[coinb.in] Open Source, Multi Signature, HD Wallet, SegWit/Bech32 and more!

[TryNinja]

Can I use coinb.in for bitcoin cash transaction?
I know this works with bitcoin.. but bitcoin cash has structure similar bitcoin.

I'm not sure if you can. But this one should work: http://www.motelmaya.com/BCH/BCH.html

I used this version to spend some BCH I had in a time-locked address and it did the trick.

I have set up clone that works with Bitcoin Cash P2SH at http://www.motelmaya.com/BCC/BCC.html

I have used it to redeem several small Bitcoin Cash HODL txs:

https://blockchair.com/bitcoin-cash/transaction/8410ec11c603a02748b0257273b48e7005cc6cb20b8b7efa742d0606f711244c
https://blockchair.com/bitcoin-cash/transaction/4563ecec650d1779f0181fa9dc5cbb721dff11727f1886ba6adf3155a33c8c5d
https://blockchair.com/bitcoin-cash/transaction/29c80487fbc886ff4678743da5994c5b4f829cba1538dd583e23af62b21edf31


I moved some code around to try and make stuff more user friendly.

[alevlaslo]

Hi, can the service determine the user's private key by sign, have you checked the public code?

Please add ZEC, this coin does not have a good wallet so far

[Thirdspace]

Hi, can the service determine the user's private key by sign, have you checked the public code?

afaik there's no malicious code. the site has been around for quite some time  
you can download and run it offline, you just need to be online to retrieve inputs and broadcast signed rawtx
in between that time, you can compose and sign the transaction while offline
if you really want extra safety, do the signing on detached offline computer and use USB as an intermediary

[alevlaslo]

I know this, from viruses and the Creator of the operating system user's private key is protected by 100%, but I am interested in the question: can the Creator of the service to determine the user's private key by signature, which introduces by user? The private key cannot be determined from the public address, but is it possible to determine it from the signature?

[alevlaslo]

so, no one checked the open source code for this   Do I need to buy a hardware wallet or is it enough?

[OmegaStarScream]

so, no one checked the open source code for this   Do I need to buy a hardware wallet or is it enough?

The project has been forked multiple times and people are contributing by reporting issues etc. It should be safe to use. I don't know what you're trying to achieve but a hardware wallet is a must-have for everyone at this point.

[hroub]

Hi,

After going through all the process I wrote about here: https://www.reddit.com/r/Bitcoin/comments/8i1ev8/help_please_i_have_btc_stuck_in_dark_wallet_080/

I just got 0.048049 BTC lost/stolen because I entered my private keys online trying to sign transactions to spend 0.1999 BTC I had stuck in a 3-of-3 multi-sig address. I managed to receive only

0.131 and 0.008 from https://blockchain.info/tx/bcbd90c0a4d198206865b8cccb227d6166d9b78b3c45d4ee66f8d83c6b69422f

and then from the 0.06 (that wasn't created by me), I received 0.011951 from https://blockchain.info/tx/fea862bdc6e827a0b25ad2d53a64cc3b5d408e27011a01adfbef165b643e8219

The remaining 0.0480377 BTC was sent to https://blockchain.info/address/1KT7sG84birTF2YvW5yP7G4NPeMs7Fcdbh and is lost/stolen

Also, they stole ALL of my 0.1999 BCH that was in https://blockdozer.com/address/33RZTwkqqixKySFim1oSXVcFFBAPUiBwLG

I am trying to find out how this happened since I never shared my private keys with anyone other than Coinb.in

Could this have been some coding issue and maybe coinb.in can send my coins back to me?

I sent an elaborate email to Support with all the steps I did including my signed transactions and some error message "18: txn-mempool-conflict" that I got while broadcasting the 3 signed transactions.

Hopefully, they can provide a solution, otherwise, I would strongly recommend that everyone stays away from this site or use only a downloaded offline version if they need to sign transactions with their private keys.

