|
It's the common SEO spam that you're seeing in the various sections. Some of them use these techniques such that the links aren't visible to the naked eye to evade detection. Wouldn't recommend clicking on them. Just report them and it should be gone soon.
|
|
|
|
1. The lack of authority from the crypto founder to resolve issues from its user.
Which is exactly why cryptos are popular. The fact that each user holds the power to choose what they want and not have a "government" or someone holding the control of the system and make decisions that could be undesirable or unpopular is why people prefer Cryptos. 2. Miners service are decentralize.
Who would ever thought that they could get you a 1$ transaction of a fee which could be more than a thousand dollar's fee? There is something wrong and miners should be held liable into this by only limiting the transaction fee to be deducted not more than the transacted amount. They are abusing due to the fact that their service is in demand especially the bullish trend of bitcoin.
The capacity of Bitcoin is limited. The fee market is essentially a free market and the market forces is what decides the fees. I don't see the miners interfering in the current situation nor do I think that the rise in the fees are caused by the miners instead of the influx in transactions. 3. The abuse may be only happening and will be resolve between both parties. Same thought about in number 1 but this talk about resolution between both parties and not about the lack of authority from the founder. A certain user could mistakenly send high amount in the transaction without checking it and will be requested for a refund. The other party could deny and there us nothing you could do because it was your fault and no one can help you.
Get a trusted escrow. Bitcoin is reversible. On the contrary, if transactions aren't final, there has to be a third party to make decisions and take sides in the event of a dispute. If you want that, get an escrow.
What you've described so far is basically Paypal or any banking system. Bitcoin is designed to counter some of the undesirable characteristics of such systems. If you want those kinds of restrictive rules, then I don't think you should use Bitcoin or any other cryptos. |
|
|
|
I would argue that everyone who bought a Ledger is having a huge headache with the leak of their personal data and wish they had used an old mobile right now. If you encrypt your wallet on the device and encrypt the device (as most modern phones do automatically when you turn them off) the level of security is still more than adequate.
Well... Yeah I guess there's a point to be made there. My POV is that yes, they did mess up and that was a pretty bad incident on Ledger's part but hardware wallet still remains an attractive alternative. To be fair, whatever happened doesn't undermine the benefits that a hardware wallets has. Being designed specifically to store Bitcoin securely and making it as 'KISS' as possible does make the user experience that much better. Perhaps not Ledger but perhaps those that has done appropriate security measures or have practiced better opsec would've eliminated the risks of this happening, using a PO box, reshippers address, fake name, neighbour's house etc. I guess people don't really think about preserving their privacy when it comes to things like this. If you want a hardware wallet that's easy to use, transparent and airgapped, then use ColdCard. I've had pretty bad experiences with mobile wallets initially which is why I never looked back. AFAIK, most are not that userfriendly when a user wants to use it as a cold storage that would be resemble at least an Electrum/Bitcoin Core/most desktop hardware wallets. I personally found it quite insecure to be using phones and would very much prefer LiveCDs instead. They will provide more security than a normal desktop wallet but I found the more well known ones quite limited in terms of capabilities and most of them seems to be less audited. |
|
|
|
there need to be a good term describing this types of nodes that are too old now. they still have a UTXO set and validate that too which is something SPV clients will never do. there is also a lot of other checks such as script evaluations and validation of a lot of other consensus rules.
I don't think they are the same as SPV clients but they are similar to a certain extent, obsolete client would be a good word. There is no need for fancy naming because no one should be running those in the first place. They can do many things that SPV can't, privacy-wise, and to some extent on it's security. But I think we can all agree that with their inability to validate segwit signatures in a block, they are kind of similar. |
|
|
|
Is a tx in a block just displayed as a txid or is the whole tx displayed (like: decoderawtransction HEX)?
I think this has been elaborated sufficiently. Just want to add that the ordering of the transactions is also determined by the merkle root. So why not just storing the txid, since the txid is stored in the mempool?
Is this just for security reasons in case someone hasn't a txid which is in a block but not in his mempool?
Mempool is just the intermediate holding space for transactions which have yet to be included in the block. Transactions are always removed when they are included in a block. The transactions are only concrete with the POW when a block has been mined which includes the transactions. If it doesn't get included in a block, then it won't be in the blockchain. And when a node doesnt support segwit, how can he validate and accept a block when is bitcoin core version rejects the additional segwit block and the witness data is missing?
