You can do it with Electrum. You might need to cycle through a couple of different servers until you find one which accepts full RBF replacements, but there are definitely a good number of such servers out there which you can connect to which will accept and broadcast your replacement. You'll just need to create the transaction manually since Electrum won't (yet) give you the GUI option to bump an opted out transaction.

If Electrum was using Libbitcoin Explorer to generate its seed phrase (it isn't), then whether or not you generated a 12 word phrase via the GUI or a 24 word phrase via the console would be irrelevant. The nature of the vulnerability in Libbitcoin Explorer is such that it was always being seeded with a string of 32 bits with no additional entropy being added from elsewhere, and so any resulting seed phrase regardless of length would have entropy of 32 bits.

Also, as an aside, Electrum does not use BIP39 checksums, and so its seed phrases do not encode 128/256 bits of entropy, but rather 132/264 bits. If you use make_seed(264) instead, you will still get a 24 word seed phrase.

I don't understand why anyone would need this device, at all:


Have Ledger forgotten that passphrases exist? Or derivation paths? Or even just resetting the device and entering a different seed phrase? Why would anyone need multiple devices?

And the latest gimmick is a protective case? I thought the whole point of this stupid wallet was to stack them together and show a picture on the front and text up the side? Now they are telling you to slap these cheap cases on them to stop them stacking together and to hide the picture and text?

Just to point out that a couple of those links are very much out of date. The Electrum one for example talks about checking the "Replaceable" box, where as Electrum has actually removed this option altogether now on the GUI and made all transactions opted in to RBF by default for some time now. achow101's post makes a distinction between making an opt-in and a full RBF transaction which is also fairly outdated since most good wallets have supported opt-in RBF for years and full RBF is now becoming the standard.

Given the number of nodes and the amount of hashrate now supporting full RBF, then you can essentially now replace any transaction whether or not it is flagged as RBF, and so stuck transactions should be a thing of the past. If your wallet software does not let you do this, then switch to a better wallet.

Stumbled across this post on Reddit, where the OP nicely expresses the same sentiments I expressed earlier in this thread:


This doesn't just apply to mixers, but to everything that is pushed in the name of "AML". They'll go after mixers, after peer to peer trades, after DEXs, after the stupidly named "self hosted" wallets (which just means holding your own keys), after any and all services which don't collect KYC data. They can't stand a form of money which they do not have absolute control over. It weakness their control, weakness their grip on your life. Their ultimate goal is that all bitcoin is bought and paid for only on regulated KYC platforms, and it never leaves those regulated KYC platforms. The only thing you will be allowed to do with it is send it from one regulated KYC platform to another, using a list which they will create of "approved" platforms. Owning your own keys won't be allowed. Making your own transactions won't be allowed.

Unless people stop acquiescing to the ever more intense and invasive demands of centralized exchanges, then this is the future we are sleep walking in to.

The OS will operate just fine, you just won't be able to save any data between sessions. Every time you boot from your DVD, it will be like a completely fresh install. But this is exactly how Tails is intended to be used. The "A" in Tails stands for amnesic - if you don't set up an encrypted persistent storage, then every time you boot Tails you'll be in a completely clean sessions with no memory of any previous sessions.

No, that's something a bit more complicated. This is just incrementing the "account" level of the derivation path as defined in BIP44.

It does. To ensure that all your public keys are completely different and you don't reuse any of them across both wallets, then you would need to perform whatever action you are taking to all three of your seed phrases. So you would either need to add a passphrase to each seed phrase (it can be the same passphrase for all three if you wanted), or generate at a new derivation path for each seed phrase, and then create a new 2-of-3 multi-sig from those three new wallets.

Well, as long as you have considered the risks and taken steps to mitigate against them, which it sounds like you have.

Just a quick point though - if the stumbling block is multiple wallets or multiple backups, then you can always just use the same seed phrase with a passphrase like "KYC" to create a new wallet which you will know is for KYCed coins only. Alternatively, you don't even need to do that and can use the same seed phrase and just increment the account number of your derivation path. So your main wallet would be at m/84'/0'/0', and your KYCed wallet would be at m/84'/0'/1'.

I would agree with Charles-Tim here. If it is vitally important to you to not mix your KYCed and non-KYCed coins, then storing them in the same wallet and relying on the wallet freezing certain UTXOs is pretty risky. What if a simple bug in the wallet means it freezes the wrong ones? What if you lose your wallet file, have to recover from your seed phrase, and lose all your UTXO labels and which ones are frozen? What if you simply misclick and unfreeze a UTXO without realizing it? And what if you accidentally sync your wallet via a third party server, therefore revealing that all your KYCed and non-KYCed are owned by the same wallet?

I also have various subsets of coins which I would not want to mingle with each other since each subset comes from a separate source, will be spent in a separate manner, has a different anonymity set, and so on, but I keep each subset in its own wallet.

Correct.

Although I've not tried this with Tails specifically, there are multiple ways to encrypt an entire OS: https://wiki.archlinux.org/title/Dm-crypt/Encrypting_an_entire_system

You can even hide the encrypted OS inside a VeraCrypt hidden volume, allowing you to unlock a secondary decoy OS if forced to do so: https://veracrypt.eu/en/VeraCrypt%20Hidden%20Operating%20System.html

But my point was really this: Just sticking Tails on a USB drive and assuming that what you have is now completely safe or is comparable to a proper hardware wallet is a mistake. There are a lot more things which need to be considered which are far outside the scope of the average user. If you don't want to use a hardware wallet, then airgapping an old laptop will be the best option, rather than using Tails in this manner on a computer which is not airgapped.

