6 Best Bitcoin Desktop Wallets 2020 (Mac, Windows, Linux)
Best Bitcoin Wallets for Computer / Laptop / Mobile / Web
8 Best Desktop Bitcoin Wallets Available for Download ...
Transferring wallet.dat from Bitcoin-Qt to another client ...
Bitcoin - The Currency of the Internet
A community dedicated to Bitcoin, the currency of the Internet. Bitcoin is a distributed, worldwide, decentralized digital money. Bitcoins are issued and managed without any central authority whatsoever: there is no government, company, or bank in charge of Bitcoin. You might be interested in Bitcoin if you like cryptography, distributed peer-to-peer systems, or economics. A large percentage of Bitcoin enthusiasts are libertarians, though people of all political philosophies are welcome.
Hey! You can be playing with real money and winning 10 seconds after you read this. Just send any amount to the bitcoin address above, take a deep breath and you are good to play. You don't have to register. It's necessary only if you want to leave money loaded and play from different devices (yes we support tablets and phones), if you want to have your winnings withdrawn to a custom address or if you want to make money with our affiliate program. It's fast, fun and easy! :-)
If I send bitcoin from one wallet to another wallet on the same computer is that good enough opsec
I have one wallet with a shit ton of bitcoin that is tied to my name. If I were to send that bitcoin to another wallet on the same tails computer would le be able to prove I own both wallets by the ip address or would tails obfuscate that information for me?
You'd have to have at least one participant who has access to the paywalled content, but ideally many more than that who can all participate in tossing the content back over the paywall.
You would need to have an immutable and accessible place to put the paywalled content so that other people could point their browsers to that location and see the same content that they would if they were looking at the source.
As noted, you'd want to eliminate as much legal risk as possible. That goes for both the content "suppliers" and the content "consumers" (or, Robinhood and those he gives to).
I am not sure exactly what would happen if I just started copying and pasting paywalled content on, say, Reddit, but I am pretty sure it would catch up with me eventually because I am explicitly re-publishing. This solution would need to be so foolproof that it would put those who would otherwise enforce against it in an untenable position. So, bear with me, here's what I want to know: how flawed, immoral, antisocial, and generally lacking is the following idea? My suspicion is that it is a pretty bad idea and is also pretty naive, but it's still been fun to think about and maybe some of you would like to discuss it. I am interested in any implications that come to mind. ~ The idea: If you want to participate in this scheme, you install a browser extension. If you have access to any paywalled content, then every time you visit a page and view that content, the browser extension grabs the text and compresses it to its smallest possible representation. Next, the browser extension make the smallest possible arbitrary transaction on the blockchain (looks to be about $0.06 currently), and stores as much of the article as it can fit in the OP_RETURN field, which is basically just a blank field for arbitrary text and currently has a size limit of 256 bytes (Note: There are tons of similar ways to accomplish the same thing, any many better blockchains for this use case. I just don't really keep up with the smaller blockchains and think that we can use the Bitcoin blockchain as a simple way to demonstrate the idea). It may take a few transactions to store an entire article, but once it's part of the blockchain, it's there forever, and anyone who would want to subsequently view that article would only need to have access to the indices of the transactions and software that can de-compress the OP_RETURN values and reconstruct the article. I imagine this would also happen in the browser extension. In this way, it's a lot like private torrent trackers. Everybody shares what they have access to, and the pieces of data that comprise the underlying media fly around the network freely. The software client is responsible for piecing them together and making the data cohesive for a given end user. Today, a torrent client is completely legal, but having pirated media on your computer is not. Also, I'm pretty sure that opening your media collection to peers is also illegal, but I'm not actually sure. Using the blockchain as the storage mechanism changes the calculus a little bit. You're not storing any pirated data on your machine, rather, you are stashing bits and pieces of it in a decentralized ledger, which nobody owns, meaning that nobody is really accountable for it. It's also impossible to take down. The question of legality here is something like "are you allowed to include copyrighted works in transaction text on the blockchain?". And if not, how many chunks would the article need to be broken apart into to make it no long "The Article", but rather just pieces of arbitrary data which, if put together in the right order, would happen to reproduce "The Article"? Someone who is more knowledgable than I am would need to chime in here. ~ I wanted to get a sense of if this is even practical so I grabbed the text from a NYT article called "Opinion | No, the Democrats Haven’t Gone Over the Edge" by David Brooks. After running the text through 1000 rounds of compression I got it down to 2702 bytes. The current OP_RETURN size limit for a BTC transaction is 256 bytes, so you would need to make around 10 transactions to store this single article. And each transaction has a fee that goes to miners, which appears to be around 128 satoshis/byte according to https://privacypros.io/tools/bitcoin-fee-estimato The BTC sent in a given transaction is recoverable, because it could be sent to a wallet that is owned by the sender, but the fees are unavoidable. Given the current rate, storing a NYT Opinion article on the Bitcoin blockchain, forever, would cost about 2707 * 128 Satoshis, or roughly $37. So my immediate thought is wow that's expensive. I also know that it's frowned upon by the Bitcoin community and would be perceived as antagonistic by the miners. But my guess is that there's a better way to accomplish the same thing (again, off-chain transactions or using a totally different blockchain such as Ethereum, or BSV). In fact, in "The unfuckening of OP_RETURN", Shadders shows that one can practically store up to 100kb of text in a given BSV transaction (BSV is a fork of bitcoin, which aims to align more with Satoshi's "original" vision). The result of Shadders experiment? Well, here's the complete prequel to "Alice and Wonderland" in a single transaction, on the blockchain, forever: https://whatsonchain.com/tx/ef21e71d00b9fce174222e679640b09e29ac8a55f321c93e64b16cc3109959f8 Good thing Alice and Wonderland is in the public domain, right? Or... should it even matter what's "public" and what's "paywalled"? What do you think?
Usually, bull markets attract a lot of new investors - although speculators should be the right word here - and as usual, a lot of them are going to be crushed a way or another. First, before putting a single dollar, euro or whatever in the market, you should read a lot to know exactly what you're looking for. Are you here for the tech and/or the cypherpunk ethos ? Great, there's lot of resources out there (my links are cleaned but as always, do your due diligence) :
The Bitcoin Whitepaper, the one and only : bitcoin.org/bitcoin.pdf Since I'm linking to bitcoin.org, friendly reminder to avoid bitcoin.com, owned by a former supporter now con-artist Roger Ver.
Andreas Antonopoulos website : https://aantonop.com Andreas is one of best guys able to educate on bitcoin and its properties, for free, which helps.
Jameson Lopp website : lopp.net Jameson is a member of Bitcoin Core, cypherpunk, also able to educate a lot. His website is full of free resources and other links. You'll have a lot to read.
Hal Finney : he's unfortunately dead but I would advise to read about Hal Finney, the first to receive bitcoin Satoshi. A great cryptographer, the inventor of the first reusable PoW and one of the first bitcoin supporters. You'll be able to find his messages on this old forum Bitcoin Talk, by the way you'll be able to find the first chats about bitcoin on this forum bitcointalk.org
Monero website : getmonero.org Yep, I know it's gonna be controversial to post an altcoin link but personally, I think that Monero (aka XMR) is the only other coin with a big cypherpunk community, decentralized, and able to help newcomers with a great sense of responsibility, since the ethos here is to save privacy.
What Bitcoin Did : of course, Peter is controversial but I love him and I find his former blog and his podcasts very needed because he doesn't oversell himself. Pete knows that he's not a tech guy (like many of us) and just wants to spread the word, I think he does a good job with this.
Now, you've read and you want to put some skin in the game. Several exchanges are acceptable, a lot of aren't, be careful and assume that none really are (know that I won't post any ref links) :
to me, the best, although it's UI is quite old : Kraken €/$/pound/swiss franc on-off ramp
Coinbase and Coinbase Pro Difficult not to mention Coinbase, although I can't stand Brian Armstrong and the way they are doing their best to support scams currently. You should rather use Coinbase Pro if you have to since the fees are much lower.
Binance Binance came later than the previous ones but has managed to take most of the market. Now, you should remember what I said about being careful.
Huobi The biggest chinese exchange and they work closely with chinese official. Again, careful.
Bittrex Once at the top, now somewhere in the limbs.
A lot of new comers came recently like btse, ftx, feel free to try them while always keeping in mind that once your money is on exchanges, it's not yours anymore.
This was for centralized exchanges aka CEX. Talking about custodial, you'll need wallets to store your (bit)coins. Always try to use non-custodial wallets, which means wallets that give you your private keys. This way, if the software goes down, you can always retreive your money. Now, I won't link to all the existing wallets but will advise you to buy hardware wallets (trezor or ledger but there are others) or to create (on off-gap computers) paper wallets you're able to store safely (against all risks, not only robbery but housefire). You also could use your memory with brain wallets but, my gosh, I wouldn't trust myself. For Bitcoin (or even Litecoin), Electrum software can do a good job (but save your keys). AGAIN, DON'T KEEP YOUR SAVINGS ON AN EXCHANGE Now, about trading : it's been repeated and repeated but don't chase pumps and altcoins. Yep, it's probably the fastest way to make money. It's also the fastest to lose it. I won't lie : I made good money during the 2017-bullrun and I took profits but I also forgot to sell some shitcoins thinking it would keep going up, now I'm still holding these bags (although I don't really care). I know that a lot forgot to take profits. Take profits, always take profits, whatever your strategy is. Don't fall for people trying to sell you their bags, for ICOs trying to sell you a product which isn't released yet and obviously, don't fall for people asking for your private key. Also, know that there's two endgames : accumulating bitcoin or fiat. I'm rather in the first team but whatever your strategy is, take profits. (Yes, I know, some will say accumulating ethereum or something else). It's true that a lot of ethereum holders made a lot of money during the last bullrun (ethereum helped me make money too) but I'm really biased in favor of bitcoin (and monero). So, pick your coin but again, do your due diligence. A lot of people here or there will talk about the best tech, the fact that bitcoin is old and slow. I would need another post to go further on this point but know that a lof of air flight systems are old too but reliable. Trustless and reliable is the point here. This is the post from someone who bought bitcoin seven or six years ago, who lost part of them, who spent part of them (but don't regret this at all), who is still learning and I hope it will help others, although it would need a book to be complete.
There have been many recent posts about the blackmail email scam, so I have written this post and will keep it stickied until the posts about the scam die down. Blackmail email scams have that name because they started as an email spam campaign, however there have also been reports of these scams being sent via SMS and physical mail. If you are reading this because you have received one of these emails and you are worried, you can stop worrying. The blackmail email scam is a spam campaign that is sent out to thousands of addresses at a time. The threats are lies and you do not have anything to worry about. In many cases, the emails will contain some sort of privileged information about you such as your name, part or all of your phone number, and your password.The emails may also look like they were sent from your own email address. The data is gathered from data breaches, and if the email looks like it came from your account that is due to email spoofing. You can use the service Have I Been Pwned? to see if you are in any publicly known data breaches. If you receive an email that contains a password that you currently use, you should immediately change that. Current recommended password guidelines say that you should use a different, complex password for every account. You can generate and save passwords using a password manager for convenience. You should also be using two factor authentication using an app like Google Authenticator instead of receiving codes through SMS. Here are some news articles about this scam. Here is a story from Brian Krebs, and here is a story from the New York Times. Below are a few examples, but if you receive an email that is similar but not the same as the examples you see, that does not matter and does not mean that the email is real. The spammers constantly switch up their templates in order to bypass spam filters, so it's normal to receive an email that hasn't yet been posted online.
