It would be interesting to find out if it was possible... That being said: I don't know how safe it would be, since you'd probably be stuck with legacy code, or binaries that were really hard to build, this would make them very hard to keep up to date...

That being said: it seems like there is a legacy python version for palmos: https://legacy.python.org/download/other/
So you might be able to rewrite electrum.... I'm pretty sure you won't be able to get the gui running, but maybe the daemon?

Or maybe you could find a browser that supports javascript and run coinb.in... even tough I wouldn't use it to create private keys for cold storage.

Or maybe if you find a wallet that's written in c++, but even then it wouldn't be an easy task to compile it.

Bottom line: it would be a nice theoretical experiment, but I do not believe you'll be able to build and maintain a recent, easy to work with, safe, full featured gui wallet... Unless you wrote one by yourself, especially for palmos (they do have a compiler). So, unless you wrote a wallet from scratch, you wouldn't be able to use it as cold storage IMHO... But I'd be happy if you proved me wrong 😉

wasabi does not give free service. They charge 0.003% per anonimity set and keep any change that's smaller than 0.3% of the base denomination.... Exceptions do apply from case to case.

Last time i coinjoined with wasabi, i ended up with a 70+ anonimity set, so the fee was 70 * 0.003, so i ended up paying more than 0.2% in fees, since the base denomination is ~0.1 BTC, the fee was a little over 0.002 BTC (about $40 in FIAT at the current preev rate). If your change value is to small, you could end up paying 0.5% (0.2% in fees + 0.3% of the change that's kept by wasabi's owners). The fee is not exceptionally large, cheaper than a lot of other mixers, but not free

Chipmixer uses a pay-what-you-want fee structure, but in order to use it, you do have to read up about their chip sizes... So they could theoretically work for free, eventough i usually do tip them (if everybody would use them for free, they'd stop existing).

Other mixers usually charge between 0.5 and 1,5%... I'd recommand doing your homework before using one... I'd stay clear from the ones with a negative rep on bitcointalk (or the ones without any bitcointalk representation). I'd also stay clear from the ones using cloudflare or missing security headers, or forcing you to use javascript, or the ones without a presense on the darknet (an onion domain)...

The OP bought bitcoin not from paypal, but from a p2p market using paypal. This means he probably used a wallet to create an address witch was funded by the seller on the P2P market.

This also means a mixer or coinjoin is a sollution to his problem.

Sure, the seller will still know which address he/she funded, but he/she should not be able to trace the trail of unspent outputs post-mix/post-coinjoin. For all that he/she knows, the OP might have sold his BTC, or used it to purchase goods or services.

You download these blocks from multiple peers, AND all consensus rules still apply... This means that a sybil attack would be extremely costly, since the fake blocks should still follow all rules, so an attacker would basically have to mine an alternative VALID blockchain AND make sure your node only connects to his attack nodes.

As for this topic, the main point has already been made: trust...

If you want to be your own bank, and verify everything, you need to download and parse all blocks. If you don't want to verify everything: use an SPV client...

nah, i didn't... I phrased it wrong... I meant to say something more in the lines of :"It's been a while since I last posted in this topic, and because i didn't want any bias, i didn't re-read everything before i made my review".


Agreed, so far i see a lot of green lights for this one... It is indeed refreshing to see a mixer that doesn't fall for the obvious pitfalls so many others have fallen for lately. I still won't give up chipmixer and coinjoining using my wasabi wallet, but i'll defenately keep this one on the shortlist after the OP makes the changes to allow me to specify the amount i want to deposit instead of the amount i want to withdraw (he seems to be working on this feature), and i'll defenately use him to mix unspent outputs that are not ideal for chipmixer or coinjoin (unspent outputs with values that make them less suitable for their algo).

We're in the electrum subforum. So i think it's relatively safe to assume the OP used electrum to create a new seed, then used the options => extend seed checkbox to extend his seed, then encrypted his wallet with a password...