It's not that Tails only supports version 4.0.2, but rather that's the version which is part of the Tails bundle. Tails is deliberately designed in such a way that you cannot upgrade individual components. You must download the appimage and run it as a standalone, as I said above.

Yes, but encrypting the persistent storage only is insufficient. The entire drive should be encrypted in a way so that if a malicious third party gains access to it, they can't hide malware on it alongside your installation of Tails which could alter the entropy your copy of Electrum generates, change addresses you copy and paste, or copy your private keys for transmission at a later time.

I don't think that's over cautious at all. It is simply good sense not to have all your coins in a single wallet, regardless of how secure you think that wallet is.

It does not matter what method or process you use to memorize your seed phrase - you remain at the exact same risk of forgetting it due to accident, trauma, injury, and so on, as I've explained earlier in this thread.

If you are absolutely dead set on memorizing your seed phrase, at least make a paper back up as well.

RBFing from A to B would change the TXID and therefore invalidate B to C and any other unconfirmed children.

I assume you mean if address A sends coins to address B, then yes, B can use CPFP.

Yes, provided C has paid a high enough fee to bump the overall fee rate for both unconfirmed parents.

No, not correct.

Miners will consider the transactions as a package. It doesn't matter too much if the package of transaction is a chain of two unconfirmed transactions as in your first example, or if it is a chain of three unconfirmed transactions in your second example. Miners will look at the total space taken up by all the unconfirmed transactions in the chain, the total fee paid by all the unconfirmed transactions in the chain, and then work out the effective fee rate and whether or not it is worth including the entire package of transactions.

So yes, C can use CPFP, but will need to pay a fee high enough not just to bump the B to C transaction, but also to bump the A to B transaction.

You don't. You can create a seed phrase out of any words you like. It is simply that the BIP39 standard which most wallets use has a fixed word list, but this is by no means the only way to create a seed phrase.

I don't care at all for shitcoins, but BIP39 is used across the vast majority of coins and therefore they will all share the same wordlist.

This is just manually creating a seed phrase but with extra steps. It is a poor source of entropy.

A large electricity bill? Some burnt out hardware?

Given somewhere around 50,000,000 addresses which have ever been used, checking 93,000,000 million in a week means you'll only have to keep going for another trillion trillion trillion trillion years to have a 0.000000000002% of stumbling across one of those addresses! Let's hope that address isn't one of the empty ones!

I keep a variety of input sizes.

There's no point having all your holdings in one or two large inputs of (say) >5 BTC. What happens when you want to buy something for 20 bucks? You have to use a big input, creating a big change output, and causing problems for the privacy of all that change. Similarly, there's no point having all your holdings in small outputs since you will have to pay higher fees when you want to make a larger purchase.

So keep a range of outputs. You say your outputs are in the range of $5-8 each. Might you use bitcoin to buy a coffee, some fastfood, a month of a VPN subscription, or something at a similar price range? It so, it's fine to keep those outputs as they are since you can spend them as they are. If not, then consolidate them. Now you've got an output of (say) $50. It's reasonable to think you might want to spend bitcoin on something around that price in the future, so it's reasonable to keep an output of that size.

And if you have a range of outputs, then it's easier to make transactions which create no change and therefore not run in to the problem of lots of small outputs needing consolidated in the future.

Yeah, as Loyce says, this is not a hardware wallet. This is a software wallet which may or may not be airgapped depending on how you use it. And if the USB drive isn't fully encrypted, then it's really only secure as storing your seed phrase in plain text electronically, which is not safe at all.

Any good Linux distro will work. Bear in mind that the version of Electrum which is prebundled with Tails is quite old - 4.0.2 which was released 3+ years ago. If you want to use the most recent version, you'll need to use the download (and verify) the relevant appimage as described here: https://electrum.readthedocs.io/en/latest/tails.html

And if you are using Tails, remember to set up persistent storage.

I'm not sure what having one key on a hot Electrum wallet adds to this set up. Why not just have 2-of-2 with two hardware devices, and don't include a hot wallet cosigner at all?

I agree with dkbit98 and also wouldn't recommend either Ledger or Trezor devices though - the first for their terrible approach to security, and the second for the terrible approach to privacy.

I put some evidence based numbers to this in a post about this last year: https://bitcointalk.org/index.php?topic=5402270.msg60342177#msg60342177

In short, that's 100 million new cases each year of pathology directly affecting the brain which can all result in memory loss. There are hundreds of millions more cases of pathology elsewhere in the body which can also lead to brain injury and memory loss.

And even if you don't suffer from pathology, we all forget stuff all the time. Can you remember a phone number you haven't used in 10 years? What about the address of a childhood friend? Hell, people even have memory blanks when it comes to things you use every day. How often have you had something "on the tip of your tongue" that you can't quite remember?

Relying on memory alone is a huge and unnecessary risk. If you want to store money in your head then I can't stop you, but why not have a paper back up somewhere safe as well, just in case?