Ten (newer) posts that deserve more merit

[DarkStar_]

Here's my list of ten (newer) posts that deserve more merit. Skip to the end of this post if you'd like, as it's pretty long.

[The following is based on recent discussions here, and is substantively cross-posted from the dev list so as to reach a wider audience.  I intend to follow up with an appropriately flavoured topic in the general user forum, and edit to add a link up here.]

I here record and expand an idea I had a few days ago on this forum about BIP 173 Bech32 addresses.  TL;DR abstract:

• The Bitcoin Bech32 address nickname:  “Bravo Charlie Addresses”.
• The Bitcoin Bech32 motto:  “Bravo Charlie One means money.”
• Bech32 would also be a superior human-facing format for key fingerprints for PGP, SSH, and even TLS.  There is an urgent general need for a specification which reduces the inherent pain of wetware in handling pseudorandom strings.

To help gain user familiarity with and acceptance of the error-correcting, case-insensitive Bitcoin addresses of the future, I propose a need for what I think marketers call “branding”.  The best branding is that which derives naturally from some intrinsic quality of a thing; wherefore I look to what may perhaps be a bit of serendipity in the specification.

I expect that in practical use, one of the great advantages of Bech32 addresses will be the relative ease of communicating them aloud—especially over the phone.  In similar circumstances, when trying to convey unusual names or pseudorandom strings, I’ve found radio alphabets to work well at their intended purpose.  And when reading Bech32 Bitcoin addresses in the most popular radio alphabet, they will always start with a catchy phrase:  “Bravo Charlie One”.

That’s memorable, $SEARCH-able, and yet also one of those unique, otherwise meaningless phrases which gets marketers excited.  Keeping to a word triplet, I hereby nominate for consideration as the official nickname for Bech32 Bitcoin use:  “Bravo Charlie Addresses”.  These are the Bitcoin addresses with the magic words, suitable for a motto:  “Bravo Charlie One means money.”  Add a logo à la Segwit’s, and raise user awareness of this exciting new technology!

Beyond the branding issue, recommendations for Bitcoin spelling-alphabet use in English and other languages may perhaps be a suitable matter for such standardization as would facilitate coherent user documentation.  I invite discussion.

Of course, this branding only applies directly to Bitcoin Bech32 addresses.  The BIP 173 authors were gracious to make the standard generally adaptable; and it has already seen some uptake amongst altcoins.  I myself am now contemplating how Bech32 would be a superior human-facing format for key fingerprints for PGP, SSH, and even TLS, with HRPs of “pgp”, “ssh”, “tls”, etc. and some appropriate means of embedding the key type just as “bc” embeds the witness version.  There is an urgent general need for a specification which reduces the inherent pain of wetware in handling pseudorandom strings; and I do think that anything which familiarizes users with Bech32 in a specific use will be beneficial to Bech32 adoption generally.

To celebrate, I created for myself a new Bravo Charlie Address which expresses that I am pleased:  Now, I have an error-correcting, case-insensitive address which can receive only genuine Bitcoin cash money.  Because “Bravo Charlie One means money.”

bc1q cash 96s5 jqpp zsp8 hy8s wkgg f7f6 agex 98an 7h
Bravo Charlie One Quebec • Charlie Alpha Sierra Hotel
Nine Six Sierra Five • Juliett Quebec Papa Papa
Zulu Sierra Papa Eight • Hotel Yankee Eight Sierra
Whiskey Kilo Golf Golf • Foxtrot Seven Foxtrot Six
Alpha Golf Echo X-ray • Nine Eight Alpha November • Seven Hotel

Here’s to the Bitcoin address format of the future!

You can buy Bitcoins with LocalBitcoins.

As a wallet, use Electrum with a Segwit address for lower fees. For now, I recommend to use a nested P2SH Segwit address instead of the bech32 format created by Electrum. So that's what you should do:

1. Go to iancoleman's BIP39 seed generator[1] (optional - download the source code and run offline for better security);
2. Select 12 words and generate a new seed;
3. SAVE THIS SEED AND DON'T LOSE IT! You can't see it again in Electrum and without the seed you can't restore your wallet in the future;
4. Download Electrum[2];
5. While creating the wallet, select: Standard Wallet -> I already have a seed -> Paste the seed from step 2.
6. Click Options -> check "BIP39 seed" -> Next.
7. In the Derivation part, paste m/49'/0'/0'/0 and click next.
8. Now you have an Segwit wallet with addresses starting with 3.