In this case, Rath_ is correct: he can restore his wallet by using electrum, restore from seed, options => extend.


btw: my screenshot, but a freshly, unused seed  

If the OP has the seed and the passphrase he used to extend said seed, he can restore his wallet with electrum (the password to encrypt the wallet is not needed).

So, to recap he needs one of these 2 combinations:

• the seed phrase + the words used to extend his seed
• the encrypted wallet + the password to encrypt the wallet

words to extend the seed =/= password to encrypt the wallet (eventough nothing is stopping you from re-using the word to extend the seed as a password to encrypt the wallet, but that would be bad opsec)

Well, not having to trust a thirth party and potentially increasing your privacy is not always the same as a more secure wallet. These terms are not equivalents i'm afraid.

This being said, if you install core in a proper airgapped setup, it's about as secure as humanly possible... If you want a secure wallet that's also easy to use, i'd probably point you towards a leder or a trezor hardware wallet, but these wallets are SPV wallets, so you'd have to sacrifice part of your privacy (altough, trezor just added a tor button in it's default software client, and both ledger and trezor can be used together with electrum which also supports tor) and you'd have to trust the nodes you connect to.

full disclosure: i'm payed the equivalent of ~$15 as an incentive to do a small writeup of [banned mixer]

preface: by sharing screenshots of the mixing process i went trough, i basically voided my mixing session. I also made other "bad" choices opsec-wise (like chosing a short interval and only creating 1 deposit and 1 withdrawal addy). The point is that i'm trying to review this mixer, not mix my unspent outputs . You're free to lookup these addresses on any block explorer and see if the mix was actually succesfull

preface 2: i'm also a big fan of using tor to initiate a mixing session, aswell as using a non-js mixer (this function is available in this mixer), however, i decided to use the clearnet, js-enabled version from my normal browser, since this is the way i suppose most normal non-tech users would use a mixer

preface 3: i did not read the other posts in this topic, so i wouldn't be prejudiced.

preface 4: i use wasabi to hold some pre-mixed change before i move my funds to my hw wallet... I'm not here to start a discussion about this... Wasabi is fine for holding smaller amounts, as is electrum... Desktop wallets are not ok for long term storage.

Here we go:
Walktrough
1) I created a new address where i liked to receive my mixed funds:


2) I opened anonymixer, pasted the address i created in the first step and chose the amount i wanted to receive post-mix


3) I was redirected to a page where i had a nice overview of the costs, and where i was able to adjust the timeout


4) I was redirected to a page where i saw 2 deposit addresses and a proposition on how to divide my funds over these 2 deposit addresses. I removed one of these addresses for the purpose of this walktrough, but it's better opsec not to do this. The page also allowed me to download the letter of guarantee both in txt as pdf format


5) I deposited the necessary funds


successfully


6) The unconfirmed tx was picked up really fast by anonymixer's gui


7) I waited for 1 confirmation, at this time my 4 minute timeout started counting down




After the 4 minute timeout, i received my mixed funds


Discussion/remarks:
1) I've already contacted anonymixer after completing this mixing session because i tought it would be better if they allowed me to specify how much funds i was going to deposit instead of having to specify how much funds i wanted to receive post-mix... I usually start with an unspent output i want to anonymise. Because of the random fee, it's impossible to calculate how much i have to enter as post-mix value in order to spend the complete value of the unspent output. Underestimation leads to tainted unspent outputs funding my change address, overestimation leads to having to use an extra unspent output.
Apparently the owner was already aware of this, and had already opened a ticket in his git repo about this issue aswell

2) I tought anti-csrf tokens were missing, but apparently they are not... my bad

3) I was missing some security headers, i have sent them to the OP. Nothing dramatic tough, just small tweaks... Not all headers are necessary, but it's wise to consider them on a case-by-case basis. I guess this mixer would be fine even without these headers, but i was in a mood to nitpick

4) The session cookie missed the secure flag

5) native segwit deposit addresses would have been nice...

6) the canary function is a nice touch, eventough 2 weeks time between 2 updates might be a tad bit on the long side... But at least we'll know in 2 weeks or less if the OP ever goes AFK for a longer period of time.

