If Bitcoin encryption is ever broken, all other systems will also be broken together,
because all institutions use similar encrypton.
Bitcoin doesn't use any encryption at all. Bitcoin makes use of signatures. That's the crucial part which might be broken with QCs. Same applies to other institutions. The problem isn't just (asymmetric) encryption, but signatures and therefore besides confidentiality also integrity and authenticity. |
|
|
|
|
I think the option for both, as requested by jackg a year ago, would be the best solutions.
For my own personal scripts, the current format is ideal. But i see the reasoning behind ID's instead of usernames.
|
|
|
|
Just I am curious:
There is also a minimum Transaction size I think in Bitcoin Core. Yuu can not send 100 sat.
The size of a transaction is not determined by the amount of BTC you are transacting. It is determined by the amount of Inputs and Outputs of a transaction. For a legacy transaction, thats ~192 bytes. Segwit is at ~138 vbytes (assuming the minimum of 1 input and 1 output). Whether this is 100 sats or 10 BTC doesn't matter as long as its 1 input. You were not able to send 100 sats because the fee with 1 sat/B (smallest fee for your TX to be relayed) and more than 100 bytes in transaction size, results in a fee higher than the amount you are going to send. You would be generating a dust output. And therefore the electrum server did not accept that. |
|
|
|
minRelayFee is freely configurable by node operators, so there should be some nodes accepting < 1 sat/byte transactions. As far as I remember, the default value was supposed to be decreased in some Bitcoin Core update, but I am not sure if it's still relevant. I could only find this. While this is true, i doubt that a lot of people did change their settings to relay transactions with a fee lower than 1 sat/B. The majority of the network won't accept them, and it will probably never reach a miner (and even if it does, i doubt they would accept them given the fact that there are almost always transactions with at least 1 sat/B waiting to get confirmed). |
|
|
|
[...] langsfristig suche ich mir eine Hardware Wallet was alle 3 Formate (gleichzeitig?) kann.
Das "gleichzeitig" ist so ne Sache. Die Schlüssel werden über einen anderen Path abgeleitet. Ein Hardware Wallet kann (genauso wie electrum) alle drei Addresstypen ableiten und verwenden. Du wirst so aber niemals eine Transaktion mit verschiedenen Addresstypen durchführen können. Du wirst also immer nur von P2SH ( 3.. Adressen) oder von bech32 ( bc1.. Adressen) senden können. Da aber natürlich immer hin und her wechseln. Generell ist bech32 die bessere Wahl (niedrigsten Fees). Wird aber halt leider bei manchen (veralteten) Services noch nicht akzeptiert -> Deren Software sagt "oh.. fängt mit b an.. das kann keine BTC Adresse sein, weil die nur mit 1.. oder 3.. anfangen".. Ein einfaches Update würde helfen. |
|
|
|
3 verschiedene BTC standards gibt!!!  Es sind weniger Standards, als Adresstypen. Bech32 (Segwit, das neueste) sollte eigentlich schon überall akzeptiert werden. Wenn das irgendwo noch nicht der Fall ist, würde ich von deren Service die Finger lassen. Wenn die es nicht schaffen ihre Software zu updaten um auf "neue" (bereits älter als 2 Jahre) Adresstypen zu senden, wie halten die ihr System denn sonst bitte up-to-date bezüglich Sicherheit etc. Zu deinem jetzigen Problem.. Du kannst einfach ein neues Wallet in Electrum erstellen und dabei "Standardwallet" und "P2SH (Pay-to-script-hash)" auswählen. Da erhälst du eine Adresse, die mit 3.. anfängt. Dorthin kannst du dir deine BTC senden lassen. Daraufhin kannst du die coins von dort an dein "main wallet" weitersenden (wenn du es nicht eilig hast mit einer fee von 1 sat/B; das kostet dann nur 1-2 cent). |
|
|
|
do we pay anything other than miners' fee for a transaction?
No. if not, why isn't it possible to send a dust even by setting the miner fee to zero?
Because the minimum fee is 1 sat/B. Anything below that, won't get relayed by the nodes. Therefore such a transaction would never reach a miner and would never be included. If you are running a mining pool, you are of course free to include 0 sat/B transactions. They are valid. It is just that they won't get relayed by nodes. A dust output is an output which costs more in fees to be transferred. You would lose money transferring it. |
|
|
|
Are you so track minded you can't see this is a script/code?
