You can write it, but it will be unenforceable because it is illegal. However, there is no law saying centralized exchanges cannot freeze accounts or confiscate coins, and indeed this behavior is often supported or even required by various governments.

To stay in the good books of the government of the jurisdiction they are operating in. They might lose profit from that user (unless of course they just seize the coins and keep them for themselves), but that's preferable to being sanctioned or shutdown.

It's not impossible to generate at all.

Let's say for the sake of argument you have exactly a 1 in 2¹⁶⁰ chance to generate a specific legacy address. It is impossible to generate a specific address, because the odds of that is 1 in 2¹⁶⁰.

But if we are considering the odds of generating any address, then well, there are 2¹⁶⁰ to choose from! So your odds are 2¹⁶⁰ in 2¹⁶⁰, i.e. 1.

The uncompressed public key for that private key is 189d5ADsBrQ9mvgraapVs9iF2eyHoQcywg. Either way, your address in the first post is wrong.

Glossing over the fact that bitcoin private keys are 256 bits, that bitcoin addresses are more than 160 bits since they also include a network byte and a checksum, and that the private key example you used does not generate the address you gave...

Nothing is broken. This is simply how statistics works. If you flip a coin 100 times, then every possible outcome from the 2¹⁰⁰ possibilities is equally unlikely as every other possible outcome, but you are guaranteed to arrive at one of those outcomes. It is predicting which outcome in advance which is impossible.

It is trivial to generate an address. It is impossible to generate a specific address.
It is trivial to pick a random combination of 6 or 7 numbers to play the lottery. It is very difficult to pick the winning combination.
It is trivial to pick random English words from a dictionary. It is very difficult to pick the correct combination of words to win the Pulitzer prize.

The same as every other such platform which has collapsed over the past few months. They take your money and make hugely risky investments, loans, or bets. They take almost all the profits for themselves, and when it inevitably goes to shit it is the users who are left with nothing with the CEO and buddies all walk away with millions in the bank.

Look at FTX, Celsius, Voyager, BlockFi, etc. Same story every time.

The former, it seems:


Not that I can find. Although in my digging I did find Ledger's privacy policy states they will store your seed phrase shard for a full year and your other personal data for 7 years after you terminate your Ledger Recover subscription. Although Coincover and Escrowtech both have privacy policies you can find and read, neither make any mention of Ledger Recover or seed shards, so who knows what they are doing with your data.

I've obviously never used Atomic wallet, but am I right in saying there is no way to link it to your own node or server? In other words, it operates exclusively via Atomic's own servers? And also, do we know how the attack took place yet? Were the attackers able to remotely sign transactions, or were they able to extract private keys or seed phrases?

I am wondering if Atomic had pulled their central servers offline, whether this would have stopped further funds being stolen?

In the video above, Harry Sudock makes the point that if Ledger are subpoenaed for a particular user's seed phrase/private keys, there is nothing stopping Ledger turning to these two partners and asking them to hand over their shards as well. They may in fact be legally forced to do exactly this. Gauthier replies that the other companies wouldn't have to comply, and that Ledger would be happy to open source their legal contracts with these companies to prove as such.

I won't hold my breath for that actually happening though.

Link with timestamp: https://youtu.be/M3VjQUcyZSY?t=2360

All you have to do is check the activity of the multi-sig escrow address on chain to see that everything is still running normally: https://mempool.space/address/bc1qf8h5k6sash8007vpesymxkw2xsg5d0r3j4l5vmcrwpz2pqu66fjstzgd3r

The latest withdrawal from the service was 2 minutes ago.

Some interesting snippets:

https://youtu.be/M3VjQUcyZSY?t=1285 - Apparently the shards aren't encrypted at all, despite Ledger previously stating this. It's literally just Shamir's. So there is no decryption key to be stored on the device or by Ledger themselves, making it even easier than thought to compromise the set up.

https://youtu.be/M3VjQUcyZSY?t=2342 - The quote you shared regarding privacy.

https://youtu.be/M3VjQUcyZSY?t=2700 - "So basically we're off-boarding loss of key risk, and on-boarding state actor risk." "Correct."

You should haven no problems accessing your Ledger wallet via Electrum without updating the firmware provided it is fairly recent.

Download and verify Electrum, connect and unlock your Ledger, navigate to the bitcoin app, open Electrum, create a new wallet, choose standard wallet, then hardware device, and it should scan and pick up your Ledger no problem. Once you are in to your Ledger wallet via Electrum, you can send all the coins out to your new airgapped Electrum wallet.

If that fails, then follow nc50lc's advice above to import your seed phrase to an airgapped Electrum wallet and then send all the coins to a newly created airgapped Electrum wallet.

All working as intended. Hand over your coins to centralized third parties, they will invest/loan/gamble/spend/steal your money to make profits for themselves while passing all risk of loss on to you, and if you want to actually get your money back then they will make it as hard as possible for you to do so. Look at the multitude of centralized third parties which were doing exactly this over the last few months - FTX, Celsius, Voyager, BlockFi, the list goes on. And now all the users of all those platforms have lost everything.

It is insanity for anyone to still store funds on a centralized exchange.

Go one step better: Don't use centralized exchanges in the first place.

