I vaguely recall reading somewhere (possibly in the old Ledger Nano S FAQ) that secure elements are classified as "tamper resistant" and designed to make attacking them costly in terms of time/effort/$$$ etc. Indeed... From the old Ledger FAQ (via the wayback machine): What is a secure chip?
A secure chip is a tamper resistant platform capable of securely hosting applications and data in accordance with the rules and security requirements set by pre-authorized applications and people. Secure chips are commonly used to secure credit cards or passports. Hacking a secure chip takes formidable efforts while information can be easily extracted from generic microcontrollers by amateurs.
And a more recent article by Ledger... What is a Secure Element?
A Secure Element is a secure chip that provides an extra layer of security compared to standard ones. It embeds intrinsic countermeasures against many known attacks. This kind of chip is tamper-resistant and protects your device to a range of different attacks.
And also published reports like this one talking about (semi) invasive attacks against secure chips: https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-630.htmlGiven physical access to a device and enough time and money and resources, I'd expect almost anything is "vulnerable". |
|
|
|
|
If you mean, "if the device itself was stolen", then assuming you have setup a good PIN (and possibly a passphrase), then the chances of them being able to steal the funds from the Nano S without prior knowledge of those two pieces of information is pretty much zero. (Outside of very well equipped forensics labs with very expensive equipment etc, the sort of stuff you can't just go and buy at your local electronics store)
If you enter an incorrect PIN 3 times in a row, the device will wipe itself, so you can't just attempt to bruteforce... the addition of a passphrase makes it even more unlikely they'll be able to access your wallet... as it could literally be anything.
In any case, as long as the theft was discovered in a relatively timely manner, you should be able to recover from your 24 word seed mnemonic into another wallet/device and move the funds before the thief would be able to access them anyway.
|
|
|
|
We don't need an app... just a mobile friendly version that a lot of other forums utilise. Personally, I use BCT on my phone quite a bit... sure it's a bit of a PITA, and can require a bit of scrolling and zooming in and out, but it's definitely doable. Quit ya bitching... and while you're at it, get off Joel_Jantsen's lawn!  |
|
|
|
Thanks for your answer! The application is called Bitcoin wallet (it is the first suggestion on Bitcoin.org). I was trying to have the same wallet on two different devices (not sure if it is a good idea). I have only a small amount but I would like to make a transaction with my phone if I get a chance.
This one? https://bitcoin.org/en/wallets/mobile/android/bitcoinwallet/While it is listed on bitcoin.org it isn't compatible with a Bitcoin Core wallet.dat file. It has it's own wallet format (it uses the BitcoinJ library if I'm not mistaken). In any case, what you're trying to achieve isn't readily possible when starting with a Bitcoin Core wallet. As far as I'm aware, there aren't any Android apps that support reading a Bitcoin Core wallet... and you can't get the seed out of Bitcoin Core, only the master private key. Then you'd need to find an Android wallet app that allowed you to import from an "xprv". Personally, I think you would be best off finding a wallet that is supported on both PC and Android (like Electrum) rather than attempting to clone a wallet from one app on one platform to a different app on a different platform. From time to time the transaction fee is high to transfer funds from one wallet to another. True, fees have spiked again... so I can understand your reluctance to want to move funds right now... but it is highly likely that they'll drop back down to 1 sat/byte in the not too distant future. If you have no immediate need to access the funds (and don't mind waiting for a few hours or a day or so) you could simply send the transaction with a 1 sat/byte fee and just wait until it gets confirmed. Or just wait until the fees drop and then move the funds. |
|
|
|
But he has the same amount of money and goods before and after my conversation with him.
True. He still has possession of exactly the same amount of money and the "same" goods. It basically didn't change anything except for the fact that i made this information public.
Untrue. The value of his goods decreased as a direct result of your deliberate actions. |
|
|
|
Yes... Bitcoin Core wallet.dat can only be used by Bitcoin Core. If you want to move to Android, you would have to create a new wallet on your Android App and then send all your BTC to that wallet. If you just want to be able to "see" your BTC balance etc, you could possibly import the xpub from Bitcoin Core on your Android device which would create a "watching only" wallet (you wouldn't be able to send BTC from the phone). Which app are you trying to use on Android? And what exactly are you attempting to achieve with it?  |
|
|
|
What operating system are you using?
From earlier this year: windows on computer
So, do as advised by the others... download and run the "Windows Installer" version (shown in the screenshot above) from: https://www.electrum.org/#download |
|
|
|
You mean funds will appear after synchronization?
Yes. Until the wallet is synchronised, all you will see is an empty wallet. You will be able to see the "first" receiving address generated by Mycelium (it will match the first address generated on the other device). You just won't see any transaction data. Like most "SPV" or "lite" wallets, Mycelium relies on retrieving transaction information from external servers. If you're not connected to the internet, then obviously your wallet cannot retrieve this information, so will have nothing to display. Once it is connected, it will be able to request transaction info from the Mycelium servers and then you will see the transactions relating to your wallet... and it will then be "synced". If you then go offline, you will see be able to see all the data already received, you just won't see any new transactions that occur until you go online again and sync again. |
|
|
|
SCAMIt's pretty obvious this is a total scam... all of these "bitcoin doubler" or "get X% in Y hours" types of "investments" are a scam. I especially like they way they say: Payout in 8 hours (Your Deposit + 10% profit) to the BTC address from which you have made the Deposit.
