In your Electrum transaction details (right click>View Transaction), the two outputs should be colour coded. One of them is Yellow in colour and that should be your change address.

If that is the case, then there is nothing to worry about. Electrum sends the transaction to a different address for the change.

Correct. The device actually cannot check for hardware modifications by itself. The most that it can do is to verify that the firmware is authentic and there is nothing done to it. With the PCB, you can embed certain stuff and trick the user into thinking that the device is unmodified. That is why hardware wallets also have tamper-proof mechanism and people are strongly discouraged from purchasing used HW wallets.

With regards to OP's question, the MCU and the firmware is designed to not leak sensitive information via the USB and the bootloader should validate for the authenticity of the firmware as well. There is nothing against exploitation of vulnerabilities though, Trezor does have quite a serious vulnerability with their devices which allows seeds to be readily extracted. Hardware wallets are far more hardened than your regular computer but that doesn't mean it is immutable to exploits.

They aren't really considered taint, or at least the known transactions that exchanges has openly restricted so far. Exchanges only ban them as a result of a direct link between the deposit transaction and something against their ToS. Definition of taint is generally recognized as something that can be linked to certain illicit transactions but that is not what (most) exchanges actually ban. CoinJoin and gambling sites are not illegal per se, but it is against their ToS. You have a strong case against the exchange denying you service if you're able to prove that you're not involved in any activities against their ToS. Their definition of taint is different from how we define it.

The best way to remove taint is to cooperate with a miner and launder it through the transaction fees. Most blockchain analysis don't follow that trail for their taint.

Yeah, that is going to be quite a long wait. There are at least 17vMB of transactions paying a higher fee rate than you and would take 17 blocks to clear them alone.

Problem with CoinJoin is that once the transaction appears on the blockchain, it is difficult to do anything to it. Using RBF requires the agreement of all the users for which I don't think Wasabi provides. You can do a CPFP on that transaction which also means that you're paying a much higher fee as you're in effect making a fee increment for everyone for which you won't get any compensation for.

Question of whether Bitcoin is hackable is quite difficult to answer. Yes, there are ways to reduce the complexity to crack an address but it is mathematically still implausible currently due to the amount of resources required.

It is the kind of questions that you won't really know the answer to. Has Bitcoin been hacked? Perhaps, there is no way to prove a negative and arguably difficult to prove a positive in practice. Of course, the theoretical aspect of this puts this at a ridiculously miniscule chances if you use Bitcoin correctly. If you did put your keys on a server that can be accessible by a third party, then it is perfectly possible to get compromised.

Won't work. The site restricts connections from Tor exit nodes or through its onion address, no matter what UA it is using. It would be quite bad for the site if they're restricting you based on your UA instead of your IP. API calls don't consume more bandwidth or resources to pose a problem.

The best way is to synchronize your Bitcoin Core fully and cycle through your various wallet.dat. This is extremely time consuming but is practically the only way for you to ascertain the balance in each of your wallet.dat.

You can of course, export your data using dumpwallet command but you'll receive thousands of addresses and it would be even more time consuming to filter through them. The addresses are organized in rows so you can have a script to call some blockexplorers for their balance but that can only be fast if your block explorer doesn't rate limit you.

Your cold wallet should contain the private keys, or else you won't be able to generate any addresses in the first place.

Generate your cold storage wallet as per usual, with createwallet. Afterwards;


You'll get a string and that is your descriptor.

If you want a watch-only wallet, it has to be online, there is no point keeping it offline. You have to generate a descriptorwallet first;

Afterwards, import your descriptor through this, check the syntax here[1].

[1] https://bitcoincore.org/en/doc/0.21.0/rpc/wallet/importdescriptors/

Looks alright to me. During startup, Core checks the last X blocks for inconsistencies. Specifically, the debug.log prints that they've checked the last X blocks for coin database inconsistencies.

I don't think it does a full check of the entire chainstate, as it'll take too much time. Do CMIIW.

The last time I checked, Bitcoin Core shuts down gracefully upon running out of disk space so not really a lot of concern for any corruption there. Even if there is, it wouldn't be a big issue, just replace your data.

The leveldb should have CRC32 checksum for the records and would throw an error upon a mismatch.

Non-default mempool doesn't strictly enforce standardness in terms of the minimum mempool fees, the disparity arises with the fact that the graph doesn't show transactions that pays a fee of 0 - 1 satoshi. Since default implementation enforces 1+sat/vbyte, there is no disparity in the total. It doesn't matter because the default puts it at 1 sat/vbyte and is also what most miners enforce as well.