Hey, some time ago your computer was infected with my private malware, RAT (Remote Administration Tool). I know at the time of infection your passwords was: xxxxxxxxxxx My malware gave me full access to all your accounts, contacts and it also was possible to spy on you over your webcam. Sometimes when I was bored I was spying on you, then once you started to SATISFYING YOURSELF! At first I didn't knew how to react as I was shocked, then I decided to record you, I checked on google and found the software: Bandicam and it did the job. After that I removed my malware to not leave any traces and this email was sent from some hacked account. I can send the video of you to all your friends, contacts and publish it on social networks and the whole web. You can stop me and only I can help you out in this situation. Pay exactly 740$ in Bitcoin (BTC). It's easy to buy Bitcoin (BTC), for example here: https://paxful.com/buy-bitcoin , https://www.buybitcoinworldwide.com/ , https://www.kraken.com/ , or google another exchanger. My Bitcoin (BTC) wallet is: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Yes that's how the wallet looks like, copy and paste it, it's (cAsE-sEnSEtiVE) I give you 3 days time to pay. As I got access to this email account, I will know if this email has already been read, so the time is running. After receiving the payment, I will remove the video and you can life your live in peace like before. Learn from the mistake and update your browser before browsing the web next time! I know XXXX is one of your password on day of hack.. Lets get directly to the point. Not one person has paid me to check about you. You do not know me and you're probably thinking why you are getting this email? in fact, i actually placed a malware on the adult vids (adult porn) website and you know what, you visited this site to experience fun (you know what i mean). When you were viewing videos, your browser started out operating as a RDP having a key logger which provided me with accessibility to your display and web cam. immediately after that, my malware obtained every one of your contacts from your Messenger, FB, as well as email account. after that i created a double-screen video. 1st part shows the video you were viewing (you have a nice taste omg), and 2nd part displays the recording of your cam, and its you. Best solution would be to pay me $1004. We are going to refer to it as a donation. in this situation, i most certainly will without delay remove your video. My -BTC -address: 1GohL1jDz8BapZhohN2Xry6AKPq6PiJrjw [case SeNSiTiVe, copy & paste it] You could go on your life like this never happened and you will not ever hear back again from me. You'll make the payment via Bitcoin (if you do not know this, search 'how to buy bitcoin' in Google). if you are planning on going to the law, surely, this e-mail can not be traced back to me, because it's hacked too. I have taken care of my actions. i am not looking to ask you for a lot, i simply want to be paid. if i do not receive the bitcoin;, i definitely will send out your video recording to all of your contacts including friends and family, co-workers, and so on. Nevertheless, if i do get paid, i will destroy the recording immediately. If you need proof, reply with Yeah then i will send out your video recording to your 8 friends. it's a nonnegotiable offer and thus please don't waste mine time & yours by replying to this message. I know xxxxxxxxxxxx is one of your password on day of hack.. Lets get directly to the point. Not one person has paid me to check about you. You do not know me and you're probably thinking why you are getting this email? in fact, i actually placed a malware on the adult vids (adult porn) website and you know what, you visited this site to experience fun (you know what i mean). When you were viewing videos, your browser started out operating as a RDP having a key logger which provided me with accessibility to your display and web cam. immediately after that, my malware obtained every one of your contacts from your Messenger, FB, as well as email account. after that i created a double-screen video. 1st part shows the video you were viewing (you have a nice taste omg), and 2nd part displays the recording of your cam, and its you. Best solution would be to pay me $1013. We are going to refer to it as a donation. in this situation, i most certainly will without delay remove your video. My -BTC -address: 1KzA7GYSyvXCmPpojZ4qTbZGmjjbbSfwBg [case SeNSiTiVe, copy & paste it] You could go on your life like this never happened and you will not ever hear back again from me. You'll make the payment via Bitcoin (if you do not know this, search 'how to buy bitcoin' in Google). if you are planning on going to the law, surely, this e-mail can not be traced back to me, because it's hacked too. I have taken care of my actions. i am not looking to ask you for a lot, i simply want to be paid. if i do not receive the bitcoin;, i definitely will send out your video recording to all of your contacts including friends and family, co-workers, and so on. Nevertheless, if i do get paid, i will destroy the recording immediately. If you need proof, reply with Yeah then i will send out your video recording to your 8 friends. it's a nonnegotiable offer and thus please don't waste mine time & yours by replying to this message. Lets get directly to the point. Not one person has paid me to check about you. You do not know me and you're probably thinking why you are getting this email? in fact, i actually placed a malware on the adult vids (adult porn) website and you know what, you visited this site to experience fun (you know what i mean). When you were viewing videos, your browser started out operating as a RDP having a key logger which provided me with accessibility to your display and web cam. immediately after that, my malware obtained every one of your contacts from your Messenger, FB, as well as email account. after that i created a double-screen video. 1st part shows the video you were viewing (you have a nice taste omg), and 2nd part displays the recording of your cam, and its you. Best solution would be to pay me $1002. We are going to refer to it as a donation. in this situation, i most certainly will without delay remove your video. My -BTC -address: 1JXvEapcRCvywymcrYZ1rcCfLfNZKri4LP [case SeNSiTiVe, copy & paste it] You could go on your life like this never happened and you will not ever hear back again from me. You'll make the payment via Bitcoin (if you do not know this, search 'how to buy bitcoin' in Google). if you are planning on going to the law, surely, this e-mail can not be traced back to me, because it's hacked too. I have taken care of my actions. i am not looking to ask you for a lot, i simply want to be paid. if i do not receive the bitcoin;, i definitely will send out your video recording to all of your contacts including friends and family, co-workers, and so on. Nevertheless, if i do get paid, i will destroy the recording immediately. If you need proof, reply with Yeah then i will send out your video recording to your 8 friends. it's a nonnegotiable offer and thus please don't waste mine time & yours by replying to this message. Hello! I'm the software engineer who hacked into your device's OS. I've been observing you for months now. The thing is, you've been infected with malware through the adult website you visited. In case you're not familiar with it, I'll explain. The Trojan infection gives me full access and control over your computer or any other device on your local. It means that I can see everything on your screen, turn on my camera and microphone, but you do not know about it. I also have access to all your contacts, social networking data and all your correspondence. Why didn't your antivirus detect any malware? A: My malware uses a driver, I update its signatures every 4 hours to keep your antivirus silent. I have made a video showing how you satisfy yourself on the left side of the screen, and on the right side you see the video you have been watching. With one click, I can send this video to all your contacts in the email and social networks. I can also publish access to all your emails and messaging apps that you use. If you want to prevent this, at that point: Transfer $400(USD) to my bitcoin wallet (if you do not know how to do it, then type in to Google: "Purchase a bitcoin"). My Bitcoin Wallet:1EGBGBptS9yKNPYYU9qUEoPNLptee8CEq9 After getting the payment, I will destroy the video and you won't hear from me again. I will provide you 50 hours (more than two days) to pay. I have a notice that you read this email and the timer started you opened it. Don't attempt to answer me. It doesn't make any sense (the sender's address is generated by random). Filing a complaint somewhere doesn't make sense, because this email cannot be tracked, and neither can my bitcoin address. I don't make mistakes. If I find that you shared this message with someone else, the video will be distributed immediately. Good luck with that. And here are some common keywords used in the email so that this thread can be found by people Googling the email: "Marlware, international hacker group, No person has compensated, very own video clip, software on the adult, porno sitio, one of your pass word, .br, specific pixel, sexual content web portal, a malware on the adult, a malware on the, double-screen, is a reasonable price tag for our little secret, you have a good taste lmao, I placed a malware on the adult vids, your browser began operating as a RDP, had been abusing yourself in front of computer display, you are one of those people that downloaded the malicious, I made a split-screen video, While you were watching the video, your web browser acted as, malware on the porn website and guess what, an unique pixel, you jerked off while watching an online video, When you pressed the play button the virus begins saving all the things thru, ja.scr, My malicious soft started your front cam, and also send the video link to all of yourfriends, I infected your gadget with a malware and now, AnywaysI downloaded all contacts, my program quickly got into your system, To a time where you jerk off watching","For the present moment I have at my disposal all, When you arouse sexually watching porno, In such a way all needed compromising material and contact, All information to yours SNSs user accounts, You watched sexual content portal and toss","Hello! WannaCry is back! All your, in front of the screen browsing adult stuff, As you flog the dummy watching, U are going to be offered 5 days after checking this notice, RAT 68006, the damnific malware, pastime and entertainment there, not my single victim, beat the dummy, buff the muffin, choke a chicken, front camera capturing video, with you frigging, with you chaturbating, with you masturbating, web digicam, U are going to have 5 dayss, i utilize just hacked wi, pressured this trojan to, glue a pair of videos, glue two videos, the RAT, if you want me to destroy this whole video, downloaded all contacts from your computer, your list of contacts or relatives will, I made a video that shows how you masturbate, hacked you through a virus in an ad on a porn website, my illiteracy, nоt mind on my illiterаcy, I рilfered all рrivy bаckground, videоtaре with yоur masturbаtion, my delеtеrious soft, cаmеra shооt the videоtaрe, you sеlf-аbusing, Differently I will send the video to all your colleagues and friends, your front-camera made the videotape with you self-abusing, RAT 98390 malware, the minute you went to one adult page, information to contact info I discovered on your devices and remember there is a lot of these, not including Double VPN As a result, I forced my malware to hook up to a mic, web camera and catch the video from it, poisoned a number of adult sites, video clip to fit on a single tv screen, This letter has invisible monitoring program inside and i will be aware of when you are going to check, doing ur stuff and a clip u jerked to, the investigation will last, I uploaded our malicious program on your device, furthermore malware saved exactly the video you chose, its a record with your wanking, friends will see u taking proper care of yourself, Your system is controlled by the malicious program, If you were more careful while playing with yourself, that whacking off to adult web-sites is, adult website which was poisoned with my malware, nor i think that jerking off to porn sites is really a gross thing, so I dgf lmao, proof just reply to this email with, if you want me to destroy all this compromising evidence, will send your video to 5 contacts, amount in Usd that can cope with this scenario, You are welcome to contact your local authorities, If you want proof, reply with, i pride myself in being apart of an internet group, so i dgf, I take good care of my being anonymous, information related to the RAT virus, been able get in to all ur units, to all of your contacts including, search engines like goo, case sensitive, so copy,, and at this moment I, It is a non-nego, don't waste my perso, thi s mes, back while visiting, showe ring, what should you do ?, porno webpage, this embarrassing situation, navigated to the page, bare-assed, on well-known websites and publications, I got an order from someone to kill you and your family, immediately kill your family, is an explosive device, My mercenary is, explosive device detonates, triggered your webcam, piquant websites, my exploit downloaded, replenish btc wallet, instantaneously erase, actual recorded material, neglect this email, my RAT trojan, video you jerked, I used keylogger, your disk dump, malware intercepts, installed a malware, remove your video footage, RAT onto your computer, greasy stimulating actions, excentric preferrables, porn web-page, to your Tax Department, network will be DDoS, friends, WannaCry, building a protection policy, in Tax Departament, Yours service going, we pass CloudFlare, hear fake-experts, backuped phone, -1663, of your joys, digits your phone, (porno), BIG pervert, both files and scale, naughty video clips, Soy un hacker, I installed spyware, n website with teen, malware on the porn website, very own recorded material""Marlware, international hacker group, No person has compensated, very own video clip, software on the adult, porno sitio, one of your pass word, specific pixel, sexual content web portal, a malware on the adult, a malware on the, double-screen, is a reasonable price tag for our little secret, you have a good taste lmao, I placed a malware on the adult vids, your browser began operating as a RDP, had been abusing yourself in front of computer display, you are one of those people that downloaded the malicious, I made a split-screen video, While you were watching the video, your web browser acted as, malware on the porn website and guess what, an unique pixel, you jerked off while watching an online video, When you pressed the play button the virus begins saving all the things thru, ja.scr, My malicious soft started your front cam, and also send the video link to all of yourfriends, I infected your gadget with a malware and now, AnywaysI downloaded all contacts, my program quickly got into your system, To a time where you jerk off watching","For the present moment I have at my disposal all, When you arouse sexually watching porno, In such a way all needed compromising material and contact, All information to yours SNSs user accounts, You watched sexual content portal and toss","Hello! WannaCry is back! All your, in front of the screen browsing adult stuff, As you flog the dummy watching, U are going to be offered 5 days after checking this notice, RAT 68006, the damnific malware, pastime and entertainment there, not my single victim, beat the dummy, buff the muffin, choke a chicken, front camera capturing video, with you frigging, with you chaturbating, with you masturbating, web digicam, U are going to have 5 dayss, i utilize just hacked wi, pressured this trojan to, glue a pair of videos, glue two videos, the RAT, if you want me to destroy this whole video, downloaded all contacts from your computer, your list of contacts or relatives will, I made a video that shows how you masturbate, hacked you through a virus in an ad on a porn website, my illiteracy, nоt mind on my illiterаcy, I рilfered all рrivy bаckground, videоtaре with yоur masturbаtion, my delеtеrious soft, cаmеra shооt the videоtaрe, you sеlf-аbusing, Differently I will send the video to all your colleagues and friends, your front-camera made the videotape with you self-abusing, RAT 98390 malware, the minute you went to one adult page, information to contact info I discovered on your devices and remember there is a lot of these, not including Double VPN As a result, I forced my malware to hook up to a mic, web camera and catch the video from it, poisoned a number of adult sites, video clip to fit on a single tv screen, This letter has invisible monitoring program inside and i will be aware of when you are going to check, doing ur stuff and a clip u jerked to, the investigation will last, I uploaded our malicious program on your device, furthermore malware saved exactly the video you chose, its a record with your wanking, friends will see u taking proper care of yourself, Your system is controlled by the malicious program, If you were more careful while playing with yourself, that whacking off to adult web-sites is, adult website which was poisoned with my malware, nor i think that jerking off to porn sites is really a gross thing, so I dgf lmao, proof just reply to this email with, if you want me to destroy all this compromising evidence, will send your video to 5 contacts, amount in Usd that can cope with this scenario, You are welcome to contact your local authorities, If you want proof, reply with, i pride myself in being apart of an internet group, so i dgf, I take good care of my being anonymous, information related to the RAT virus, been able get in to all ur units, to all of your contacts including, search engines like goo, case sensitive, so copy,, and at this moment I, It is a non-nego, don't waste my perso, thi s mes, back while visiting, showe ring, what should you do ?, porno webpage, this embarrassing situation, navigated to the page, bare-assed, on well-known websites and publications, I got an order from someone to kill you and your family, immediately kill your family, is an explosive device, My mercenary is, explosive device detonates, triggered your webcam, piquant websites, my exploit downloaded, replenish btc wallet, instantaneously erase, actual recorded material, neglect this email, my RAT trojan, video you jerked, I used keylogger, your disk dump, malware intercepts, installed a malware, remove your video footage, RAT onto your computer, greasy stimulating actions, excentric preferrables, porn web-page, to your Tax Department, network will be DDoS, friends, WannaCry, building a protection policy, in Tax Departament, Yours service going, we pass CloudFlare, hear fake-experts, backuped phone, -1663, of your joys, digits your phone, (porno), BIG pervert, both files and scale, naughty video clips, Soy un hacker, I installed spyware, n website with teen, malware on the porn website, very own recorded material, ιs yοur ραssρhrαse, after seeing the video of you jerking off, τhιηκ οf ιτ αs α dοηατιοη, split-screen video, 𝐄𝐧𝐭𝐢𝐫𝐞 𝐯𝐢𝐝𝐞𝐨 𝐜𝐥𝐢𝐩 𝐮𝐧𝐝𝐞𝐫𝐭𝐚𝐤𝐢𝐧𝐠 𝐫𝐚𝐮𝐧𝐜𝐡𝐲 𝐦𝐚𝐭𝐭𝐞𝐫𝐬, 𝐚𝐜𝐭𝐮𝐚𝐥𝐥𝐲 𝐞𝐧𝐭𝐞𝐫𝐞𝐝 𝐭𝐡𝐚𝐭 𝐩𝐨𝐫𝐧𝐨 𝐢𝐧𝐭𝐞𝐫𝐧𝐞𝐭 𝐬𝐢𝐭𝐞, 𝐇𝐨𝐰 𝐰𝐢𝐥𝐥 𝐲𝐨𝐮 𝐩𝐮𝐭 𝐭𝐨𝐠𝐞𝐭𝐡𝐞𝐫 𝐭𝐡𝐞 𝐩𝐚𝐲𝐦𝐞𝐧𝐭"
The most secure wallet? Hardware wallets can be cracked?