[1] https://iancoleman.io/bip39/
[2] https://electrum.org/

Don't you love having a bitcoin address that starts with a name, something pretty, or just something that suits you? You can find them yourself brute-force using vanitygen, or I can make one for you.
How about 1Pretty3icg1......?

Limitations

• All addresses start with 1 ^(one)
• Most characters are allowed, except for l ^{(lower case L)}, I ^{(upper case i)}, 0 ^(zero) and O ^{(upper case o)}. You can replace these characters by something else, 1HiDE would be possible, or 1HeLLo
• Finding an address is based on computing power, and luck. There are no guarantees
• Difficulty increases exponentially with prefix-length
• Addresses starting with upper case are (usually) much easier than lower case. 1Loyce takes the same amount of time to find as 1oyce
• A 1 ^(one) is extremely more difficult to find than any other character, so 111111 would take 50 times longer than 1Loyce
• 4 prefix characters are easy to find, 5 is okay too, but 6 (case insensitive) is the limit for this giveaway (and please don't ask for 111111, it is not possible)
• 7 prefix characters is too much for this giveaway, but I can make you an offer if you post your request.

Instructions
I can just create an address, and send you the private key. This means you have to trust me, my computer, my cat, both our email clients, and by definition it can no longer be used for cold storage. So let's not. Instead, use split key:
Step 1: Goto https://www.bitaddress.org/ move your mouse/type in the field until it shows 100% and wait a second.
Step 1.5: Optional but highly recommended. Download the page, verify the download and run it locally^*.
Step 2: Click Vanity Wallet click the Generate button next to Generate your "Step1 Key Pair"
Step 3: Reply to this thread with your public key and the prefix for your address. Save the private key somewhere safe. You will need it later when I generated your partial private key. Also, let me know if your preferred prefix is case sensitive, or any case is okay (the latter is much faster)
Step 4: Once you received your partial private key, go back to bitaddress.org and click on Vanity Wallet.
Step 5: Go to step 2 Calculate your vanity wallet. In the first field put the private key you saved and in the second field put the partial private key I gave you. Click Add and Calculate Vanity Wallet
Step 6: Copy the Vanity Private Key (WIF) and import it into your preferred wallet.
Credits to shorena for most of these instructions!
If something doesn't work as expected, have a look at this example.

Bonus
Tag this address on blockchain.info, so it shows up on blockchain.info with only the prefix instead of the full address. I have done this for 1foreverDArUNEX2gVD26vautcx3b8zTZ.

What wallet to use
You can use any wallet that can import a private key.
Possible:

• Bitcoin Core: Click Help > Debug Window > Console > Enter: "importprivkey"
• Electrum: Create a new wallet to import a private key
• Mycelium (Android mobile): Slide to ACCOUNTS > click "key+"-icon
• Paper Wallet: You can use bitcoinpaperwallet.com, print it directly from bitaddress.org > Wallet Details, or create some artwork yourself (take safety precautions printing offline^*)
• MultiBit Classic: Click tools > import private keys (from file) (thanks poptok1)
• MultiBit HD: Use this method from Timelord2067 (thanks poptok1)
• Blockchain.info: Go to Settings > Address > Import addresses (thanks faysher)

Not possible:

• Coinbase: This is an exchange, not a wallet. A wallet means you own the private key

Why
Why do I do this? I like it! I've been making vanity addresses for a while, I now have more than I can ever use, so why not give them away?
I hope this will be a nice long-running giveaway, but I feel the need for a disclaimer:

Disclaimer
I offer no guarantees whatsoever, I can deny any request that would take too much computing time, and I can stop or change this giveaway at any moment.

New thread
After 11 months, 13 pages and more than 9000 views I've closed Pretty Addy Giveaway and re-opened this self-moderated thread. Now I don't have to facilitate "I don't understand"-posts spamming the forum. Questions are welcome of course, but not from people who don't bother to read this.

Donations are welcome: 1foreverDArUNEX2gVD26vautcx3b8zTZ (Balance: )

^* Download and use offline. Use for example Ubuntu or Knoppix from a LIVE DVD without ethernet/Wi-Fi

For current members, your initial merit score is equal to the minimum required for your rank. Of that, a certain amount (less than the usual half) is spendable. The spendable amount was calculated based on your current rank and the number of activity points you earned in the last year. A Legendary member who hasn't posted in the last year would still be Legendary, but would not have any spendable merit.

