|
I'm saving bitcoin for retirement and will not move my coins for 20 years. You've just stolen my money.
I've timelocked some bitcoin for 21 years as an inheritance for a new family member. You've just stolen my money.
I'm a political dissident who has been detained without trial by a dictatorship for 15 years. You've just stolen my money.
I've been sent to jail for non-violent victimless crimes for 10 years. You've just stolen my money.
I've been working in another country for 10 years with some wallets safely stored at my parent's/other family member's house which I have not accessed. You've just stolen my money.
There are a hundred other reasons someone might not move their coins for 10 years. That does not give you the right to steal them.
And that's without even touching on the crazy idea of implementing a system which allows coins to be moved with providing a signature.
|
|
|
|
You should get that error when you don't have enough fund to increase the fee to the amount you want. Just to note, you only get this error if you have chosen the "Preserve payment" option from the drop down box, since Electrum will not reduce the final output amounts in order to contribute more to the fee. If you don't have an additional output in your wallet to contribute more fees to your RBF transaction, then you can change the drop down box to "Decrease payment" and it will reduce your outputs and increase your fee using the same inputs. |
|
|
|
Would you agree if I say that Binance will end and CZ will go to prison on 2024? Probably not. It wouldn't surprise me at all if Binance collapsed at any point. We already know they are running fractional reserve and they mint their centralized shitcoins out of thin air to fund their ongoing operations. Just like Celsius, BlockFi, Voyager, FTX, and dozens more, they will continue to operate and claim everything is absolutely fine until suddenly suspending all withdrawals. This could happen at any time. I think it's highly unlikely that CZ will go to jail, though. I mean, Mashinsky still isn't in jail a year on from Celsius's collapse, despite mountains of evidence of him committing outright fraud.
You mean Celsius, right? Yes, lol. There have just been so many centralized exchanges collapse that it is hard to keep track of them all.  |
|
|
|
Since I am dealing with a 2 of 3 multisig setup, I would like to perform this input/output test over my three wallets, which would require at least 4 on-chain transactions, for instance: What you have written here is wrong. All three of your multi-sig wallets (MW1, MW2, and MW3) should display the exact same addresses in the exact same order. This is the essence of a multi-sig set up. Each wallet generates the same addresses, but each wallet only holds one private key, so you need at least two wallets to fully sign a transactions. If you are seeing different addresses in each of your multi-sig wallets, then you have done something wrong. To do a test transaction, you should simply send a small amount of sats to the first address. That transaction should then be visible in all three of your multi-sig wallets, since they all contain the same addresses. Furthermore, what happens if I send a wrongly signed transaction? In any scenario, an incorrectly or incompletely signed transaction will be rejected by the network, and so the coins will not move and you will pay no fees. |
|
|
|
I tried, but got different numbers. How did you calculate this? Those two particular examples I simply lifted from page 8 of the the whitepaper. For q=0.3 (an attacker with 30% of the hashrate), the probability (P) they overturn 10 confirmations (z=10) is 0.0416605, which is 4.16605%. The equation itself is also given in the whitepaper, but rather than calculate it manually you can just plug your numbers in here: https://web.archive.org/web/20181231045818/https://people.xiph.org/~greg/attack_success.html |
|
|
|
|
That's correct.
So open Electrum and create a new wallet.
Select "Multi-signature wallet".
Select 2 signatures from 3 cosigners.
Select "Create a new seed".
Back up the seed phrase it generates on paper.
Extend the seed phrase with custom words if you so choose.
Confirm the seed phrase.
Copy the Zpub, which you will call ZpubW1.
This is as far as you can get with the first wallet for now. For the next steps, you need to choose "Enter cosigner key" and then enter ZpubW2 and ZpubW3.
So now you have two options. If you are doing all of this on a single device (which as I explained above is not the best idea), you can save that Zpub electronically (with the associated seed phrase +/- custom words written down on paper), close Electrum, and repeat the process twice more so you have three seed phrases and three Zpubs. Once you have three seed phrases and three Zpubs, you can again follow the steps above to create each multi-sig wallet, using one seed phrase and the other two Zpubs each time. Alternatively, if you are doing this on different devices, you can just leave Electrum open at the screen asking for your cosigner key, repeat the process on your other two devices, and then transfer the Zpubs from each wallet to the other devices in order to create the multi-sig wallets.
