold) and then new post triggered email.
What I see now is that even if new post is on the page 5th, I do not read that post because I open only page 1, when I reload board page topic is marked as read (normal, not bold) and any new post triggers email.

I really do not think it was like that before.

News like that does not help crypto-world to gain trust... And unfortunately helps a lot people who say crypto is for criminals and weapon/drug dealers.
And unfortunately the name of exchange sounds very familiar.

A methamphetamine and cocaine gang operating across the U.S., Mexico, Europe and Australia used the world’s biggest cryptocurrency exchange Binance to launder tens of millions in drug proceeds, according to an ongoing investigation by the US Drug Enforcement Administration. Between $15 and $40 million in illicit proceeds may have been funneled through Binance, the DEA alleged.

More details:
https://www.forbes.com/sites/thomasbrewster/2022/12/19/mexican-drug-gang-money-laundering-over-binance-crypto-exchange/?sh=2c9869754a59

Another sad story related to exchanges... Anyone used Gemini? We all love KYC so much...

Gemini crypto exchange announced this week that customers were targeted in phishing campaigns after a threat actor collected their personal information from a third-party vendor. The Gemini product security team published a short notice that an unnamed third-party vendor suffered an "incident" that allowed an unauthorized actor to collect email addresses and incomplete phone numbers belonging to some Gemini customers.

KYC is dangerous from many reasons, one of them is that you give your data to people who do not know how to keep them safe...

more details: https://www.bleepingcomputer.com/news/security/hackers-leak-personal-info-allegedly-stolen-from-57m-gemini-users/

If any of you used or plan to use BloxHolder (bloxholder.com) there is a serious risk of losing funds. Tool seems to be connected to Lazarus Group.

Further technical analysis of the deployed AppleJeus malware uncovered a new variation of DLL side-loading. Really, really tricky.

More details: https://www.volexity.com/blog/2022/12/01/buyer-beware-fake-cryptocurrency-applications-serving-as-front-for-applejeus-malware/

Russian billionaire Vyacheslav Taran was killed when the helicopter he was traveling in crashed near Monaco. Reports in Ukrainian media have previously alleged that Taran, who was co-founder of trading and investment platform Libertex and foreign exchange trading group Forex Club.

Just last week, the founder of Hong Kong-based digital asset company Amber Group Tiantian Kullander died suddenly in his sleep. The 30-year-old had built the company into a $3 billion ‘fintech unicorn.’

A month before Kullander’s death, MakerDAO developer and crypto millionaire Nikolai Mushegian apparently drowned in Puerto Rico.

Back in July 2021, the crypto industry was rocked by the news that controversial Romanian crypto billionaire Mircea Popescu — also known as ‘the father of bitcoin toxicity‘ — had drowned in Costa Rica.

More details - https://protos.com/russian-billionaire-latest-crypto-tycoon-to-die-mysteriously/

And we have another case of popular application infected by our lovely XMR miner. This time it is Afterburner, one of favourite apps for GPU users. Overclocking, undervoltage and now additionally mining

More details: https://blog.cyble.com/2022/11/23/fake-msi-afterburner-sites-delivering-coin-miner/

What we may say? Always always use the producers website, never download applications from unknown/strange sources.

Hello

Recently I wanted to check how Bitcoin Core derivation path (BIP32) is different from other wallets (BIP39). I was also interested how to generate master private key. Reading bip32 specification (https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki#Specification_Key_derivation) we may find that master private key is clearly dependent on seed only, but the question is - what is seed?
Then I found the operations performed by method "sethdseed" (seed for HD wallet may be generated by program or may be 'injected' by user). (https://github.com/bitcoin-dot-org/developer.bitcoin.org/blob/master/reference/rpc/sethdseed.rst)
 And in fact I was very surprised to see that seed is nothing else that public key of (random/specified) private key:

Code:

CPubKey LegacyScriptPubKeyMan::GenerateNewSeed()
{
    assert(!m_storage.IsWalletFlagSet(WALLET_FLAG_DISABLE_PRIVATE_KEYS));
    CKey key;
    key.MakeNewKey(true);
    return DeriveNewSeed(key);
}

Code:

CPubKey LegacyScriptPubKeyMan::DeriveNewSeed(const CKey& key)
{
    int64_t nCreationTime = GetTime();
    CKeyMetadata metadata(nCreationTime);

    // calculate the seed
    CPubKey seed = key.GetPubKey();
    assert(key.VerifyPubKey(seed));
....