By putting the argument for disable private keys as true, the wallet cannot create any private keys as a seed is not generated for that wallet. If you need a wallet that is able to generate a wallet, you should generate a wallet without specifying true for either of the options, ie. Just the wallet name will do.

If you generate a blank wallet, you can import your own seeds for Bitcoin Core to generate or import your addresses individually.

Security is a non-issue as of now. There is no evidence that something like this is possible today nor would it be cost effective even if it is.

The argument against user's specified change address or address reuse is primarily about the privacy.

Yes correct. The remainder after subtracting both your sending amount and the fees will be sent to the change address.

AFAIK, Core doesn't limit the use of change address, specifically with user specified ones. It's fine to be using your own if desired. Core checks if the addresses are from your current wallet but it would just throw a warning, nothing much.

Binance did publish their cold storage address (both on Bitcoin and Ethereum) and are still actively using it. It is just too easy to deduce which addresses belongs to which exchange; create a few accounts and send a few deposits. Check the transaction paths of each deposit and watch for intersections, and those are the main addresses being used by the exchange. No difference if they declare it or not. Services can still directly send user's deposit for another user's withdrawals which can be slightly more complicated.
It's a proof of solvency, which is just avoiding another Mt Gox.

I forgot to mention, BitMex has a vanity multisig. Which gives you some indication that they're from Bitmex. Not 100% accurate as with any analysis out there.

Fundamentally, Bitcoin is still a form of currency and that can't be disputed and it hasn't lost its primary purpose. The current price is derived from the institutional investors which are quite speculative in nature, like Tesla. In the case of people starting to HODL Bitcoin without wanting to sell it, they're in fact creating a bubble and it would pop sooner or later. It is simply not sustainable for the majority to be refusing to sell their Bitcoins and there has to be a limit where people stops demanding for Bitcoins, the cycle cannot be perpetual.

As you've mentioned, the original purpose of Bitcoin is for P2P transactions. So far, the changes to Bitcoin is to gear it up for mass adoption someday, through capacity increases. 

Correct. The most influential people appears to treat Bitcoin as a speculative asset as compared to something that can replace fiat.

Depends. In the first place, you're going to levy a pigovian tax on the electrical production. That eliminates the negative externality as Bitcoin doesn't necessarily affect the environment directly. The cause of the negative externality is primarily the production of the electricity.

Now, it could be great for Bitcoin as you're going to have lesser people arguing that Bitcoin produces too much environmental pollution as the negative externality is accounted for. This doesn't necessarily means that the act of mining doesn't affect electrical production but it is bound to drop given an increase in the cost, -ve externality being internalized. Same can be said for any other activities that requires electrical consumption.

It could be bad for Bitcoin as there are now lesser miners, which affects the security. Forcing miners to certain kinds of energy can be potentially detrimental to the community; if the government doesn't regulate the electricity, then miners would be using far too much electricity from a certain source (which doesn't have carbon tax) and thus negatively affect the community around them. I doubt this would happen, electricity market is often regulated with the local government.

Exchanges often consolidates their funds in several addresses and they are easily identified as they're either publicly known or if most of the funds that are sent to the address flows through a certain specific address.

By analysing the pattern of certain addresses (or rather transactions associated with the address) ;(whether they're consolidated together with other deposits, being sent to certain addresses down the line, etc), we can deduce with a relatively high degree of certainty that a specific address is a deposit address of a certain service.

It exists for every Bitcoin type of website on Google. It has been quite prevalent for Electrum at least. Those sites don't achieve a high enough SEO and is often just displayed as an ad. Most of them involves several redirections which I'm assume is what helps them to evade detection. Don't think it's particularly useful but it would be better to just report it first.

There are quite a few variants of this and we don't need to help with their SEO.

You don't have to hold the attack for very long. You can at most execute only one attack, if you are out for the profit. The network will react accordingly to the attack to minimize the impact after the attack happen.

Rather than electrical consumption, the main factor limiting something like this is actually the costs of executing such an attack. Purchasing the ASICs for something like this is ridiculously expensive, keeping in mind that it's only good for one attack and they are rendered useless afterwards. Even if you were able to double spend and get your Bitcoins back, what is the use when the price crashes right after? You're still left to deal with ASICs that probably won't be used after as the community explores another algorithm.