If you want three wallets, each with a single set of private keys, then you need the following:
MW1 needs Seed Phrase 1 and ZpubW2 and ZpubW3
MW2 needs Seed Phrase 2 and ZpubW1 and ZpubW3
MW3 needs Seed Phrase 3 and ZpubW1 and ZpubW2
|
|
|
|
I understand that this option has a lot of extra steps, but still, it can be applied. Is not it? If you substitute Binance for peer to peer trading via somewhere like Bisq or Agoradesk, then yes, you can apply this method. There is exactly zero point in trying to obtain any shred of privacy while using Binance. Even if you don't complete KYC, they are tracking everything from your IP address to your browser fingerprint and paying multiple blockchain analysis firms to trace your deposits and withdrawals. |
|
|
|
I am not sure if the above process is right, and, honestly speaking, it seems to be quite strange. Is this logic right? Why do I have to generate Zpubs for W1 and W2? You are mostly correct. You cannot (or rather, you can but only with a lot of difficulty, and therefore should not) use the seed phrase or xpub/zpub from a standard single signature Electrum wallet to generate a multi-sig wallet. If you want a 2-of-3 multi-sig, then you need to create three new multi-sig wallets, have each one generate a new seed phrase, and export the Zpubs from each one. You should also try to do this on different devices - if you set up the multi-sig on a single device then you still have a single point of failure (the device itself). Thanks for the answer. So, if I want to sign a transaction from my W3 (multisig wallet), can I simply do it by signing the transaction with the private keys of W2 and W3? Or is there also another step? If W2 is a standard single signature wallet, then no, it will not be that simple. This is why I said above you should not do this, because you will run in to significant problems trying to access your coins. You need to set up three new wallets, each of which is a multi-sig wallet. Could you cite such tools? Here is one such tool: https://jlopp.github.io/xpub-converter/. Once again though, if you convert your zpub to a Zpub in order to create a multi-sig wallet, you will not actually be able to sign any transactions or access any coins in that wallet without significant difficulty. You should instead create three new multi-sig wallets. |
|
|
|
Binance are banned from multiple countries and jurisdictions. "It's just FUD." Binance top execs quit. "It's just FUD." Binance have to fire over 1,000 employees. "It's just FUD." Binance are caught running fractional reserve and have to shut down withdrawals. "It's just FUD." Don't worry. It's just FUD. Leave your coins on Binance. I'm sure it will all be fine!  |
|
|
|
None, zkSNACKs purchases info from blockchain companies, zkSNACKs cannot sell any info to them because Wasabi is purposely designed not to reveal any data about its users.
Hmm, sounds interesting  This is not news. We've known for a long time this is exactly what Wasabi are doing - directly funding blockchain analysis companies with the fees that you pay for coinjoining through Wasabi. Isn't it fun paying for the privilege of being spied on and censored!? You try to register an input for coinjoin, Wasabi hand that input over to Coinfirm and ask them for all the dirt they have on your input, and then decide whether or not you are allowed to spend your coins in the way that you want. If you are not allowed, they won't tell you why, of course. Just like Satoshi envisioned! No third parties, except for ones who will censor you and charge you a fee for doing so! |
|
|
|
-snip- If you are happy to swap bitcoin in to another coin, then there is no reason not to use monero. You don't need to deposit your bitcoin in to some custodian's wallet, you don't need to deal with centralized tokens and IOUs, and you don't need to use things like wBTC which are not private at all and easily traced. Just swap to monero, move the monero around, and then use a different service to swap back in different amounts. Far easier and far better privacy than anything you can do with wBTC. |
|
|
|
The only point of failure comes when the user is actually transacting with the X1 Vault and the card. Even in that case, the private key only exists in the temporary memory during transaction signing Which remains a single point of failure, so to claim there is no single point of failure is incorrect. Also in most multisig wallet cases, if a single user is operating it, whether we like it or not, the user is using 2 wallets at the same time at the same place which defeats the purpose of multisig. A multi-sig option at least has the option to use the wallets at different times in different places. SSS does not. If you think using two multi-sig wallets in the same place is a weakness, then that same weakness applies to SSS. And again, we are trying to build the best possible wallet for securing a single seed. A noble cause, but you should at least be honest in your marketing and not make factually incorrect statements to appeal to users who don't know any better. We are building an open source Android and IOS apps that will do this. That's good to hear. What's the time frame for these being released? Compromising the device to steal the assets is not enough since the user will still need to use the cards along with the device atleast once. If an attacker compromises the device with malicious firmware, then they just need to wait for the next time you want to make a transaction and tap one of your cards. Hence, a single point of failure. Though I don't think the lack of standardization is going to result in single point of failure. The code is always open source and BIP39 compatibility makes your seed interoperable with other wallets. The lack of standardization is a real problem with all SSS schemes. If your codebase disappears, there is a real risk users are unable to recover their coins. To be safe the user needs to personally download and store copies of your codebase, which is a significant hurdle for most average users. |
|
|
|
