Brainwallet Generator Secure Bitcoin Wallet Generator

[RF] Just another quiet Friday night

"You're fucking crazy John," the man in the black T-Shirt announced. "Seriously, you want to pretend to be a paedo, so you can lure in the FBI and fuck with them? That is some next level warped shit."
"Chill out dude. That was just an example. Doesn't have to be a paedo."
"I don't give a fuck. Anything that's gonna make them zero-day you is some dark shit that you can't just laugh off. And what if they chain the sploits? They'll bounce out of your sandbox and be kicking the door down in minutes."
"No, no, it's ok. Really. I bought these laptops from a heroin addict in another city. Totally untraceable. I've had the lid off and de-soldered the camera, microphone and wireless."
"That's no use, we've got to get online somehow. And when their payload fires they'll trace us through a ToR bypass."
"That's why we need three laptops. Physical separation. This one," he tapped the metallic blue case, "is the bait. It's a regular laptop, but it's only connection is a single wired Ethernet. The only route to the Internet is via this one," tap tap, "which is running hardened Kali and only connects via ToR."
"Seriously, you're going to actually do this?"
"Come on dude, I've always wanted to try. Live a little."
"What's the third one for?"
"It's hardened Kali too. We proxy everything from the bait browser through here. When they deliver their exploit we'll catch it here, do some reverse engineering, and get ready for the fun bit!"
"What the hell. But you're crazy man. And we never speak of this."
"Of course. Goes without saying."
"How do we start?"
"You get a proxy running on that. I'll get the ToR connection set up. I got a 4G dongle off the same guy."
John removed a small ethernet hub from his bag, connected its power but held off from plugging in the laptops. He connected the 4G dongle, started the ToR service and watch its status update. With the connection active he configured the iptables firewall so outbound traffic was permitted only through ToR. Cal started the intercepting proxy, exposed its listener and looked at John. "Ready" They both plugged into the hub, and Cal watched as John connected the bait laptop, accessed the proxy settings and linked it to the listener.
He accessed a non-descript site to check the setup. It loaded a little slowly, while the series of requests popped up on the intercepting proxy. "Are we sure it's going through ToR?" Cal asked. "Don't worry". "Seriously, show me a packet trace." John started a sniffer, gestured to Cal to refresh the bait browser, while a series of packets scrolled up the screen, all safely encrypted by ToR.
"So what now?" a pause "And definitely no paedo stuff. That's too dark to mess about with."
"Old school," John replied, "I guess it's a bit of a cliche. We go on the dark net and try to order a murder for BitCoin. We'll make it an American prosecutor, that'll get the FBI going."
Cal stared at him. But that didn't stop him typing and Cal watched with grim fascination as he navigated around dark net markets, registering accounts, searching vendors and sending onimous enquiries. Cal monitored the proxy, configuring ever more intricate filters to weed out the mundane.
They'd crossed a line of no return and complicit Cal joined in, weaving convincing tales in their messages, striking the right tone to complete their deception. This went on for hours, with no sign of any incoming exploits. Until the browser popped up with "Do you want to allow this site to access WebGL?"
"That's it," John smiled, "there's no way that site really uses WebGL. This is an exploit. Stands to reason too, we always knews that had huge attack surface." He was about to permit it, but Cal stopped him. "No, don't allow it. If we allow it, we'll just get a lame zero day that requires WebGL. Deny it and carry on. They'll send a better exploit soon enough."
The intensity increased, Cal identified the malicious code that had tried to access WebGL. But it was just a stager - no exploit there. John carried on his ruse, until he noticed the browser stutter. He grabbed Cal's arm, "this is it!" Fear in the room intensified. This was serious now, some hacker - be it FBI or otherwise - had control of the laptop right in front of them. "Carry on with the messaging Cal. If we stop now they'll know our game."
Cal typed into the bait laptop while John began to investigate the exploit delivery. He identified the malware quickly enough, and a lingering connection that could be to the command and control server. Alarmingly, it was transferring a lot of data in both directions, a detail he decided not to share with Cal. He loaded the malware into a binary analysis tool and begun the painstaking process of unpicking its workings. 20 minutes in he told Cal to stop. "That'll do. Sign off naturally and shut it down."
Cal joined him with the binary anaysis and gradually they formed a picture of its armory. "It's not like one I've seen before," Cal said, "it's tighter coded than a typical rootkit. Really could be FBI." John nodded. "You can see it repeatedly copying this string. That's gotta be a heap spray. And it looks like self-decrypting machine code. Yeah, that's the payload for sure. We can just plug our own in here."
"What if the exploit's been watermarked?" Cal interjected, "We don't know where they could have hidden one."
"Who cares? We're gonna deliver it anonymously anyway."
They worked industriously to decouple the exploit and payload, build a delivery mechanism, and soon they were ready to test it. They watched in delight as a fully-patched browser accessed their delivery site, churned the laptop's CPU, then registered a ping back on the console.
The next step was to incorporate a real payload.
"So what's it gonna do John?"
"Persist itself to disk, then sit quietly and await further instructions. I've got the C&C software figured out already, it was a fun project from long ago. What I need you to do is use BitCoin to rent a couple of dozen virtual servers in different data centres around the world."
As Cal started registering the servers, John used the third laptop to generate a public/private key pair. One by one, the servers came online, and John installed the C&C software, configuring each to only respond to instructions signed by their private key. On the 20th he told Cal to stop.
There was a sparkle in his eyes. "We're nearly there! Everything's in place."
"How are we going to deliver it?"
"That's why we had to do this today. I found something earlier. A cache poisoning vulnerability on a major site."
Cal stared at him. The chain was complete. This was not real.
They completed their final maneouvers. Scripted a mechanism to dynamically generate payloads containing a random sample of C&C servers. Uploaded the exploit delivery mechanism into the control cloud, and generated a list of exploit URLs. John accessed the vulnerable major site, saved the HTML code locally, and modified it to include an exploit URL. Then he exploited the cache poisoning flaw, so that every visitor - at least every visitor coming through that particular cache cluster - would receive not the legitimate site but his malicious modificiations.
They watched the C&C management console. Around the world, thousands of unsuspecting web users experienced an annoying pause while their web pages loaded. Each time, under the hood, the zero day exploit fired, the payload persisted itself to disk, and made a connection to their C&C network to receive further instructions. Each time a new node joined their botnet, a line was logged to their console, and soon the screen was scrolling uncontrollably.
John was elated, Cal terrified. Cal watched in horror as John repeated the cache poison process across multiple clusters in different data centres. The rate of scrolling on the C&C console exploded. John cancelled it with a smile.
"Lets just look at the numbers"
Running a grep count on the log showed over 900,000 payload activations. And their malware had been live for barely 15 minutes.
"What are you going to do with it?"
"That's for another day. Now, we cover our tracks."
John removed two USB drives from his bag. He created an encrypted container, and into it put his decoy. Some nudes of an office chick that had been circulating. Incriminating enough, but not the crown jewels. He then created a hidden container within the free space of the first container, using a very strong password. Into this hidden container he copied the private key for the C&C network. This key put him in control. The only way to control the botnot was having both the USB drive, and his strong password. He repeated the process for Cal, inviting him to choose his own passwords. When he handed over the drive, Cal held it like it was on fire.
He shut down the bait laptop, gesturing Cal to do the same with the proxy. Removed the hard drive and connected it via USB to the ToR relay. The ToR relay was unlikely to have been compromised that night, a trustworthy system he could use to erase the others. After a secure erase of both drives, then of the ToR relay itself, John started putting everything in a bag.
They left the hotel room in silence. Bag on the rear seat and John drove. Cal was acutely aware of the USB drive in his pocket, the angled corners pressing into his leg. He went out of town, down lanes Cal didn't recognise, and stopped by a chain link fence. They both got out, John retrieved the bag, and with a big hurl, launched it over the fence into the landfill.
Back home, John smoked a large joint of double zero hash and fell fast asleep. He awoke a few hours later. It almost felt like a dream. But he ran his fingers along the USB drive and remembered the sheer power it contained.
submitted by netsecwarrior to shortstories [link] [comments]

