[Disclaimer]

Hello forum,

is there a thread anywhere where we keep track of users who constantly write posts just to reach the minimum quota required by signatures campaigns?

I 've noticed too many posts that don't add value at all, but just reproduce what's been said before.

I can give examples here, but I am sure there will be a relevant thread.

Disclaimer: english is not my native language and perhaps there is a specific word used for this phenomenon (just writing without valuable content), but since I don't know the word I didn't find it when I searched.

[Disclaimers:]

Service in review: Trêvoid's swap service

Disclaimers:
1. Everything you read below is no financial advice.
2. Everything you read below is my personal experience only and I face no consequences if your experience is not like mine.
3. I have used the service several times in the past 2 months.

How I found them
After eXch's official shutdown, I started looking for alternatives.
Luckily there are various websites that congregate privacy-focused options.
I don't exactly remember why, but I tried Godex, and it was a huge disaster for me.
So, after being sad and angry, I made a post in the Currency Exchange section, to exchange some XMR for BTC.
Trêvoid responded and this was our first deal.
We have conducted several deals ever since.

My experience with them
How it works:
I have tried exchanging 3 cryptocurrencies (XMR, ETH and BTC).
The way it worked was that I was contacting Trêvoid on the forum via PM, or in their SimpleX chat.
I was only telling them what currency I had, what currency I needed and how much I wanted to exchange.
Then, it took approximately 5 minutes to finish the swap.

What I like:
1. Trêvoid claims to be no-kyc. Well, it's absolutely true. I was never asked for any information, apart from my receiving address.
2. The speed and smoothness of the deals is outstanding. Literally, you just swap and leave.
3. Trêvoid provides a letter of guarantee!
4. Trêvoid is listed on kycnot.me.
5. Trêvoid supports monero.
6. The terms of service listed in their ANN is everything I am looking for.

Room for improvement:
1. The community needs to grow. In fact, Trêvoid's service has grown organically so far, which is good. It needs some more time and effort to become properly established.
2. The fee is flat at 5%. I would love to see a more flexible fee schema. Something more variable, depending on the coin etc. But to be fair, I accept paying 5% for my privacy!
3. I would definitely like to see Lightning support as well.

[Supported Coins]

Hello!

I wanted a multi-currency wallet because some people refuse to pay me in Bitcoin, so I need to accept more currencies.

I am surprised I couldn't see reviews for Cake Wallet.

I 've tried it for Monero (XMR) and Ethereum (ETH) and I kinda liked it. Now, I am at a point where I am asking the forum's reputable members to give me honest reviews about it.

I plan to edit the OP with details that will be discussed in this thread.

Supported Coins
Cake wallets supports the following coins, but it's not limited to them:

• Monero (XMR)
• Bitcoin (BTC)
• Ethereum (ETH)
• Litecoin (LTC)
• Bitcoin Cash (BCH)
• Polygon (POL)
• PTron (TRX)

Useful Information
Website | Github | Support Email

Is there a wallet software section in the altcoins board? If so, I could move it there, even though it supports Bitcoin as well.

We 've been discussing something in another thread and since I am not, by any means, a bitcoin contributor, I 'd like to ask the more technically savvy users about it.

What would it need to add Ring Signatures to Bitcoin?

Here is my approach, but of course, I guess it will be invalid.

Adding Ring Signatures to Bitcoin would require changes both in the Protocol and Consensus layers.

1. New opcodes will be needed to support ring signatures. I guess this needs a soft fork.
2. Any input will need to reference multiple UTXOs, because in ring signatures only one of the UTXOs is truly spent. I guess this needs a change in the consensus layer.
3. Changes in wallets to support this new update.

I don't have any other thoughts. What makes me sceptical though is:

a) what about the efficiency in terms of fees and speed?
b) could it be vulnerable to double-spending?
c) what about the transactions that have already been added to the blockchain?
 

[Mullvad VPN]

Disclaimer: I am using Windows for this tutorial, but it's identical on Linux and macOS.

Every beginner should know about the importance of verifying the origination of the software that we download.

