Using any third party is a recipe for disaster. There have been dozens of platforms which offered such services, staking, yield, liquidity generators, and so on, which have either scammed or gone bankrupt and the users have lost everything. Just don't do it.

The timelocked transaction cannot be broadcast until after the timelock has expired. You can invalidate it with a transaction paying a lower fee prior to this, since the rest of the network know nothing about the timelocked transaction. The original transaction also does not need to be RBF enabled, since again, the network knows nothing about it.

Absolutely not. You should download it from https://github.com/OutCast3k/coinbin/, verify the hashes against the provided file, and the run it on an airgapped device.

If you plan to create an address using OP_CHECKLOCKTIMEVERIFY (which is what coinb.in does), be aware that any coins sent to that address cannot be recovered until the timelock has expired. There was a recent case discussed here of a user who accidentally locked $15,000 of bitcoin for 125 years, and there is nothing anyone can do to get it back before then. I would strongly suggest creating a test address with a timelock in the near future first, funding it with a very small amount of bitcoin, and double checking you can spend from it successfully, before you do anything with a large amount of coins.

It's called split key generation, as I outlined in my earlier post: https://bitcointalk.org/index.php?topic=5458347.msg62496103#msg62496103. If anyone is desperate for a vanity address and can't do it yourself, I'm happy to generate one using the split key method for you.

It is completely secure. The (very simplified) basis is that you end up adding the two private keys together (the one you generate and keep secret, and the one I would generate for you), and the final private key leads to your vanity address. I would only ever know the private key I generate. Therefore, all I know is that your unknown private key (x) plus the key I have gives another unknown private key (y). As an equation:

x + privkey = y

As you can see, me knowing the value of "privkey" is useless, as there are infinite solutions to that equation. Only you know your private key x, and so only you can calculate the final private key y.

Coldcard also built on many open source libraries (not just Trezor's) when they designed their product. For them to start whining about people building up their open source library is just pure hypocrisy.

The code is verifiable, not open source. Open source code is freely available to be used, built upon, modified, etc. Coldcard code is no longer open source.

Here's a post from the CEO of Passport about this: https://www.zherbert.com/an-open-letter-to-nvk-and-coldcard/

And you trust Ledger when they say that? I'm sure they could extract your seed phrase from a Nano S if they wanted to - they are probably just not officially supporting it on Nano S to force people to upgrade and make themselves more profit.

As I said - I would only use a Ledger device with Electrum or Sparrow while waiting for a replacement such as a Passport to arrive or while learning how to set up and use my own airgapped device. A stopgap measure, not a long term solution.

This is only for legacy addresses, and does not hold true for segwit addresses. I can generate an 8 character custom segwit address in around 3 minutes.

Windows spies on you more than any antivirus software. Windows is a privacy nightmare. Check out the links I shared in this post. Even if you try to sanitize Windows, turn off all the extra features, block or disable as much of the privacy invasion as you can, it still transmits data back to Microsoft and a variety of third parties about your device and what you are doing on it hundreds or even thousands of times an hour.

If you are using Windows, then whether your antivirus is spying on you is the least of your concerns.

The usual notification about a transaction affecting one of your addresses? This shows up regardless of where the transaction came from.

I suppose the easiest way to do this would be before you make your next transaction, click the network activity icon at the bottom right of the Bitcoin Core GUI and select "Disable network activity". Once Core has disconnected, broadcast your transaction via Electrum, EPS should broadcast it via Tor, and then check that it can be viewed on a block explorer.

If you want to generate a vanity address, the best tool for doing so is this one:
https://github.com/JeanLucPons/VanitySearch
https://bitcointalk.org/index.php?topic=5112311.0

By far the safest way to generate a vanity address is on your own airgapped computer, so you can be sure no one else has access to your private key. If you are desperate for a vanity address but cannot generate one yourself, there is a method called split key generation where someone else can generate one for you trustlessly. It involves you generating a private key and then giving the associated public key to the person who will generate the vanity address for you. Based on this public key they can generate another private key which will lead to the desired address when combined with your own private key. Only you will know both private keys so only you can access the address.

There will come a point where Ledger simply don't allow you to make transactions via Ledger Live until you update Ledger Live and your device's firmware to include the Ledger Recover code.

If I were a Ledger owner, I would be uninstalling Ledger Live entirely and only using my Ledger device via Electrum or Sparrow. I would use it as little as possible while I either waited on the arrival of the hardware wallet I had purchased to replace my Ledger, or preferably until I had gone through setting up an airgapped, encrypted cold storage computer, and then move all my coins to this new wallet.

As do all centralized exchanges. However, these exchanges don't promote themselves as the ultimate privacy solution at the same time.