From my understanding, I consider older nodes which cannot validate Segwit transactions akin to an SPV wallet. They cannot validate that a segwit transaction is valid but they will always follow the longest POW chain difficulty-wise. |
|
|
|
If I'm not wrong this means the fees is around 920$ https://i.postimg.cc/J4cQZZ5g/Capture.jpgas it gives me error message "max fee exceeded" when I press OK if I set fee manually to 0.001 instead of 0.04 it shows fee is 0.5 sat/byte ! https://postimg.cc/MMwPs09Yand it took too long not couple of days almost a week and didn't reach my seller yet ! he's pushing me  The problem is that the size of your initial transaction is exceedingly big and it isn't helped by the fact that the transaction is sent from a legacy address. In the first picture, your denomination is mBTC(0.001BTC) and thus it's 0.00008BTC for both transaction and 0.00004BTC for your CPFP transaction. I think your inputs amount is very small and there isn't enough left to spare for the fees and that's why it's giving the error. You can see that the input amount is only 0.01909mBTC which is very much smaller than the fees you are paying. |
|
|
|
|
Gambler's fallacy. There is no pattern when you're betting on any provably fair site because each bet is independent of each other. Any "AI" gambling bot can't analyse patterns from a sample of bets because there is literally no distinct pattern within the sample and if there's any, it's most likely just a fluke. Probably just a fancy way to advertise a "gambling script".
|
|
|
|
He didn't scam tbf, haha. Just had the future insight I guess. He provided us with gift cards etc at 0.1x - 0.5x face value in BTC. Now that BTC value has increased tremendously over the years.
Eh he repaid some of our loans as well and given free BTCs in a few different ways. So I guess he actually lost out more than you think. |
|
|
|
I want to analyze unconfirmed transactions, but there are more and more transactions in the memory pool, which leads to longer and longer analysis time of my program, so I hope to delete after the analysis, any good suggestions
I assume that you're getting a dataset for the mempool in general? That would mean you're looking to prune the same number of transactions from each fees level, I assume. The method is probably to export the mempool and process it before passing it to your program. There are ways to limit the size of mempool by using -maxmempool= and -minrelaytxfee= but that'll result in the transaction that pays a lesser fees to be excluded from your mempool. |
|
|
|
Thanks a lot for help, but what do u mean by high cost of fees now, is that for the wallet policy or for the current traffic ?
The number of transactions in the mempool has dipped for quite a bit. I don't think 1sat/byte transactions would confirm anytime soon so it'll help if you could import your wallet into Electrum and spend the change using a higher fee, back to your own wallet. You can do this by right clicking the unconfirmed transaction in Electrum and pressing child pay for parent. |
|
|
|
|
There is no way to delete specific transactions from your mempool. Deleting specific transactions from your mempool will only affect what you see and not what others see. You can try to set a different mempool policy but that'll affect a few transactions.
There are ways to remove transactions sent by you by using zapwallettxes.
|
|
|
|
After being in Airplane mode I configured the Airgap Vault on the phone and received the 24 words seed phrase along with the recovery key and I also created my cryptocoins addresses. Now my questions is , since I ve done all of this completely offline how will the blockchain know about my address and private key? I don't understand how something that was created on an airgapped device completely out of the world can be a part of the blockchain which only exists online, I think . Now I am afraid to send the money to that address because I don't know if it should've been done while I was still online or the way I did it was the right way to do it.
Blockchain doesn't have to know your address or anything. Addresses are not stored in the Blockchain and is just a derivation of your ECDSA public key, together with some additional information. You absolutely do not have to be online for this. Addresses are never "registered" with any central authority or stuff. In fact, when you're generating an address, you're just generating an ECDSA key pair on the secp256k1 curve which has a random 256bit number which is incredibly big. The probability of another individual generating the exact same key is astronomically low. I want to mention that for security I reset the phone to factory and connected it to a safe network(as it can be these days) to be sure there is no malware. But still, the only way to have the app installed was to connect it to a network therefore it was not airgapped, reset and never went online . This way I think malwared could have come either from the network , or from the app itself I suppose... Would be a better idea to transfer the files through bluetooth , sd card or anything else ?
I don't know about the app that you're using. I would never use a phone as an airgapped set up. Unless you sideload the application using APK or something similar with prior validation, there is a good chance that you've accidentally downloaded a malicious version of the intended app. I'm not sure what's the probability of this happening but I've seen plenty of those fake apps on Google Play recently. 2.About the airgap pc , I've read that when you send the transaction to the airgap pc you can also have the malware that's why would be better to use unwritable usb or cd's and destroy after every use. But if the malware is there it can send information through various ways: Electromagnetic,Acoustic,Thermal,Optical. What can it be done to be secured 100% against these methods in the case you take the malware .