I don't agree with this, this is just like giving the "old members" (including me) a head start. I'm not saying that earning merits is a race but giving us a head start also means giving us a free reputation out of nothing. That does not necessarily mean we need to rebuild our reputation from zero, I mean there are so many members that have earned a good reputation on this forum.
So I think the merit points for old members have to be given based on their reputation now and without affecting the rank.
Anyway, I think this is gonna be the end of account farming.

The new system is surely better than the previous one, even though it is over-rewarding "old members". I guess nobody who has joined Bitcointalk in the past six months will EVER manage to become Legendary Member, at least not in less than one or two decades. Fine, this could be a price to pay to avoid the forum getting even more trashy, I fully agree. But I think that the implementation of this new system could be done in a more fair way. The fact that initial merit score is equal to the minimum required for one's rank is not a big deal for Newbies or Juniors, but for higher ranked members, like Senior or Hero Members, it can create big inequalities. For example a freshly ranked Senior Member is now getting the same merit score as someone who has already been a Senior Member for almost half a year and is about to become a Hero. Even more dramatic would be the case of a Hero who has already the activity to be a Legendary but the random system did not grant him the rank yet. A more fair way to distribute the inital merit would be to calculate it proportionally to the actual activity. This would avoid that people like me (I don't want to make it personal but I'm the first example which comes to my mind) who is missing only 4 points of activity (and 5 days) to the rank of Hero Member, instead of getting, let's say 470-480 merits (instead of the 500 of people who already are Heroes), is getting only 250 merits like someone who has just ranked Senior Member 10 days ago, and instead of 5 days it may now suddenly take me years before I can become a Hero - how many very good posts has one to do before he gets 250 merits? If you receive one merit every 4 post you do (on average you are likely to get less IMO) it will take you 1000 more posts to rank up from Senior to Hero, and if you like me were only 4 points of activity from that target, and now suddenly you need another 1000 posts, to say that this is becoming extremely frustrating is a big understatement. On the other side, with a more proportional and balanced initial distribution of merits I think nobody would feel that the system is penalizing them more than it penalizes others - which means people would be more inclined to recognize its substantial fairness, or at least that every effort has been done to achieve the maximum possible fairness.

Fully agree with you! My rank of Sr.Member still young (2 months only) but for people who near of rank changes its a tragicly! Needs a corrections of initial merits!

totally agree with you , I'm waiting 4-5 month (next wednesday) rank up to Sr (just missing 2 Activity with old ranking system) , I think you waiting 8-9 month rank up to Hero member , same as you , system only give us Full member (100 merit) & Sr Member (250 merit) , don't care account activity is only (120 or 238) and (240 or 476) , merit reward is same , I think need to more fair to reward merit ...
Just example , Why don't wait for next activity date (old ranking system) , after that only start new ranking system

Because next week there will be someone in the exact same position as you, who is one activity week away from a new rank. You're right in that it is not a 'fair' way to do it because someone who is just one activity period ahead of you is now a long way ahead, but your suggestion isn't the solution.

His suggestion isn't the solution, but mine would. The problem is that if the initial merit score is equal to the minimum required for the rank you have, at least half of the people of this forum (those whose activity is closer to the upper range of their rank than to the lower one) will feel they have been treated in a way which is not fair. That's 50% of the members of Bitcointalk. And those who were only one week away from the next rank will feel particularly bad, especially if you are going for a higher rank (like from Senior to Hero) and in one moment you are losing 6 months of activity, since activity without the corresponding merit has no value any more. On the other side, if the initial merit score is more progressively and proportionatelly distributed, nobody would feel the system has treated HIM in an unjust way. Someone has said that now it's too late for changes because the system has already been implemented. This would be true if you had to take away merits from people. But in fact, what I'm suggesting is that people would get some additional merits to fit or anyway somehow reflect their activity count more than just their rank. What I'm saying is that more precision here would mean much more justice. My view is that as much justice as technically possible is badly needed in any big community which doesn't want to fall apart.

Hi all,

So as the title says, I am having difficulty squaring off percentage gain with pair/fiat-gain on altcoins.

On the one hand, I can see that 50% is 50% is 50%, no matter what way you spin the maths of it. And therefore every quid put in can give you back one and a half.

However, I favour a very aggressive trading strategy (possibly not a wonderful idea, but hey, my money ), and I'm being draw to the idea that it's much easier for a $0.01 coin to go to say $0.05, than it is for a higher market-cap asset like BTC to go from 10K to 50K.