Great. So let's warn them by putting a big "Caution" heading and explanation in the privacy section for the Wasabi listing.

There is no possible way to brute force 9 words. Did you write your seed phrase down on paper like you are supposed to? If you did, then go an retrieve you back up. If you only committed it to memory and have forgotten 9 words, then you coins are lost I'm afraid.

---

In addition to BIP39 and Electrum seed phrases being discussed here, note there are also other phrases in use, such as Aezeed for LND, old style blockchain.com password phrases, or SLIP39 phrases.

That transaction broadcast through Tor as it says, so whichever nodes it connected to will have seen your Tor IP address.

However, it still says it is using tor-or-own-node, so if Tor fails it will fall back on broadcasting via your node. If you don't want this, you'll need to check the config.ini file again to see why it isn't using Tor only as described above.

By using Ledger Live, you connect exclusively to Ledger's servers, meaning you have zero privacy from Ledger. And given that Ledger have shown in the past they don't really take user privacy seriously, that should concern you.

Additionally, now if you boot up Ledger Live it will prompt (or maybe even force?) you to install new firmware which implements their Ledger Recover protocol. This is a massive security risk.

What about running a Tor server? I've got the following address you could have :

loyceorg5d7vcl4sj5kufns5xwaoi2k3rivjqpodjzww4ijzvzdpueyd.onion

This, as I've explained several times.

On the face of it, there is nothing wrong with Ian Coleman's site. It is a useful tool, and one I use myself for exploring seed phrases and derivation paths. But javascript entropy generators are not secure. Although the site produces 128-256 bits of entropy (depending on how many words you select), I am not convinced this entropy is securely generated, and so provides less than 128-256 bits of security.

I would never use any javascript or webpage to generate a seed phrase I actually planned on using.

Any and all coins are at risk of being flagged by centralized exchanges. Centralized exchanges use different blockchain analysis services which have different criteria and different blacklists for which coins they will and will not accept. What is acceptable to one exchange may not be acceptable to another, and vice versa. I previously did a quick analysis which showed one particular blockchain analysis service thought that 25% of the coins coming out of Binance should be blacklisted. You could quite easily buy all your coins through a regulated KYC exchange and find them seized when you deposit them to another regulated KYC exchange. Never mind all the other risks which come with using KYC exchanges of zero privacy, zero security, the possibility of scams, insolvencies, hacks, data leaks, etc., and the possibility the government shutdown or seize all their assets at any time.

If you are worried about your coins being seized by centralized exchanges (as you should be!), then the best course of action is not to acquiesce to their insane requirements or to change your behavior to suit them. Rather, it is to avoid using centralized exchange altogether. Bisq, AgoraDesk, and RoboSats are good exchanges to look in to instead. More available here: https://kycnot.me/

Tell that to the thousands of innocent users who have had exchanges seize their "tainted" coins.

Completely agree. One back up is no back up at all, especially when most people store their only back up in the same location as their computer or hardware wallet (i.e. at home). Two back ups in two separate geographical locations should be the minimum.

Sure, but here we are talking about privacy focused users, not random users. If you are privacy focused, then there is no escaping that you must run your own node or you will be leaking data to a third party.

It is a human readable encoding of your entropy, not of your private key. The seed phrase is then passed through a number of hashing functions alongside some other data in order to deterministically produce your private keys.

Temporarily disconnecting the internet on a computer which is regularly used for various internet related tasks such as browsing and downloading achieves almost nothing. Any malware which steals seed phrases or private keys will just wait until you reconnect in order to send your data off to an attacker. For maximum safety you should be using a permanently airgapped computer.

Because the number is being generated by different processes using different entropy sources. If your entropy source is poor, then your number won't be completely random.

This is a completely separate (and completely trivial) function to generating the seed phrase in the first place.

I don't understand why you are arguing about this, especially when it is clear you do not understand the basics. Javascript key generators are insecure. There are plenty of easy to use alternatives already suggested. Electrum, for example, is already bundled with Tails, so is trivial to use since you are planning to use Tails anyway. As I said above, you seem very keen to use an insecure javascript generator and there is nothing we can do to stop you, other than warn you of the risk.

Well, sure. If you want to go down that line of reasoning, then by the same logic if you use different but related k values, such as flawed software which simply does k+1 for each new transaction, then you are also at risk.

No.

The r value is obtained by taking the x coordinate of the point reached by multiplying the k value with G, the generator point of the secp256k1 curve. It is essentially the same process as using a private key to generate a public key. As with any other public key, two similar r values do not correlate to two similar k values, and vice versa.

If you have two closely related k values then there is a potential risk as discussed above (assuming an attacker knows about the relation), but not with two closely related r values.