Conclusion:
From my point of view, the OP did his homework... I'm 99,9% sure my own site has a lot more vulnerability's and is missing a lot more security headers than OP's.
I'm glad to see a new mixer that doesn't include external js, doesn't use a CDN, doesn't created a MITM by using cloudflare,...

From a technical point of view, I can say that anonymixer looks really promising. There might be some bugs here or there, or some enhancements,... but nothing to serious, and AFAIK nothing that exposes this mixer's clients.

I waited a couple of days after being contacted by the OP, there is no way he knows I was starting my walktrough, and everything went exactly as i presumed it would go... So, i'm confident in saying the OP at very least has the infrastructure to do what he's claiming to be doing.
Offcourse, mixers need to stick around for a while to build some trust, trust is something i cannot review... But in this case, at least i'm hopefull... This is a mixer i would actually use myself from time to time. I think this one of complementary to chipmixer since these mixer's have a completely different mode of operations

PS: Since i voided my own mixing session, i'm also willing to share the letter of guarantee i got, so people are able to verify everything for themselfs: https://www.mocacinno.com/hotlinkimages/anonymixer/1e2289b0-a4c7-427d-87a0-84bf58983dac.txt
I went ahead, and verified the signature, it's valid... But you're free to try it for yourself

One part of it is helping the network by storing the ledger locally, and by letting others request blocks from you. You also parse all those blocks, relay transactions, locally enforce consensus rules, ... The bigger the network, the better (at least, theoretically).

The other part of it is: you no longer have to trust a thirth party. You now download the blocks from several other nodes. Since those blocks don't come from a single source, and the block headers also include the hash of the previous block AND all blocks have to follow the consensus rules, it'll be very hard to fool you. Since you have the full ledger on your local device, you dont' have to query other nodes to find the unspent outputs funding your addresses, it's better for your privacy...

When i replied yesterday, it was from my cellphone, so i couldn't really dig into this one...

If I was faced with such a problem, i'd probably do the following things (some steps were already done, but i listed them anyways for future reference):

1) check if bitcoind was in my path [already done]

If you see a reply like yours: /usr/local/bin/bitcoind it means bitcoind is in your path... This is the best case scenario.
If, however, you don't get a full path back, you have 2 sollutions:

• a) move the binaries to a dir that's in your path
• b) add the folder where your binaries are located to your path

a) you can find which directory's are in your path by executing "echo $PATH"
b) add the line export PATH=/[path were binaries are located]:$PATH to ~/.bashrc and execute "source ~/.bashrc" (or log out and back in again)

2) once you are sure bitcoind is in your path, make sure it's an executable binary
given your path, the commands should go a little bit like this:

The stdout on my node:
/usr/local/bin/bitcoind: ELF 64-bit LSB shared object, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=3a439a31a5157ff7052ed310050df5643a02ea3f, stripped

If you see something like ASCII or compressed data, or whatever that doesn't point to the file being an executable... It might be best to check if you indeed downloaded the correct binary and unpacked it properly

3) check your file's permissions

I'm not going to give a full lecture on permissions here... But the basics are pretty simple: you're interested in the lines containing the string bitcoind and bitcoin-cli
you want these lines to have the executable permission (the letter x should be shown 3 times at the start of the line)

For example, on my machine:
-rwxr-xr-x 1 root root 9.9M Nov 16 13:35 bitcoind

This line basically means: bitcoind is owned by user root, group root.
The owner (root) has read, write and execute permissions:
-rwxr-xr-x 1 root root 9.9M Nov 16 13:35 bitcoind

The group (root) has read and execute permissions:
-rwxr-xr-x 1 root root 9.9M Nov 16 13:35 bitcoind

Any other user has read and execute permissions:
-rwxr-xr-x 1 root root 9.9M Nov 16 13:35 bitcoind

Now, you can check who you are by executing

Then see your id and to which groups you belong by executing

Based on who you are, you can infer if the permissions allow you to execute the binary

