tl;dc (to lazy didn't check) How is the performance? I see that 3. Suggest benchmarking tools. but did you do any performance tests? I'm guessing that since it's Java not great but verification is good. And I actually do not have anything with Java installed at the moment so unless it's decent not even going to try. But, good concept. -Dave
|
|
|
You need a lot of well connected nodes to do this and they have to be the cheapest way of routing. So you are charging low fees and locking up a lot of BTC in the hopes that people route enough money though you for this to work, and the fact that you don't get caught and booted off the network.
Exactly and this is why it will never be a real threat because instead of the third guy whom you want to cheat, you can BE! that guy and take all the fees perfectly normal yourself! Trying to make the route longer but at the same time cheaper will act like the barrier, it's a no go! I'm curious if such an attack which results in collecting a few milisatoshi now and then will ever make up for all the funding you have to set up in order to deploy your malicious network! Now if D would be able to do that without B, that would change things but since it can't, I think right now it's as dangerous as Foundry colluding with some guy in Nantucket to reverse his coffee purchases. Unless they guy in Nantucket owns part of Foundry. I know I have used it as an example before but I have to come back to the TV series Breaking In [ https://www.imdb.com/title/tt1630574/?ref_=fn_al_tt_3 ] They had to steal a exotic car to test the dealers security and came up with a mission impossible type plan, with hacking key cards, defeating the alarm system, etc.... Wound up stealing the wrong car from the wrong car dealer [it's not great TV] but came back to the right car dealer and while standing in front of it, trying to figure out how to get the right car one of them turns to the other and says 'they really should have a gate here' picks up a rock and smashes the large window to get in and get the car. Wormhole attacks ARE viable, but by the time you do your mission impossible plan someone came in and put up a $5 phony website selling something and got way more BTC then you can doing this attack. Not saying that they should not be working on ways to mitigate it, just that it's not that big a deal. -Dave
|
|
|
Poking around a bit and talking out my A$$ but I don't think the wallets were actually compromised but the back end that talked to the wallets. More like the withdrawal server was compromised. There were other tokens and things associated with a few of those addresses that were not moved until coinex moved them hours later.
Could be I'm missing something obvious, but if they had access to the wallet server(s) and the private keys everything in those addresses would be gone. IMO.
So their 'preliminarily determined that the cause of the incident was the leakage of the hot wallet private key' is either wrong OR the people who took the money were incompetent OR as I said, I am missing something.
-Dave
|
|
|
Assuming you are running the node and using LND as an example in the lnd.conf file you can specify the TLS certificate used: https://docs.lightning.engineering/lightning-network-tools/lnd/lnd.confNot perfect and you won't get everything but anything connecting to your node can then be read. As a cheat, if you just want to see what is going on in general you can setup a bunch of nodes that just talk to each other and read all of their traffic. -Dave
|
|
|
Will it eventually say declined or something on the mempool? Or what exactly am I waiting to see if it is stuck and never gets confirmed?
It will eventually fall out of most nodes that have default settings: Even now it's not in blockchair https://blockchair.com/bitcoin/transaction/3a88b7e9edb449562f6a62e05e763d3890b7ffb52b5e8d0c21a19a2f1b2bd042The catch is most pools & explorers keep TX for a very long time since the pools want to have the chance to mine whatever they can and the explorers tend to want to display as much info as possible. Other then paying for acceleration it's just a waiting game. But as LoyceV said it really could stay there for a looooog time: If the sender keeps broadcasting the transaction, there is no maximum amount of time.
Do you know from what wallet the sender sent it from? -Dave
|
|
|
Thanks to a renowned forum member, I've re-learnt how to paste pic on the forum.
