If you cannot use any other device other than the Android which is infected with malware, there is no way you can use it without an internet connection and thus the malware will always steal your funds whenever you go online. If your phone is (in the worst case scenario) infected with malware, I can't see any reason why you wouldn't be trying to back up your seeds and important files before resetting the phone completely.

If you do have another computer with a QR code, you can click your wallet and your master public key should be shown. Import that onto an Electrum on your computer as a watchonly wallet. Next, use the desktop Electrum to create a raw transaction, Finalize and export using QR Code. Afterwhich, go back to your phone and in the Send Tab, press scan and you should be able to sign your transaction. Using the desktop Electrum, go to Tools>Load Transaction>From QR Code and you can broadcast using that.

Unless you know exactly how to use Coinb.in and which addresses the funds are located in, you shouldn't use coinb.in. It's tougher to use than most wallet UIs and is more suited for advanced users. Coinb.in also seems to break the raw transaction when copied to Electrum as well.

It is. I just don't see the point if they aren't sufficient for doing anything as much as attacking Bitcoin, nor would I think that anyone in the public would be able to have access to such technology at least until the point when the relevant cryptographic algorithms are phased out.

The threats of quantum computers are very real. That does not discount the fact that the incentives to attack Bitcoin pales in comparison to the other things that you can do with QC. You're assuming that we won't be able to at least adopt another QC resistant standards before it becomes a threat. Long before Bitcoin becomes a target, I would assume that we would've adopted another QC resistant algorithm. QC technologies seems to have an incremental improvement over the years and I don't think that a 2000qubit QC machine would be discovered overnight. As a state, I would think that they are more interested in collecting encrypted information rather than cracking a few Bitcoin keys, and I think the estimates for a ~1500qubit machine puts it at one PK per hour. I'm not exactly sure of the running costs of a quantum computer but I would probably think that it's not worth their time at an early stage where you would probably need a very precisely controlled conditions to keep it stable.

Bitcoin prices will probably crash if that type of QC gets discovered overnight, so will the stocks market. QCs are after all not the primary threat to Bitcoin, but to all existing internet infrastructure.

Yes, Bitcoin will definitely be affected by QC but the fact that it *probably* cannot be mass produced in the first place will bring about some doubts if people would want to start cracking the keys if they (the states) could stand to gain much more by starting to decrypt previously intercepted internet traffic. Anyhow, I would regard all of the discussions as speculations. If quantum computers gets cheap enough and collecting money is their main goal, then attacking a currency like Bitcoin could make some sense though the effects will be limited.

Quantum computers do not provide a sufficient speedup for your hashing algorithm which is your RIPEMD160 and SHA256 which wouldn't allow them to be able to get to your ECDSA public key which would be required for to be able to get your private key from your public key.
I would think that a collusion with a mining pool would make this far easier with them only accepting the attacker's TX. I couldn't find any other relevant information regarding the number of qubits required but I remember that you'll need a fairly high number of qubits to be able to pull this off within an hour. All the scenarios described are purely hypothetical. I wouldn't really believe that the adversary, if it's a government would truly be interested in attacking Bitcoin as it's merely a low hanging fruit with fairly low rewards.

You're generating a private key, not a paper wallet. You can just do it by downloading Bitcoin Core.

---

OP, take note of the phishing sites. It is not sufficient to just load the webpage and disconnect your internet connection. Bitaddress doesn't generate any Segwit address type and you can't get the benefits of Segwit when you're using their paper wallet. I'm not aware of any wellknown segwit paper wallet generators though. Depending on your use case, you can explore airgapped wallets as well.

Depends on how you accessed it. I would just download it directly from Github and verify the signature myself minimally, else the script is quite fast to skim through and it would be way better than generating it offline. A certain paper wallet website is known to intentionally introduce a weak RNG and thus generating predictable private keys and that can be injected into the website without the user ever knowing. Not to mention if you get a MITM attack.

---

Paper wallets are tougher to use as compared to most cold storage methods and/or desktop wallets. Spending them securely is not simple for most and it would be fairly difficult to secure it as well.

Encryption is a totally different ballgame. Depending on the complexity of the password and how accurate your guesses are, the time taken to bruteforce one could possibly be over your lifetime. That isn't the point of data recovery services who will only recover your data and the rest would be dependent on you. SSDs are significantly more complex than HDD however, from experience, I've seen more successful HDD restoration by just replacing the controller than HDD. Approach your local data recovery company, they would know best with them having the disk physically.

You really can't get more privacy than doing face to face fiat transaction. If you were to put the specific amount in a multisig wallet or pre-sign a raw transaction, the robbers would have a slightly harder time trying to rob you since no one really memorizes seeds or keys. If you have to do a meet up, I would often suggest a more public place with high human traffic. There are obvious risks associated with physical transactions but you can also chargeback bank transactions. Meeting up for large transactions at a secluded place is very shady to say the least. I wouldn't have continued with the transaction.

I don't think Slushpool pays out from their Coinbase transaction like some other pools (judging from their blocks alone) but it would be a good practice to have it sent to a wallet that you have some control over. Electrum, Bitcoin Core or Wasabi Wallet would be a good choice. After the funds are sent to the account, you can send it to your exchange.