Unlike the real world, where you can't be sure if something that you buy is genuine and you have to use experts to verify it, in the digital world we can verify ourselves everything that we download.

This is a super-quick guide, about verifying the software you download using Sparrow wallet.

Many beginners think about which wallet to use and many have downloaded Sparrow. Kudos! Sparrow is a great wallet. But, let's focus on a specific feature that it supports, which is (as you guessed) the feature to verify downloaded software.

I will download and verify Mullvad VPN. The process should work symmetrically for the great majority of software.

General info

This information is intended for the complete beginners and I will try to make it as easy as possible.

In cryptography, there are key-pairs (private & public).
The private key is used to sign a file to let the people who download it know that it's genuinely produced by the real creators. The private key, since it has the ability to sign and, therefore, make sensitive operations, needs to stay private.
On the other hand, the public key is used by the consumers, to verify that the file is indeed produced by the real creators. Since it's used by the consumers, it can be freely transferred between the producers and the consumers.

The signing process takes place using specific software which we don't need to cover in this tutorial, but the point is, that it generates a signature.

So, in order to verify that a software is indeed produced by the real developers, we need 3 things:
(a) the software itself, which in windows is normally a .exe file.
(b) the developer's public key, because it's essentially the proof of their identity.
(c) the signature, with which the developers prove that they have signed the original file.

It's worth noting that it's impossible to generate the same signature without having the private key, so if we have the real signature and public key, we can be sure that the file is indeed signed by the real people.

Specific process

Everything that we download here, make sure to save it in the Downloads folder. It's not mandatory, but it will help!

When you visit the Mullvad Download page, you will be presented with the following page:



Notice the 3 buttons I have included in the red circle. These buttons will provide us with the 3 things that we need (software, public key, signature).

Just click to download the software (the green button) and store it in the Downloads directory. The file should be named MullvadVPN-2025.5.exe or something similar.

Then, click on the GPG signature (the white button) and store it in the Downloads directory. The file should be named MullvadVPN-2025.5.exe.asc or something similar.

So, now we have the 2 out of the 3 needed things.

Let's click the "What is this" link, which will guide us here:



Click on the link, and it will start downloading the final piece, which is the public key. Store it in the Downloads directory. The file should be named mullvad-code-signing.asc or something similar.

Now, you have collected all the pieces of the puzzle. Congrats!

Open up Sparrow wallet and navigate to Tools -> Verify download.

You will be presented with this screen:



Just import the files, browsing your Downloads folder. You should see this:



Congratulations! Just go ahead and install the software!

[Disclaimer:]

Disclaimer:

I was doing an experiment and I have a question that I wasn't able to answer myself.

I will post some real data here (but not private keys etc). I will definitely not be using the wallet in the future.

The experiment:

I have a fully airgaped computer, where I installed Bitcoin Core and I created a wallet.

I got an address from there bc1qfrmthac4es7fpw5yhl7cu9kvedsgj7levwxv5g and sent some sats there.

I then stored the encrypted wallet.dat in another usb stick for backup.

I also got the descriptors of the wallet using the command listdescriptors:

Code:

> listdescriptors

{
   ...
   "desc": "wpkh([6ac77e84/84h/0h/0h]xpub6D9yC3ibKEDbLjV8fcF1AmQyBXuKErT13KeW4cVTqS7e6XmaoEMzJeU1gyHUUHwMx5F6utw4VkSB416rXrPCgRi1tLWxSHbZoWjv281oEKc/0/*)#hrntfr65"
   "internal": false
   ...
},
{
   ...
   "desc": "wpkh([6ac77e84/84h/0h/0h]xpub6D9yC3ibKEDbLjV8fcF1AmQyBXuKErT13KeW4cVTqS7e6XmaoEMzJeU1gyHUUHwMx5F6utw4VkSB416rXrPCgRi1tLWxSHbZoWjv281oEKc/1/*)#xhk25k2v"
   "internal": true
   ...
}

Then, I decided, to import the descriptors on Sparrow wallet to see if I would be able to create a simple watch-only wallet.