PS. I tried to post this at BitcoinBeginners but it got automatically removed. I know the first question in the title is asked a ton, but I have some other questions aswell. So I do freelancing online and have chosen to recieve my payment in btc for a while, while I fix some problems I have with my bank, and currently I have $1.5k in Bitcoin, these are on my blockchain account as I thought it was OK but recently did some more research and found out that it was not as secure as I thought (although not extremely sure why its not safe, but I thought I should try to find something more secure). So far I found out that cold wallets or offline wallets are the most secure. Ive looked at Trezor and Ledger, although leaning more towards Trezor since ive seen a lot of articles and reddit posts stating its the most secure. warning: you might facepalm while reading some of my questions 1. I saw some people saying that if you lose your Trezor wallet you don't need to worry, as long as you have those security words. But then I saw somewhere else that some guys cracked Trezor and Ledger wallets and could see the passphrase from it. So is it really that secure? Like if I lose the physical thing, is it possible that it can get hacked? 2. Something else I also don't quite get, is that it is called an offline wallet, but you can still access it from anywhere if you have the security keys. Doesn't that mean it is an online wallet aswell? Like if my whole house burns down including the hw wallet, but I still remember my keys, I will still be able to access my wallet right? 3. Another thing I am wondering is that if my computer has a virus or malware or something similar, and I plug in my HW wallet, could they get access to it? 4. I also have like $300 in monero, can I store these too on a hardware wallet? Does it require a second security phrase, or does all the cryptos go under one? 5. Is it anonymous? Like if someone knows my bitcoin wallet, can they somehow find me? Can they find out that it is connected to my monero wallet? Does TrezoLedger track my transactions or log anything? Currently I am leaning towards buying the Trezor Model T, and writing down the passphrase on two pieces of paper, hiding them somewhere really safe in the house (somewhere I will remember ofcourse), but still repeat the codes until I know them all in my head. I am thinking of bringing the Trezor Model T everywhere I go, like I do with my phone. I have never lost anything; keys, phones, wallets, cards, etc. never. Although I need to be on the safe side, hence my question about if I lose the physical wallet. 6. Or is there some other insanenly secure wallet that I have not heard of? I will be grateful for anyone trying to answehelp :)
How to sell xBricks for money (self post for mod approval)
Preface I've written this guide with those that are unfamiliar with crypto in mind, however it's still a lengthy process. I'm going to try to present this in a way where you don't have to learn how the underlying crypto technology works, but I will add in links to relevant concepts in case you're curious. This process was a lot more complicated before but I made a web interface to simplify it. At the time of writing this, FortniteBR BRICKs are worth 10 cents a piece. That makes 1000 bricks worth 100 bucks. The liquidity pool is about $14,000 at the time of writing, meaning that there's room in the market for you to hypothetically get $7,000 if you had a lot of BRICKs. If at any point throughout this process you need help, DM me! Misc. Resources That Might Be Helpful
A phone or phone emulator (so that you can run the reddit mobile app and collect your BRICKs)
Step 1: Setup On your desktop computer, install MetaMask. This is an Ethereum Wallet which will allow you to interact with the Ethereum Network and its many sidechains. More on this later. Follow the setup instructions in MetaMask. If you've never done this before, you'll need to create a new seed phrase. Video tutorial if you get stuck. YOUR SEED PHRASE IS THE KEY TO YOUR WALLET. ANYONE WHO HAS ACCESS TO YOUR SEED PHRASE CAN TAKE YOUR FUNDS. IF YOU LOSE YOUR SEED PHRASE YOU HAVE NO WAY TO RECOVER YOUR FUNDS. WRITE IT DOWN AND STORE IT IN A SAFE PLACE!!! NEVER GIVE IT OUT TO ANYONE -ANYONETHAT ASKS FOR YOUR SEED PHRASE IS TRYING TO SCAM YOU! DON'T FALL FOR IT! In the MetaMask interface, you'll see "Main Ethereum Network". This process uses two networks. One of them is the Rinkeby Testnet (where the BRICK tokens are natively) and one of them is the xDAI network which is where we will bridge the tokens to in order to exchange them for Dai, a token which is pegged to the price of the dollar. From the dropdown, select Rinkeby Testnet. If you're in the assets tab, you should see a thing that shows your ETH balance. Below this, you should see an "add token" button. Click it. Go to "Custom Token" at the top. In "token contract address," paste in the following: 0xe0d8d7b8273de14e628d2f2a4a10f719f898450a The other fields will autofill. Hit next. You'll now see your BRICK balance (which will be 0, you haven't transferred your bricks yet) in MetaMask if you've done everything right. You'll need Rinkeby Ether to cover transaction fees. Since we're on a testnet, the Ether is worthless which means people hand it out for free. You can get this Ether from a variety of places:
Anyone who has Rinkeby Ether to spare: Make a comment below so that those who need it can ask you. Thanks :)
Now it's time to get your BRICKs from your Reddit vault into your MetaMask wallet. WARNING: ALL CRYPTO TRANSACTIONS ARE IRREVERSIBLE. Your Ethereum address shows up under Rinkeby. It should be "0x" followed by a bunch of hex characters. Click on it to copy it to your clipboard. You now need to somehow get this to your mobile device. Email it to yourself, text it to yourself, whatever. On your Reddit mobile app home screen, click on your profile icon and then go to vault. You'll need to set this up and claim your tokens if you haven't already. Be aware that this is also technically an Ethereum wallet. Keep your seed phrase safe. Send however many BRICKs you want to sell to your MetaMask wallet. Check to make sure the addresses are the same, but don't worry too much about making a typo or whatever. The chances that you'd make a typo that would result in a valid Ethereum address are slim, if you get a character wrong it'll just tell you it's not a real Ethereum address and prevent you from sending. It may show an error when you try to send. This is somewhat rare but pretty normal. They often run out of testnet Ether. Come back later and try again. If it works properly, it'll take about a minute to go through. It may take longer than that. Once the transaction goes through, you'll see that you have an absurd amount of BRICKs in MetaMask. No, there wasn't a glitch. The people who wrote the code for BRICKs made the decimals of precision weird for some reason. It's off by a factor of 1018. This isn't a big deal. If you see Bricks and Ether (ETH) in your MetaMask wallet, proceed to the next step. If you're having issues, feel free to DM me. Step 2: Getting Your BRICKs from Rinkeby to xDai There's a LOT going on under the hood for this part (deets for those interested). Previously this required manually generating contract interactions, which is kind of a pain if you're new to Ethereum. I made a UI to make this easier (it generates the transactions for you, all you have to do is sign them with your wallet). This took way longer to do than you might guess, so feel free to help a homie out at: 0x4BCcC2569DD93C7dF43431A7b70db569dedB6187 Go to my tool. Hit connect. If you're on the Rinkeby network, it should show your balance in BRICKs. Enter the amount you want to bridge (probably all of them). If neither of us have made any mistakes, it should pop up with a request to spend your BRICKs. If there's any issue with this tool, DM me. This allows the TokenBridge contract to take your BRICKs and put them on the xDai network where you can sell them. This is the part where you'll get an error if you don't have any testnet ETH. Set the gas price to 1 (the suggested price is based on the Main Ethereum Network - it's way too high). After you approve that, it'll give you another thing to accept. This is the actual transaction where it'll bridge to xDai. Again, make sure the gas price is set to 1 and confirm the transaction. Add xDai to MetaMask Switch to the xDai network. We're going to add another token. Again, go to "add token" > "custom token" > "token contract address". Paste in: 0x2f9ceBf5De3bc25E0643D0E66134E5bf5c48e191 If the transactions have gone through, you should see your xBricks (the name for BRICKs that have been bridged to xDai) in MetaMask. If not, wait a bit for the transactions to go through. Sometimes there are slowdowns that cause bridging to take a while. Shouldn't take too long, though. Once that's done, you're ready for the next step. Step 3: Trading Your xBricks for xDai Go to Honeyswap. Hit "select a token." You'll need to paste in the xBrick address again. Here it is: 0x2f9ceBf5De3bc25E0643D0E66134E5bf5c48e191 Click xBrick. You'll need to flipflop the trade around by hitting the arrow button. xBrick should be on top. Type in the amount of xBricks you want to sell, or hit max to sell all of them. 1 xDai = $1. You'll need to hit approve first. Set gas price to 1 again. Then you can complete the trade by hitting swap. After a bit, the xDai should show up in your wallet. Step 4: Mainnet Everything on Mainnet costs actual money to do. It costs about 50 cents to make a transaction and it costs about 3 bucks to use an exchange like the one we just used. If you don't have mainnet Ether, you won't be able to do anything with your mainnet Dai (what xDai is called when it's bridged back to the main Ethereum network). You may be able to find someone to lend you some ETH to make these transactions with. Whatever you do, just be aware. If you still want to bridge your xDai into Dai, go here and make sure xDai is on the left. If it's not, go in the top right and select xDai chain. Enter the amount of xDai you want to bridge to mainnet and then hit transfer. Follow the prompts. This part may take up to an hour due to recent network congestion. After it's done, if you go back to Main Ethereum Network in MetaMask you should see your Dai. If you have a few bucks of ETH, you can use UniSwap to convert your Dai to even more ETH. Uniswap tutorial Things you can do with ETH
The most secure wallet? Hardware wallets can be cracked?
I know the first question in the title is asked a ton, but I have some other questions aswell. So I do freelancing online and have chosen to recieve my payment in btc for a while, while I fix some problems I have with my bank, and currently I have $2k in Bitcoin, these are on my blockchain account as I thought it was OK but recently did some more research and found out that it was not as secure as I thought (although not extremely sure why its not safe, but I thought I should try to find something more secure). So far I found out that cold wallets or offline wallets are the most secure. Ive seen at Trezor and Ledger, although leaning more towards Trezor since ive seen a lot of articles and reddit posts stating its the most secure. I saw some people saying that if you loose your Trezor wallet you don't need to worry, as long as you have those security words. But then I saw somewhere else that some guys cracked Trezor and Ledger wallets and could see the passphrase from it. So is it really that secure? Like if I loose the physical thing, is it possible that it can get hacked? Something else I also don't quite get, is that it is called an offline wallet, but you can still access it from anywhere if you have the security keys. Doesn't that mean it is an online wallet aswell? Like if my whole house burns down including the hw wallet, but I still remember my keys, I will still be able to access my wallet right? Another thing I am wondering is that if my computer has a virus or malware or something similar, and I plug in my HW wallet, could they get access to it? I also have like $300 in monero which I honestly cant remember where I got, but can I store these too on a hardware wallet? Does it require a second security phrase, or does all the cryptos go under one? Currently I am leaning towards buying the Trezor Model T, and writing down the passphrase on two pieces of paper, hiding them somewhere really safe in the house (somewhere I will remember ofcourse), but still repeat the codes until I know them all in my head. I am thinking of bringing the Trezor Model T everywhere I go, like I do with my phone. I have never lost anything, keys, phones, wallets. never. Although I need to be on the safe side, thus my question about if I loose the physical wallet. Or is there some other insanenly secure wallet that I have not heard of? I will be grateful for anyone trying to answehelp :)
This is a follow-up on https://old.reddit.com/Bitcoin/comments/hqzp14/technical_the_path_to_taproot_activation/ Taproot! Everybody wants it!! But... you might ask yourself: sure, everybody else wants it, but why would I, sovereign Bitcoin HODLer, want it? Surely I can be better than everybody else because I swapped XXX fiat for Bitcoin unlike all those nocoiners? And it is important for you to know the reasons why you, o sovereign Bitcoiner, would want Taproot activated. After all, your nodes (or the nodes your wallets use, which if you are SPV, you hopefully can pester to your wallet vendoimplementor about) need to be upgraded in order for Taproot activation to actually succeed instead of becoming a hot sticky mess. First, let's consider some principles of Bitcoin.
