When you create a company like Coinbase, can you legally include everything the way you want in Terms of Service? I mean, if I create a company in the USA and write in its ToS that by clicking on Agree, this user confirms that she will be my slave and do whatever I ask her to do? Can I legally write that? You can write it, but it will be unenforceable because it is illegal. However, there is no law saying centralized exchanges cannot freeze accounts or confiscate coins, and indeed this behavior is often supported or even required by various governments. Why should an exchange reject a coin or frustrate it's flow knowing so well they will make money from the movement or trading of the coin? To stay in the good books of the government of the jurisdiction they are operating in. They might lose profit from that user (unless of course they just seize the coins and keep them for themselves), but that's preferable to being sanctioned or shutdown.
|
|
|
My point is how is it possible to generate something that is already impossible to generate due to the large combinations ?
It's not impossible to generate at all. Let's say for the sake of argument you have exactly a 1 in 2 160 chance to generate a specific legacy address. It is impossible to generate a specific address, because the odds of that is 1 in 2 160. But if we are considering the odds of generating any address, then well, there are 2 160 to choose from! So your odds are 2 160 in 2 160, i.e. 1.
|
|
|
The address i generated is in uncompressed form, but thank you for info. The uncompressed public key for that private key is 189d5ADsBrQ9mvgraapVs9iF2eyHoQcywg. Either way, your address in the first post is wrong.
|
|
|
Glossing over the fact that bitcoin private keys are 256 bits, that bitcoin addresses are more than 160 bits since they also include a network byte and a checksum, and that the private key example you used does not generate the address you gave...
Nothing is broken. This is simply how statistics works. If you flip a coin 100 times, then every possible outcome from the 2100 possibilities is equally unlikely as every other possible outcome, but you are guaranteed to arrive at one of those outcomes. It is predicting which outcome in advance which is impossible.
It is trivial to generate an address. It is impossible to generate a specific address. It is trivial to pick a random combination of 6 or 7 numbers to play the lottery. It is very difficult to pick the winning combination. It is trivial to pick random English words from a dictionary. It is very difficult to pick the correct combination of words to win the Pulitzer prize.
|
|
|
25% really is so huge return, how the hell a business can earn from such liabilities to their users when the market is not so stable. The same as every other such platform which has collapsed over the past few months. They take your money and make hugely risky investments, loans, or bets. They take almost all the profits for themselves, and when it inevitably goes to shit it is the users who are left with nothing with the CEO and buddies all walk away with millions in the bank. Look at FTX, Celsius, Voyager, BlockFi, etc. Same story every time.
|
|
|
Would your private data be sent to the seed storage partners who all have to make their own judgement, or would Ledger just say: "this guy needs to recover his Ledger, send the seed"? The former, it seems: When you want to restore your wallet, you initiate the Recovery from Ledger Live. You’ll have to login to your account and then go through 2 independent Identity verification processes. Let me guess: they haven't shared the contracts yet? Not that I can find. Although in my digging I did find Ledger's privacy policy states they will store your seed phrase shard for a full year and your other personal data for 7 years after you terminate your Ledger Recover subscription. Although Coincover and Escrowtech both have privacy policies you can find and read, neither make any mention of Ledger Recover or seed shards, so who knows what they are doing with your data.
|
|
|
I've obviously never used Atomic wallet, but am I right in saying there is no way to link it to your own node or server? In other words, it operates exclusively via Atomic's own servers? And also, do we know how the attack took place yet? Were the attackers able to remotely sign transactions, or were they able to extract private keys or seed phrases?