When I first got involved with bitcoin, it took real effort to avoid centralized exchanges entirely and to only buy and sell completely peer to peer without any third parties. As time has gone on, it's become easier and easier. There are now multiple platforms to choose from, with built in non-custodial escrows and other such features which make the process faster and safer than ever.

https://kycnot.me/

I also disliked the "Attach to PIN" feature, and I've spoken before about why I don't think people should use it. As you say it reduces the security of your passphrase to a simple PIN, and it also means that your passphrase is stored on the device rather than wiped after use when using a temporary passphrase. However, it does serve one useful purpose in specific niche cases and that's plausible deniability. You can have your main wallet with no passphrase holding a small amount of coins, and then you can also have a wallet with a passphrase attached to a secondary PIN holding a little more funds, which you can also hand over to an attacker. Meanwhile, you can have the bulk of your funds stored behind one or more other passphrases which you don't reveal.

It's up to the user to consider whether such a feature would actually deter an attacker, though. And since I keep my funds spread out across multiple wallets on multiple different mediums, then I never used this feature even when I did use Ledger devices.

Agreed. Hot wallets are only as secure as the device you keep them on. Ledger Recover is only as secure as a bunch of devices that you are trusting complete strangers to keep secure. Does anyone want to sit and add up all the times that centralized exchanges or other centralized crypto services have been hacked or sold/shared/leaked data?

There are some purposes beyond adding arbitrary text. For example, Samourai Whirlpool Tx0 transactions contain an OP_RETURN output with data which allows the automatic coordinator to track outputs. Here's a recent random example I pulled from the blockchain: https://mempool.space/tx/ba3793dba5988e0acc2b36aac1ee67c34c805a18e76a8af26e424f338269dc08

There are things like Omni, which is a layer two system which allows people to transact altcoins on the bitcoin network. Here is an Omni transaction which is actually sending Tether between two addresses: https://mempool.space/tx/80373137c00a8e47998b886b60056fb228dc7b61caa8840e5ce5cab29c3db1d4

And then of course there is the arbitrary text, such as the following: https://mempool.space/tx/94310784a576d2d51246d4344ccab638467a6da8663ec1fb707e8a3882aceffd

If you want to explore OP_RETURN outputs more, then I would recommend playing around with this site: https://preturnio.com/

That's the whole point. Centralized exchanges want you to leave your money with them, because they can use that money to generate more profits for themselves while the customers take on all the risks of loss in the event of poor management, scams, bankruptcies, hacks, etc.

You want to make it easy to access your own money? Keep it in your own wallet. Doesn't get simpler than that.

The stipulation is a maximum of 25 unconfirmed parents or 25 unconfirmed descendants, which means you can make a chain of 25 unconfirmed transactions, and it is the 26th transaction which will be rejected.

The code is here: https://github.com/bitcoin/bitcoin/blob/e9262ea32a6e1d364fb7974844fadc36f931f8c6/src/policy/policy.h#L58-L65

Note that these transactions don't necessarily have to be in a continuous chain. For example, if you tried to spend three inputs in a single transaction, with each of those inputs having 10 unconfirmed parents, then your transaction would be rejected since the total number of unconfirmed parents is 30.

Various governments have already tried and failed. China banned bitcoin and mining entirely. The hashrate dipped for a couple of months and swiftly recovered as if nothing ever happened, and research showed that China still had a huge amount of hashrate despite the ban. Various mining pools have attempted to censor certain addresses and transactions on the whims of various governments (usually the US), and have only lasted for a couple of weeks at most before giving up on that idea since all it achieved was to reduce their profits and leave high fee transactions in the mempool for other pools to pick up instead.

Miners and nodes are not synonymous. Independent nodes do not protect against a 51% attack - distributed and decentralized miners do.

That's exactly my point - double check everything. Assuming QR codes are zero risk is a bad idea. They are only as good as the software/device which generates them, and if that device is compromised, then so too is your QR code.

Mining pools are not a single entity.

There are thousands of different entities which all mine under the banner of the same pool. Take AntPool for example, with approximately 21% of the current hashrate. If you want to mine on AntPool, you can head over to https://www.antpool.com/ and follow the instructions to join the pool. The same is true of pretty much every other pool.

If a government comes along and shuts down AntPool, then every miner who was pointing their equipment at AntPool can just point it to a different pool instead. If the AntPool operator starts doing something shady such as censoring some transactions, then every miner who was pointing their equipment at AntPool can just point it to a different pool instead. Even if every mining pool in the world was shut down, then miners can run their own software and solo mine. If one country bans mining entirely (which already happened fairly recently with China), then those miners will just move elsewhere.

The only way to stop bitcoin mining altogether is not only to ban bitcoin mining in every country in the world but also for the governments to spend a lot of money to enforce that ban and hunt down "underground" miners which is never going to happen, but even if it did it still wouldn't be completely effective.

The transaction stealing the coins was broadcast less than two seconds after the withdrawal transaction from Kraken. This means that not only was his private key compromised, but it was likely compromised some time ago and is already on the list of more than one bot which is continually watching for transactions which it can steal. The only safe way forward here is for the user in question to assume that everything on that device is compromised - every private key, every seed phrase, every wallet, every log in, every account, etc. The device in question needs to be completely formatted and have a clean install of their OS. They need to move all their coins to brand new wallets generated on a clean device. They need to reset their passwords on all their online accounts.