I am using a MacBook Pro and have no malware or viruses that I know of.

Now I am trying to figure out if I can save any of the rest forked coins (since November 2015) before the perpetrator does the same with them.

[Thirdspace]

I just got 0.048049 BTC lost/stolen because I entered my private keys online trying to sign transactions to spend 0.1999 BTC I had stuck in a 3-of-3 multi-sig address. I managed to receive only

0.131 and 0.008 from https://blockchain.info/tx/bcbd90c0a4d198206865b8cccb227d6166d9b78b3c45d4ee66f8d83c6b69422f

and then from the 0.06 (that wasn't created by me), I received 0.011951 from https://blockchain.info/tx/fea862bdc6e827a0b25ad2d53a64cc3b5d408e27011a01adfbef165b643e8219

The remaining 0.0480377 BTC was sent to https://blockchain.info/address/1KT7sG84birTF2YvW5yP7G4NPeMs7Fcdbh and is lost/stolen

Also, they stole ALL of my 0.1999 BCH that was in https://blockdozer.com/address/33RZTwkqqixKySFim1oSXVcFFBAPUiBwLG

2 out of 3 outputs are yours: 3Lzs3s6p (0.131 BTC) and 1MoTG1qn (0.008 BTC)
but the 3rd isn't? however you've received 0.011951 BTC back to your address 3Lzs3s6p
so the thief sent you back 0.011951 BTC and only stole 0.0480377 BTC
this just doesn't make sense, and why wouldn't he just steal all of them at the first chance he got?

how exactly you created the multisig address in the first place? in 2015
why 3-of-3 multi-sig? do you hold all the private keys?
and how did you compose/sign the transaction before broadcasting it?

edit: just noticed... both BTC and BCH transactions used the same tx fee of 0.0009

[hroub]

I just got 0.048049 BTC lost/stolen because I entered my private keys online trying to sign transactions to spend 0.1999 BTC I had stuck in a 3-of-3 multi-sig address. I managed to receive only

0.131 and 0.008 from https://blockchain.info/tx/bcbd90c0a4d198206865b8cccb227d6166d9b78b3c45d4ee66f8d83c6b69422f

and then from the 0.06 (that wasn't created by me), I received 0.011951 from https://blockchain.info/tx/fea862bdc6e827a0b25ad2d53a64cc3b5d408e27011a01adfbef165b643e8219

The remaining 0.0480377 BTC was sent to https://blockchain.info/address/1KT7sG84birTF2YvW5yP7G4NPeMs7Fcdbh and is lost/stolen

Also, they stole ALL of my 0.1999 BCH that was in https://blockdozer.com/address/33RZTwkqqixKySFim1oSXVcFFBAPUiBwLG

2 out of 3 outputs are yours: 3Lzs3s6p (0.131 BTC) and 1MoTG1qn (0.008 BTC)
but the 3rd isn't? however you've received 0.011951 BTC back to your address 3Lzs3s6p
so the thief sent you back 0.011951 BTC and only stole 0.0480377 BTC
this just doesn't make sense, and why wouldn't he just steal all of them at the first chance he got?

I've been thinking about that and I have a few theories, but it doesn't change the fact that although 0.0480377 BTC was stolen, all the BCH was stolen!
One reason could be that the perpetrator was coinb.in site itself and did that so it can ask the same question you did as self-defense and keep me occupied (trying to figure out what happened) while they steal all the BCH and other forks.

how exactly you created the multisig address in the first place? in 2015

Using Dark Wallet stealth addresses. The three participants (not stealth) can be seen under RELATIONS tab in https://oxt.me/address/33RZTwkqqixKySFim1oSXVcFFBAPUiBwLG
BTW feel free to check out https://www.reddit.com/r/Bitcoin/comments/8i1ev8/help_please_i_have_btc_stuck_in_dark_wallet_080/ Your questions are answered here as well as more info.

why 3-of-3 multi-sig? do you hold all the private keys?