You the HODLer should be the one who controls where your money goes. Your keys, your coins.
You the HODLer should be able to coordinate and make contracts with other people regarding your funds.
You the HODLer should be able to do the above without anyone watching over your shoulder and judging you.
I'm sure most of us here would agree that the above are very important principles of Bitcoin and that these are principles we would not be willing to remove. If anything, we would want those principles strengthened (especially the last one, financial privacy, which current Bitcoin is only sporadically strong with: you can get privacy, it just requires effort to do so). So, how does Taproot affect those principles?
Taproot and Your /Coins
Most HODLers probably HODL their coins in singlesig addresses. Sadly, switching to Taproot would do very little for you (it gives a mild discount at spend time, at the cost of a mild increase in fee at receive time (paid by whoever sends to you, so if it's a self-send from a P2PKH or bech32 address, you pay for this); mostly a wash). (technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash, so the Taproot output spends 12 bytes more; spending from a P2WPKH requires revealing a 32-byte public key later, which is not needed with Taproot, and Taproot signatures are about 9 bytes smaller than P2WPKH signatures, but the 32 bytes plus 9 bytes is divided by 4 because of the witness discount, so it saves about 11 bytes; mostly a wash, it increases blockweight by about 1 virtual byte, 4 weight for each Taproot-output-input, compared to P2WPKH-output-input). However, as your HODLings grow in value, you might start wondering if multisignature k-of-n setups might be better for the security of your savings. And it is in multisignature that Taproot starts to give benefits! Taproot switches to using Schnorr signing scheme. Schnorr makes key aggregation -- constructing a single public key from multiple public keys -- almost as trivial as adding numbers together. "Almost" because it involves some fairly advanced math instead of simple boring number adding, but hey when was the last time you added up your grocery list prices by hand huh? With current P2SH and P2WSH multisignature schemes, if you have a 2-of-3 setup, then to spend, you need to provide two different signatures from two different public keys. With Taproot, you can create, using special moon math, a single public key that represents your 2-of-3 setup. Then you just put two of your devices together, have them communicate to each other (this can be done airgapped, in theory, by sending QR codes: the software to do this is not even being built yet, but that's because Taproot hasn't activated yet!), and they will make a single signature to authorize any spend from your 2-of-3 address. That's 73 witness bytes -- 18.25 virtual bytes -- of signatures you save! And if you decide that your current setup with 1-of-1 P2PKH / P2WPKH addresses is just fine as-is: well, that's the whole point of a softfork: backwards-compatibility; you can receive from Taproot users just fine, and once your wallet is updated for Taproot-sending support, you can send to Taproot users just fine as well! (P2WPKH and P2WSH -- SegWit v0 -- addresses start with bc1q; Taproot -- SegWit v1 --- addresses start with bc1p, in case you wanted to know the difference; in bech32 q is 0, p is 1) Now how about HODLers who keep all, or some, of their coins on custodial services? Well, any custodial service worth its salt would be doing at least 2-of-3, or probably something even bigger, like 11-of-15. So your custodial service, if it switched to using Taproot internally, could save a lot more (imagine an 11-of-15 getting reduced from 11 signatures to just 1!), which --- we can only hope! --- should translate to lower fees and better customer service from your custodial service! So I think we can say, very accurately, that the Bitcoin principle --- that YOU are in control of your money --- can only be helped by Taproot (if you are doing multisignature), and, because P2PKH and P2WPKH remain validly-usable addresses in a Taproot future, will not be harmed by Taproot. Its benefit to this principle might be small (it mostly only benefits multisignature users) but since it has no drawbacks with this (i.e. singlesig users can continue to use P2WPKH and P2PKH still) this is still a nice, tidy win! (even singlesig users get a minor benefit, in that multisig users will now reduce their blockchain space footprint, so that fees can be kept low for everybody; so for example even if you have your single set of private keys engraved on titanium plates sealed in an airtight box stored in a safe buried in a desert protected by angry nomads riding giant sandworms because you're the frickin' Kwisatz Haderach, you still gain some benefit from Taproot) And here's the important part: if P2PKH/P2WPKH is working perfectly fine with you and you decide to never use Taproot yourself, Taproot will not affect you detrimentally. First do no harm!
Taproot and Your Contracts
No one is an island, no one lives alone. Give and you shall receive. You know: by trading with other people, you can gain expertise in some obscure little necessity of the world (and greatly increase your productivity in that little field), and then trade the products of your expertise for necessities other people have created, all of you thereby gaining gains from trade. So, contracts, which are basically enforceable agreements that facilitate trading with people who you do not personally know and therefore might not trust. Let's start with a simple example. You want to buy some gewgaws from somebody. But you don't know them personally. The seller wants the money, you want their gewgaws, but because of the lack of trust (you don't know them!! what if they're scammers??) neither of you can benefit from gains from trade. However, suppose both of you know of some entity that both of you trust. That entity can act as a trusted escrow. The entity provides you security: this enables the trade, allowing both of you to get gains from trade. In Bitcoin-land, this can be implemented as a 2-of-3 multisignature. The three signatories in the multisgnature would be you, the gewgaw seller, and the escrow. You put the payment for the gewgaws into this 2-of-3 multisignature address. Now, suppose it turns out neither of you are scammers (whaaaat!). You receive the gewgaws just fine and you're willing to pay up for them. Then you and the gewgaw seller just sign a transaction --- you and the gewgaw seller are 2, sufficient to trigger the 2-of-3 --- that spends from the 2-of-3 address to a singlesig the gewgaw seller wants (or whatever address the gewgaw seller wants). But suppose some problem arises. The seller gave you gawgews instead of gewgaws. Or you decided to keep the gewgaws but not sign the transaction to release the funds to the seller. In either case, the escrow is notified, and if it can sign with you to refund the funds back to you (if the seller was a scammer) or it can sign with the seller to forward the funds to the seller (if you were a scammer). Taproot helps with this: like mentioned above, it allows multisignature setups to produce only one signature, reducing blockchain space usage, and thus making contracts --- which require multiple people, by definition, you don't make contracts with yourself --- is made cheaper (which we hope enables more of these setups to happen for more gains from trade for everyone, also, moon and lambos). (technology-wise, it's easier to make an n-of-n than a k-of-n, making a k-of-n would require a complex setup involving a long ritual with many communication rounds between the n participants, but an n-of-n can be done trivially with some moon math. You can, however, make what is effectively a 2-of-3 by using a three-branch SCRIPT: either 2-of-2 of you and seller, OR 2-of-2 of you and escrow, OR 2-of-2 of escrow and seller. Fortunately, Taproot adds a facility to embed a SCRIPT inside a public key, so you can have a 2-of-2 Taprooted address (between you and seller) with a SCRIPT branch that can instead be spent with 2-of-2 (you + escrow) OR 2-of-2 (seller + escrow), which implements the three-branched SCRIPT above. If neither of you are scammers (hopefully the common case) then you both sign using your keys and never have to contact the escrow, since you are just using the escrow public key without coordinating with them (because n-of-n is trivial but k-of-n requires setup with communication rounds), so in the "best case" where both of you are honest traders, you also get a privacy boost, in that the escrow never learns you have been trading on gewgaws, I mean ewww, gawgews are much better than gewgaws and therefore I now judge you for being a gewgaw enthusiast, you filthy gewgawer).
Taproot and Your Contracts, Part 2: Cryptographic Boogaloo
Now suppose you want to buy some data instead of things. For example, maybe you have some closed-source software in trial mode installed, and want to pay the developer for the full version. You want to pay for an activation code. This can be done, today, by using an HTLC. The developer tells you the hash of the activation code. You pay to an HTLC, paying out to the developer if it reveals the preimage (the activation code), or refunding the money back to you after a pre-agreed timeout. If the developer claims the funds, it has to reveal the preimage, which is the activation code, and you can now activate your software. If the developer does not claim the funds by the timeout, you get refunded. And you can do that, with HTLCs, today. Of course, HTLCs do have problems:
Privacy. Everyone scraping the Bitcoin blockchain can see any HTLCs, and preimages used to claim them.
This can be mitigated by using offchain techniques so HTLCs are never published onchain in the happy case. Lightning would probably in practice be the easiest way to do this offchain. Of course, there are practical limits to what you can pay on Lightning. If you are buying something expensive, then Lightning might not be practical. For example, the "software" you are activating is really the firmware of a car, and what you are buying is not the software really but the car itself (with the activation of the car firmware being equivalent to getting the car keys).
Even offchain techniques need an onchain escape hatch in case of unresponsiveness! This means that, if something bad happens during payment, the HTLC might end up being published onchain anyway, revealing the fact that some special contract occurred.
And an HTLC that is claimed with a preimage onchain will also publicly reveal the preimage onchain. If that preimage is really the activation key of a software than it can now be pirated. If that preimage is really the activation key for your newly-bought cryptographic car --- well, not your keys, not your car!
Trust requirement. You are trusting the developer that it gives you the hash of an actual valid activation key, without any way to validate that the activation key hidden by the hash is actually valid.
Fortunately, with Schnorr (which is enabled by Taproot), we can now use the Scriptless Script constuction by Andrew Poelstra. This Scriptless Script allows a new construction, the PTLC or Pointlocked Timelocked Contract. Instead of hashes and preimages, just replace "hash" with "point" and "preimage" with "scalar". Or as you might know them: "point" is really "public key" and "scalar" is really a "private key". What a PTLC does is that, given a particular public key, the pointlocked branch can be spent only if the spender reveals the private key of the given public key to you. Another nice thing with PTLCs is that they are deniable. What appears onchain is just a single 2-of-2 signature between you and the developemanufacturer. It's like a magic trick. This signature has no special watermarks, it's a perfectly normal signature (the pledge). However, from this signature, plus some datta given to you by the developemanufacturer (known as the adaptor signature) you can derive the private key of a particular public key you both agree on (the turn). Anyone scraping the blockchain will just see signatures that look just like every other signature, and as long as nobody manages to hack you and get a copy of the adaptor signature or the private key, they cannot get the private key behind the public key (point) that the pointlocked branch needs (the prestige). (Just to be clear, the public key you are getting the private key from, is distinct from the public key that the developemanufacturer will use for its funds. The activation key is different from the developer's onchain Bitcoin key, and it is the activation key whose private key you will be learning, not the developer's/manufacturer's onchain Bitcoin key). So:
Privacy: PTLCs are private even if done onchain. Nobody else can learn what the private key behind the public key is, except you who knows the adaptor signature that when combined with the complete onchain signature lets you know what the private key of the activation key is. Somebody scraping the blockchain will not learn the same information even if all PTLCs are done onchain!
Lightning is still useful for reducing onchain use, and will also get PTLCs soon after Taproot is activated, but even if something bad happens and a PTLC has to go onchain, it doesn't reveal anything!
Trust issues can be proven more easily with a public-private keypair than with a hash-preimage pair.
For example, the developer of the software you are buying could provide a signature signing a message saying "unlock access to the full version for 1 day". You can check if feeding this message and signature to the program will indeed unlock full-version access for 1 day. Then you can check if the signature is valid for the purported pubkey whose private key you will pay for. If so, you can now believe that getting the private key (by paying for it in a PTLC) would let you generate any number of "unlock access to the full version for 1 day" message+signatures, which is equivalent to getting full access to the software indefinitely.
For the car, the manufacturer can show that signing a message "start the engine" and feeding the signature to the car's fimrware will indeed start the engine, and maybe even let you have a small test drive. You can then check if the signature is valid for the purported pubkey whose privkey you will pay for. If so, you can now believe that gaining knowledge of the privkey will let you start the car engine at any time you want.
(pedantry: the signatures need to be unique else they could be replayed, this can be done with a challenge-response sequence for the car, where the car gathers entropy somehow (it's a car, it probably has a bunch of sensors nowadays so it can get entropy for free) and uses the gathered entropy to challenge you to sign a random number and only start if you are able to sign the random number; for the software, it could record previous signatures somewhere in the developer's cloud server and refuse to run if you try to replay a previously-seen signature.)
Taproot lets PTLCs exist onchain because they enable Schnorr, which is a requirement of PTLCs / Scriptless Script. (technology-wise, take note that Scriptless Script works only for the "pointlocked" branch of the contract; you need normal Script, or a pre-signed nLockTimed transaction, for the "timelocked" branch. Since Taproot can embed a script, you can have the Taproot pubkey be a 2-of-2 to implement the Scriptless Script "pointlocked" branch, then have a hidden script that lets you recover the funds with an OP_CHECKLOCKTIMEVERIFY after the timeout if the seller does not claim the funds.)