I suspect that I am mentally falling prey to some kind of gambler's fallacy here, but there are so many examples....

Anyone got a good source/video/article etc that might be able to help me out?

In a nutshell, I have some Eth, I want to trade, but I am not sure whether to take a massive punt on the shitcoins, or go slower and steadier with the established ones. My instinct is to take the punt. But it's only that - instinct. I have a gambly streak

Advice appreciated.

Yes, but the interest in said coin is also going to be much lower.
You're right that it would indeed be way easier for the "shitcoin" to go up x5-x10, but that doesn't mean it is more likely to happen.

There's over 1800 coins, chances that all of the lower ranking coins would all go up is extremely small, ( or even a small % of them.) while investing in something like XLM/ETH/ZEC might be less profitable, but the risk associated with them is much, much lower.

Not to mention that the volumes of these low cap coins is often so small that you on your own would be able to "crash" the market. I believe that on average only ~2-3% of the market supply is actively being traded.

However, I favour a very aggressive trading strategy (possibly not a wonderful idea, but hey, my money ), and I'm being draw to the idea that it's much easier for a $0.01 coin to go to say $0.05, than it is for a higher market-cap asset like BTC to go from 10K to 50K.

Not if the supply is bigger. Tron is a prime example of this, while it is only 0.06$$, it has a marketcap of ~5billion dollars.

Yep I recently saw a slew of them on Facebook. I googled them to find the scam but couldn't. They are all claiming to offer phenomenal daily returns using the fast S9 Antminer. Most of them are obvious asking you for the password as in this case however the one that got my attention created the wallet for me on blockchain.info. But then I realized he will still access to the wallet since he created it. He is patiently waiting for to add funds to the wallet to get the process started.

Lol what an absurd way of scamming people.

First, There is no guarantee that he has an Antminer S9
Second, You can use whatever address in mining and there is no need for you to sync it as mentioned by carlfebz2 or any authorization to be done before you can use it.
Third, The rule of the thumb applies: If it's too good to be true, it probably is.
Fourth, I wouldn't ever trust my money with a stranger over the internet 

He's now saying he would need email verification to recover the wallet using the backup phrase. Is this true? Or email verification is not needed?

I haven't tried recovering my wallet using this tool: https://blockchain.info/wallet/#/recover but well the purpose of your seed is to recover your funds even if you lose everything and not to mention, you can import it on a different wallet without email verifications of course e.g. electrum

Is that guy asking for your email? Then he's probably nervous that you won't ever fund the wallet so he'll just ask for your email to reset every password of your valueable accounts. But vven if its just asking you to click and authorize something, it's still fishy so NO

Anyways, Don't ever fund the wallet and don't give any sensitive information. Lastly, Block him 

The bitsend airdrop is just an example, for saying all the profit will belong to LEGENDARY.
And no one say about benefit of the campaigns, we are discussing about the unfair system score.
Do you read all member posted here?
And I said once, and I ask you again, Are you sure after this system come out, spam post won't appear?
Talking is our right and why it must be scored?
We are talking our own idea, opinion, thought. So you mean if someone has their own idea but not really help for answering your topic, they don't have right to say?

If the benefits of the campaigns do not matter then why does the merit system bother you? Yeah that's right, because that's all you see in front your eyes. I know this concept might be hard to grasp but BCT was here way before bounty campaigns and this is not it's sole purpose. I know, bounties are nice, almost everybody has participated in one. In fact I am currently participating in one, and hey I'm a newbie. I still think this change was necessary.

If you think about it, new members who participate in bounty campaigns will actually benefit from this. Instead of sharing the rewards with hordes of spammers and people who have multiple accounts, they will be able to gain a larger portion of the rewards given they post meaningful posts.
Will all the spammers disappear? No probably not. Will people find ways to cheat the system? I guess so yes. Still, it makes the life of spammers way harder and will definitely remove alot of garbage from this forum. This system is not perfect, it has it's flaws like the one you mentioned. But if you look at the whole picture this change is for the best.

I hope as the time passes you will be able to see the good effects of this and change your mind. Even if not, take it easy, this is just a forum. And if your income has taken a big it, well, in crypto business you have to be prepared to take big hits. If you can't adapt, this is not the place for you.