No Single Point of Failures as the private keys are never stored permanently in a single place giving it 10x more security than other hardware wallets. This is just factually incorrect. One of the main weaknesses of every Shamir's secret sharing scheme is that they all have a single point of failure - the device which creates the shares in the first place and the device on which the shares are brought back together in order to recover the original secret. This is one of the biggest disadvantages of SSS over multi-sig, which (when used properly) truly has no single point of failure. There is inherent protection against loss. As along as you have access to 2 out of the 5 components (either 2 X1 Cards, or 1 X1 Card and the X1 Vault), your assets are accessible. You can lose upto 3 components at the same time and still be sure that your assets are recoverable. How? Let's say I am an average user, lose my vault, and you have gone out of business so I cannot purchase another vault. How do I recover my seed phrase from two or more cards? Bear in mind I am an average user who is unable to manually extract data from NFC cards, unable to clone and compile github repos, and so on. How do I recover my coins? With Cypherock X1, there is an additional protection against this problem since the X1 Cards once shipped cannot be updated by us. Hence even if there is a malicious software update hypothetically, it could only compromise the device but never the cards. You or an attacker doesn't need to be able to compromise the cards. I have to use the device to recreate my seed phrase in order to sign transactions. Compromising the device is sufficient to compromise my wallets. |
|
|
|
If wallet1 has 10 transactions, wallet2 has 10 transactions, wallet3 has 2 transactions are they linked to the same user by zkSNACKs or it's 22 anonymous transactions which zkSNACKs can't link to the same user? Technically, they shouldn't be. Wasabi uses block filters, and they say that each relevant block is downloaded over Tor from a different node, preventing any one node from learning about which addresses are being queried by the same user. You can of course improve on this by linking Wasabi to your own node. Whether or not Wasabi are gathering data elsewhere I can't comment as I'm not going to read every line of code for a product I'm never going to use, but I wouldn't trust their word on literally anything. Do zkSNACKs store any data to link users from received<>sent addresses after mixing? We don't know and they won't tell us. Which info does zkSNACKs share with blockchain companies is it limited to scanning incoming mixes for analysis? We don't know and they won't tell us. |
|
|
|
That's unless the two consolidation transactions' receiving addresses aren't actually the same. I see that you are reading as if OP has performed two consolidation transactions sending coins to the same address, but I'm reading what OP has written differently. Specifically this sentence: One thing that might be noteworthy is that the Core balance is an amount that is exactly less than the value of one of the consolidation transactions, and the two UTXOs consolidated in that transaction had the same receive address. I'm reading this to mean that of the two consolidation transactions he made, this one consolidates two inputs from the same address. Maybe I'm mistaken, but if I am reading it correctly then it seems the most likely reason is that the address this transaction has sent coins to simply isn't being scanned by Core. It's either from a different wallet, or as you say, not yet been generated by Core. |
|
|
|
until I got an error message that said: ('0x6982', 'Error in command',"). I've not seen that error before. A bit of searching suggests it has something to do with "dongle locked or have invalid access rights". Is your Ledger device definitely unlocked with the bitcoin app open? Maybe try running Sparrow as an administrator if you are on Windows? Maybe try updating USB drivers or your hardware wallet's firmware? You can always open an issue on Ledger's or Sparrow's github and see if the devs can help you. Failing all that, then as nc50lc says you are probably looking at importing your seed phrase to an airgapped device. |
|
|
|
What's after that, really? Backdoor for altering the k value in Bitcoin transactions? It is endless. So you generate your seed phrase using coin flips. Do you manually verify your seed phrase generates the master private key your wallet returns? Do you manually verify every individual private key? Do you manually verify each k value is generated using RFC 6979? -snip- It's fairly well known that such companies are constantly spying on you. Google have already been sued for gathering location data from people who had turned off location sharing. All Alexa type devices record everything that is said in their vicinity and transfer it to central servers for analysis and storage. Google, Amazon, Meta, Microsoft, Apple, they are all doing the same stuff. If you are serious about privacy, then you need to avoid them all. |
|
|
|
|
You will never find a centralized exchange which says "No thanks, we've made enough profits, no more profit for us". This is the sole reason they exist - to make their owners/operators money. Any service they provide to their users is simply a means to this end.
Yes, they will be making money from every trade and every withdrawal, but that's simply not enough for them. If they can gamble or invest your coins to make themselves even more money while passing all the risk on to you, then of course they will do that. That's exactly what all the recently collapsed exchanges from the last few months were doing.
|
|
|
|
In Sparrow, I can see my wallet address, however, it is not showing that I have any BTC. Are the wallet addresses you see correct? As in, they match the addresses on your Electrum wallet which are holding funds? If that's the case, it sounds simply like Sparrow hasn't fully synced your wallet yet. Is it possible that it takes a long time for the wallet to "load" and show everything and all I need to do is wait? If the addresses match as above, then yes. If you click on File -> Preferences -> Server, how is Sparrow set up to connect? To a public server? |
|
|
|
If a miner can earn $170K or more by mining a block honestly, why would he try to scam someone for only $180K? That someone might later try to track him down to get revenge for the scam or be reported and wanted by the police. I think the larger consideration is what if the scam doesn't work? Given how interconnected the network is today, and how quickly blocks spread, it is difficult to pull off. It is also trivial for the target to learn about chain split, and there are plenty of blockchain explorers and other entities out there which operate multiple nodes and can easily send alerts about chain split within a second or two of it happening. Given this, is it worth sacrificing a guaranteed $170k for a very small chance at $180k? Obviously not. You would need to be dealing with values which were multiple times higher than the current block reward, and as soon as you start talking about depositing 20+ BTC then no service in their right mind is going to accept only one confirmation. Its only 7 million dollars and unless it was done back door and full remote the person would likely be caught. The pool would effectively be committing suicide. No miner is going to continue to mine on a pool they know are attempt to pull off a scam and are sacrificing block rewards (i.e. the miner's income) for the pool's own personal profit. |
|
|
|
|
Show Posts