Sparrow didn't let me import two descriptors on the same wallet, so I had to google it and someone suggested to import the descriptor like this:

Code:

wpkh([6ac77e84/84h/0h/0h]xpub6D9yC3ibKEDbLjV8fcF1AmQyBXuKErT13KeW4cVTqS7e6XmaoEMzJeU1gyHUUHwMx5F6utw4VkSB416rXrPCgRi1tLWxSHbZoWjv281oEKc/<0;1>/*)

Notice the <0;1> in the path, which I suspect is to get both receiving and change addresses.

To my surprise, it looked like it worked perfectly, but...

I decided to import the descriptors on my full node (bitcoin core) to create a watch-only wallet there too, so I did:

Code:

> importdescriptors "[{\"desc\": \"wpkh([6ac77e84/84h/0h/0h]xpub6D9yC3ibKEDbLjV8fcF1AmQyBXuKErT13KeW4cVTqS7e6XmaoEMzJeU1gyHUUHwMx5F6utw4VkSB416rXrPCgRi1tLWxSHbZoWjv281oEKc/0/*)#hrntfr65\", \"range\": [0, 999], \"timestamp\": 1746528820, \"internal\": false, \"watchonly\": true, \"active\": true}]"

> importdescriptors "[{\"desc\": \"wpkh([6ac77e84/84h/0h/0h]xpub6D9yC3ibKEDbLjV8fcF1AmQyBXuKErT13KeW4cVTqS7e6XmaoEMzJeU1gyHUUHwMx5F6utw4VkSB416rXrPCgRi1tLWxSHbZoWjv281oEKc/1/*)#xhk25k2v\", \"range\": [0, 999], \"timestamp\": 1746528820, \"internal\": true, \"watchonly\": true, \"active\": true}]"

The "strange" result:

In Bitcoin Core, it looks like my addresses (when I click to generate a new address) are correct, but it generates the Receive addresses that Sparrow considers to be the Change addresses.

In simpler terms, it looks like:

Bitcoin Core -> Receive Address = Sparrow -> Change Address

My question:

Even though the answer may be the simplest one, like that I have confused the descriptors when importing them, or that Sparrow doesn't work well with the <0;1>, I would like to ask for a clear justification.

[I am using:]

I used Ninjastic to see if there are relevant posts, but I found some very old ones, so I created a new thread.

I thought the Service Discussion board was a good fit, but if not, I can move it elsewhere.

I am using:
1. Firefox with Ad Blockers.
2. Tor.
3. For a search engine, I am using DuckDuckGo.

My main concerns to opt for a browser are:
(a) no ads
(b) as less third-party cookies as possible
(c) HTTPS-Only Mode should exist at least as an option
(d) good protection against fingerprinting

Some good ones I 've heard of but haven't used:

• Brave
• DuckDuckGo browser
• Librewolf

I think it all comes down to sacrificing one feature for another. It's evident that security & privacy frequently sacrifice speed and convenience and vice-versa.

I 've seen multiple suggestions over the internet about which browser is best to use. I am curious to know your thoughts. I 'd like you to provide some concise reasoning behind your suggestions.

[Have:]

Have: XMR
Want: 0.004BTC

The XMR that I will send will be calculated using coingecko: https://www.coingecko.com/en/coins/monero/btc

Rules:
1. If I send first: I will send the amount at the exact exchange rate and you must be a well-established and reputed member of the forum. I have the option to select who I will trade with.
2. If you send first: I will send the amount with an additional 3% premium and I still have the option to select who I will trade with.

Extra Rules:
1. Please don't suggest services, I will only do P2P.
2. The trading details (addresses etc.) will take place via PM.

[EDIT:]

EDIT: I created a flag against Godex_io. For additional info, please follow along with the rest of the thread.



Hi all!

My story

I am all-in towards privacy and my exchanges always take place in various services and apps that are censorship resistant.

After eXch shut down, I needed to use another service to convert one of my UTXOs into XMR.

I decided to use Godex.io, in order to do my job, since it was supposed to be KYC-free.

As a result, my coins are locked there and they require me to send them:
a) a picture of me holding my ID card.
b) a picture of me holding a piece of paper that has the phrase "Godex" written upon it and the current date.