I was a newb back then (still not a pro currently) and was experimenting with Dark Wallet and multi-sig. Of course I have the 3 private keys and that's why I was able to sign and broadcast the transaction with all 3 private keys.

and how did you compose/sign the transaction before broadcasting it?
1) Samurai Wallet dev gave me a redeem script for my multi-sig wallet.
2) I went to https://coinb.in/#newTransaction
3) Entered the redeem script and clicked on Load
4) I entered my outputs and amounts as seen in this screenshot: (screenshot was taken during the process, as I was preparing a guide to help others trying to do the same as me in the future)

5) I recorded the encoded transaction from above and went to the Sign tab (https://coinb.in/#sign)
6) I signed my transaction with all three private keys, one-by-one
7) then I broadcasted the 3 signed transactions
8 ) 0.06 BTC went to the unauthorized output causing 0.0480377 BTC to go "poof" as well as the full 0.1999 BCH amount

edit: just noticed... both BTC and BCH transactions used the same tx fee of 0.0009

As seen in the above screenshot, the tx fee that I assigned was 0.00001 BTC which was supposed to be 4 sats/byte and more than enough at the time. 1 sat/byte would have worked too...
Thank you for your input.

EDIT May 23rd, 2018:

After some further research, I discovered that someone else other than coinb.in may have had access to a private key.
I will update here once I compile some proof and reveal the identity of the scam artist. Sorry if my original post implied that coinb.in was the perp as it doesn't seem very likely anymore. 

[OutCast3k]

-- snip --

After some further research, I discovered that someone else other than coinb.in may have had access to a private key.
I will update here once I compile some proof and reveal the identity of the scam artist. Sorry if my original post implied that coinb.in was the perp as it doesn't seem very likely anymore.  

That's unfortunate that someone else has access to your private keys.

But to confirm, coinb.in has not been compromised and that the source code found on the site and github does not leak your private keys. Aside from its thousands of regular users who i'm sure we'd hear from if there was an issue there are also honeypots in place and scripts regularly checking the files being served (https://github.com/OutCast3k/File-Integrity-Checker) which you can also setup.

[OutCast3k]

[Spam][Spam][Spam][Spam]

@JonnyScience Please don't post your shitty ads here again.

Post deleted.

Idiot.

[RocketSingh]

• Supports altcoins such as litecoin, but not bcash!

Where is the litecoin support? Cant find any Litecoin option under Network!

[OmegaStarScream]

Where is the litecoin support? Cant find any Litecoin option under Network!

It's possible to set custom values for key poair generation and for the unspent output, It's available.

[RocketSingh]

Where is the litecoin support? Cant find any Litecoin option under Network!

It's possible to set custom values for key poair generation and for the unspent output, It's available.

How? Any specific guide?

[bitcoin-litcoin]

I download coinb.in wallet from Github and host it in my site.
 
How i can connect it to my own node - in which file i must change settings?

[Justin_Fang]

Need help. I encountered error when I tried to sign a transaction which including a non-standard output(not address but customized text without any amount).
Don't know what's the problem exactly.
https://ibb.co/ct1u4f
https://ibb.co/fs6GH0
https://ibb.co/gHNTVL

[karthickmedia20]

Hi Coinb Team!

Good to see a new platform building up for free of cost for the customers who can experience some unique features which you provide for them!

We have a special team who works exclusively on Wallet Development and helping people to implement their own digital wallet for cryptocurrency management, i would like to invite you for our page Zab Technologies and take a look at what we have done for our previous prospects for wallet development.

[RocketSingh]

As coinb.in is a JS based application, I'd like to know if it is affected by the NPM Package Vulnerability, found on CoPay?

Details: https://blog.bitpay.com/npm-package-vulnerability-copay/

[DutchDemon]

Is this project still maintained by OP?

[OmegaStarScream]

Is this project still maintained by OP?

The last commit on the GitHub repository was on 26th of August and he's still active in the forums so I don't think It's abandoned.