Mentor Monday, July 6, 2015: Ask all your bitcoin questions!

Ask (and answer!) away! Here are the general rules:
And don't forget to check out /BitcoinBeginners
You can sort by new to see the latest questions that may not be answered yet.
submitted by BashCoBot to Bitcoin [link] [comments]

Critique my cold storage procedure..

It's really overdue that I move my Bitcoin offline. It's a nerve wrecking thought but needs to be done. Before I go through it though I wrote down my procedure and I am asking the community for help in finding any vulnerabilities or tips on what I can do better.
Thanks
Bitcoin Cold Storage Procedure
  1. Bought new $200 toshiba laptop from Best buy. It's only purpose will be Bitcoin Wallet management
  2. Bought 4 USB sticks (each from a different manufacturer)
  3. Download Armory onto 1 of the 4 USB drives from an online computer
  4. Turn on new (offline) computer, Go through set up procedure and Disable Wifi
  5. Install Armory onto New (offline) computer (windows 8 OS) from USB drive
  6. Create encrypted Wallet
  7. Create Fragmented Paper Back up (w/ Secure Print) with cable connected printer
  8. Create Personal Paper Back up (w /Secure Print) with cable connected printer
  9. Test the paper Backups
  10. Back up encrypted wallets to the other (3) USB sticks.
  11. 1 USB stick goes in a safe, 1 goes to a family member, 1 stays accessible to me
  12. Create watching only wallet from offline computer and transfer it to USB stick I used to install armory client
  13. Import watching only copy onto online computer, Wait for synch
  14. Send a test amount of BTC to an address generated by offline wallet
  15. confirm it transferred successfully by checking watching only wallet and on Blockchain.info
  16. Send the rest of Bitcoin to cold storage Wallet
  17. Again confirm it’s been transferred
  18. Pass out Fragmented Back ups to trusted Friends/Family
  19. Personal back up also in safe with 1 of the USB sticks.
submitted by cryptotraveler to Bitcoin [link] [comments]

Instawallet suspended indefinitely

submitted by mariodraghi to Bitcoin [link] [comments]

Why Bitcoin lacks safe offline wallets right now?

I'm thinking something in the lines of:
  1. The private key is provided by you (you have to use your own entropy sources) and kept in a 100% offline machine and never interacted with the internet;
  2. The wallet generates public addresses for you to receive money;
  3. In order to spend the money, you sign the transaction completely offline and then manually input it (i.e., using a keyboard) in an online machine for it to be broadcast.
I'm aware of Trezor*, but I'm talking about software that allowed you to do it with things you already have in your home, such as a Raspberry Pi, an old computer, etc.
submitted by SrPeixinho to Bitcoin [link] [comments]

Day 9: I will post this guide regularly until available solutions like SegWit, order batching, and Lightning payment channels are mass adopted, the mempool is empty once again, and tx fees are low. Have you done your part?