The "fun" part is that they don't refund me my money without giving them my personal information.

I am obviously not going to share my info with an unregulated exchange.

I am thinking about going legally against them, but they are based in the Seychelles, so it seems to me that I will most likely lose time and money to do it.

Nervermind...

Conclusion
1. Be careful who you trust. Even if the service is non-KYC, or is supposed to be a DEX, be careful. When you send your funds to a service in order to be exchanged, mixed or whatever, you lose (hopefully temporarily) the custody of the funds. Never forget this.

2. Prefer to use Bisq, or other services where custody remains under your control, or, at least it's not transferred entirely to a third party.

3. LoyceV said it perfectly here, and I support this:

I'm (up to some point) okay with centralized but well-known and regulated services (be it casinos or exchanges) that require KYC. I'm also okay with completely anonymous but trusted services that don't ask for any personal data.
Problems start when unregulated exchangers demand personal data after depositing, which many exchangers seem to do. We need more trusted exchangers, not less.

[Should -dbcache be set to a value divisible by 1024?]

I saw this in another thread and I decided to post a clarification.

Code:

dbcache=5120

5120 seems to be reasonable size as ^firstly it is divisible by 1024 ^{otherwise RAM might be used inefficiently} and ^secondly it is slightly more than 1/4 RAM which left the space for other OS operation.However, if the system isn't heavily used for other tasks it's safe to allocate more memory to dbcache. In such cases, increasing it to 1/2 ^{dbcache = 8192} or even 3/4 ^{dbcache = 12288} of RAM might improve performance. User should test what is the best option for him.

Should -dbcache be set to a value divisible by 1024?

It's a very normal misconception and I thought I should clear it out. Because trying to put a number that's divisible by 1024 is wrong.

There is actually no problem at all, setting the -dbcache to any integer value. You can put -dbcache=8000 or -dbcache=8192, it won't make a difference.

Memory is broken into pages which are normally 4 KiB each. This happens because any program that requests memory won't get a big continuous block, but smaller 4 KiB chunks for memory.

When we say to Bitcoin Core that we need 8000 MiB, it will do the following:

8000 MiB = 8,388,608,000 bytes
4 KiB = 4096 bytes

So there will be 8,388,608,000 / 4096 = 2,048,000 pages of memory allocated for Bitcoin Core.

Let's also explain mathematically why any number that you put as dbcache won't cause a problem

dbcache is an integer and it's measured in MiB (mebibytes).

1 MiB = 1,048,576 bytes = 2^20 bytes.

Every page in memory is 4 KiB = 4096 bytes = 2^12 bytes.

Since 2^20 / 2^12 = 2^8 = 256, it means that 1 MiB = 256 pages of 4 KiB each.

So, go ahead and try it. Put any integer for -dbcache. Let's say you pick n.

Then, the number of pages will be n MiB = n * 1,048,576 bytes. Since 1,048,576 is divisible by 4096, then any n that you choose, the divisibility will be preserved.

To conclude, use any number for -dbcache, without worrying.

About the proper dbcache size, there is a good read here: https://blog.lopp.net/effects-dbcache-size-bitcoin-node-sync-speed/, but in general I agree with satscraper.

Συγγραφέας: fillippone
Αρχικό post: There are 2^256 private keys out there: how big is that number?


Χθές, όσο πλοηγούμουν στο διαδίκτυο και βυθιζόμουν στην λαγουδότρυπα του Bitcoin, έπεσε το μάτι μου στο περίφημο site keys.lol.

https://keys.lol
(Προσοχή: το site αυτό μπορεί να σπαταλήσει πολύ από το χρόνο σας!)

Ουσιαστικά, πρόκειται για ένα site που δημιουργεί τυχαία 128 ιδιωτικά κλειδιά σε κάθε σελίδα και μετά ελέγχει το υπόλοιπο των διευθύνσεων (συμπιεσμένων και ασυμπίεστων) που αυτά τα κλειδιά δημιουργούν, αναφέροντας όσες διευθύνσεις πιθανόν να έχουν θετικό υπόλοιπο ή παλαιότερες συναλλαγές.

Απίστευτό;!