Now if you were really paying attention, you might have noticed this parenthetical:
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash...)
So wait, Taproot uses raw 32-byte public keys, and not public key hashes? Isn't that more quantum-vulnerable?? Well, in theory yes. In practice, they probably are not. It's not that hashes can be broken by quantum computes --- they're still not. Instead, you have to look at how you spend from a P2WPKH/P2PKH pay-to-public-key-hash. When you spend from a P2PKH / P2WPKH, you have to reveal the public key. Then Bitcoin hashes it and checks if this matches with the public-key-hash, and only then actually validates the signature for that public key. So an unconfirmed transaction, floating in the mempools of nodes globally, will show, in plain sight for everyone to see, your public key. (public keys should be public, that's why they're called public keys, LOL) And if quantum computers are fast enough to be of concern, then they are probably fast enough that, in the several minutes to several hours from broadcast to confirmation, they have already cracked the public key that is openly broadcast with your transaction. The owner of the quantum computer can now replace your unconfirmed transaction with one that pays the funds to itself. Even if you did not opt-in RBF, miners are still incentivized to support RBF on RBF-disabled transactions. So the extra hash is not as significant a protection against quantum computers as you might think. Instead, the extra hash-and-compare needed is just extra validation effort. Further, if you have ever, in the past, spent from the address, then there exists already a transaction indelibly stored on the blockchain, openly displaying the public key from which quantum computers can derive the private key. So those are still vulnerable to quantum computers. For the most part, the cryptographers behind Taproot (and Bitcoin Core) are of the opinion that quantum computers capable of cracking Bitcoin pubkeys are unlikely to appear within a decade or two.
Current quantum computers can barely crack prime factorization problem for primes of 5 bits.
The 256-bit elliptic curve use by Bitcoin is, by my (possibly wrong) understanding, equivalent to 4096-bit primes, so you can see a pretty big gap between now (5 bit primes) and what is needed (4096 bit primes).
A lot of financial non-Bitcoin systems use the equivalent of 3072-bit primes or less, and are probably easier targets to crack than the equivalent-to-4096-bit-primes Bitcoin.
Quantum computers capable of cracking Bitcoin are still far off.
Pay-to-public-key-hash is not as protective as you might think.
We will probably see banks get cracked before Bitcoin, so the banking system is a useful canary-in-a-coal-mine to see whether we should panic about being quantum vulnerable.
For now, the homomorphic and linear properties of elliptic curve cryptography provide a lot of benefits --- particularly the linearity property is what enables Scriptless Script and simple multisignature (i.e. multisignatures that are just 1 signature onchain). So it might be a good idea to take advantage of them now while we are still fairly safe against quantum computers. It seems likely that quantum-safe signature schemes are nonlinear (thus losing these advantages).
If you are a singlesig HODL-only Bitcoin user, Taproot will not affect you positively or negatively. Importantly: Taproot does no harm!
If you use or intend to use multisig, Taproot will be a positive for you.
If you transact onchain regularly using typical P2PKH/P2WPKH addresses, you get a minor reduction in feerates since multisig users will likely switch to Taproot to get smaller tx sizes, freeing up blockspace for yours.
If you are using multiparticipant setups for special systems of trade, Taproot will be a positive for you.
Remember: Lightning channels are multipartiicpiant setups for special systems of lightning-fast offchain trades!
I Wanna Be The Taprooter!
So, do you want to help activate Taproot? Here's what you, mister sovereign Bitcoin HODLer, can do!
If you have developer experience especially in C, C++, or related languages
Review the Taproot code! There is one pull request in Bitcoin Core, and one in libsecp256k1. I deliberately am not putting links here, to avoid brigades of nontechnical but enthusiastic people leaving pointless reviews, but if you are qualified you know how to find them!
But I am not a cryptographeBitcoin Core contributomathematician/someone as awesome as Pieter Wuille
That's perfectly fine! The cryptographers have been over the code already and agree the math is right and the implementation is right. What is wanted is the dreary dreary dreary software engineering: are the comments comprehensive and understandable? no misspellings in the comments? variable names understandable? reasonable function naming convention? misleading coding style? off-by-one errors in loops? conditions not covered by tests? accidental mixups of variables with the same types? missing frees? read-before-init? better test coverage of suspicious-looking code? missing or mismatching header guards? portability issues? consistent coding style? you know, stuff any coder with a few years of experience in coding anything might be able to catch. With enough eyes all bugs are shallow!
If you are running a mining pool/mining operation/exchange/custodial service/SPV server
Be prepared to upgrade!
One of the typical issues with upgrading software is that subtle incompatibilities with your current custom programs tend to arise, disrupting operations and potentially losing income due to downtime. If so, consider moving to the two-node setup suggested by gmax, which is in the last section of my previous post. With this, you have an up-to-date "public" node and a fixed-version "private" node, with the public node protecting the private node from any invalid chainsplits or invalid transactions. Moving to this setup from a typical one-node setup should be smooth and should not disrupt operations (too much).
If you are running your own fullnode for fun or for your own wallet
Be prepared to upgrade! The more nodes validating the new rules (even if you are a non-mining node!), the safer every softfork will be!
If you are using an SPV wallet or custodial wallet/service (including hardware wallets using the software of the wallet provider)
Contact your wallet provider / SPV server and ask for a statement on whether they support Taproot, and whether they are prepared to upgrade for Taproot! Make it known to them that Taproot is something you want!
But I Hate Taproot!!
Raise your objections to Taproot now, or forever hold your peace! Maybe you can raise them here and some of the devs (probably nullc, he goes everywhere, even in rbtc!) might be able to see your objections! Or if your objections are very technical, head over to the appropriate pull request and object away!
Maybe you simply misunderstand something, and we can clarify it here!
Or maybe you do have a good objection, and we can make Taproot better by finding a solution for it!
[Discussion] Let's talk about CakeWallet and how it's "marketed" here
Hello to all, First, I want to start this discussion by specifying that I have nothing against CakeWallet, I only want to talk about their marketing on this sub-reddit nothing else. For the past few months, I've been following this sub-reddit on a regular basis as I'm a big Monero user. I look at a lot of questions and hesitate very regularly to create an account to answer them. In doing so, I often notice new users asking how to switch from Bitcoin to Monero or others asking for a wallet where to store them. I have nothing against CakeWallet "ads" when the person themselves are looking for a place to store them (when it's not excessive) but on the other hand, I find it goes too far when a user asks how to get Monero. This is where I think the dilemma begins. I see far too many "Use CakeWallet it offers exchange!" messages on this kind of request, if this wallet offered an internal exchange solution where no other third party is involved I would agree with it, but in this case it's not. The 2 exchangers are available online and the exchange can be done WITHOUT the need to download the application and make the exchange on it. In this case, many will say to me "But they need a wallet" or "It's more safe!" but in most cases, these users already use a wallet and don't expect to be given another one just to make an exchange, regarding the fact that it's more "secure", giving a link directly or giving the list of possible exchanges from the official website seems more suitable to me. Here are some examples of what I am talking about: 1- https://www.reddit.com/Monero/comments/iirl1m/should_i_trust_bitni/g38xq9x/ 2- https://www.reddit.com/Monero/comments/ihl3z2/dumb_question_but/g3296x1/ 3- https://www.reddit.com/Monero/comments/igh5sd/watch_out_fake_morphtoken_website/g2vjb0u/ 4- https://www.reddit.com/Monero/comments/id105b/reverse_xmrto/g265wiy/ | https://www.reddit.com/Monero/comments/id105b/reverse_xmrto/g26zb80/ I agree with advertising in general, especially when it affects Monero, but isn't that a bit too much? Shouldn't Rule 6 come into play in such cases? Knowing that CakeWallet is a company that delivers a product, it should fall under this rule and should be limited, I find that this kind of post is just a loophole to propagate the idea of this wallet. As time goes by, I hardly see "Use the official wallet" or any other such option. Wouldn't it be a good idea to share official documentation about wallets and exchanges in general, which would allow the user to make an unbiased choice? (https://web.getmonero.org/ - Get Started "Choose a Wallet" and "Get Some Coins") Again, I underline the fact that I have nothing against CakeWallet, I use it myself when I can't access my computer, I just find their way to advertise really excessive and would have liked to talk about it with all of you. Constructive answers are welcome!
Hello visitors and subscribers of scams! Here you will find a master list of common (and uncommon) scams that you may encounter online or in real life. Thank you to the many contributors who helped create this thread!
If you know of a scam that is not covered here, write a comment and it will be added to the next edition.
Caller ID spoofing It is very easy for anyone to make a phone call while having any number show up on the caller ID of the person receiving the phone call. Receiving a phone call from a certain number does not mean that the person/company who owns that number has actually called you. Email spoofing The "from" field of an email can be set by the sender, meaning that you can receive scam emails that look like they are from legitimate addresses. It's important to never click links in emails unless absolutely necessary, for example a password reset link you requested or an account activation link for an account you created. SMS spoofing SMS messages can be spoofed, so be wary of messages that seem to be from your friends or other trusted people.
The most common scams
The fake check scam (Credit to nimble2 for this part) The fake check scam arises from many different situations (for instance, you applied for a job, or you are selling something on a place like Craigslist, or someone wants to purchase goods or services from your business, or you were offered a job as a mystery shopper, you were asked to wrap your car with an advertisement, or you received a check in the mail for no reason), but the bottom line is always something like this:
The scammer sends you a very real looking, but fake, check. Sometimes they'll call it a "cashier's check", a "certified check", or a "verified check".
You deposit the check into your bank account, and within a couple of days your bank makes some or all of the funds available to you. This makes you think that the check is real and the funds have cleared. However, the money appearing in your account is not the same as the check actually clearing. The bank must make the funds available to you before they have cleared the check because that is the law.
For various and often complicated reasons, depending on the specific story line of the scam, the scammer will ask you to send someone some of the money, using services like MoneyGram, Western Union, and Walmart-2-Walmart. Sometimes the scammer will ask for you to purchase gift cards (iTunes, Amazon, Steam, etc) and give them the codes to redeem the gift cards. Some scammers may also give you instructions on how to buy and send them bitcoins.
Within a couple of weeks, though it can take as long as a month, your bank will realize that the check you deposited was fake, and your bank will remove the funds that you deposited into your account and charge you a bounced check fee. If you withdrew any of the money from the fake check, that money will be gone and you will owe that money to the bank. Some posters have even had their bank accounts closed and have been blocked from having another account for 5 years using ChexSystems.