As we see, when seed is generated by program, a random private key (compressed) is created, so I assume public key used as a seed has form "02/03 + X". I do not know how it is when user provide uncompressed WIF to sethdseed command, but then HD seed would be "04 + X + Y".

My concern is: let's say seed is generated by program based on compressed key - does it mean that each Bitcoin Core HD wallet could be derived from a ECDSA256K1 public keys?

In other words, may we say that each seed has form 02/03+X? There is no HD wallet which seed is "12345abcabc"?

It looks like market was flooded by NFT books written by algorithm. Probably books were as good as the whole NFT thing ;-)
Look at a small research, is seems no one read that book before publishing

https://lcamtuf.substack.com/p/fake-books

On November 9, 2021, pursuant to a judicially authorized premises search warrant of Zhong’s Gainesville, Georgia, house, law enforcement seized approximately 50,676.17851897 Bitcoin, then valued at over $3.36 billion.
U.S. Attorney Damian Williams said: “James Zhong committed wire fraud over a decade ago when he stole approximately 50,000 Bitcoin from Silk Road.  For almost ten years, the whereabouts of this massive chunk of missing Bitcoin had ballooned into an over $3.3 billion mystery.  Thanks to state-of-the-art cryptocurrency tracing and good old-fashioned police work, law enforcement located and recovered this impressive cache of crime proceeds.  This case shows that we won’t stop following the money, no matter how expertly hidden, even to a circuit board in the bottom of a popcorn tin.”
In September 2012, ZHONG executed a scheme to defraud Silk Road of its money and property by (a) creating a string of approximately nine Silk Road accounts (the “Fraud Accounts”) in a manner designed to conceal his identity; (b) triggering over 140 transactions in rapid succession in order to trick Silk Road’s withdrawal-processing system into releasing approximately 50,000 Bitcoin from its Bitcoin-based payment system into ZHONG’s accounts; and (c) transferring this Bitcoin into a variety of separate addresses also under ZHONG’s control, all in a manner designed to prevent detection, conceal his identity and ownership, and obfuscate the Bitcoin’s source.
While executing the September 2012 fraud, ZHONG did not list any item or service for sale on Silk Road, nor did he buy any item or service on Silk Road.  ZHONG registered the accounts by providing the bare minimum of information required by Silk Road to create the account; the Fraud Accounts were merely a conduit for ZHONG to defraud Silk Road of Bitcoin.


More details: https://www.justice.gov/usao-sdny/pr/us-attorney-announces-historic-336-billion-cryptocurrency-seizure-and-conviction

Hello,

Being author of few programs for restoring partial WIFs or seeds, I am often contacted by people who claim to be owners of damaged paper wallets. In the most cases it is unfortunately not true - I do not know who is the source of that images, but it is surprising for me how that content is circulating and comes back to me (sometimes after several weeks/months). Each time another person assures me about authenticity of treasure and disappear after it appears to be a waste of time. There are always 1-2 photos (always the same) so it is not possible to ask for another photo, with a different angle etc.
I have decided to publish some of paper wallets/images which were sent to me more than 2-3 times and which appeared to be emptied log time ago or are forged - their authenticity cannot be confirmed by successful restoration. Maybe it will save other's time (and money).
In other words: if someone shows you one of these addresses (or try to sell them to you), you know it is not worth to work on it.

(moderator: I try to send each case as a separate post, please do not merge)