Αν βρεις θετικό υπόλοιπο σε αυτές τις σελίδες, ουσιαστικά σου ανήκουν τα ιδιωτικά κλειδιά και, κατ' επέκταση, είσαι δικαιωματικά ιδιοκτήτης αυτού του υπολοίπου και τίποτα δεν σου απαγορεύει να το μεταφέρεις στο δικό σου πορτοφόλι.

Πέρασα μερικές ώρες στο site αυτό, δημιουργώντας χιλιάδες ιδιωτικά κλειδιά, χωρίς φυσικά να βρω τίποτα, ούτε μια χρησιμοποιημένη διεύθυνση, πολλώ δε μάλλον μια που να έχει και υπόλοιπο.

Έπειτα, άρχισα να σκέφρομαι ότι θα μπορούσα να μηχανευτώ μια διαδικασία, και μιλώντας με μερικούς συμφορουμίτες, πίστευα οτι θα μπορούσαμε να φτιάξουμε ένα script που να δημιουργεί ιδιωτικά κλειδιά, μετά να ρωτάει το δικό μου bitcoin node για το υπόλοιπο σε αυτές τις διευθύνσεις και, τελικά να μεταφέρει οποιοδήποτε ποσό στο πορτοφόλι μου.

Ήξερα από την αρχή ότι οι πιθανότητες να βρω κάτι ήταν ελάχιστες, αλλά ήθελα να το δοκιμάσω επειδή ψάχνοντας για διευθύνσεις και μη βρίσκοντας τίποτα, μπορούσε να με βοηθήσει να σιγουρευτώ ότι κανείς δεν θα μπορούσε να κάνει το ίδιο με το δικό μου bitcoin, το οποίο με τόσο ζήλο κρατούσα στο αποσυνδεδεμένο από το internet πορτοφόλι μου.

Όσο περίμενα τον @babo να μου γνωστοποιήσει το script, σκέφτηκα "o Fillippone είναι απλώς ένα πιόνι στο παιχνίδι της ζωής"... πως γίνεται κανείς να μην το είχε ήδη σκεφτεί;

Πίσω στη λαγουδότρυπα, σύντομα ανακάλυψα το Large Bitcoin Collider.

https://lbc.cryptoguru.org/about

Ουάου, αυτό είναι ένα σοβαρό project.
Oυσιαστικά χιλιάδες κατανεμημένοι servers δημιουργούν και ελέγχουν 26 τρισεκατομμύρια (!!!) ιδιωτικά κλειδιά σε καθημερινή βάση.
Σε βάθος τριών ετών, κατάφεραν να βρουν 7 ιδιωτικά κλειδιά. Είναι πολλά! Υπέθετα ότι οι πιθανότητες θα ήταν πολύ μικρότερες, αλλά προφανώς υπήρχε κάποιο bug σε κάποιο πορτοφόλι που χρησιμοποιούσε κάποια εσφαλμένη γεννήτρια τυχαίων αριθμών για να δημιουργήσει κλειδιά. (Περισσότερη έρευνα χρειάζεται για αυτό!)

Ας δούμε σύντομα κάποιους αριθμούς:
Αριθμός από πιθανά ιδιωτικά κλειδιά: 2^256 ή αλλιώς περίπου 10^77
Αριθμός από διευθύνσεις: 2^160
Αριθμός από ιδιωτικά κλειδιά που ελέγχθηκαν από τον Bitcoin Collider: 2^160
Αριθμός ατόμων στο σύμπαν: 10^78 εώς 10^82
Αριθμός από χρησιμοποιημένες διευθύνσεις: 18.000.000

Ο αριθμός των ιδιωτικών κλειδιών που ΠΡΑΓΜΑΤΙΚΑ είναι πιθανά, είναι ελαφρώς μικρότερος από 2^256, όπως εξηγείται και καλύτερα εδώ.

Ας δούμε κάποια παραδείγματα.