BACKGROUND
Segregated Witness (SegWit) was activated on the Bitcoin network August 24 2017 as a soft fork that is backward compatible with previous bitcoin transactions (Understanding Segregated Witness). Since that time wallets and exchanges have been slow to deploy SegWit, and the majority of users have not made the switch themselves.
On Dec 18 2017 Subhan Nadeem has pointed out that: If every transaction in the Bitcoin network was a SegWit transaction today, blocks would contain up to 8,000 transactions, and the 138,000 unconfirmed transaction backlog would disappear instantly. Transaction fees would be almost non-existent once again.
Mass SegWit use alone could empty the mempool, result in blocks that are not completely full, and make it possible to include transactions with $0 fee once again.
On Jan 11 2018 when BTC sends went offline at Coinbase the mempool began to rapidly empty. Later in the day when service was restored there was a sharp spike up in the mempool. Subsequently, that afternoon Brian Armstrong finally had to break his silence on the topic and admitted Coinbase is working on SegWit but has still not deployed it. It appears that this is an important data point that indicates if just a few major exchanges would deploy SegWit the high fees bitcoin is experiencing would be eliminated.
SegWit is just one technique available to exchanges and users to reduce pressure on the Bitcoin network. You can make the switch to SegWit on your next transaction, and pressure exchanges to deploy SegWit NOW along with other actions that will reduce their transaction impact on the network. You can help by taking one or more of the action steps below.
ACTION STEPS
  1. If your favorite wallet has not yet implemented SegWit, kindly ask them to do so immediately. If your wallet is not committed to implementing SegWit fast, speak out online any way you can and turn up the pressure. In the meantime start using a wallet that has already implemented SegWit.
  2. If your favorite exchange has not yet implemented SegWit, try to avoid making any further purchases of bitcoin at that exchange and politely inform them that if they do not enable SegWit within 30-days they will lose your business. Sign-up for an account at a SegWit deployed/ready exchange now and initiate the verification process so you'll be ready to bail
  3. Help educate newcomers to bitcoin about the transaction issue, steer them towards SegWit wallets from day one, and encourage them to avoid ever purchasing bitcoin through non-SegWit ready exchanges that are harming bitcoin.
  4. Spread the word! Contact individuals, websites, etc that use bitcoin, explain the benefits of SegWit to everyone, and request they make the switch. Use social media to point out the benefits of SegWit adoption.
IMPORTANT NOTE: The mempool is currently still quite backlogged. If you are a long-term holder and really have no reason to move your bitcoins at this time, wait until the mempool starts to clear and transaction fees go down before moving your bitcoins to a SegWit address or SegWit friendly exchange.
BEYOND SEGWIT - BATCHING, PAYMENT CHANNELS, LIGHTNING
Batching is another great way that exchanges can reduce their fees. See: Saving up to 80% on Bitcoin transaction fees by batching payments. Despite the benefits of batching, some exchanges have been slow to implement it. Users should demand this or walk.
Beyond SegWit & Batching, Lightning Network integration will have even more effect. Lightning is now active and exchanges could setup payment channels between each other so that on-chain transactions need not take place. Some ideas have to outline how that might work are here: Google Doc - Lightning Exchanges. Which two bitcoin exchanges will be the first to establish a lightning channel between themselves and offer free/instant transfers between them for their customers? This will happen in 2018
MEMPOOL/SEGWIT STATISTICS
NEWS/DEVELOPMENTS/VICTORIES
SELECTED TOP EXCHANGES BY BATCHING & SEGWIT STATUS
Exchange Segwit Status Batching Status
Binance NOT READY Yes
Bitfinex Ready Yes
Bitonic Ready Yes
Bitstamp Deployed Yes
Bittrex ? Yes
Coinbase/GDAX NOT READY No
Gemini Ready No
HitBTC Deployed Yes
Huboi ? ?
Kraken Deployed Yes
LocalBitcoins Deployed Yes
OKEx ? ?
Poloniex ? Yes
QuadrigaCX Deployed Yes
Shapeshift Deployed No
Note: all exchanges that have deployed SegWit are currently only sending to p2sh SegWit addresses for now. No exchange will send to a bech32 address like the ones that Electrum generates
Source 1: BitcoinCore.org