Hardware wallets are specifically designed to reduce such signatures and if you're paranoid about that, you have to use a hardware wallet. There is no way around it. As to whether the malware can copy information from the offline computer, I'm not aware of any viruses that are as advance as this. I'll say that there is a fairly low chance as such malware would be fairly complex to be able to achieve such a feat by exploiting the vulnerabilities within the signing app and having it to execute a malicious code as well. I don't consider that as a huge risk. 3.My concern is that trough these methods they can take maybe more easily the private key from a phone. Or maybe not because you don't have to send the transaction physically therefore there is no possibility for malware infestation unless it was there before first setup. Am I right? In this case 2 phones using qr codes would make it safer than an airgapped pc?
You can use QR codes as a transfer medium using airgapped PCs as well. IMO, given the relatively small number of mobile users as compared to desktop wallet, I wouldn't see their level of security to one that would rival Electrum, Bitcoin Core and other desktop wallets. 4.My last question is , if I use the phone as an Airgapped device should I try to destroy bluetooth/wifi/antennas hardware (if there is any way) or is it safe to leave it as it is? I don't know if there is a way for the hacker to disable my airplane mode and making my phone go online to steal my private key.
If you're paranoid, then you should.
If you're inexperienced with cold storage set up, I would strongly dissuade you from pursuing such implementations. They are fairly confusing and complex for the average newbies and could result in unnecessary problems and headaches. In the case of Ledger, for which other than the database blunder, has been performing fairly well, it's a good HW wallet. If you're scared about the wallets being tampered, you should be scared about the bootloader/firmware of your phones being tampered as well. I wouldn't be surprised if there's some sort of intentionally inserted backdoor, though Apple has publicly refused but who knows? If you want a more open wallet, try using ColdCard. I cannot recommend you to use phones as cold storage unless you know what you're doing. There is no way a phone could achieve the level of security that a hardware wallet can provide. If you have the money to spend and want to avoid headaches, go for hardware wallet. If you still want to do this, consider using Electrum's method instead. It's quite a proven and tested method. https://electrum.readthedocs.io/en/latest/coldstorage.html |
|
|
|
|
The increment on loss for martingale is usually x2, so that'll mean that it follows a geometric progression. For geometric progression, the sum of the total amount of money loss in an X losing streak with a base bet of B is
(b(2^x -1))/(2-1) so if you want to know the total number of losing streak that you can sustain, just use an inequality and solve for X using some indices manipulation. Not tough and it doesn't need any programming.
So comes the reality shock: You will always lose when using martingale. The longer/the more bets you have, the higher chance you will lose all of your bankroll. The probability of a losing streak of X will increase exponentially with time/trials. In a perfect scenario, with unlimited bank roll and 0% house edge, you're expected to come to the same amount of money that you have at the start. In reality, house edge is usually 1% or so, so you'll lose 1% of your money with an unlimited bank roll.
You are statistically proven to lose against the house. No strategies can mitigate this, perhaps strategies in blackjack and stuff with card counting can reduce the house edge but not games that are purely based on chance.
|
|
|
|
I'm talking about europe because it's what I know, if anyone from Asia or Africa could bring their input on the matter, I think we'd have similar answers.
You're correct. British English is commonly used by Commonwealth countries which could possibly narrow it down to those 50+ countries. I was taught British English growing up but I found myself using American English more often instead, possibly due to me having more American influence on my linguistics. I think I observed that he was using British English before and I saw someone mentioning it. Anyways, if you want to really want to follow the trail, you could possibly scrape all his posts (and the whitepaper) and analyse it using NLP. Perhaps it could narrow it down slightly further with the nuances in the language used in the post but I'll treat it with a grain of salt, maybe the most you could do is to determine his demographics. |
|
|
|
Oh, so someone can locate it when the transfer gets public?
But sending it all at once would get it impossible to someone else to steal it? They won't have the time to do that, right?
Thing with paper wallets is that they're different from desktop wallets which has a huge keypool and a wallet files which can contain up to thousands of keys for each. When you're spending from a paper wallet, the change has to go back to the same address as your paper wallet or the funds will be lost. Imagine the address of your paper wallet as X, your transaction will look like this: X (0.002) -> Y (0.001) -> X (0.0005) 0.0005BTC fees In that scenario, it's easy to identify that you're paying to Y and if there's any party interested to compromise your privacy that is easy.