• Ας υποθέσουμε ότι έχουμε ένα δισεκατομμύριο ενεργές διευθύνσεις, κάθε μια από τις οποίες έχει θετικό υπόλοιπο: ξέρουμε ότι αυτό αποτελεί έναν αριθμό περίπου 10^3 φορές μεγαλύτερο από τον πραγματικό αριθμό.
  Πιθανόν ο αριθμός των ατόμων στο σύμπαν είναι 10^3 φορλες μεγαλύτερος από τον αριθμό των διευθύνσεων, οπότε είναι δίκαιο να πούμε ότι το να βρούμε ένα ιδιωτικό κλειδί με θετικό υπόλοιπο είναι περίπου όμοιο σε δυσκολία με το να βρούμε ένα συγκεκριμένο άτομο σε όλο το ορατό σύμπαν.
  Πόσο μεγάλο νούμερο είναι το ένα δισεκατομμύριο άτομα; Σύμφωνα με αυτήν την απάντηση από το Quora, είναι μικρότερο από τον αριθμό των E.Coli βακτηρίων. Οπότε ας υποθέσουμε ότι παίρνουμε αυτά τα βακτήρια, τα εναποθέτουμε στο σύμπαν και προσπαθούμε να βρούμε ένα συγκεκριμένο από αυτά. Αδύνατο θα έλεγα, έτσι δεν είναι;
  
• Το δεύτερο παράδειγμα είναι σε αυτό το site. Aς υποθέσουμε ότι θέλουμε να σκανάρουμε όλα τα ιδιωτικά κλειδιά ψάχνοντας για κάποιο θετικό υπόλοιπο και ας υποθέσουμε ότι κάθε κάτοικος του πλανήτη μας κάνει την ίδια δουλειά, έχοντας ταχύτητα ένα δισεκατομμύρια φορές μεγαλύτερη από την διπλάσια ταχύτητα της τρέχουσας υπολογιστικής ισχύος ολόκληρου του δικτύου του Bitcoin, οπότε:
  * 10 δισεκατομμύρια άνθρωποι
  * επί 1 δισεκατομμύριο
  * επί δυο φορές την ταχύτητα του δικτύου του Bitcoin, περίπου 100 χιλιάδες terahash ανά δευτερόλεπτο;
  έχουμε: 1,000,000,000,000*1,000,000,000*100,000*100,0000,000,000 = 10^10*10^9*10^5*10^12 = 10^36
  Για απλότητα, ας στρογγυλοποήσουμε ‘115,792,089,237,316,195,423,570,985,008,687,907,852,837,564,279,074,904,382,605,163,141,518,161,494,336’ σε 10^77, και λάβαμε αυτό, αν ψάχναμε για ένα ιδιωτικό κλειδί με θετικό υπόλοιπο, θα μας έπαιρνε περίποτ 10^77/10^36 = 10^41 δευτερόλεπτα. Πόσα χρόνια είναι αυτό;
  Δεδομένου ότι υπάρχουν 31557600 δευτερόλεπτα σε έναν χρόνο, αναλογεί περίπου με 10^41/31557600 = 31^33 χρόνια, δηλαδή χοντρικά 10^23 φορές την ηλικία του σύμπαντος (σήμερα εκτιμάται σε 13.82 δις χρόνια), ή αλλιώς συνοπτικά 100,000,000,000,000,000,000,000, δηλαδή 100 δις δις φορές την ηλικία του σύμπαντος.
  
• Αυτό το βίντεο δείχνει πόσο πραγματικά ασφαλής είναι ο αλγόριθμος SHA256.
   https://youtu.be/S9JGmA5_unY
  
• Όλα τα άνωθι παραδείγματα δεν έλαβαν καθόλου υπόψη το ενεργειακό κόστος που απαιτείται για αυτούς τους υπολογισμούς. Φυσικά όλες αυτές οι πολύ ισχυρές μηχανές χρειάζονται κάποια ενέργεια για να λειτουργήσουν. Πόση ενέργεια; Ας πούμε, πολλή ενέργεια, σύμφωνα με το κάτωθι:
  
  
  
  Σύνδεσμος στο Reddit
  

Άλλα παραδείγματα για το πόσο χρόνο θα έπαινε να βρούμε ένα ιδιωτικό κλειδί:

• Reddit: Time and energy required to brute-force a AES-256 encryption
  

Περαιτέρω πηγές:

• This Bitcointalk thread on possible number of bitcoin addresses
  
• Mastering Bitcoin: Keys, Addresses
  

Άλλοι εξαιρετικά μεγάλοι αριθμοί:

• 52!:It Starts with a Simple Deck of Playing Cards
  

Αυτά αποτελούν μόνο μερικά παραδείγματα, αν έχετε οποιοδήποτε άλλο σχόλιο ή πηγή, μην διστάσετε να το γράψετε παρακάτω και θα το προσθέσω στη λίστα.