The official website of www.titanbtc.com has become a student loan site. What the fuck! Someone reported this happening some time ago. I want to say a few weeks backs. I wonder what this means exactly, or why he would have either let the web address lapse, or if it was sold? I’ve heard that there was a third webinar recently. Did anyone attend or able to provide some knowledge on it? Would be much appreciated. Looks like he is leasing / renting it out. Domain Name: TITANBTC.COM Registry Domain ID: 9004240 Registrar WHOIS Server: whois.hostmonster.com Registrar URL: http://www.hostmonster.com/ Updated Date: 2023-05-15T15:18:11Z Creation Date: 2013-04-05T05:44:17Z Registrar Registration Expiration Date: 2025-04-05T05:44:17Z Registrar: FastDomain Inc. Registrar IANA ID: 1154 Registrar Abuse Contact Email: tos@fastdomain.com Registrar Abuse Contact Phone: 888-210-3278 Reseller: HostMonster.Com Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Registry Registrant ID: Registrant Name: TITAN MINT INC. TITAN MINT INC. Registrant Organization: TITAN MINT INC. Registrant Street: 9251 GORDON AVE. Registrant City: LA HABRA Registrant State/Province: CALIFORNIA Registrant Postal Code: 90631 Registrant Country: US Registrant Phone: +1.8006535071 Registrant Phone Ext: Registrant Fax: Registrant Fax Ext: Registrant Email: TIM@TITANBTC.COM Registry Admin ID: Admin Name: TITAN MINT INC. TITAN MINT INC. Admin Organization: TITAN MINT INC. Admin Street: 9251 GORDON AVE. Admin City: LA HABRA Admin State/Province: CALIFORNIA Admin Postal Code: 90631 Admin Country: US Admin Phone: +1.8006535071 Admin Phone Ext: Admin Fax: Admin Fax Ext: Admin Email: TIM@TITANBTC.COM Registry Tech ID: Tech Name: HOSTMONSTER INC Tech Organization: HOSTMONSTER.COM Tech Street: 5335 GATE PKWY. Tech City: JACKSONVILLE Tech State/Province: FLORIDA Tech Postal Code: 32256 Tech Country: US Tech Phone: +1.8014948462 Tech Phone Ext: Tech Fax: +1.8017651992 Tech Fax Ext: Tech Email: SUPPORT-DOMAIN@HOSTMONSTER.COM Name Server: DANA.NS.CLOUDFLARE.COM Name Server: IVAN.NS.CLOUDFLARE.COM DNSSEC: unsigned URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/ >>> Last update of WHOIS database: 2023-05-15T15:18:11Z <<<
For more information on Whois status codes, please visit https://icann.org/epp
The data in the HostMonster.Com WHOIS database is provided to you by HostMonster.Com for information purposes only, that is, to assist you in obtaining information about or related to a domain name registration record. HostMonster.Com makes this information available "as is," and does not guarantee its accuracy. By submitting a WHOIS query, you agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data to: (1) allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via direct mail, electronic mail, or by telephone; or (2) enable high volume, automated, electronic processes that apply to HostMonster.Com (or its systems). The compilation, repackaging, dissemination or other use of this data is expressly prohibited without the prior written consent of HostMonster.Com. HostMonster.Com reserves the right to modify these terms at any time. By submitting this query, you agree to abide by these terms.
UNLIMITED storage, bandwidth and domains on one account. Also receive a *FREE* domain for one year when you host with http://www.hostmonster.com/ **complete**
If it was sold it would be showing different owners or private registration. If he can make money doing it and use it to pay people back it's not a horrible idea. Usually the amount you can make doing it is fairly small, but you never know. -Dave
|
|
|
The funny thing is that maybe Coinex is scrapping for all the dust they can find now, without ViaBTC those consolidations might be something they really can't afford after that hack. Or maybe it's ViaBTc sending everything they can find to cover the balance sheet!
Could also just be cleanup after the hack. Look we have coins in 1000s and 1000s and 1000s of addresses. Lets put them all into cold storage instead of having to move them all over the place for when people withdraw. We have seen other exchanges do it. It's just amazing that so many exchnages let it get this bad. -Dave
|
|
|
1) It has to be a RPi4 and a 1TB drive
2) Not a lot, depends on how much BTC you lock up to open channels to how many other nodes. For the most part you are going to spend more in TX fees opening, closing, tweaking channels then you will earn in fees.
3) look for one of the node in a box setups be it raspiblitz, mynode, umbrel, you can do it all yourself but you have to know what you are doing.
