If you've received a 12 word seed phrase during creation, Electrum only generates addresses that would be recoverable from that specific seed phrase so your funds will never be lost either ways.

I'll recommend you to generate an address using the receive tab instead of manually selecting an address. When using the receive tab, Electrum can organize your payments and associate them with the description selected. In addition, addresses are also not reused.

The remainder of the Bitcoins that are not spent in the transaction are sent to the change address. It has a different derivation path but it is also still recoverable using the seed phrase.

Complicated conditions like these are which depends on certain unpredictable conditions cannot be expressed in a script for P2SH addresses.

You need a mediator with a Multisig transaction which can decide whether or not to release the coins in the event of a dispute.

This assumes that the attacker won't also replace the PGP public key for ThomasV as well. PGP is best used in conjunction with an established web of trust which can be hard to get for some users and I would probably recommend users to at least get another source of information to validate if the imported public key is also correct.

I agree with the above sentiments as well. Using solely the hash of the files as a validation is insecure. There is a reason why Bitcoin Core hash sums are included within a PGP signed message and users are encouraged to verify them first before trusting it. Using the hashes as it is would merely serve as a way to verify data integrity but not guarantee its security.

Nope it isn't. The open source nature of Bitcoin gives everyone the ability to review the code (provided that they have the technical competency to do so). It has little to no effect to any backdoors and conversely, any possible backdoors would be evident as you can see what the code does.

The generation transaction would only be included in the blockchain (or the current longest chain difficulty wise), if they're able to mine a valid block that further extends that chain. The consensus is reached by selecting the longest chain difficulty-wise. Given that the nodes which forms the network enforces protocol rules, there is no way for miners to be able to include more than the current block subsidy and the transaction fees in that coinbase transaction. Doing so would result in the entire block being invalid and gets rejected by the network.

Bitcoin has a specific block subsidy as defined in the code as well as a halving every pre-defined amount of blocks. As a result, the supply of Bitcoin follows a geometrical progression; halving is per 210,000 blocks, total amount of Bitcoin in the first period is 210,000 * 50 = 10,500,000. Sum to infinity: 10,500,000/0.5. While this result of 21,000,000 only holds true if there is no limit to the decimal place, since the smallest denomination is a satoshi, the total possible supply is actually slightly less than 21 million.

The block subsidy is defined in the protocol and enforced by the node. Miners can include no more than the current enforced limit of the coins being generated which is 6.25BTC. The coins are included into the circulation by the use of the coinbase transaction in the block mined by the miner. The coinbase transaction (or generation transaction)[1] contains the block rewards but doesn't need any references to any TXID within the transaction or scriptsig. During the creation of the block, the miner will create a coinbase transaction that sends both the transaction fees within the block as well as the block rewards to their address as well as other relevant data (witness commitment, etc).

[1] https://blockchair.com/bitcoin/transaction/94218fd3c820f4b75c93af58ef560ac2839097eb767005d172f4515362a7684c

Electrum removed the fees selection from the settings and displays it when the user initiates a transaction. You should be prompted for the fees with the selection methodology (mempool, ETA or static) during the creation of the transaction. Does that not appear for you?

You can open a wallet or install/update your Electrum offline. The only operation that requires internet are those that updates your wallet with the transactions, etc.

Using it offline after having connected to the internet won't be very beneficial, security-wise. Using it offline requires an air-gap setup which keeps your wallet offline which minimizes any attack vector that uses the internet to transfer information. Keeping your computer free from malware should be something that is done all the time, not only when you're updating your client. As long as you can validate the files, you're probably fine.

I think the best way to identify whichever key you're looking for is to find the redeem script.

Copy the string from the script column in your inputs and it should be a format like 0047....ae. Remove the zeros and check the number after that, if it is 47, remove 142 characters, 48, remove 144 characters or if it is 49, remove 146 characters. So, you'll be removing ... 0047(142/144/146 characters) and the remainder should be 52....53ae, if not then try again. Paste the rest of the string back into coinb.in/#Verify and it should display the redeem script and the addresses associated with that multisig.
 
Unfortunately, I can't recall any site that displays the redeemscript from a raw transaction so this is actually quite an inelegant solution.

Pressing the message should show you a link to Electrum.org. While it doesn't present any security risk, I would still advice you to check the link if it is correct again and also validate your download with ThomasV's PGP.

If the order is canceled and the transaction is confirmed, you need to contact the merchant to refund you. Coinb.in can't help because you won't have access to the private key that belongs to the recipient.

No. It imports your master public key into the wallet which makes it a watch-only wallet and you unable to spend the funds.