And yet... taking a random payout as listed on their wesbite:  So we search on this supposed "payout" address of 1FVYpoqSQne11ksdH4UAdTiFzCaazizUyQ... Huh... it only has ONE transaction??!? but how? Surely there should be at least TWO... one as the deposit FROM that address for 0.0587... one as the payout for 0.0645!  Unless of course it's a total scam and they're simply scraping transactions from recent blocks to try and look legit I also love how this "service" is paying out from "bc1", "P2SH-P2WPKH", "P2SH" AND "Legacy" addresses... considering that every single generated deposit address is a "Legacy" one... Mate, if you're going to try and post random TXIDs that you're found with output amounts to match your supposed "payouts"... at least try and make it convincing.
|
|
|
|
In blockchain.com wallet, when you click on the transaction and it shows all the details... you can click the "Transaction Confirmed ->" link on the right hand side (note, the link is the box with arrow):  Clicking that little blue square with the arrow will take to you something like this page: https://www.blockchain.com/btc/tx/1a700c1d3cd6a12d145513d1c2e6f2214a6631c22859de50256a2b21858d20f3 The long string of numbers/characters at the top is your TransactionID (it should also be shown in the Browsers URL address bar) |
|
|
|
However I do find it easier to send a whole balance from bitcoin core rather than electrum. (Bitcoin core does the sums for me ) Electrum has a "max" button, just click that... it'll send everything (subtracting the fee as set). Or are you talking about sending X amount and having the transaction fee added so the receiving party receives exactly X and not (X-fee)? Because, as far as I'm aware, Electrum does this by default. Or you mean a whole balance from a specific address? Because you can select specific UTXOs in Electrum and/or specific address(es) and select "Spend from" (then use MAX button) and it'll only allow you to spend the selected UTXOs... or the UTXOs related to the selected addresses. |
|
|
|
We do NOT say that IS your reason.
No, but you're happy to insinuate it. Nice way to try and take a parting potshot with your ever so virtuous "we're getting off topic, lets take this elsewhere, but first let me just sling some mud in your direction" approach to debating. The only thing proven in this thread regarding the movement of funds from the Bestmixer campaign address... was that the funds were moved. There is NO OBSERVABLE PROOF for the reason why these funds were moved. Everything regarding the motives as to why they were moved is currently speculation and circumstantial evidence. The only person who knows why the funds were moved is Hhampuz, and I haven't seem them post anything regarding this. If anyone has any actual proof of Hhampuz "embezzling" funds, I'd be happy to see it. |
|
|
|
This address will be used by user Csmiami for Bitcoin full node and LN stuff
384pXJVj7H49Sp9p9v5RnkbozM3ioVcgnL
IzKbfpVeVE/z6yK7ne/tq1L0wftAynWnFf0FyXaKlEYqOEJmnVhDtdsLkNxCFMUUwq/erl90eD9IdvbiyLuXlYY=
New wallet to stake Quoted... The tool to verify/sign on trezor.io website
and now Verified:  Just FYI, Trezor uses something of a proprietary method of signing messages using P2SH addresses. I'm not sure if any other wallet is able to replicate this. I believe the method is published, just there is no accepted "standard" as yet. Much like Electrum and "bc1" addresses. |
|
|
|
Where did you download Electrum from exactly? are you sure you downloaded from the correct website: https://www.electrum.org The only version I know of that doesn't have BIP39 option is the Android version. |
|
|
|
If those seeds did not come from Electrum, you will need to click the "options" button on the seed entry screen... and then tick the "BIP39 seed" option. Make sure you get a "BIP39 (Checksum: OK)" message:  If you don't see "OK" and instead you get "Checksum: failed" then it is NOT a BIP39 seed either and you probably won't see your wallet, even though Electrum will accept the invalid seed. |
|
|
|
I have another question though. I consolidated most of the transactions and left some on their own because I will need to use them for some other transactions in the near future. When I open my Electrum now I expected to see 0 balance next to the consolidated transactions and the whole balance move to the new address but it remains the same for every single line.
Are you looking at the "History" tab or the "Addresses" tab? After consolidation, only the values on the "addresses" tab will change. The "History" tab will pretty much remain unchanged (just with the new transaction shown)... you can't rewrite history after all!  If you goto the "Addresses" tab (may need to use "View -> Show addresses" menu item first), you will see which addresses contain which funds. You can also view individual UTXOs on the "Coins" tab. |
|
|
|
New wallet to stake
Unable to verify... what wallet/sig generator did you use to create that signature using a P2SH address? |
|
|
|
Really it does not matter who is a campaign manager.. so long as if people meet a certain posting standard and are not scammers they get to join the campaign first come first served and they get paid for their posts as per the transparent rules. ANYTHING else is rightly to be termed SHADY and should be rejected.
That's such a ridiculous concept. That's akin to saying an employer should simply accept the first applicant that comes through the door for a job if they met the minimum specs? Companies pick and choose employees all day every day using all sorts of arbitrary metrics. It isn't shady, that's their right and their freedom of choice. You can't force someone to hire somebody just because they happened to be the first one to put an application in... At the end of the day, campaign managers are free to have arbitrary rules for joining, that's their prerogative (assuming the employer is fine with it)... So, if you don't like their rules, complain to their employer... or become a campaign manager and run campaigns how you think they should be run. Continually lambasting managers to run campaigns in a manner you find acceptable is not going to change anything. Talk to the people who are actually paying for the campaigns. They are the ones who ultimately control the campaign managers. |
|
|
|
whe you will find something how you check it on correct ?
Exactly!...how the heck do we check?
It's fairly simple. You convert your 8 word/32 char, CamelCase English phrase with no special symbols into a private key/address (ie. brain wallet)... if you get the address: 179sxfh6rw6bHSo5wVUhLP96k46QaEzVP then you go it correct. If you don't get that address, then you're wrong. |
|
|
|
|
Show Posts