4) Remember you have to be on 24/7 and have good backups.
-Dave
|
|
|
But, you have to always be in the position to rob the person in the middle. You need a lot of well connected nodes to do this and they have to be the cheapest way of routing. So you are charging low fees and locking up a lot of BTC in the hopes that people route enough money though you for this to work, and the fact that you don't get caught and booted off the network.
-Dave
|
|
|
Starting with the I really don't have time to deal with this crap.... I went through just about ALL of the feedback he left, looked at who and why and what all of it, took forever. But, since there is so much controversy and I did open my mouth I figured it's better to look and be sure.
In *my* opinion, 90% of what he left was legit. DID it need to be left? That is also an important question. Some yes and some no. In my opinion.
Now, for that last 10% I would say it's about 50-50 of wrong (once again IMO) and did not need to be left (yet again IMO)
I have made many posts about the failing of the trust / feedback here so not going to dive into that since there seems to be zero chance of it being changed into something useful.
For now I took him out of my trust list, but will probably not matter since at this point with everything else that is going on I think that it's going to get worse with people grouping into their 'gangs' to protect people they like.
If I get tagged down to -30 in trust and booted out of the sig campaign I am in it will not matter. I would still be here posting. If everyone adds trust and I make it to +100 I will still be here posting.
Now I'm going outside to enjoy the weather and not post....
-Dave
|
|
|
If it was CoinEx the question is why would they pay a fee at all? As pointed out they are very tightly integrated with VIABTC. CoinEx would just have to create a 0 fee TX and send them the hash and have VIA mine it. Would in theory never even have to be broadcast and put in the mempool.
Probably does not really matter in the end.
-Dave
they may want it to be broadcast and put in the mempool so that chinese government can easily see it. Low cost and nice paper trail would be attractive if they need to account to chinese government. I am assuming viabtc has to deal with government of china 🇨🇳 not sure about coinex. under 20 bucks clear paper trail. I wonder if they do 10 or 15 of these a month. Small cost to keep a government accepted set of records. Mempool really does not matter, it's what is in the mined block. That is the permanent record of what happened. There are 1000s of TX in the mempool at the moment that will never be mined. So either CoinEX creates a TX and passes the TXID to VIA to be mined. Or they create a TX and pass the raw info to VIA to be mined. Either way there is an email / Telegram conversation / WhatsApp / whatever between them. -Dave
|
|
|
DO NOT USE ETORO Many complaints like this one: https://bitcointalk.org/index.php?topic=5466037.0As for fees, keep in mind it's not just the fees....check the spread. I can sell you BTC all day long for no fee and no TX fee, but instead of (at this moment) 1 BTC = $26,541 I am going to sell it to you at 1 BTC = $26,850 and buy it from you at 1 BTC = $26,350 Easy to charge low fees that way..... Things like that have been an issue with some exchanges for a while. -Dave
|
|
|
If it was CoinEx the question is why would they pay a fee at all? As pointed out they are very tightly integrated with VIABTC. CoinEx would just have to create a 0 fee TX and send them the hash and have VIA mine it. Would in theory never even have to be broadcast and put in the mempool.
Probably does not really matter in the end.
-Dave
|
|
|
Maybe they updated their terms in recent times which allows them to hold the user's funds forever.
Not anywhere in the US ToS that I can find. Obviously, they are going to have different ToS for different countries / jurisdictions. They also will confiscate and turn over funds based on government requests, but any financial institution that holds money will do that. -Dave
|
|
|
This is Address poisoning attack. Not something new....
But with GPUs getting more and more powerful it's starting to show up more since what would have used to be days or weeks of trying to get an address is now seconds. You can import one of many lists of addresses with balances and then get 6 or 7 characters in just about no time. I'm 100% sure there is some hack of vanitysearch out there that would do it. Heck VS might actually do it, I didn't look. -Dave
|
|
|
Hi,
I will be in the US soon and I would love to use some Bitrefill gift cards for my trip. Two questions:
1. You guys got some ideas for gift cards that either work directly in the store and don't need an US app on your phone? Especially restaurants or food. I would like to print the qr code, walk in the store and get my food. 2. Did you try the Groupon gift card? Does it work?