General fraudulent funds scams If somebody is asking you to accept and send out money as a favour or as part of a job, it is a fraudulent funds scam. It does not matter how they pay you, any payment on any service can be fraudulent and will be reversed when it is discovered to be fraudulent. Phone verification code scams Someone will ask you to receive a verification text and then tell you to give them the code. Usually the code will come from Google Voice, or from Craigslist. In the Google version of the scam, your phone number will be used to verify a Google Voice account that the scammer will use to scam people with. In the Craigslist version of the scam, your phone number will be used to verify a Craigslist posting that the scammer will use to scam people. There is also an account takeover version of this scam that will involve the scammer sending a password reset token to your phone number and asking you for it. Bitcoin job scams Bitcoin job scams involve some sort of fraudulent funds transfer, usually a fake check although a fraudulent bank transfer can be used as well. The scammer will send you the fraudulent money and ask you to purchase bitcoins. This is a scam, and you will have zero recourse after you send the scammer bitcoins. Email flooding If you suddenly receive hundreds or thousands of spam emails, usually subscription confirmations, it's very likely that one of your online accounts has been taken over and is being used fraudulently. You should check any of your accounts that has a credit card linked to it, preferably from a computer other than the one you normally use. You should change all of your passwords to unique passwords and you should start using two factor authentication everywhere. Cartel scam You will be threatened by scammers who claim to be affiliated with a cartel. They may send you gory pictures and threaten your life and the lives of your family. Usually the victim will have attempted to contact an escort prior to the scam, but sometimes the scammers target people randomly. If you are targeted by a cartel scam all you need to do is ignore the scammers as their threats are clearly empty. Boss/CEO scam A scammer will impersonate your boss or someone who works at your company and will ask you to run an errand for them, which will usually be purchasing gift cards and sending them the code. Once the scammer has the code, you have no recourse. Employment certification scams You will receive a job offer that is dependent on you completing a course or receiving a certification from a company the scammer tells you about. The scammer operates both websites and the job does not exist. Craigslist fake payment scams Scammers will ask you about your item that you have listed for sale on a site like Craigslist, and will ask to pay you via Paypal. They are scamming you, and the payment in most cases does not actually exist, the email you received was sent by the scammers. In cases where you have received a payment, the scammer can dispute the payment or the payment may be entirely fraudulent. The scammer will then either try to get you to send money to them using the fake funds that they did not send to you, or will ask you to ship the item, usually to a re-shipping facility or a parcel mule. Craigslist Carfax/vehicle history scam You'll encounter a scammer on Craigslist who wants to buy the vehicle you have listed, but they will ask for a VIN report from a random site that they have created and they will expect you to pay for it. Double dip/recovery scammers This is a scam aimed at people who have already fallen for a scam previously. Scammers will reach out to the victim and claim to be able to help the victim recover funds they lost in the scam. General fraudulent funds scams The fake check scam is not the only scam that involves accepting fraudulent/fake funds and purchasing items for scammers. If your job or opportunity involves accepting money and then using that money, it is almost certainly a frauduent funds scam. Even if the payment is through a bank transfer, Paypal, Venmo, Zelle, Interac e-Transfer, etc, it does not matter. Credit card debt scam Fraudsters will offer to pay off your bills, and will do so with fraudulent funds. Sometimes it will be your credit card bill, but it can be any bill that can be paid online. Once they pay it off, they will ask you to send them money or purchase items for them. The fraudulent transaction will be reversed in the future and you will never be able to keep the money. This scam happens on sites like Craigslist, Twitter, Instagram, and also some dating sites, including SeekingArrangement. The parcel mule scam A scammer will contact you with a job opportunity that involves accepting and reshipping packages. The packages are either stolen or fraudulently obtained items, and you will not be paid by the scammer. Here is a news article about a scam victim who fell for this scam and reshipped over 20 packages containing fraudulently acquired goods. The Skype sex scam You're on Facebook and you get a friend request from a cute girl you've never met. She wants to start sexting and trading nudes. She'll ask you to send pictures or videos or get on webcam where she can see you naked with your face in the picture. The scam: There's no girl. You've sent nudes to a guy pretending to be a girl. As soon as he has the pictures he'll demand money and threaten to send the pictures to your friends and family. Sometimes the scammer will upload the video to a porn site or Youtube to show that they are serious. What to do if you are a victim of this scam: You cannot buy silence, you can only rent it. Paying the blackmailer will show them that the information they have is valuable and they will come after you for more money. Let your friends and family know that you were scammed and tell them to ignore friend requests or messages from people they don't know. Also, make sure your privacy settings are locked down and consider deactivating your account. The underage girl scam You're on a dating site or app and you get contacted by a cute girl. She wants to start sexting and trading nudes. Eventually she stops communicating and you get a call from a pissed off guy claiming to be the girl's father, or a police officer, or a private investigator, or something else along those lines. Turns out the girl you were sexting is underage, and her parents want some money for various reasons, such as to pay for a new phone, to pay for therapy, etc. There is, of course, no girl. You were communicating with a scammer. What to do if you are a victim of this scam: Stop picking up the phone when the scammers call. Do not pay them, or they will be after you for more money. Phishing Phishing is when a scammer tries to trick you into giving information to them, such as your password or private financial information. Phishing messages will usually look very similar to official messages, and sometimes they are identical. If you are ever required to login to a different account in order to use a service, you should be incredibly cautious. The blackmail email scam part 5: https://old.reddit.com/Scams/comments/g8jqnthe_blackmail_email_scam_part_5/ PSA: you did not win a giftcard: https://old.reddit.com/Scams/comments/fffmle/psa_you_did_not_win_a_gift_card/ Sugar scams Sugar scammers operate all over the internet and usually come in two varieties: advance-fee scams where the scammer will ask for a payment from you before sending you lots of money, and fake check style scams where the scammer will either pull a classic fake check scam, or will do a "bill pay" style scam that involves them paying your bills, or them giving you banking information to pay your bills. If you encounter these scammers, report their accounts and move on. Google Hangouts Google Hangouts is a messaging platform used extensively by all kinds of scammers. If you are talking with someone online and they want you to switch to Hangouts, they are likely a scammer and you should proceed with caution. Publishers Clearing House scams PCH scams are often advance-fee scams, where you will be promised lots of money after you make an initial payment. You will never need to pay if you win money from the real PCH. Pet scams You are looking for a specific breed of puppy, bird, or other pet. You come across a nice-looking website that claims to be breeding them and has some available right now - they may even be on sale! The breeders are not local to your area (and may not even list a physical location) but they assure you they can safely ship the pet to you after a deposit or full payment. If you go through with the payment, you will likely be contacted by the "shipper" who will inform you about an unexpected shipping/customs/processing fee required to deliver your new pet. But there was never any pet, both the "breeder" and the "shipper" are scammers, typically operating out of Africa. These sites are rampant and account for a large percentage of online pet seller websites - they typically have a similar layout/template (screenshot - example) If you are considering buying a pet online, some easy things to check are: (1) The registration date of the domain (if it was created recently it is likely a scam website) (2) Reverse image search the pictures of available pets - you will usually find other scam websites using the same photos. (3) Copy a sentence/section of the text from the "about us" page and put it into google (in quotes) - these scammers often copy large parts of their website's text from other places. (4) Search for the domain name and look for entries on petscams.com or other scam-tracking sites. (5) Strongly consider buying/adopting your pet from a local shelter or breeder where you can see the animal in person before putting any money down. Thanks to djscsi for this entry. Fake shipping company scams These scams usually start when you try to buy something illegal online. You will be scammed for the initial payment, and then you will receive an email from the fake shipping company telling you that you need to pay them some sort of fee or bribe. If you pay this, they will keep trying to scam you with increasingly absurd stories until you stop paying, at which point they will blackmail you. If you are involved in this scam, all you can do is ignore the scammers and move on, and try to dispute your payments if possible. Chinese Upwork scam Someone will ask you to create an Upwork or other freelancer site account for them and will offer money in return. You will not be paid, and they want to use the accounts to scam people. Quickbooks invoice scam This is a fake check style scam that takes advantage of Quickbooks. The blackmail email scam The exact wording of the emails varies, but there are generally four main parts. They claim to have placed software/malware on a porn/adult video site, they claim to have a video of you masturbating or watching porn, they threaten to release the video to your friends/family/loved ones/boss/dog, and they demand that you pay them in order for them to delete the video. Rest assured that this is a very common spam campaign and there is no truth behind the email or the threats. Here are some news articles about this scam. The blackmail mail scam This is very similar to the blackmail email scam, but you will receive a letter in the mail. Rental scams Usually on local sites like Craigslist, scammers will steal photos from legitimate real estate listings and will list them for rent at or below market rate. They will generally be hesitant to tell you the address of the property for "safety reasons" and you will not be able to see the unit. They will then ask you to pay them a deposit and they claim they will ship you the keys. In reality, your money is gone and you will have no recourse. Craigslist vehicle scams A scammer will list a vehicle on Craigslist and will offer to ship you the car. In many cases they will also falsely claim to sell you the car through eBay or Amazon. If you are looking for a car on Craigslist and the seller says anything about shipping the car, having an agent, gives you a long story about why they are selling the car, or the listing price is far too low, you are talking to a scammer and you should ignore and move on. Advance-fee scam, also known as the 419 scam, or the Nigerian prince scam. You will receive a communication from someone who claims that you are entitled to a large sum of money, or you can help them obtain a large sum of money. However, they will need money from you before you receive the large sum. Man in the middle scams Man in the middle scams are very common and very hard to detect. The scammer will impersonate a company or person you are legitimately doing business with, and they will ask you to send the money to one of their own bank accounts or one controlled by a money mule. They have gained access to the legitimate persons email address, so there will be nothing suspicious about the email. To prevent this, make contact in a different way that lets you verify that the person you are talking to is the person you think you are talking to. Digit wallet scam A variation of the fake check scam, the scammer sends you money through a digital wallet (i.e. Venmo, Apple Pay, Zelle, Cash App) along with a message claiming they've sent the money to the wrong person and a request to send the money back. Customer service for these digital wallets may even suggest that you send the money back. However, the money sent is from a stolen credit card and will be removed from your account after a few days. Your transfer is not reversed since it came from your own funds. Cam girl voting/viewer scam You will encounter a "cam girl" on a dating/messaging/social media/whatever site/app, and the scammer will ask you to go to their site and sign up with your credit card. They may offer a free show, or ask you to vote for them, or any number of other fake stories. Amateur porn recruitment scam You will encounter a "pornstar" on a dating/messaging/social media/whatever site/app, and the scammer will ask you to create an adult film with hehim, but first you need to do something. The story here is usually something to do with verifying your age, or you needing to take an STD test that involves sending money to a site operated by the scammer. Hot girl SMS spam You receive a text from a random number with a message along the lines of "Hey babe I'm here in town again if you wanted to meet up this time, are you around?" accompanied by a NSFW picture of a hot girl. It's spam, and they'll direct you to their scam website that requires a credit card. Identity verification scam You will encounter someone on a dating/messaging/social media/whatever site/app, and the scammer will ask that you verify your identity as they are worried about catfishing. The scammer operates the site, and you are not talking to whoever you think you are talking to. This type of scam teases you with something, then tries to make you sign up for something else that costs money. The company involved is often innocent, but they turn a blind eye to the practice as it helps their bottom line, even if they have to occasionally issue refunds. A common variation takes place on dating sites/dating apps, where you will match with someone who claims to be a camgirl who wants you to sign up for a site and vote for her. Another variation takes place on local sites like Craigslist, where the scammers setup fake rental scams and demand that you go through a specific service for a credit check. Once you go through with it, the scammer will stop talking to you. Another variation also takes place on local sites like Craigslist, where scammers will contact you while you are selling a car and will ask you to purchase a Carfax-like report from a specific website. Multi Level Marketing or Affiliate Marketing You apply for a vague job listing for 'sales' on craigslist. Or maybe an old friend from high school adds you on Facebook and says they have an amazing business opportunity for you. Or maybe the well dressed guy who's always interviewing people in the Starbucks that you work at asks if you really want to be slinging coffee the rest of your life. The scam: MLMs are little more than pyramid schemes. They involve buying some sort of product (usually snake oil health products like body wraps or supplements) and shilling them to your friends and family. They claim that the really money is recruiting people underneath you who give you a slice of whatever they sell. And if those people underneath you recruit more people, you get a piece of their sales. Ideally if you big enough pyramid underneath you the money will roll in without any work on your part. Failure to see any profit will be your fault for not "wanting it enough." The companies will claim that you need to buy their extra training modules or webinars to really start selling. But in reality, the vast majority of people who buy into a MLM won't see a cent. At the end of the day all you'll be doing is annoying your friends and family with your constant recruitment efforts. What to look out for: Recruiters love to be vague. They won't tell you the name of the company or what exactly the job will entail. They'll pump you up with promises of "self-generating income", "being your own boss", and "owning your own company." They might ask you to read books about success and entrepreneurs. They're hoping you buy into the dream first. If you get approached via social media, check their timelines. MLMs will often instruct their victims to pretend that they've already made it. They'll constantly post about how they're hustling and making the big bucks and linking to youtube videos about success. Again, all very vague about what their job actually entails. If you think you're being recruited: Ask them what exactly the job is. If they can't answer its probably a MLM. Just walk away.
You should generally avoid answering or engaging with random phone calls. Picking up and engaging with a scam call tells the scammers that your phone number is active, and will usually lead to more calls. Tax Call You get a call from somebody claiming to be from your countries tax agency. They say you have unpaid taxes that need to be paid immediately, and you may be arrested or have other legal action taken against you if it is not paid. This scam has caused the American IRS, Canadian CRA, British HMRC, and Australian Tax Office to issue warnings. This scam happens in a wide variety of countries all over the world. Warrant Call Very similar to the tax call. You'll get a phone call from an "agent", "officer", "sheriff", or other law enforcement officer claiming that there is a warrant out for your arrest and you will be arrested very soon. They will then offer to settle everything for a fee, usually paid in giftcards. [Legal Documents/Process Server Calls] Very similar to the warrant call. You'll get a phone call from a scammer claiming that they are going to serve you legal documents, and they will threaten you with legal consequences if you refuse to comply. They may call themselves "investigators", and will sometimes give you a fake case number. Student Loan Forgiveness Scam Scammers will call you and tell you about a student loan forgiveness program, but they are interested in obtaining private information about you or demanding money in order to join the fake program. Tech Support Call You receive a call from someone with a heavy accent claiming to be a technician Microsoft or your ISP. They inform you that your PC has a virus and your online banking and other accounts may be compromised if the virus is not removed. They'll have you type in commands and view diagnostics on your PC which shows proof of the virus. Then they'll have you install remote support software so the technician can work on your PC, remove the virus, and install security software. The cost of the labor and software can be hundreds of dollars. The scam: There's no virus. The technician isn't a technician and does not work for Microsoft or your ISP. Scammers (primarily out of India) use autodialers to cold-call everyone in the US. Any file they point out to you or command they have you run is completely benign. The software they sell you is either freeware or ineffective. What to do you if you're involved with this scam: If the scammers are remotely on your computer as you read this, turn off your PC or laptop via the power button immediately, and then if possible unplug your internet connection. Some of the more vindictive tech scammers have been known to create boot passwords on your computer if they think you've become wise to them and aren't going to pay up. Hang up on the scammers, block the number, and ignore any threats about payment. Performing a system restore on your PC is usually all that is required to remove the scammer's common remote access software. Reports of identity theft from fake tech calls are uncommon, but it would still be a good idea to change your passwords for online banking and monitor your accounts for any possible fraud. How to avoid: Ignore any calls claiming that your PC has a virus. Microsoft will never contact you. If you're unsure if a call claiming to be from your ISP is legit, hang up, and then dial the customer support number listed on a recent bill. If you have elderly relatives or family that isn't tech savvy, take the time to fill them in on this scam. Chinese government scam This scam is aimed at Chinese people living in Europe and North America, and involves a voicemail from someone claiming to be associated with the Chinese government, usually through the Chinese consulate/embassy, who is threatening legal action or making general threats. Chinese shipping scam This scam is similar to the Chinese government scam, but involves a seized/suspicious package, and the scammers will connect the victim to other scammers posing as Chinese government investigators. Social security suspension scam You will receive a call from someone claiming to work for the government regarding suspicious activity, fraud, or serious crimes connected to your social security number. You'll be asked to speak to an operator and the operator will explain the steps you need to follow in order to fix the problems. It's all a scam, and will lead to you losing money and could lead to identity theft if you give them private financial information. Utilities cutoff You get a call from someone who claims that they are from your utility company, and they claim that your utilities will be shut off unless you immediately pay. The scammer will usually ask for payment via gift cards, although they may ask for payment in other ways, such as Western Union or bitcoin. Relative in custody Scammer claims to be the police, and they have your son/daughtenephew/estranged twin in custody. You need to post bail (for some reason in iTunes gift cards or MoneyGram) immediately or the consequences will never be the same. Mexican family scam This scam comes in many different flavours, but always involves someone in your family and Mexico. Sometimes the scammer will claim that your family member has been detained, sometimes the scammer will claim that your family member has been kidnapped, and sometimes the scammer will claim that your family member is injured and needs help. General family scams Scammers will gather a large amount of information about you and target your family members using different stories with the goal of gettimg them to send money. One ring scam Scammers will call you from an international number with the goal of getting you to return their call, causing you to incur expensive calling fees.