I am wondering if Atomic had pulled their central servers offline, whether this would have stopped further funds being stolen?
|
|
|
Wait, they previously announced a government could subpoeana them. I'm guessing all of them will cooperate when the government of one country subphoeanas them, so the different countries don't matter. In the video above, Harry Sudock makes the point that if Ledger are subpoenaed for a particular user's seed phrase/private keys, there is nothing stopping Ledger turning to these two partners and asking them to hand over their shards as well. They may in fact be legally forced to do exactly this. Gauthier replies that the other companies wouldn't have to comply, and that Ledger would be happy to open source their legal contracts with these companies to prove as such. I won't hold my breath for that actually happening though. Link with timestamp: https://youtu.be/M3VjQUcyZSY?t=2360
|
|
|
I've just found this[1] video Some interesting snippets: https://youtu.be/M3VjQUcyZSY?t=1285 - Apparently the shards aren't encrypted at all, despite Ledger previously stating this. It's literally just Shamir's. So there is no decryption key to be stored on the device or by Ledger themselves, making it even easier than thought to compromise the set up. https://youtu.be/M3VjQUcyZSY?t=2342 - The quote you shared regarding privacy. https://youtu.be/M3VjQUcyZSY?t=2700 - "So basically we're off-boarding loss of key risk, and on-boarding state actor risk." "Correct."
|
|
|
I will try electrum with the existing ledger with old firmware, the firmware is not all that old. You should haven no problems accessing your Ledger wallet via Electrum without updating the firmware provided it is fairly recent. Download and verify Electrum, connect and unlock your Ledger, navigate to the bitcoin app, open Electrum, create a new wallet, choose standard wallet, then hardware device, and it should scan and pick up your Ledger no problem. Once you are in to your Ledger wallet via Electrum, you can send all the coins out to your new airgapped Electrum wallet. If that fails, then follow nc50lc's advice above to import your seed phrase to an airgapped Electrum wallet and then send all the coins to a newly created airgapped Electrum wallet.
|
|
|
If I wanted to entrust my money to someone, then the choice immediately becomes so big, everyone wants to "help" me cope with all the difficulties that I may encounter. Such kind people! And as soon as my funds are not with me, it suddenly turns out that for my own safety, I can’t use my money in any way unless I go through the KYC procedure, which is approved by whoever now controls my money. And then suddenly I'm not me anymore? All working as intended. Hand over your coins to centralized third parties, they will invest/loan/gamble/spend/steal your money to make profits for themselves while passing all risk of loss on to you, and if you want to actually get your money back then they will make it as hard as possible for you to do so. Look at the multitude of centralized third parties which were doing exactly this over the last few months - FTX, Celsius, Voyager, BlockFi, the list goes on. And now all the users of all those platforms have lost everything. It is insanity for anyone to still store funds on a centralized exchange. I know we all say it but "get your coins off of exchanges as soon as you can." Go one step better: Don't use centralized exchanges in the first place. When I first got involved with bitcoin, it took real effort to avoid centralized exchanges entirely and to only buy and sell completely peer to peer without any third parties. As time has gone on, it's become easier and easier. There are now multiple platforms to choose from, with built in non-custodial escrows and other such features which make the process faster and safer than ever. https://kycnot.me/
|
|
|
I am saying Ledger tries to make passphrases less secure and more user-friendly I also disliked the "Attach to PIN" feature, and I've spoken before about why I don't think people should use it. As you say it reduces the security of your passphrase to a simple PIN, and it also means that your passphrase is stored on the device rather than wiped after use when using a temporary passphrase. However, it does serve one useful purpose in specific niche cases and that's plausible deniability. You can have your main wallet with no passphrase holding a small amount of coins, and then you can also have a wallet with a passphrase attached to a secondary PIN holding a little more funds, which you can also hand over to an attacker. Meanwhile, you can have the bulk of your funds stored behind one or more other passphrases which you don't reveal. It's up to the user to consider whether such a feature would actually deter an attacker, though. And since I keep my funds spread out across multiple wallets on multiple different mediums, then I never used this feature even when I did use Ledger devices. I'd say it's worse than a hot wallet: I use several different hot wallets (for small amounts), and I'd never use Ledger's "pay us to give us your seed phrase" scheme. Agreed. Hot wallets are only as secure as the device you keep them on. Ledger Recover is only as secure as a bunch of devices that you are trusting complete strangers to keep secure. Does anyone want to sit and add up all the times that centralized exchanges or other centralized crypto services have been hacked or sold/shared/leaked data?