[Question:]

I was reading the Comparing Inheritance Services thread and I 'd like to focus on Casa for some questions.

Disclaimer: I don't use a collaborative custody service. I am doing my own custody. I am just focusing on Casa because I was listening to a podcase lately and it was about this service, but the other ones may be similar.

So, Casa has 3 plans: Standard, Premium and Private Client.

The differences are outlined in the following screenshot:



For the Standard and Premium tiers, Casa suggests a 2-of-3 and a 3-of-5 respectively. In both tiers, Casa holds a single key, meaning that in the 2-of-3 you need to store 2 keys on your own and in the 3-of-5 you need to store 4 keys.

They suggest having a phone key in both setups. So from the 3 keys in the 2-of-3, one key is a hot key, one is owned by Casa and the last one can be a hardware airgapped key.

Question:
What I find awkward is:
1. The hot key, even though it's just one of the 3 (or 5) keys and losing it can't cause you any damage, I consider it to be a bad idea.
2. The hot key is encrypted and backed-up in the cloud (icloud, google cloud etc). I consider this a very bad idea as well. The counter-argument is that it's getting almost impossible to lose, but anyways, I dislike it.

What are your thoughts? Am I paranoid for thinking the above strategy is bad?

I consider Jameson Lopp a very reputable Bitcoiner and a good security guy, so I am certain he's scrutinized all aspects of their products, but again... something doesn't feel ok with it.

[Subject 1:]

Hello,

With this post I 'd like to address two things.

Subject 1: I don't use Telegram for trading

I was approached outside the forum by someone on Telegram to do trading.
Two weeks later I was approached by someone via email, telling me that someone with the username apogio-bitcointalk contacted them to do trading on Telegram.

Hereby, I announce that I don't use Telegram for any other reason apart from the bitcointalk notification bot. Anyone who contacts you on Telegram claiming to be me, is an imposter.

Subject 2: I will never ask for a loan

I will not, under any circumstances, ask for a loan in this forum.


If you are in doubt, always validate that it was indeed I who contacted you.
Luckily, we have the necessary tools to do that.
Always ask for signed messages from this key: https://bitcointalk.org/index.php?topic=1159946.msg65217183#msg65217183

I need 200 TRX on TRON.

I will add a 2% premium on the price that we get here: https://www.coingecko.com/en/coins/tron/btc

I will send first if you are a reputable member.

[Background:]

Background:
I 've already implemented BASH21 - A simple BASH paper wallet generator.

Yesterday, I wanted to see what would be the easiest way to generate a paper wallet on a GUI less linux machine.

Prerequisites:
1. Any machine running linux offline.
2. An internet connected computer.
3. A usb.

Preparation:
1. On your internet connected computer, download libbitcoin-explorer from here: https://github.com/libbitcoin/libbitcoin-explorer/releases/download/v2.2.0/bx-linux-x64-mainnet. Obviously, you can build it from scratch, but this wouldn't be the easiest way. You can also verify the binary file, which is, for me, a mandatory step.

2. Put the binary in the USB.

3. Turn on the offline Linux machine and put on the USB.

4. Open up a terminal.

5. Mount the USB.

Code:

lsblk

This will return something like:

Code:

NAME        MAJ:MIN RM  SIZE RO TYPE MOUNTPOINTS
...
sdb           8:16   0  14.8G  0 disk
`-sdb1      8:17   0  14.8G  0 part
...

So we need to mount the USB from our /dev/sdb1 onto our file system's mount-point.

Let's create the mount-point and mount the USB there.