The security of exposed Bitcoin public keys is just fine for general usage.  They cannot be hacked.  Answer to the thread’s subject line:  “A million billion trillion zillion years.”  But there is a different, unrelated reason to avoid address reuse:  Privacy.  Avoiding address reuse gives you a modicum of privacy.  That at least makes Chainalysis work for their pay.  Re-using addresses makes transaction linkage trivial, child’s play.

A public key is called a “public key”, because it is secure when exposed in public.  I publish my PGP public keys (and if I didn’t, PGP would be useless).  I am not worried about that.  Each and every time you connect to an https website secured by TLS, the server’s public key is exposed to you—and your symmetric session key is derived from a key-agreement process based on the hardness of the same DLP as is the fundamental basis of most widely-used public-key cryptography other than RSA.  I am not worried about that, either!  Likewise, I am not worried about the security of my Bitcoin public keys.


Those concerned about bad randomness causing leaked secret key bits need to read RFC 6979:

Deterministic Usage of the Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA)

Abstract

This document defines a deterministic digital signature generation procedure.  Such signatures are compatible with standard Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA) digital signatures and can be processed with unmodified verifiers, which need not be aware of the procedure described therein.  Deterministic signatures retain the cryptographic security features associated with digital signatures but can be more easily implemented in various environments, since they do not need access to a source of high-quality randomness.

Core’s secp256k1 library uses this deterministic, “derandomized” DSA.

I don’t know if Core v0.15.1 uses that library for signing, as of yet; and I am too lazy to grep sources at the moment.  I know that older versions used this library only for verification, where it beat OpenSSL 5–10x in performance.  Does somebody else know off-hand?

If your wallet does not use deterministic ECDSA signing, then—well, I suggest that you should switch software.  This should now be considered a baseline “best practice”.

Of course, if your platform’s RNG is broken, then you have other problems.  Big, bad problems.  But with RFC 6979 signing, leakage of ECDSA private key bits will not be one of them.

The advice against address-reuse is based on the general risk of future breaks against ECDSA, which cannot be ruled out.

Actually, I think the advice against address-reuse is based on the concept that it reduces both your own privacy AND the privacy of everyone that you engage in transactions with.

The slight protection against "future breaks against ECDSA" is an added side-benefit, but not the most compelling reason.

I argue that even mentioning public-key security in the context of address reuse is a terrible disservice to Bitcoin.  To anybody who do not understand the nuanced technical discussion, it FUDs Bitcoin security for no good reason.  In ordinary circumstances, there is one, and only one excellent reason to avoid address reuse:  Making transaction linking less easy.

I call myself “paranoid”; and there is only one use case in which I would be concerned about exposing the public key:  Long-term storage of funds for decades.  Yes, in that case, I want the extra security of reducing my attack surface to the Hash160.  That will guard against unforeseen cryptanalytic breakthroughs, hypothetical quantum computers, ECDSA-cracking unicorns, the arrival of superintelligent space aliens on Earth, etc.  So if I make a cold-storage address for my grandkids’ inheritance, I will keep the public key secret, and sleep 3.1337% more quietly at night.  I am just that paranoid.

N.b. that using a new address for every transaction does not by itself provide good privacy.  Blockchain analysis heuristics can link transactions with high reliability, even if addresses are not reused.  It is only the most basic privacy measure, as well as being the prerequisite for all better privacy measures.  For this reason alone, avoiding address reuse is very important.

To reduce fees, you may want to consider moving your bitcoins to a SegWit address.

This must be emphasized at every opportunity.  When you use a Segwit address, you are helping the network by using less of a globally shared resource for your transactions; in BIP 141 terms, your transactions have less “weight”.  Fees are calculated by weight.  Therefore, when you use a Segwit address, you get a huge discount on fees.

[pseudo-technical babble evidently designed to impress newbies and non-technical people—abysmally unimpressive to anybody who has technical expertise in Bitcoin]

[incomprehensible gibberish talk]

[blah blah blah]

The aptly-named “bitfools” appears to be trolling with voluminous spew of patent nonsense.  Newbies, don’t believe anything he says.  Just ignore.  It is all 100% incorrect.  Sheer idiocy.

