[i]

Hello everyone.

Recently, I found a hard to swallow fact, or just a conspiracy (anyways, y'all can tell me better). I found some information concerning the Intel Management Engine (IME), basically a hardware device embedded to your mother board that allows backdoor attacks to be performed. Sorry for my poor description, but I am really not a specialist, so follows some videos I think are informative for this purpose: https://www.youtube.com/watch?v=HNwWQ9zGT-8, and https://www.youtube.com/watch?v=NwSm8GzqdBg. After some reading related to this issue, in what concerns securing your Private Master Key, I couldn't come to any conclusion. Some "specialists" say this IME can't do anything case your computer is off internet, others say it can store info in a cache for uploading it when internet connection available, others say it can keylog every keyboard entry, others say it may depends according to the computer brand, and others say ... So, the only "effective" solution I found, was to disable this IME directly in the hardware (https://www.youtube.com/watch?v=lQ8k79yNH2A).

My biggest concern about this issue, is on generating BIP39 mnemonics. Let's suppose you have a Seedsigner or a Krux, and thus you are allowed to perform transactions without ever connecting (unless for setting up the device) your Private Master Key to an online computer, and even to any computer with an IME. And that, you would like to (i) use another BIP39 seedphrase generator, or simply to (ii) measure the "quality" of your seedphrase (by measuring "quality", I am referring to inputting the seedphrase into another software, totally offline obviously, in order to measure how hard would be to crack the seedphrase).  In order to perform task (i) or (ii) you would need to input your seedphrase into a computer with, eventually, an IME embedded, and, possibly, having the risk or having your seedphrase captured. Even if you are on an offline setup, and you decide to use a virtual keyboard for typing your seedphrase, (if this IME is so powerful as some "specialists" say) which guarantee do you have that this IME wouldn't be storing your seedphrase in a cache for later uploading?

Is my reasoning right about this issue? Or am I just overreacting? If so, how would one person overcome the constraints imposed by this IME?

Thanks for the attention, and I am sorry for any misunderstanding in my writing.

Hello everyone.

I have a question about setting up an offline wallet containing the private key. After some duckduckgoing about techniques for securing my BTCs, I found a strategy based on maintaining two wallets, one for visualizing, and other for signing, transactions. In which the wallet for signing transactions should be maintained always offline, with the aim of avoiding any sort of capture of the Master Private Key from a hacker.

I "think" I applied this setup correctly, but I want to make sure if my reasoning is right. So, let me explain step by step what I did. In a Linux Tails, I booted the OS in offline mode, and then I generated my pass-and seed-phrases and created my electrum wallet applying a password for encrypting my electrum wallet file. Still in the offline mode, I got the Master Public Key (MPK), from the Electrum dashboard, and then I created another wallet with the recently obtained MPK, this is my visualization wallet. After that, I restarted the computer, and this time I load Tails with internet connection, and then I can watch any on-chain transactions made over my addresses.

If I load my computer allowing internet connection, and my wallet containing my Master Private Key is in this computer (even though encrypted by electrum), it means that my Master Private Key was, at least once, connected to the internet  . Is it right? My concern here is, even though I do not directly expose my Master Private Key to the internet, the fact of allowing my Master Private Key be present in a computer that had, or will have, access to the internet, already introduces a vector of attack. 

If this reasoning is right, so, does it mean I will need to have a computer (with no internet connection at all, never) only for signing my transactions?

Thanks for the attention, case there is any misleading point, let me know. Best regards.

Hello.

Beforehand I clearly state that I am not, by any means, promoting advertisements.

A few days ago, I found on reddit a post about Flash BTC transactions, what would be, according to the post, a strategy for transacting fake BTCs on-chain, in a way that the transacted BTCs could persist on-chain up to 6 months. After some hours, the post got banned  , no idea why  . That is the reason I am stating out loud I have involvement in any business related  .

Although I am new in the environment of BTCs, I do not think this thing of Flash BTC transaction is legit, AFAIK, once something is stored on the blockchain, it is stored forever. So, how could that be, that a transaction would be stored for only 6 months? I would like to hear some comments of those more experienced in the area. Because, although it may be only a scam, what would be some arguments for oppositely proving the impossibility of these Flash transactions?

Thanks and regards.

[W1]

Hello everyone.

I am trying to understand how to setup my multisig environment, and I am with some doubts about it. Beforehand, sorry for the naiveness and ignorance of my question, but I am still a newbie. So, I have two native wegwit wallets, let's call them:

• W1 with the MPK zpubW1; And
• W2 with the MPK zpubW2.

I was thinking in creating a new segwit wallet W3 with the MPK zpubW3, that would be my multisig wallet, and then I tried to do so by using Electrum 4.0.9. To do so, I followed the steps File > New/Restore >Type "W3" > Next > Multi-signature wallet > Next > 2 of 3 > I already have a seed > Type the W3 seed > Options: (Checkmark "Extend this seed with custom words"; Checkmark "BIP39 seed"; Ok) > Next > Type W3 seed extension > Choose "native segwit multisig (p2wsh)" > Choose derivation path "m/48'/0'/0'/2'" > Next > Copy the generated W3 Zpub > Next > Enter cosigner key > Type "zpubW1" > Next.

However, when entering the zpubW1 or zpubW2 in the cosigner MPK field, the message "Wrong key type p2wpkh" appears. So, after some hours of duckducking, I dicorevered that, actually, the multisig native segwit cosigner MPK must start with Zpub (upper case) rather than zpub (lower case), and that, in order to "convert" my zpub to a Zpub, I have to create a multisig native segwit wallet for each one of the cosigners, that is, I have to follow the aforementioned steps in the Electrum by using the wallets W1 and W2 respective seedphrases, then save the respectively generated Zpubs (let's name them as ZpubW1 and ZpubW2), and finally use these Zpubs as cosigners MPKs.

I am not sure if the above process is right, and, honestly speaking, it seems to be quite strange. Is this logic right? Why do I have to generate Zpubs for W1 and W2?

Thanks for the attention, and sorry for any crypto vocabulary misuse .