Online shopping scams
THE GOLDEN RULE OF ONLINE SHOPPING: If it sounds too good to be true, it probably is. Dropshipping An ad on reddit or social media sites like Facebook and Instagram offers items at huge discounts or even free (sometimes requiring you to reblog or like their page). They just ask you to pay shipping. The scam: The item will turn out to be very low quality and will take weeks or even months to arrive. Sometimes the item never arrives, and the store disappears or stops responding. The seller drop-ships the item from China. The item may only cost a few dollars, and the Chinese government actually pays for the shipping. You end up paying $10-$15 dollars for a $4 item, with the scammer keeping the profit. If you find one of these scams but really have your heart set on the item, you can find it on AliExpress or another Chinese retailer. Influencer scams A user will reach out to you on a social media platform, usually Instagram, and offer you the chance to partner with them and receive a free/discounted product, as long as you pay shipping. This is a different version of the dropshipping scam, and is just a marketing technique to get you to buy their products. Triangulation fraud Triangulation fraud occurs when you make a purchase on a site like Amazon or eBay for an item at a lower than market price, and receive an item that was clearly purchased new at full price. The scammer uses a stolen credit card to order your item, while the money from the listing is almost all profit for the scammer. Instagram influencer scams Someone will message you on Instagram asking you to promote their products, and offering you a discount code. The items are Chinese junk, and the offer is made to many people at a time. Cheap Items Many websites pop up and offer expensive products, including electronics, clothes, watches, sunglasses, and shoes at very low prices. The scam: Some sites are selling cheap knock-offs. Some will just take your money and run. What to do if you think you're involved with this scam: Contact your bank or credit card and dispute the charge. How to avoid: The sites often have every brand-name shoe or fashion item (Air Jordan, Yeezy, Gucci, etc) in stock and often at a discounted price. The site will claim to be an outlet for a major brand or even a specific line or item. The site will have images at the bottom claiming to be Secured by Norton or various official payment processors but not actual links. The site will have poor grammar and a mish-mash of categories. Recently, established websites will get hacked or their domain name jacked and turned into scam stores, meaning the domain name of the store will be completely unrelated to the items they're selling. If the deal sounds too good to be true it probably is. Nobody is offering brand new iPhones or Beats or Nintendo Switches for 75% off. Cheap Amazon 3rd Party Items You're on Amazon or maybe just Googling for an item and you see it for an unbelievable price from a third-party seller. You know Amazon has your back so you order it. The scam: One of three things usually happen: 1) The seller marks the items as shipped and sends a fake tracking number. Amazon releases the funds to the seller, and the seller disappears. Amazon ultimately refunds your money. 2) The seller immediately cancels the order and instructs you to re-order the item directly from their website, usually with the guarantee that the order is still protected by Amazon. The seller takes your money and runs. Amazon informs you that they do not offer protection on items sold outside of Amazon and cannot help you. 2) The seller immediately cancels the order and instructs you to instead send payment via an unused Amazon gift card by sending the code on the back via email. Once the seller uses the code, the money on the card is gone and cannot be refunded. How to avoid: These scammers can be identified by looking at their Amazon storefronts. They'll be brand new sellers offering a wide range of items at unbelievable prices. Usually their Amazon names will be gibberish, or a variation on FIRSTNAME.LASTNAME. Occasionally however, established storefronts will be hacked. If the deal is too good to be true its most likely a scam. Scams on eBay There are scams on eBay targeting both buyers and sellers. As a seller, you should look out for people who privately message you regarding the order, especially if they ask you to ship to a different address or ask to negotiate via text/email/a messaging service. As a buyer you should look out for new accounts selling in-demand items, established accounts selling in-demand items that they have no previous connection to (you can check their feedback history for a general idea of what they bought/sold in the past), and lookout for people who ask you to go off eBay and use another service to complete the transaction. In many cases you will receive a fake tracking number and your money will be help up for up to a month. Scams on Amazon There are scams on Amazon targeting both buyers and sellers. As a seller, you should look out for people who message you about a listing. As a buyer you should look out for listings that have an email address for you to contact the person to complete the transaction, and you should look out for cheap listings of in-demand items. Scams on Reddit Reddit accounts are frequently purchased and sold by fraudsters who wish to use the high karma count + the age of the account to scam people on buy/sell subreddits. You need to take precautions and be safe whenever you are making a transaction online. Computer scams Virus scam A popup or other ad will say that you have a virus and you need to follow their advice in order to remove it. They are lying, and either want you to install malware or pay for their software.
Chinese Brushing / direct shipping If you have ever received an unsolicited small package from China, your address was used to brush. Vendors place fake orders for their own products and send out the orders so that they can increase their ratings. Money flipping Scammer claims to be a banking insider who can double/triple/bazoople any amount of money you send them, with no consequences of any kind. Obviously, the money disappears into their wallet the moment you send it.
Ledger Live HUGE BUG!! Bitcoins can no longer be transferred from the Ledger Nano S (it worked in the past) and the Ledger Support does not respond
It is no longer possible to transfer my Bitcoin from the Ledger Nano S Wallet to another Bitcoin address via Ledger Live. This used to work without problems. So it seems to have to do with the latest updates. I have installed Ledger Live 2.10.0 and latest firmware 1.6.1 as well as the latest version of the Bitcoin app on the Ledger Nano S. When the message "Open the Bitcoin app on your device" is opened I start the Bitcoin app on Ledger Nano S. But then the message jumps back to "Connect and unlock your device" although the wallet is unlocked. I tried different USB ports, different cables, different computers and reboots. Sending Bitcoin no longer works. The old hint regarding Experimental USB does not work anymore because this option is no longer available in the new Ledger Live App. The Ledger Support team does not respond: "We are contacting you because your request ###### hasn't received a response from our support team since Sep 3. We would like to apologize for this delay. Due to extraordinary circumstances, we have faced a significant increase in incoming requests. We assure you the team is working hard to provide the best answer to every request." The experience with Ledger Nano S has been very bad so far. I am thinking about changing the provider.
Taproot! Everybody wants to have it, somebody wants to make it, nobody knows how to get it! (If you are asking why everybody wants it, see: Technical: Taproot: Why Activate?) (Pedants: I mostly elide over lockin times) Briefly, Taproot is that neat new thing that gets us:
Multisignatures (n-of-n, k-of-n) that are just 1 signature (1-of-1) in length!! (MuSig/Schnorr)
Better privacy!! If all contract participants can agree, just use a multisignature. If there is a dispute, show the contract publicly and have the Bitcoin network resolve it (Taproot/MAST).
Activation lets devs work get back to work on the even newer stuff like!!!
Cross-input signature aggregation!! (transaction with multiple inputs can have a single signature for all inputs) --- needs Schnorr, but some more work needed to ensure that the interactions with SCRIPT are okay.
Block validation - Schnorr signatures for all taproot spends in a block can be validated in a single operation instead of for each transaction!! Speed up validation and maybe we can actually afford to increase block sizes (maybe)!!
SIGHASH_ANYPREVOUT - you know, for Decker-Russell-Osuntokun ("eltoo") magic!!!
OP_CHECKTEMPLATEVERIFY - vaulty vaults without requiring storing signatures, just transaction details!!
So yes, let's activate taproot!
The SegWit Wars
The biggest problem with activating Taproot is PTSD from the previous softfork, SegWit. Pieter Wuille, one of the authors of the current Taproot proposal, has consistently held the position that he will not discuss activation, and will accept whatever activation process is imposed on Taproot. Other developers have expressed similar opinions. So what happened with SegWit activation that was so traumatic? SegWit used the BIP9 activation method. Let's dive into BIP9!
bit - A field in the block header, the nVersion, has a number of bits. By setting a particular bit, the miner making the block indicates that it has upgraded its software to support a particular soft fork. The bit parameter for a BIP9 activation is which bit in this nVersion is used to indicate that the miner has upgraded software for a particular soft fork.
timeout - a time limit, expressed as an end date. If this timeout is reached without sufficient number of miners signaling that they upgraded, then the activation fails and Bitcoin Core goes back to the drawing board.
Now there are other parameters (name, starttime) but they are not anywhere near as important as the above two. A number that is not a parameter, is 95%. Basically, activation of a BIP9 softfork is considered as actually succeeding if at least 95% of blocks in the last 2 weeks had the specified bit in the nVersion set. If less than 95% had this bit set before the timeout, then the upgrade fails and never goes into the network. This is not a parameter: it is a constant defined by BIP9, and developers using BIP9 activation cannot change this. So, first some simple questions and their answers:
Why not just set a day when everyone starts imposing the new rules of the softfork?
This was done classically (in the days when Satoshi was still among us). But this might argued to put too much power to developers, since there would be no way to reject an upgrade without possible bad consequences. For example, developers might package an upgrade that the users do not want, together with vital security bugfixes. Either you live without vital security bugfixes and hire some other developers to fix it for you (which can be difficult, presumably the best developers are already the ones working on the codebase) or you get the vital security bugfixes and implicitly support the upgrade you might not want.
Sure, you could fork the code yourself (the ultimate threat in the FOSS world) and hire another set of developers who aren't assholes to do the dreary maintenance work of fixing security bugs, but Bitcoin needs strong bug-for-bug compatibility so everyone should really congregate around a single codebase.
Basically: even the devs do not want this power, because they fear being coerced into putting "upgrades" that are detrimental to users. Satoshi got a pass because nobody knew who he was and how to coerce him.
Suppose the threshold were lower, like 51%. If so, after activation, somebody can disrupt the Bitcoin network by creating a transaction that is valid under the pre-softfork rules, but are invalid under the post-softfork rules. Upgraded nodes would reject it, but 49% of miners would accept it and include it in a block (which makes the block invalid) And then the same 49% would accept the invalid block and build on top of that, possibly creating a short chain of doomed invalid blocks that confirm an invalid spend. This can confuse SPV wallets, who might see multiple confirmations of a transaction and accept the funds, but later find that in fact it is invalid under the now-activated softfork rules.
Thus, a very high threshold was imposed. 95% is considered safe. 50% is definitely not safe. Due to variance in the mining process, 80% could also be potentially unsafe (i.e. 80% of blocks signaling might have a good chance of coming from only 60% of miners), so a threshold of 95% was considered "safe enough for Bitcoin work".
Why have a timeout that disables the upgrade?
Before BIP9, what was used was either flag day or BIP34. BIP34 had no flag day of activation or a bit, instead, it was just a 95% threshold to signal an nVersion value greater than a specific value. Actually, it was two thresholds: at 75%, blocks with the new nVersion would have the new softfork rules imposed, but at 95% blocks with the old nVersion would be rejected (and only the new blocks, with the new softfork rules, were accepted). For one, between 75% and 95%, there was a situation where the softfork was only "partially imposed", only blocks signaling the new rules would actually have those rules, but blocks with the old rules were still valid. This was fine for BIP34, which only added rules for miners with negligible use for non-miners.
The reasons miners signalled support was because they felt they were being pressured to signal support. So they signalled support, with plans to actually upgrade later, but because of the widespread signalling, the new BIP66 version locked in before upgrade plans were finished. Thus, the timeout that disables the upgrade was added in BIP9 to allow miners an escape hatch.
The Great Battles of the SegWit Wars
SegWit not only fixed transaction malleability, it also created a practical softforkable blocksize increase that also rebalanced weights so that the cost of spending a UTXO is about the same as the cost of creating UTXOs (and spending UTXOs is "better" since it limits the size of the UTXO set that every fullnode has to maintain). So SegWit was written, the activation was decided to be BIP9, and then.... miner signalling stalled at below 75%. Thus were the Great SegWit Wars started.