To address your second question, it is still possible. Transactions are replaceable when flagged as opt-in RBF and/or the attacker enlist the help of a mining pool which will mine their replacement transaction (this is far more unlikely). The timeframe for this to happen is the time when you import your paper wallet into some desktop wallet for signing and when it gets the first confirmation, which is approximately 10 minutes, or more if you're unlucky and didn't pay enough fees. To avoid this, I usually ask people to use the paper wallet on a computer with a freshly installed LiveCD. Yes, it isn't as secure as an airgapped computer but if you want to go that route, I would just suggest you to go for Electrum's airgapped wallet and not waste your time on a paper wallet. |
|
|
|
Not necessarily forks. If it takes a long time to download (and verify) a block, it becomes more difficult to quickly determine if a transaction is valid or not. This would make it difficult to even evaluate the risk of accepting an unconfirmed transaction.
Should any capacity increase happen, I would think that the priority would be to strike a balance between the time needed to download and verify the block while still ensuring the security. As of now, 1MB blocks take less than a second to download and verify for me. Compact block** already takes care of most of the heavy lifting required to validate a block. ** Which I think would address the concerns regarding bandwidth until blocks gets exceedingly big and also assuming that internet speed doesn't get faster which is usually not the case. Banning an entire subnet would potentially also ban some legitimate users.
Agreed. Actually, why would DOS be a factor with increasing block size in the first place? If the node only requests for the full block after validating the block header and ensuring that it meet the target, the small block header wouldn't be enough to successfully DOS someone. |
|
|
|
I think I'll get bitcoin core to connect via VPN, it's much simpler. If I connect via VPN, does it still compromise my privacy?
VPN masks your location but your VPN provider would still be able to see your traffic. They can keep logs on what and who you're connecting to as well as seeing the data being transferred from your node and could determine which transactions belongs to you and your habits. Tor, when done right is the best for privacy. I want to help others, but not at the expense of privacy and security, so should I UNCHECK "allow incoming connections" while using VPN?
You won't risk security or privacy when allowing inbound connections. The main risks arises when you're using Tor, allowing inbound connections and if some nodes connect to you through your clearnet. If you want to avoid this from happening, either bind the IP to 127.0.0.1 or disable it completely which is the default behavior for proxied Bitcoin Core. Anyhow, my take on Bitcoin Core is that running one primarily benefits yourself. Yes, you will benefit the network as a whole but if privacy is more important to you, you could look at Wasabi wallet which streamlines the process for their users by implementing coinjoin as well. |
|
|
|
|
Can you provide the full TXID?
1sat/byte is quite low considering that the mempool has spiked just now. ViaBTC requires about 10sat/byte if I'm not wrong so you can't push your transaction using their utility. The only thing you can do is to wait for the transaction to be confirmed because AFAIK, Blockchain.com doesn't offer RBF.
|
|
|
|
Though I am certain that nothing will happen on my bitcoin that is stored in their products, still, I am anxious about how can these physical attack be possible? Like seriously? That's a million number of email and other confidential personal information.
Over-complacency and poor security practices.
I cannot wrap my head around why Ledger didn't take appropriate measures and scrub the consumer's database regularly. It would've been one of the basic things that they could've done and would've limited the attack size significantly. I hope people won't break into homes just to get a Ledger. It'll help if you keep it in a safe or somewhere obscure but it's PIN code should nullify the effectiveness of any physical attacks, barring any zero day exploits on that appearing any time soon. |
|
|
|
1) I have checked "allow incoming connections" - would that still work via Tor and does it jeopardise my security to allow incoming connections?
AFAIK, Bitcoin Core cannot prevent other users from connecting to your Bitcoin Core using your real IP address and it will listen on both Tor and on your actual IP. I would indicate bind=127.0.0.1 to prevent others from connecting to my Bitcoin Core using the actual IP as it'll result in your privacy being degraded significantly. 2) in the bottom Right-hand corner, I seem to have "0" active connections the bitcoin network, but when I run it using VPN and NOT use the IP: 127.0.0.1 Port 9050 - I have 10 connections - Am I missing something?
Are you specifying onlynet=onion in your configuration? Try connecting to some peers on here[1]. [1] https://bitnodes.io/nodes/?q=Tor%20network |
|
|
|
|
Show Posts