Code:

sudo mkdir -p /media/mount-usb
sudo mount /dev/sdb1 /media/mount-usb

6. We need to copy the binary from the USB to our filesystem, let's say onto ~/easy-paper/. We 'll also change the name to a simple bx.

Code:

sudo mv /media/mount-usb/bx-linux-x64-mainnet ~/easy-paper/bx

7. Let's make it executable.

Code:

cd ~/easy-paper
chmod u+x bx

Actual Wallet Creation:

Code:

openssl rand -hex 32 | ./bx ec-new | ./bx ec-to-wif | tee /dev/tty | ./bx wif-to-public | ./bx ec-to-address

The output will look like this:

Code:

L2pUQKGAaqZuMoU77kZpLyeM5cpM4Z6x2tFFUkuxLDzEACrrKZDS
1NhDJheRUGH3RgYYvQAajbRuv6kVBryjq7

This is my first not bitcoin-related topic.

I 've had small issues in the past year. My mind was suffering from strange thoughts. To avoid any confusion, I am not talking about self-harming or anything like that. I don't really know how to explain what I am talking about, so I will try to picture it for you.

I am talking about shallow interactions, where someone's ass is more important than their soul.
I am talking about posting how happy everyone is on social media, but crying when their camera is off.
I am talking about people sitting next to each other, being lost in their mobile screens, barely talking to each other.
I am talking about not flirting face-to-face, but instead sending friend requests on social media, trying to look cool to impress the other part, who is doing the exact same thing.

To be honest, I am not in a bad personal situation. On the opposite, I am very good with myself. I am regularly doing psychotherapy where I have the chance to discuss everything that bothers me. I am also kinda older now, which means I have made most of the important decisions someone has to make in their lives.

But I want to listen to you.
Tell me, do you see the situation getting any better?
Or, do we need to adapt to the new reality?

I recently asked for tBTC and achow101 sent me some. I will return the coins to achow101.

But, simultaneously, I was given a big amount (unecessarily big for testing) by a good friend and I don't need them anymore. I could send them back, but he doesn't need them.

The reason for owning testnet coins is to actually use them for development, which I won't do very soon, so there is no need for me to keep them!

Please fill the following form:

Code:

Address: <your address>
Reason: <optional reason, but the better and more detailed the reason, the more coins I will send for testing purposes>

Hi, I 'd like to exchange 50,000 sats for XMR.

Exch gives me 0.215 XMR.

I 'd like to get 0.23 for my 50,000 sats.

Rules:
1. If the price changes, I 'll re-adjsut the amounts.
2. If you are a reputable member, I am sending first, otherwise you send first.

I am not "low-balling", I just wanna get the best deal because I need more XMR these days.

[So I want to sell 800 pi coins for 1000 USDT on Ethereum.]

A very good friend of mine has Pi coins.

He asked me to help him sell them pre main net.

I will handle the deal for him.

So I want to sell 800 pi coins for 1000 USDT on Ethereum.

I will send the Pi first if you are a highly trusted member, otherwise you will send the USDT first.

I don’t know exactly how it works, but I think since it’s not yet traded on CEXs, you must download their native app.

Anyway, let me know if interested.

[It looks like Justian1993 has paid santosmichael in the past. This proves a connection between the two accounts. It was 2624 days ago, which, as you guessed, was in November 2017.]

[read till the end, as the proof is there]

I 'd like to report 4 suspicious accounts that seem to belong to the same person.

So here are the accounts:

Justian1993
santosmichael
shade jenn
liemfrans

All the accounts share the same signature, which by definition isn't bad, but they promote something that looks suspicious (a social media website).

All the accounts were created in 2017, with 3 out of the 4 being created the exact same day (14 November 2017).



Here is a screenshot that looks very suspicious to me, where all of these people posted in the same thread today:





Finally and most importantly! Justian1993 has an Ethereum address in their profile and santosmichael has one as well. Here is a transaction between the 2 addresses:




It looks like Justian1993 has paid santosmichael in the past. This proves a connection between the two accounts. It was 2624 days ago, which, as you guessed, was in November 2017.