Source 2: /Bitcoin
Official statements from exchanges:
SELECTED WALLETS THAT HAVE SEGWIT ALREADY
Make sure you have a SegWit capable wallet installed and ready to use for your next bitcoin transaction
SegWit Enabled Wallets Wallet Type
Ledger Nano S Hardware
Trezor Hardware
Electrum Desktop
Armory Desktop
Edge iOS
GreenAddress iOS
BitWallet iOS
Samourai Android
GreenBits Android
Electrum Android
SegWitAddress.org Paper
FAQs
If I'm a HODLer, will it help to send my BTC to a SegWit address now?
No, just get ready now so that your NEXT transaction will be to a SegWit wallet. Avoid burdening the network with any unnecessary transactions for now.
Why is SegWit adoption going so slowly? Is it a time-consuming process, is there risk involved, is it laziness, or something else?
SegWit will require some extra work to be done right and securely. Also, most exchanges let the user pay the fee, and up to now users have not been overly concerned about fees so for some exchanges it hasn't been a priority.
Once Segwit is FULLY adopted, what do we see the fees/transaction times going to?
Times stay the same - fees will go down. How much and for how long depends on what the demand for transactions will be at that time.
What determines bitcoin transaction fees, to begin with?
Fees are charged per byte of data and are bid up by users. Miners will typically include the transaction with the highest fee/byte first.
Can you please tell me how to move my bitcoins to SegWit address in Bitcoin core wallet? Does the sender or receiver matter?
The Bitcoin core wallet does not yet have a GUI for its SegWit functionality. Download the latest version of Electrum to generate a SegWit address.
A transaction between two SegWit addresses is a SegWit transaction.
A transaction sent from a SegWit address to a non-SegWit address is a SegWit transaction.
A transaction sent from a non-SegWit address to a SegWit address is NOT a SegWit transaction. You can send a SegWit Tx if the sending address is a SegWit address.
Source: HowToToken
What wallet are you using to "batch your sends"? And how can I do that?
Using Electrum, the "Tools" menu option: "Pay to many".
Just enter your receive addresses and the amounts for each, and you can send multiple transactions for nearly the price of one.
Why doesn't the Core Wallet yet support SegWit?
The Core Wallet supports SegWit, but its GUI doesn't. The next update will likely have GUI support built-in
Why isn't a large exchange like Coinbase SegWit ready & deployed when much smaller exchanges already are? Why do they default to high fees? Where is the leadership there?
Draw your own conclusions based on their own words:
March 2016 - Coinbase CEO Brian Armstrong has reservations about Core
Dec 2017 - Coinbase is STILL working on Segwit
P2SH/bech32 FAQs
What are the two SegWit address formats and why do they exist?
It's been a challenge for wallet developers to implement SegWit in a way that users can easily and without too much disruption migrate from legacy to SegWit addresses. The first wallets to enable SegWit addresses – Ledger, Trezor, Core, GreenAddress – use so-called “nested P2SH addresses.” This means they take the existing Pay 2 Script Hash address – starting with a “3” – and put a SegWit address into it. This enables a high grade of compatibility to exist wallets as every wallet is familiar with these addresses, but it is a workaround which results in SegWit transactions needing around 10 percent more space than they otherwise would.
Electrum 3.0 was the first wallet to use bech32 addresses instead of nested p2sh addresses.
Source: BTCManager.com
What is the difference in address format between SegWit address formats P2SH and bech32?
P2SH starts with "3..."
bech32 starts with "bc1..."
Which addresses can I send from/to?
P2SH Segwit addresses can be sent to using older Bitcoin software with no Segwit support. This supports backward compatibility
bech32 can only be sent to from newer Bitcoin software that support bech32. Ex: Electrum
Source: BitcoinTalk.org
Why did ThePirateBay put up two Bitcoin donation addresses on their frontpage, one bech32 and one not?
The address starting with a "3..." is a P2SH SegWit address that can be sent BTC from any bitcoin address including a legacy address. The address starting with a "bc1..." is a bech32 SegWit address that can only be sent to from newer wallets that support bech32.
SEGWIT BLOG GUIDES
PREVIOUS DAY'S THREADS
There's lots of excellent info in the comments of the previous threads:
submitted by Bastiat to Bitcoin [link] [comments]