Ok, it is script/code which helps scammers to steal money  It seems you are missing the point: [...] in itself isn't a hyip script, even if it was, I would be just selling code.
Even if it was.. he would be just selling code ! Holy shit, marlboroza.. don't you understand this! He would be just selling code! What are you going to do next ? File a report against someone who sells weapons to terrorists ? I mean come on.. these are no weapons, even if they were, he would just be selling some formed metal ! In case some people missed it.. that was sarcasm. @OP Do you really think "just selling code" is an excuse ? I mean come on.. install my malware. In the end its not illegal, right? You would be just executing my code Or what about selling stolen product keys ? I mean.. they are just bits and bytes, right ? Everything fine here ? The way you are arguing is absurd. |
|
|
|
From one rating to seven, now a flag, and what do you do? Keep on the same path that is not getting you anywhere!!!!!
He is at 9 neg ratings already. If he continues his dishonest behavior, he will reach the double digits soon.
https://bitcointalk.org/index.php?topic=5157698.0Here you can see I've been accused of running a hyip service where I sell a LISTING MONITOR script code, which can be used to list several ad networks. It's quite obvious his friends are trying to manufacturer history through lies on bitcointalk. I see this: This seems accurate to me. Thanks for pointing out. I supported the flag.  Shut up and take my -1 |
|
|
|
Using some kind of transaction booster helps,
Your only way is either: 1. transaction was RBF so you can put higher fee to it confirm faster 2. use transaction booster, some miners make tools like that available, but getting it free is hell you would need to pay a bit 3. wait no other way here  Actually, there is another way called CPFP (child pays for parent). The idea behind is, that you are going to use an unconfirmed output in a new transaction with a fee high enough for both transactions. Most miner will then simply include both of your transactions (because the average sat/B of your two transactions is worth it). This can either be done by the receiver or by yourself if you didn't spend the output completely (i.e. there is a change output you can use). |
|
|
|
The idea behind malware like this is that its much more difficult to detect, both by observation and by antivirus software
Trust me, it is relatively easy to create a reverse shell without triggering any AV software's static or behavior analysis. Sure, editing one file is easier to implement, but you'd need to set up multiple phishing sites (e.g. online banking, multiple exchanges, etc.. ). When considering the cost vs efficiency, you gain much more from simply setting up a reverse shell and extracting login details saved in a browser + recording keystrokes. With this, you gain access to every website the victim is registered with. I am just saying, if a malicious party was able to compromise your system, you shouldn't worry about phishing attempts anymore. |
|
|
|
You can also buy Bitcoin on changenow.io with a credit card and without going through KYC.
No. Don't use those shitty swap services (changenow, changelly, shapeshift, etc.. ). If you don't want to risk getting scammed, just don't. @OP You won't find much possibilities to buy crypto with a credit card without KYC. That's prone to be abused. If you want to use a CC, you need to do KYC. |
|
|
|
Correct me if i am wrong.. but with posting here, he evaded a ban and therefore should be perma banned ? 25. Ban evasion (using or creating accounts while one of your accounts is banned) is not allowed.[e]
[...]
25. If you get banned (temporarily or permanently) and create a new account to continue posting / sending PMs, it's considered ban evasion. The only exception is creating a thread in Meta about your ban.
He did not create this thread about his ban. This thread is not discussing to lift his ban. Therefore he simply continued posting. A perma ban seems to be the most logical consequence ? He started a ban appeal thread (which is fine) and continued posting by participating in this one. [his archived post history here]. |
|
|
|
The Attack Vector
As for how this can be exploited, do remember that the IP address doesn't have to be localhost, the attack vector in this is that a malicious attacker can map a different site (lets say, binance.com) and redirect it to their own server's IP, which would contain a phishing page that imitates Binance.
[...]
Why make things simple when you can make them complicated.. If your device already is compromised, there is no reason to additionally set up a phishing site. You could just steal all credentials when they are being typed in. I wouldn't afraid of this kind of phishing. If he already compromised your system, he already has access to all of the data stored on your PC and to everything you type in (i.e. login information / 2FA codes). If your device is already compromised, you already lost. Caring about phishing in that case is the last thing you should do.. |
|
|
|
|
Bitcoin is not (and never was) anonymous.