|
|
|
It's like they want to make it a challenge for us to access our own money. That's the whole point. Centralized exchanges want you to leave your money with them, because they can use that money to generate more profits for themselves while the customers take on all the risks of loss in the event of poor management, scams, bankruptcies, hacks, etc. You want to make it easy to access your own money? Keep it in your own wallet. Doesn't get simpler than that.
|
|
|
If I remember correctly, I think you can do this up to 24 transactions deep. After that, the default mempool will reject your transaction. The stipulation is a maximum of 25 unconfirmed parents or 25 unconfirmed descendants, which means you can make a chain of 25 unconfirmed transactions, and it is the 26th transaction which will be rejected. The code is here: https://github.com/bitcoin/bitcoin/blob/e9262ea32a6e1d364fb7974844fadc36f931f8c6/src/policy/policy.h#L58-L65Note that these transactions don't necessarily have to be in a continuous chain. For example, if you tried to spend three inputs in a single transaction, with each of those inputs having 10 unconfirmed parents, then your transaction would be rejected since the total number of unconfirmed parents is 30.
|
|
|
If big players and the governments of some countries collaborated to influence or control Bitcoin mining, they could theoretically exert some degree of control over the network. However, the decentralized nature of Bitcoin and its resistance to censorship offer some protection against such a scenario. Various governments have already tried and failed. China banned bitcoin and mining entirely. The hashrate dipped for a couple of months and swiftly recovered as if nothing ever happened, and research showed that China still had a huge amount of hashrate despite the ban. Various mining pools have attempted to censor certain addresses and transactions on the whims of various governments (usually the US), and have only lasted for a couple of weeks at most before giving up on that idea since all it achieved was to reduce their profits and leave high fee transactions in the mempool for other pools to pick up instead. Even though the big players could acquire a significant share of the mining power, the independent nodes would still remain present and continue to participate in the consensus process. Miners and nodes are not synonymous. Independent nodes do not protect against a 51% attack - distributed and decentralized miners do.
|
|
|
However with electrum you can see the entire address and amounts you are sending it too. So you should always verify and double check everything. That's exactly my point - double check everything. Assuming QR codes are zero risk is a bad idea. They are only as good as the software/device which generates them, and if that device is compromised, then so too is your QR code.
|
|
|
Not 51% of miners, but mine power. Those hashrate are concentrated enough to the best of my knowledge. Mining pools are not a single entity. There are thousands of different entities which all mine under the banner of the same pool. Take AntPool for example, with approximately 21% of the current hashrate. If you want to mine on AntPool, you can head over to https://www.antpool.com/ and follow the instructions to join the pool. The same is true of pretty much every other pool. If a government comes along and shuts down AntPool, then every miner who was pointing their equipment at AntPool can just point it to a different pool instead. If the AntPool operator starts doing something shady such as censoring some transactions, then every miner who was pointing their equipment at AntPool can just point it to a different pool instead. Even if every mining pool in the world was shut down, then miners can run their own software and solo mine. If one country bans mining entirely (which already happened fairly recently with China), then those miners will just move elsewhere. The only way to stop bitcoin mining altogether is not only to ban bitcoin mining in every country in the world but also for the governments to spend a lot of money to enforce that ban and hunt down "underground" miners which is never going to happen, but even if it did it still wouldn't be completely effective.
|
|
|
The transaction stealing the coins was broadcast less than two seconds after the withdrawal transaction from Kraken. This means that not only was his private key compromised, but it was likely compromised some time ago and is already on the list of more than one bot which is continually watching for transactions which it can steal. The only safe way forward here is for the user in question to assume that everything on that device is compromised - every private key, every seed phrase, every wallet, every log in, every account, etc. The device in question needs to be completely formatted and have a clean install of their OS. They need to move all their coins to brand new wallets generated on a clean device. They need to reset their passwords on all their online accounts.
|
|
|
|