I'm not sure how you're generating a watch-only wallet if you're entering the seed, there isn't any type of seed that would specifically give you a watch-only wallet. As for the wallet on your old computer, do you see a germinated seed at the bottom right? If so, can you click on it and see your seed phrase?

Your long term scalability problem doesn't lie with on-chain transactions; you can really only do so much if you don't want to raise the block size. Instead, using 2nd Layer like LN would solve the scalability issue much better without all the politics that goes into making changes to the protocol.

LN is fortunately not a short term solution but the adoption is still fairly low.

Might be a redundant question but is your Bitcoin Core synchronized? My current solomining setup still functions fine and there doesn't seem to be anything wrong with your config.

P2SH, P2WPKH/P2WSH are all different from each other, as defined in BIP141[1]. The link should answer your queries, scroll up to look at P2WPKH as well. P2WPKH and P2WSH have 20 bytes and 32 bytes of data being pushed onto the stack respectively.

The OP codes are defined in the script hash. Hashing the redeem script allows the nodes to correctly hash the redeem script defined in the spending transaction to your address, together with the conditions and thus verifying that your transaction meets the requirements.

[1] https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki#P2WSH

---

Multisig is not the only use of P2SH. There are OP_CLTV, anyone can spend and this[2].

[2] https://bitcointalk.org/index.php?topic=293382.0

Depends. If you're talking about transactions without a physical item, it would be fairly easy. I don't think its particularly hard to provide any evidence (if they even ask for it that is) and they almost always tend to side with the consumer instead of the merchant. Having zero risks with chargeback is far better than having to shoulder the losses from something like that.
The criteria for chargeback is just so broad. Unfortunately the reality is that, banks probably won't bother trying to investigate it and just rule in favour of the consumer. I've had an experience with purchasing some computer parts and it arrived with the pins all bent and it was packed terribly, merchant doesn't want to refund or even replace it for me. Called up my bank, said they will investigate and it took a week or so. Never asked for any proof from me and I don't think they needed any proof from the merchant.

Anyhow, unless you're using lightning or any off-chain solution, accepting Bitcoin as an on-chain payment is far too expensive for both the user and the merchant.

Each Bitcoin output (UTXO) has a specific requirement for it to be spent (ie. conditions for a transaction containing that to be valid). For most, the requirement would be a signature that is signed with the appropriate key and without that, it would be an invalid transaction and it cannot be included in the blockchain. Any blocks that contains an invalid transaction will be rejected by the reference client. There are scripthash addresses with different predefined requirements for it to be spent and those might not require any signature at all, just the conditions to be met.

If you can't meet the requirements to spend that output, you cannot create a valid transaction without it. If you've lost your private key, then there is no way to sign it and there is no way for you to recover the funds.

I consider this site's methodology a lot more reliable than other stats: https://cbeci.org/.

PoW is probably one of the most secure systems out there. It functions on the basis that certain resources has to be exchanged and hence it is called proof of work. The game theory behind this makes Bitcoin secure and IMO is quite irreplaceable. I think the environmental concerns are valid but it doesn't mean that the benefits to using this doesn't outweigh the cost in terms of negative externality (namely the environment). As renewable energy are actually more widespread in Bitcoin mining, you can justify that it still helps to offset the cost of the R&D and the cost of building those facilities.

Yes, it is still very much a prevalent issue as it doesn't solve the problem of e-waste among other things. I'd still argue that the tradeoffs is still worth it considering the utility of Bitcoin.

In fact, it happened to ChipMixer recently[1]. I suspect it would be something similar to BGP poisoning in conjunction with a hijacked HTTPS certificate. CAs are responsible for issuing the correct certificates and something like this wouldn't have happened if the certificate wasn't issued; it would either have to be non-SSL site or it'll throw an error. There are mitigation available for these attacks but the onus is on the ISPs to implement them.

[1] https://bitcointalk.org/index.php?topic=1935098.msg56179978#msg56179978

Well, to each their own. I personally don't find that there is any point with purchasing the private key to any addresses. There is really nothing to boast about having access to an address that used to have loads of Bitcoins. Could be useful if you're pretending to be someone who was an early adopter of Bitcoin.

There were some people who bought addresses during the ClamCoin era if they were able to get the ClamCoins from them. Most "airdrops" or anything similar are probably mostly associated with scamcoins and aren't very useful.

The way Electrum generates the seed makes the derivation path and the seed type unambiguous when compared to BIP39's implementation. It wouldn't help to try to derive an address of a different format using the other key. It makes the whole process far more complicated than needed.

Just generating a BIP39 seed (and selecting appropriate derivation methods) would be far better than going through additional loops that could be prone to user errors.