Very often. People always seems to fall for phishing scams, likely due to the fact that Google doesn't really care about the phishing reports as well and they run rampant at the ad slot in the searches. 2FA can only do so much to protect you but won't be able to do much against the user's incompetence. It's usually only used to protect the user from getting hacked from leaked passwords or from unauthorized logins only. Malwares can target the more complacent users and be able to trick more with well scripted malware. If you take precautions to only download from the websites that you trust, you shouldn't be facing any problems.

Depends on how you look at it. It consists of 2x 5 qubit processors and a 16 qubit processor. So, not really practical to attack cryptography at all. As to the prior argument, I would say that if there comes a day where quantum computers are powerful enough, the governments will keep it for themselves. Breaking asymmetric cryptography is useful for espionage and mass surveillence, don't think they have any incentives to do so.

Comes down to opportunity cost. I don't see quantum computers with that many qubits to be readily available and they would very much rather use it for deciphering sensitive information. Using it to attack Bitcoin won't reap much benefits especially when some BIPs would probably shift it to a quantum resistant algorithm fairly quickly.

I don't know of any wallets on Android or any wallets in general that uses .dat. Did you reset the phone with the wallet file on it or did you meant some Android Wallets?

Most Android wallets do not store their wallet files in the basic internal storage but they would usually store it within the area which requires root access. I know Knox makes it hard and makes the device less useful when rooted but if you did root it, it would be slightly easier. Rooting it now *might* require a factory reset again so I don't recommend that.

Try replacing the pip with pip3?

Anyways, as said it wouldn't really matter because Electrum probably don't need it at all or else it would've been required to be installed as one of the dependencies and for which, it was dropped from the requirements some time ago[1].

[1] https://github.com/spesmilo/electrum/commit/1cc8c2c0552655252315515120aee9d3e70aa55b#diff-b0c5e3aaccb072be3dd2f8d839fe7dd9d58720ed93d9b337d6f58f77578f7d00

That is correct. I feel that game theory plays a huge part in the legitimacy of hardware wallets as well. They are bound to be audited fairly frequently and sometimes by the community to try to find exploits or bugs. If there are any serious vulnerabilities found within the hardware wallets, then their reputation would be tarnished. I don't consider this as being overly paranoid but there wouldn't be anything that you can do if you don't have the expertise to read codes/equipment to inspect the hardware. Same goes for wallet builds, if you don't understand the code and you're instead validating your copy against someone else's, you are just trusting another person/a group of people and for them to be honest.

I feel like the benefit of open source codes has been blown out of proportion. I find it helpful to be able to read and inspect the codes myself but I think that the normal users would be fazed by the lines and lines of code and wouldn't even try to read it, if at all. Sure, open source projects removes the corporate aspect of the software but it by no means guarantee that an open source software will be better than a proprietary one.

Spreading malware: https://bitcointalk.org/index.php?topic=5182222.msg55205496#msg55205496

It shouldn't pose much of an issue or else your Electrum wouldn't have proceeded at all.

Electrum currently uses cryptography as a dependency as well and I think they use that by default and pycryptodome became optional quite some time ago. Cryptography is a mandatory dependency while cryptodomex is an optional one, it doesn't affect if your version is lower than the required as it's just included in their dependency checks.

You can update it if you want, pip install pycryptodomex.

House edge guarantees that the returns in the long run is always negative. You're expected to lose about that percentage of your bankroll in the long run, no matter how much bankroll you have. Even if you have an excessively huge bankroll, simple statistics shows that the risk of you getting an excessively long streak increases as you play. While the probability can seem relatively small, it is more than likely that you're going to hit that streak before you hit your desired returns.

If you were to use this method, I'll recommend you to just play manually instead.

It's not a Bitcoin transaction. It's a Litecoin transaction[1]. Use Litecoin (Core) to load the wallet instead.


[1] https://blockchair.com/litecoin/transaction/1e5b8486bcf91696b879d2c10364fdeaa117b062e70259087792455e3b86dc24

1. Bitcoin isn't too complicated for the masses if you don't have to understand the technical workings of the blockchain. All you have to do is to understand how to send Bitcoins and how the fees should work. Loads of wallet has simplified this for you by introducing floating fees.
2. There is. Export your seeds or the wallet file for Bitcoin Core.
3. Use a reliable escrow. If you were to lock the file in a 2-of-3 multisig, you can get a trusted third party to act as the mediator in case something goes wrong.
4. That's a problem with the adoption which is not a big problem.

If you were to compare it with fiat, I would argue that it has far lesser underlying issues if you can spend some time to understand it.

You can't. None of the UTXOs in the address has been spent and thus the redeem script is not revealed. You should pick an address with at least one of the UTXOs spent so we can see the redeem script.

If you would refer to my transactions, you'll notice that it's easy to get the redeem script from the second set of TXes and thus the kind of P2SH scripts it contains.

Unless the hard drive was vacuum sealed or well kept in layers of shipping foam with waterproofing, it's safe to say that the disk would probably be damaged beyond recognition at this point in time. Magnetic striped disks are very fragile and there is zero chance of it surviving for so many years unless some miracle happens. The most I've seen was a HDD being recovered from a burned hard drive but it was shipped relatively quickly to the recovery company and didn't sustained too much damage. Oh wells, paying 70 million if it gets recovered doesn't cost the owner too much anyways.