Obvious shill is obvious.

Some quick google-ing links this site to a scam. Again.. I wouldn't trust.

http://www.covers.com/postingforum/post01/showmessage.aspx?spt=12&sub=101361331

http://www.covers.tv/postingforum/post01/showmessage.aspx?spt=9&sub=101722008

I noticed I didn't get refund for some tourneys that didn't run today. Can you check this please? I never really know what my balance is, yet I have been in many tourneys that didn't run over last few months, so bit worried I'm missing more buy-ins :\

Playing this $200 GTD with 9 players, 5 players of Betcoin.. looking good! Great work guys.

On the other hand, the cold wallet / total investor balance is like 550 BTC. There could be easily a big investor that wants to deposit 550 BTC. If the deposit address is part of a hot wallet, the hot wallet could be the same amount as the cold wallet. Therefor to me it makes sense to make the deposit addresses cold? Perhaps with JD this was not the situation as I assume no deposit would cover the total invested amount.

I basically like the idea of "don't have more in the hot wallet than you can afford to lose from your own pockets" as site operator. So I personally think the deposit addresses must be cold then. I agree for instant withdrawals it will create a delay more often, but in theory it seems more safe to me.


Of course if someone has access to the server/hot wallet, they can probably change the deposit addresses too (even though you could make some checks or something for that.) So I am not sure how much it would really help in an actual attack (an attacker will probably sweep the hot wallet right away - not waiting for big deposit, while big deposits are sent to cold wallets right away.) But still I think it's little bit better

That is -very- interesting indeed. Just wondering how the $ and BTC works out.

edit: I see, automatic on register. $6.60 = 0.01124 (0.01124*645 = $7.25) That still bit much indeed. But the idea is really really great.. Good work !

You should make the backup of the QR/key on a computer or piece of paper, not on your Android phone because if you lose your phone it's still lost :p AFAIK, Titanium Backup makes a backup of your whole phone, that might be good, but not what I meant.

The key is a 16 character code, like "SYLC3WL6FV56YB6T". You could just write this on a piece of paper and make sure any thief (or even "friends") cannot easily get this. If your phone is lost, your 2FA will still work with this 16-character code (just add it on a new phone.)

The QR code is actually also your key with an easy link for your mobile to understand it. You could just right click on the QR code and "print it". Or you could save it on your computer. But obviously you shouldn't leave an image like that on your computer, because if your computer gets hacked, the hacker will probably have both your passwords and your 2FA codes. You would have to encrypt these specific images to make it password-protected (with a unique long password - not used anywhere else.) To be honest I am not an expert in that and I am not sure what program is best for that (especially since TrueCrypt is gone.)

Maybe someone else has a recommendation for the best way to encrypt a file on a computer? Is making a ZIP file with 7z with a long unique password with AES-256 "good enough"? Or better use a "real encryption" program?

There are many people having a look at the blockchain.info page of an address that big.

So these small amounts are just attention whores, beggars hoping some idiot donates to them, people advertising their crappy sites, some even linking to a scamming site, etc. Sometimes the messages are funny though.

Just BitStamp switching cold wallets (or actually refilling hot wallet with 3K btc it seems?)

I do agree picks should be posted in advance to make it more transparent. But can I post it with my SHA512 method? This way I don't have to show my picks in advance. And yet everyone can verify my picks and see the hash posted before the game, matches the pick that is later revealed (ill give easy instructions for that.)

Yes. You cannot see the key/QR after it's enabled for security reasons.

For example on an exchange or gambling site: if a hacker somehow hijacks your session, they will probably still need 2FA for any withdrawal (aka actually stealing your coins), so it would be a big problem if the key/QR is shown to them.

On most or all sites you should be able to easily disable 2FA with your current code. After you double-check it's really disabled, you can delete the specific account from your 2FA app. Then just enable it again with the new key/QR and make a (protected) backup of it.

Bitcoin address are no representation of site balances. Everyone knows that. Probably a difference is that many gambling sites uses hot deposit addresses while PRC uses cold addresses. IMO that is the reason why most gambling sites will remove the bitcoin right away to move them to a cold wallet. Using cold addresses as deposit addresses already, is -much- better IMO.