And maybe one more off-topic question: are there any kyc-free bitcoin atms with low fees? Are there kyc-free atms at all?
Thanks.
It depends on the restaurant. A Ruth Chris opened near where I live and they took the printout no problem: https://www.bitrefill.com/us/en/gift-cards/ruths-chris-steakhouse-usa/As does California Pizza Kitchen: https://www.bitrefill.com/us/en/gift-cards/california-pizza-kitchen-usa/With Fast Food it depends on the person behind the counter. But.... Famous Daves: https://www.bitrefill.com/us/en/gift-cards/famous-daves-usa/ had to call a manager and someone else over for us to use it. I told them it's OK, I'm Dave but they didn't care.... As for the ATMs there are separate posts around here to discuss, a lot depends on where you are. (i.e. Las Vegas, has more BATMs that have very light KYC vs BATMs in Florida) -Dave
|
|
|
Well as a ten year plus year miner I think there several fixes.
My favorite is all stale addresses are considered abandoned in 2059 there will be untouched 50 year old addresses with no withdrawals ever made. Fold them back into rewards if no withdrawal is made in them.
Most people say they hate this. I like it because it is what banks do.
The Ln network may grow and create more fees. Ordinals may grow and create more fees.
Moving to ten digits not eight could help the network.
Most banks now have to turn it over to the state who sits on it as unclaimed funds. https://nj.gov/treasury/unclaimed-property/I really don't like the concept of pulling it back since if I put something into cold storage and pass it to my friends kids if they want to sit on it and pass it on they should be able to. I have some paper stock certificates that are still good going back more then 50 years. But since I'll either be close to 90, or more likely dead by 2059 it's not a real concern -Dave.
|
|
|
With still no price and full specs the wait list may drop off a lot once they really start selling. There is also the issue of time, how many people will they loose because for whatever reason they just can't wait any longer. That has become a large issue over the last few years with 'wait listed cars' I wound up getting my deposit back on a couple of car reservations because it got to the point although I did not need a car NOW my warranty was expiring and I did not want to risk driving something (even something as reliable as a Honda) without one.
On today's vehicles, which are for the most part computers with wheels, even minor things can cost a fortune to fix. At times it's not even the parts but just a labor to get to the parts.
I went the other way, instead of getting a new tablet on wheels every 3 years I figured that an older used car with no turbo, no ADAS, port injection, stick shift, is about as good as it will ever get in automotive technology. The only modern amenity I like is Android thingamabob with maps and Spotify, and that's like a $500 retrofit, people pay more than that MONTHLY for their cars..... Drifting from the topic here a bit but: I know I have posted about it before but I spend WAYYYY to much time in my car not to have all the creature comforts and features. If I needed it to go from A to B I probably would not care. But I need it to go from A to B to C to D to E to F .... to X to Y to Z to AA.... I picked up my new car July 24th after work. Today makes it 7 weeks old. According to the app I have over 200 power on hours. So 7 weeks x 7 days = 49 days. 200 hours / 49 days = 4+ hours a day I am in that seat (on average obviously). So yes I want my ventilated seats. I want my heads up display. I want my adaptive cruise control. I really wish I could get away with not having them, but I do field repair work. My car that I’ve been driving for more than a decade had its check engine light come on today. I sure hope Elon is able to get the Cybertruck deliveries rolling soon. Not sure how much longer my whip will be running. With all the price reductions on the rest of Tesla’s fleet and the tax rebates, it’s hard not to pull the trigger on a model 3 right now. Gotta keep my eyes on the prize though.
---engaging dad mode--- You really should have that checked ASAP, ignoring a minor inexpensive issue now can cost you more later. Any one of dozens of sensors can go bad and pop the CEL on. That could cause the computer to do some stupid things that cause other issues. ---ending dad mode--- Watch what some computers do when you have some emissions issues. https://www.youtube.com/watch?v=rm-E0_RKC1s-Dave
|
|
|
|