If you don't have the necessary permissions, you can either look up how to set the correct permissions for your user, or you can do:
chmod +x bitcoind
chmod +x bitcoin-cli

4) last but not least, check if there are missing deps

If you find missing dependencies, you either have to move library's to a library path or install them using apt-get (in your case, since you're running ubuntu... on other distro's you might have to use a different tool, like zypper, yast, yum, rpm,...).
Usually, you can find the dirs in the library path in config files stored here:
/etc/ld.so.conf.d/

This line worries me:
cd ~/usr/local/bin/

There is a huge difference between
~/usr/local/bin/
And
/usr/local/bin/

The first one starts from your home, the other from root

The first one probably isn't in your path, the second one probably is...

Can you try:
which bitcoind

Well, neither of those options is ideal... A web wallet can be pulling an exit scam, it has many attack vectors, it might go bancrupt...
A mobile wallet is a little bit safer, but it's still not ideal.

Not your keys, not your coins... By using a web wallet you're giving up controll of your funds for some extra convenience.

You're free to do so, just don't come crying if you get robbed.

I got my transactions pruned from the mempool of most nodes a couple of times in 2017, and a couple of times during 2020.

I think there's some confusion as to what's actually happening.
When you create a new transaction, you use unspent outputs funding your address(es) as an input and your transaction creates new unspent outputs. This transaction is signed and broadcasted to a couple of nodes that are connected to your wallet.
These nodes store your transaction in their mempool and relay the transactions to the nodes they are connected to (unless your tx gets rejected), untill allmost all mempools of all online nodes contain your transaction.

A miner is also connected to a node, when he mines he selects the top 1Mb (not including witness data) of unconfirmed tx's out of the mempool of his/her node, creates a merkle tree and puts the merkle root in the header of the new block he/she is trying to solve. If a miner finds a nonce for which the sha256d hash of the header of his block is under the current target, he succesfully solved his block.
He proceeds by broadcasting his valid block.

Every node receiving said block parses it. During this process they remove the transactions within the valid block from their mempool and they put the new unspent outputs in their UTXO db.

Each node can set it's own rules as to the size of it's mempool, the maximum age of unconfirmed transactions in it's mempool, the minimum relay fee,... But the fact is that resources are never unlimited, so all nodes do have some kind of prune setting if it comes to unconfirmed tx's in their mempool... Either the default settings or custom ones.

So, once your transaction is broadcasted but not confirmed, it can take several weeks (or even months) untill allmost all nodes have dropped your unconfirmed tx from their mempool. But that shouldn't matter: as soon as your tx is pruned from most node's mempools, you should be able to re-use the unspent output(s) initially used as an input for the unconfirmed transaction.

By the way: For transaction moving funds between my own wallets, i never ever pay more than 2-5 sat/vbyte... If a transaction remains unconfirmed untill it gets pruned from most mempools: so be it... I'm not going to help in the fee bidding war by paying 50+ sat/vbyte for transactions that are not urgent at all...

100% in agreement with stompix...

I've never had this exact case happen to me, but i've once bought a pair of vr glasses that were incompatible with my setup (eventough the prereqs of the product did not exclude my setup). The company refused to take my glasses back pointing to their TOS which said that all sales were final.
I actually dug into the EU laws that said company's have to take back products that were sold online for a certain amount of time after purchase (except some very rare cases that were described within the law), even if the client refuses to give a reason why he wants to return said products.

I confronted them with the law, and actually made it pretty clear that their TOS mean jackshit if they contradict the law... In the end they had to take back the glasses and refund my money.

In your case, it's exactly the same... Compare it with a FIAT situation: you went to the supermarket and had to pay 10€ for your products. Somehow, 2 10€ bills stuck together in your wallet, and you accidentally hand over 2 10€ bills to the cashier at checkout.
You immediately see that you've handed over 2 bills instead of 1. Do you think the store has any legal rights to keep the extra bill? I don't think so... If they refuse to give you your 10€ back you'll go to the police. Even if they have a policy not to return bills after they were handed to the cashier, i'm still pretty sure you'd get your money back once a police van stops at the shop.