BIP9 Feature Hostage
If you are a miner with at least 5% global hashpower, you can hold a BIP9-activated softfork hostage. You might even secretly want the softfork to actually push through. But you might want to extract concession from the users and the developers. Like removing the halvening. Or raising or even removing the block size caps (which helps larger miners more than smaller miners, making it easier to become a bigger fish that eats all the smaller fishes). Or whatever. With BIP9, you can hold the softfork hostage. You just hold out and refuse to signal. You tell everyone you will signal, if and only if certain concessions are given to you. This ability by miners to hold a feature hostage was enabled because of the miner-exit allowed by the timeout on BIP9. Prior to that, miners were considered little more than expendable security guards, paid for the risk they take to secure the network, but not special in the grand scheme of Bitcoin.
ASICBoost was a novel way of optimizing SHA256 mining, by taking advantage of the structure of the 80-byte header that is hashed in order to perform proof-of-work. The details of ASICBoost are out-of-scope here but you can read about it elsewhere Here is a short summary of the two types of ASICBoost, relevant to the activation discussion.
Overt ASICBoost - Manipulates the unused bits in nVersion to reduce power consumption in mining.
Covert ASICBoost - Manipulates the order of transactions in the block to reduce power consumption in mining.
Now, "overt" means "obvious", while "covert" means hidden. Overt ASICBoost is obvious because nVersion bits that are not currently in use for BIP9 activations are usually 0 by default, so setting those bits to 1 makes it obvious that you are doing something weird (namely, Overt ASICBoost). Covert ASICBoost is non-obvious because the order of transactions in a block are up to the miner anyway, so the miner rearranging the transactions in order to get lower power consumption is not going to be detected. Unfortunately, while Overt ASICBoost was compatible with SegWit, Covert ASICBoost was not. This is because, pre-SegWit, only the block header Merkle tree committed to the transaction ordering. However, with SegWit, another Merkle tree exists, which commits to transaction ordering as well. Covert ASICBoost would require more computation to manipulate two Merkle trees, obviating the power benefits of Covert ASICBoost anyway. Now, miners want to use ASICBoost (indeed, about 60->70% of current miners probably use the Overt ASICBoost nowadays; if you have a Bitcoin fullnode running you will see the logs with lots of "60 of last 100 blocks had unexpected versions" which is exactly what you would see with the nVersion manipulation that Overt ASICBoost does). But remember: ASICBoost was, at around the time, a novel improvement. Not all miners had ASICBoost hardware. Those who did, did not want it known that they had ASICBoost hardware, and wanted to do Covert ASICBoost! But Covert ASICBoost is incompatible with SegWit, because SegWit actually has two Merkle trees of transaction data, and Covert ASICBoost works by fudging around with transaction ordering in a block, and recomputing two Merkle Trees is more expensive than recomputing just one (and loses the ASICBoost advantage). Of course, those miners that wanted Covert ASICBoost did not want to openly admit that they had ASICBoost hardware, they wanted to keep their advantage secret because miners are strongly competitive in a very tight market. And doing ASICBoost Covertly was just the ticket, but they could not work post-SegWit. Fortunately, due to the BIP9 activation process, they could hold SegWit hostage while covertly taking advantage of Covert ASICBoost!
UASF: BIP148 and BIP8
When the incompatibility between Covert ASICBoost and SegWit was realized, still, activation of SegWit stalled, and miners were still not openly claiming that ASICBoost was related to non-activation of SegWit. Eventually, a new proposal was created: BIP148. With this rule, 3 months before the end of the SegWit timeout, nodes would reject blocks that did not signal SegWit. Thus, 3 months before SegWit timeout, BIP148 would force activation of SegWit. This proposal was not accepted by Bitcoin Core, due to the shortening of the timeout (it effectively times out 3 months before the initial SegWit timeout). Instead, a fork of Bitcoin Core was created which added the patch to comply with BIP148. This was claimed as a User Activated Soft Fork, UASF, since users could freely download the alternate fork rather than sticking with the developers of Bitcoin Core. Now, BIP148 effectively is just a BIP9 activation, except at its (earlier) timeout, the new rules would be activated anyway (instead of the BIP9-mandated behavior that the upgrade is cancelled at the end of the timeout). BIP148 was actually inspired by the BIP8 proposal (the link here is a historical version; BIP8 has been updated recently, precisely in preparation for Taproot activation). BIP8 is basically BIP9, but at the end of timeout, the softfork is activated anyway rather than cancelled. This removed the ability of miners to hold the softfork hostage. At best, they can delay the activation, but not stop it entirely by holding out as in BIP9. Of course, this implies risk that not all miners have upgraded before activation, leading to possible losses for SPV users, as well as again re-pressuring miners to signal activation, possibly without the miners actually upgrading their software to properly impose the new softfork rules.
BIP91, SegWit2X, and The Aftermath
BIP148 inspired countermeasures, possibly from the Covert ASiCBoost miners, possibly from concerned users who wanted to offer concessions to miners. To this day, the common name for BIP148 - UASF - remains an emotionally-charged rallying cry for parts of the Bitcoin community. One of these was SegWit2X. This was brokered in a deal between some Bitcoin personalities at a conference in New York, and thus part of the so-called "New York Agreement" or NYA, another emotionally-charged acronym. The text of the NYA was basically:
Set up a new activation threshold at 80% signalled at bit 4 (vs bit 1 for SegWit).
When this 80% signalling was reached, miners would require that bit 1 for SegWit be signalled to achive the 95% activation needed for SegWit.
If the bit 4 signalling reached 80%, increase the block weight limit from the SegWit 4000000 to the SegWit2X 8000000, 6 months after bit 1 activation.
The first item above was coded in BIP91. Unfortunately, if you read the BIP91, independently of NYA, you might come to the conclusion that BIP91 was only about lowering the threshold to 80%. In particular, BIP91 never mentions anything about the second point above, it never mentions that bit 4 80% threshold would also signal for a later hardfork increase in weight limit. Because of this, even though there are claims that NYA (SegWit2X) reached 80% dominance, a close reading of BIP91 shows that the 80% dominance was only for SegWit activation, without necessarily a later 2x capacity hardfork (SegWit2X). This ambiguity of bit 4 (NYA says it includes a 2x capacity hardfork, BIP91 says it does not) has continued to be a thorn in blocksize debates later. Economically speaking, Bitcoin futures between SegWit and SegWit2X showed strong economic dominance in favor of SegWit (SegWit2X futures were traded at a fraction in value of SegWit futures: I personally made a tidy but small amount of money betting against SegWit2X in the futures market), so suggesting that NYA achieved 80% dominance even in mining is laughable, but the NYA text that ties bit 4 to SegWit2X still exists. Historically, BIP91 triggered which caused SegWit to activate before the BIP148 shorter timeout. BIP148 proponents continue to hold this day that it was the BIP148 shorter timeout and no-compromises-activate-on-August-1 that made miners flock to BIP91 as a face-saving tactic that actually removed the second clause of NYA. NYA supporters keep pointing to the bit 4 text in the NYA and the historical activation of BIP91 as a failed promise by Bitcoin developers.
We have discussed BIP8: roughly, it has bit and timeout, if 95% of miners signal bit it activates, at the end of timeout it activates. (EDIT: BIP8 has had recent updates: at the end of timeout it can now activate or fail. For the most part, in the below text "BIP8", means BIP8-and-activate-at-timeout, and "BIP9" means BIP8-and-fail-at-timeout) So let's take a look at Modern Softfork Activation!
Modern Softfork Activation
This is a more complex activation method, composed of BIP9 and BIP8 as supcomponents.
First have a 12-month BIP9 (fail at timeout).
If the above fails to activate, have a 6-month discussion period during which users and developers and miners discuss whether to continue to step 3.
Have a 24-month BIP8 (activate at timeout).
The total above is 42 months, if you are counting: 3.5 years worst-case activation. The logic here is that if there are no problems, BIP9 will work just fine anyway. And if there are problems, the 6-month period should weed it out. Finally, miners cannot hold the feature hostage since the 24-month BIP8 period will exist anyway.
PSA: Being Resilient to Upgrades
Software is very birttle. Anyone who has been using software for a long time has experienced something like this:
You hear a new version of your favorite software has a nice new feature.
Excited, you install the new version.
You find that the new version has subtle incompatibilities with your current workflow.
You are sad and downgrade to the older version.
You find out that the new version has changed your files in incompatible ways that the old version cannot work with anymore.
You tearfully reinstall the newer version and figure out how to get your lost productivity now that you have to adapt to a new workflow
If you are a technically-competent user, you might codify your workflow into a bunch of programs. And then you upgrade one of the external pieces of software you are using, and find that it has a subtle incompatibility with your current workflow which is based on a bunch of simple programs you wrote yourself. And if those simple programs are used as the basis of some important production system, you hve just screwed up because you upgraded software on an important production system. And well, one of the issues with new softfork activation is that if not enough people (users and miners) upgrade to the newest Bitcoin software, the security of the new softfork rules are at risk. Upgrading software of any kind is always a risk, and the more software you build on top of the software-being-upgraded, the greater you risk your tower of software collapsing while you change its foundations. So if you have some complex Bitcoin-manipulating system with Bitcoin somewhere at the foundations, consider running two Bitcoin nodes:
One is a "stable-version" Bitcoin node. Once it has synced, set it up to connect=x.x.x.x to the second node below (so that your ISP bandwidth is only spent on the second node). Use this node to run all your software: it's a stable version that you don't change for long periods of time. Enable txiindex, disable pruning, whatever your software needs.
The other is an "always-up-to-date" Bitcoin Node. Keep its stoarge down with pruning (initially sync it off the "stable-version" node). You can't use blocksonly if your "stable-version" node needs to send transactions, but otherwise this "always-up-to-date" Bitcoin node can be kept as a low-resource node, so you can run both nodes in the same machine.
When a new Bitcoin version comes up, you just upgrade the "always-up-to-date" Bitcoin node. This protects you if a future softfork activates, you will only receive valid Bitcoin blocks and transactions. Since this node has nothing running on top of it, it is just a special peer of the "stable-version" node, any software incompatibilities with your system software do not exist. Your "stable-version" Bitcoin node remains the same version until you are ready to actually upgrade this node and are prepared to rewrite most of the software you have running on top of it due to version compatibility problems. When upgrading the "always-up-to-date", you can bring it down safely and then start it later. Your "stable-version" wil keep running, disconnected from the network, but otherwise still available for whatever queries. You do need some system to stop the "always-up-to-date" node if for any reason the "stable-version" goes down (otherwisee if the "always-up-to-date" advances its pruning window past what your "stable-version" has, the "stable-version" cannot sync afterwards), but if you are technically competent enough that you need to do this, you are technically competent enough to write such a trivial monitor program (EDIT: gmax notes you can adjust the pruning window by RPC commands to help with this as well). This recommendation is from gmaxwell on IRC, by the way.
Desktop wallets are a great option for anyone sending frequent Bitcoin payments from their computer. In this post we will cover some of the best bitcoin desktop wallets and help you decide which is right for you. Heads Up! Large amounts of bitcoins should not be stored on your computer! If you want the most secure Bitcoin wallet then you will need to use a hardware wallet like the Ledger Nano ... In my old computer some addresses have bitcoin and it is showing on blockchain. When i am trying to get balance of the same addresses in my new computer where i have synced bitcoin full node ,I surprised addresses showing zero balance. I am very confused, how can i backup bitcoin wallet from old computer to another So even if you lose your computer, you don’t have to worry about someone else getting into your wallet! d). You Control the Fees. This is something of a rarity to Bitcoin wallets! Electrum uses RBF (Replace by Fee) and CPFP to make sure that your transactions get confirmed exactly when they need to, and hence you do not pay a single extra bit! Other Features: Cold Storage: Electrum stores ... Have you brought a new computer and wish to move all your wallets from old PC. If you are using light weight electrum wallet or any other multi-currency wallets like Jaxx or Exodus; moving it to another computer is quite simple. All you need to do is download wallet to new PC and restore wallet seed which will move all your wallet address and its funds. Armory is another Bitcoin-only wallet developed by an experienced team of developers and is a open-source software. It is a heavy wallet, meaning one needs to download the full blockchain and set-up a full node to use the Armory wallet. But it has many benefits too, for example, you need not trust any other listening nodes and can self-verify many things by yourself. One can also create cold ...
How to create a Bitcoin Wallet-(CryptoCurrency-Bitcoin ...
Easy to use for beginners and robust enough for experts, the Bitcoin.com wallet is the perfect way to store your Bitcoin. Available for iOS, Android and Wind... Be careful when copy/pasting bitcoin wallet address. some hidden code/programs sit in our computer system when we brows some website or install tools. I made... How to Send & Receive Bitcoin with Cash App - A tutorial on how to deposit and withdraw bitcoin using cash app. 💸 Get Cash App ($5 FREE): http://cash.me/app/... In this easy to follow tutorial you will learn how to transfer your Bitcoin from one wallet to another. This example shows a transfer from a Coinbase wallet ... Share your videos with friends, family, and the world