With an anonymous currency, it has to be impossible to identify a single participant.
This means the data can not be linked to an identity.
This is not the case with bitcoin. Bitcoin is pseudonymous.
You can easily identify single participants by their addresses / public keys. And once you have one connection between a pseudonym and the real identity, everything is exposed. That's not anonymity.
|
|
|
|
If you use wallets like electrum, they set a fee to a much higher value as observed in the last few days if you want it to be confirmed in the next block.
Actually, you can adjust it in electrum. 'Tools' -> 'Preferences' There, you can set the estimation to based on the mempool  This will result in the fee being calculated based on how many MB's from the tip you want it to be. Currently, 54 sat/B would be 0.5 MB from the tip of the mempool. Such a transaction is very likely to be included in the next block, while not being highly overpaid. |
|
|
|
|
Changelly has been known to systematically scam people by demanding KYC.
The fact that they lie about their location also doesn't really strengthen the trust one should have in them.
For the future.. don't use those instant exchange services. They have bad rates and scam people.
|
|
|
|
With this specific representation: If your transaction fee is right below the white mark and a block is found right after they received your transaction, it is very likely that it will be included. However, if you broadcast your transactions with a fee just below the white line, and the next block is found in a minute or later, the chances are high that there will be more transactions broadcasted with a higher fee than yours. This will lead to your transaction not being included. Now if I set a fee that is just outside the dashed white line does that mean my transaction will get priority and put on the next block? or can it be pushed all the way to the end of the mempool cue if it was a very low fee?
This fully depends on: - how many transactions will be broadcasted until the next block is found
- how high their fee is
If the next block is found within a second, your transaction most likely will be included. If there will be more than 1 MB of transactions with a higher fee, your transaction will not be included. What wallet are you using ? |
|
|
|
I can confirm. The software is highly likely malicious: Persistence
Modifies System Certificates Settings
Spawns a lot of processes
Writes data to a remote process
Fingerprint
Queries kernel debugger information
Reads the active computer name
Reads the cryptographic machine GUID
Evasive
Found a reference to a WMI query string known to be used for VM detection
Marks file for deletion
Possibly tries to implement anti-virtualization techniques
Spreading
Opens the MountPointManager (often used to detect additional infection locations)
Tries to access unusual system drive letters
Interestingly, it modifies the trusted certificates: Modifies Software Policy Settings
details
"ServoWallet-2.13.1.exe" (Access type: "CREATE"; Path: "HKCU\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICATES\CA")
"ServoWallet-2.13.1.exe" (Access type: "CREATE"; Path: "HKCU\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICATES\CA\CERTIFICATES")
"ServoWallet-2.13.1.exe" (Access type: "CREATE"; Path: "HKCU\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICATES\CA\CRLS")
"ServoWallet-2.13.1.exe" (Access type: "CREATE"; Path: "HKCU\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICATES\CA\CTLS")
"ServoWallet-2.13.1.exe" (Access type: "CREATE"; Path: "HKLM\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICATES\CA\CERTIFICATES")
"ServoWallet-2.13.1.exe" (Access type: "CREATE"; Path: "HKLM\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICATES\CA\CRLS")
"ServoWallet-2.13.1.exe" (Access type: "CREATE"; Path: "HKLM\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICATES\CA\CTLS")
Solution
It has only one solution, install the Antivirus software which can catch this virus.
No. This is not a solution. If this malware would have been coded more carefully, no engine would have detected it. The only solution is to use your common sense and to be careful. Don't download random stuff from the internet. Don't download closed-source wallets with no reputation at all. This is the solution. |
|
|
|
That's what this forum is for asking questions, right?
I have never studied this topic and would like to get help from experienced users as much as possible.
And that's absolutely fine. But keep in mind, you have asked whether it is possible to calculate the private key out of a public key. And you got your answer that this is not possible and that this would make bitcoin worthless. ECDSA is used in different fields, not just cryptocurrencies / bitcoin. If you are asking for professional help, chances are high that scammer will contact you claiming they can help you (while this simply is not possible) just to get a few bucks from you. Or otherwise they claim they can help you and send you a "tool", which itself is malware (and no, anti-virus software does not detect properly written malware). So.. no, you can not recover the private key from a public key. And anyone who claims there is a way is either delusional or a scammer. |
|
|
|
|
Show Posts