I have released an initial version of the easyseed(1) utility for secure generation of BIP 39 mnemonic phrases, BIP 39 seeds, and BIP 32 master extended private keys (“xprv”).  As any worthwhile software, it comes replete with a manpage, q.v.  It generates mnemonic phrases in these languages and writing systems:

• Chinese (Simplified) (汉语)
• Chinese (Traditional) (漢語)
• English [default]
• French (Français)
• Italian (Italiano)
• Japanese (日本語)
• Korean (한국어)
• Spanish (Español)

My original motivation for writing this was that I needed a lightweight, reliable BIP 39 mnemonic phrase generator with easily auditable sources and minimal dependencies for use on a stripped-down airgap machine.  The source code is concise, easy to read, and lovingly commented; it can be readily understood by anybody with a basic knowledge of the C programming language.  Its only external dependencies are cc(1), make(1), and libcrypto.

Now that it’s written, easyseed(1) is also the first necessary component for my campaign to urge that users stop using saved webpages to generate their Bitcoin magic bits.  What kind of an airgap machine has a web browser installed, anyway?  But most importantly, as a rule of thumb, Javascript code cannot reliably acquire proper entropy for generating random numbers.  This is a persistent general problem, and specifically subject to extended fretting by the author[1] of the most popular BIP39 webpage.

easyseed(1) reads bits straight off /dev/urandom, or from user-provided keymat.  Gathering and processing of entropy is properly the kernel’s job.  My userland utility will let the kernel do its job.  Since it’s written in C, easyseed(1) can reliably obtain kernel-provided randomness on every Unix/Linux platform in about two lines of code (open(2), read(2), plus error checks)—rather than cooking up some tortuous “random” scheme which may or may not perhaps probably work sort-of.

This is a beta-quality initial release.  It is not yet feature-complete:  In particular, I have code partly written to add support for all languages which have wordlists in the Bitcoin BIP repository (currently Chinese (Simplified and Traditional), French, Italian, Japanese, Korean, and Spanish, in addition to the current English). — Done!  This is now approaching release candidate status, almost ready for Version 1.

Licensing includes a Bitcoin Consensus Clause, to prevent use by scamcoin pretenders.

I am here opening a Bitcoin Forum thread for discussion of this utility; over time, I will edit and update this post as appropriate.

1. Though that is not nearly in the same league as boneheaded absurdity from ignorant developers who confuse multiple distinct meanings of the word “entropy”.  pointbiz: “Perhaps more entropy can be gathered using techniques used on Panopticlick”.  #facepalm  cantonbecker: “I like this idea”.  pointbiz: “I used all the easy techniques from Panopticlick to gather entropy. [...] I added up the low and high entropy bits and my personal results are 34.3 to 42.8 bits of entropy.”  Oh dear heavens, are you using this to generate keymat for Bitcoin!?  Some people should be enjoined with a permanent restraining order forbidding that they ever approach within one hundred metres of crypto-related code.

I got it by signing it.

This makes no sense to me. I have no idea what you mean. I still do not understand where this "1" address came from. Only Ledger "legacy" wallets (or Ledger BitcoinCash wallets) produce "1" addresses. What exactly did you sign?

I was transferring my BTC to the signed address to claim my GBytes but never got it in my wallet. I can see it in blockchain that it has received to the signed address. I didn't use bitcoin cash as I marked remember this on my ledger wallet so it always takes me to SegWit....

Aha... now I think I'm beginning to understand... So, if I understand this correctly... you were attempting to participate in the Byteball airdrop but had discovered that the Transition Bot did not play nicely with PS2H addresses (ie. "3" addresses) as you needed to be able to "sign" a message with the address you wanted to link to Byteball, thus proving ownership of the Bitcoin address.

So, you got a "1" address (from your Ledger? ), then sent your BTC to it... then signed a message from this "1" address... and now you can't find your BTC?

If this is indeed the case, your BTC is in your Ledger Nano S "legacy" Bitcoin wallet... You can access this one of two ways:

Using "Ledger Wallet Bitcoin" Chrome App:

Check which "blockchain" value it displays, I'm guessing yours says "Bitcoin SegWit":



Click settings:



Then select "Blockchains":



Then select "Bitcoin":



Then select "Legacy":



It should now display that it is using "Bitcoin"... and your missing Bitcoin should be shown:




Using Electrum:

Create a new wallet using: "File -> New\Restore -> (call it "LedgerLegacy" or something like that) -> Standard Wallet -> Use a hardware device", connect your Ledger Nano S, unlock it with PIN and select the "Bitcoin" apps when prompted.

LEAVE THE DERIVATION PATH AS THE DEFAULT: m/44'/0'/0'

It should display your "Legacy" wallet with "1" addresses and your missing Bitcoin should be shown.

-