I just checked my nitrogensports depo address and it took them also 2 weeks to remove the btc from the address. I don't see the problem with it. It's just your depo address, my balance is on the site :\

Kyle. To me it seems you need a good sleep.

I barely know you, but this week you seemed to care about every satoshi you have, because obviously you don't have that much. You do not really think you just lost 1.8 btc out of no where from some deposits 1 WEEK ago, right? You think you wouldn't notice if your deposits of 1.8 btc weren't credited in the whole damn week?

According your chat, you are drunk right now and barely slept. Could it be that you are overlooking something or panicking because you would hoped you had more?

Sleep some. Let Dean mail you your depo/wd history + gambling profit and check it later. I agree there should be pages for that, and Dean knows that and will make that if he has time.


uvwvj, I think your message is def overreacting too. Dean holds 500+ coins, most of this in: https://blockchain.info/address/1FhxjhFb1YudGC1vtV4FuLpQc2uHzq3XFd He has been nothing but an honest guy in the 1+ year that I have spent on his website.

Thanks !

I guess as long as Betcoin verifies both sites, it should be ok. IMO in theory the best way would be this: make a "secret" word + your pick of the winner, then make a SHA512 of it. Post this before the game. After the game you post the "secret" so people can verify your pick, without knowing your pick in advance. Provably fair World Cup promotion But this might be too hard for some (actually there are online SHA512 generators, so this is really easy.) For example:

Post in advance:
BBB3DD45C01A91B2B724A6DC94DD304053918414F6CBB6B1EAAD7A371EABEC7C608FA66020A1711 C22621B1C704851BB3ADBF967945CA8BA6686F7274CA69A07

Afterwards:
gdq345gzfsGFDS45-IRAN

So my pick was "iran" and you can put "gdq345gzfsGFDS45-IRAN" in the online SHA512 generator to see the hash matches.



Also btw, Live betting is not allowed to get points right? Just saying before someone finds that as another trick to bet on a team as soon as they score etc. That would be bit easy to get points :p

Introducing Rebit.ph: Sending money to the Philippines using Bitcoin has never been more convenient or more affordable.
http://www.reddit.com/r/Bitcoin/comments/29g8zf/introducing_rebitph_sending_money_to_the/

- https://rebit.ph


Just to be clear: you can only use that to sell BTC to PHP. Seems decent priced. This is a website by http://bitmarket.ph


I am not related to any PH BTC site, but I like sharing news here

The way 2FA works is that your mobile phone and the forum have the same key. You are scanning the key with the QR code to import it into your mobile application (for example: Google Authenticator)

Some more background info:
For now I only implemented the "Time-based One-time Password Algorithm" (TOTP.) This algorithm uses the key and time to generate the digit code. This is why the device you use must have the correct time synchronized and also why Yubikey doesn't support it by default (Yubikey has no battery so no time.) There seems to be a application for Yubikey though btw: http://www.yubico.com/applications/internet-services/gmail/

Anyway, what you should -always- do with 2FA is make a backup of the KEY or the QR code, so:
- print the QR code or key (and secure it properly!)
- write the key down (and secure it properly!)
- save the QR/key on your computer but make sure to encrypt it very well (so.. secure it properly!)

With this QR/key you can just import it in your new phone if your old one gets lost. (obv after that you should disable/enable the 2FA again to generate a new key.)

At the 2FA setup page there will be a warning that says you can permanently lose access to your account if you don't make a backup. However in theory, like bluefirecorp said, you should be able to prove it by signing a message from a bitcoin address. But that depends on what policy theymos will use for that.



Theymos already gave some feedback on my modification and I will take a day or 2 to make some changes. After this I will publish the code in this thread so hopefully some more people can have a look at it. I made it like a "real SMF package" so it is very easy to install/test. Hopefully after that we can use it soon

Hey Stunna, just to let you know, I made a modification for 2FA support for this forums' version (SMF 1.1.19.) I just sent a PM to theymos with the details. I hope he can check it to see if it all works properly so it can be implemented soon

I assume it was a bigger ask order and a buyer bought it "almost".

Like 0.01 offer then someone bought 0.00999985 so there is 0.00000015 left. Then the 0.00 might be a rounding/display error. I assume the precision on the background is much bigger than 2 decimals.