In your case, it's a bit harder, since the store you used is online... Maybe not in the same country as you... And you used a payment method you can't charge back... but still, they can't hide behind a TOS if they're breaking the law. Offcourse, in the end it might be a big hassle.. Maybe you don't want to hire a lawyer to take them to court... But you can harm their reputation by sharing your story, they broke the law and only got away with it because you didn't want to take them to court: the internet is going to love that story, it'll do wonders for their popularity 

If the previous owner doesn't help you, maybe you can ask the publisher of the script for help? As long as it's an official, licenced script, they should be able to make you an offer for some consultancy... That way, they might discover other things, like unpatched scripts or new versions or wrong configurations...

+1 for btcpayserver

I've setup wordpress + woocommerce (plugin) + BTCPay for WooCommerce (plugin) and connected it to a standalone btcpay installation. The store is owned by somebody i know from bitcointalk, and it already accepted payments this way

Works like a charm

Welkom op het forum

Ikzelf ben absoluut geen trader, maar voor technische vragen mag je me altijd een privébericht sturen... Zoals je misschien al gemerkt hebt is het Nederlandstalige subforum vrij doods omdat de meeste mensen uit België en Nederland het Engels redelijk goed beheersen, en dus meer rondhangen in het internationaal gedeelte van dit forum. Dit wil echter niet zeggen dat we er niet zijn om nieuwe leden een helpende hand toe te steken (waar nodig)

@Lucius

I'm going on a limb here, some back-of-an-enveloppe estimations using o_e_l_e_o's link (for a lack of better benchmarks).

source: https://github.com/3rdIteration/btcrecover/blob/master/docs/Usage_Examples/2020-05-02_Descrambling_a_12_word_seed/Example.md

It's a bip39 seed we're talking about here, so 250 minutes for 12! combinations
479.001.600 tries take 15000 seconds.

So, that's about 32.000 seeds/second.

Now, a 24 words seed has 24! possible combinations:
620.448.401.733.239.439.360.000 possible seeds / 32.000 seeds/sec = 614.821.554.863 years

HOWEVER, this is only true IF the OP has the first derived address AND the derivation path!!! This is one of the two things i did wrong earlyer estimations: if you have to check multiple derivation paths, and check multiple addresses per path if they were once funded it'll take a hell of a lot longer...
I'm still unsure wether if you do not have the first derived address AND the derivation path, wether it is a good idear to test 11! combinations and calculate the checksum, or test 12! combinations... Sure, you'll win some cpu cycles while iterating over combinations when testing out 12! combinations, but you'll lose a lot of time testing derivation paths, creating addresses, checking them vs your node,...

You can probably win a lot of time if you'd assume groups of 4 words to be correct, or if you'd only scramble within groups of 4 words... but then again, nobody knows what happened exactly... I'm just estimating the "worst case" scenario

What if I had an account in 2015 that was very active and made it to the legendary rank... But i lost intrest in bitcoin and stopped visiting bitcointalk in 2016. However, due to the recent bear market i regained intrest in the community, and logged back in today.

I would have the aidropped merits to start from, just like all other legendary members that remained active all the time. Eventough i would have earned 0 merits since the merit introduction since i was no longer an active member, would it be fair if my aidropped merits were reset?

Any inactive member should have exactly the same rules and regulations applied to them, just in case they decide to come back to the community. But that's just my personal opinion.

Things might be different when talking about accounts that have remained active but didn't succeed in earning a single merit since the introduction... Or maybe hacked accounts, or sold accounts,... but even then: who's going to decide who can keep their merits and who can't?

yeah... I made a mistake in assuming the re-use of an already used word. An 11 word seed (not including the checksum) has 11! potential combinations, not 11^11... Thanks for correcting me

I can't seem to find benchmarks for bruteforcing this tough... Generating 11! potential combinations should be fast enough, but generating the "checksum => xprv => private key => public key => address => lookup" sounds like it's using a lot of resources... Not including the fact that you should probably check multiple derivation paths AND derive more than 1 private key per path just to be sure.