When you trust your BTC with a third party like Coinbase, Electrium, or MtGox, do you check their reliability? Do you make sure you have a technological or legal recourse if you lose your coins?

Correction: "Electrium" should be "Electrum".
submitted by sumanane to Bitcoin [link] [comments]

Patch 0.8.0.1208

Patch has been Released!

The 0.8.0.1208 update has added the new Interchange map and new game mechanics to Escape from Tarkov
We are happy to announce the release of a major update, 0.8.0.1208, for the closed beta version of multiplayer online FPS Escape from Tarkov. This game update introduces the new Interchange map, modern and somewhat atypical compared to the rest of Tarkov locations so far. The Interchange, besides obvious highways, features a huge shopping mall with shops and restaurants. The new location provides conditions for honing new confined space combat tactics. It should be noted that for some time after the update there will not be any AI adversaries on the location, they will be added in the following patches. Also, traditionally, along with a new location, we have introduced a new trader - Ragman, who sells everything related to garments and equipment.
We also would like to announce that the current update applied new, experimental methods for optimizing the handling of game physics on client and server, as well as new means to reduce network latency. In addition, specifically for the new Interchange map, new object rendering optimization technology was applied. Over the course of the upcoming testing, these methods will be applied to other locations as well, resulting in an additional performance gain. We admit that in the process of testing the new game update, you may experience various problems associated with new methods of optimization and new game features. All the emerging problems will be processed through the system of bug reports and promptly fixed. Moreover, the launcher was updated as well, along with numerous other fixes and changes. The new EFT update has also introduced a basic training that is going to help new players to understand and master the basic mechanics of the game faster and better.
"As promised, we are gradually and continuously introducing new features and realistic mechanics," said Nikita Buyanov, the head of Battlestate Games. "So, after this update, players will have to spend more time on loading and unloading of the magazines, check the number of cartridges in the magazine and chamber. Note that different magazines affect the loading/unloading rate differently, and there is now a new specialized character skill - Mag Drills."
Other additions to the game content include new weapons, among them, the Springfield Armory M1A, Remington 870, AAR, APB and new models of AK including 100-series as well as numerous items for weapon modification. Overall, more than 60 new gear and equipment items were added to the game, including bags and vests, body armors and helmets, weapon modifications, ammunition and medicine cases, hats, glasses, and balaclavas. A detailed list of the new equipment was previously posted on our official website of the game and in the social network communities. You can find the patch notes below!
Finally, the update has been combined with the long-anticipated profile reset (wipe).
The following updates, among other improvements and changes, are going to further improve the project performance, network quality, bug fixes, and add new game combat mechanics. Soon, Escape from Tarkov is scheduled to feature the advanced armor system, flea market, Hideout and other features that were mentioned in the plans for 2018. Development and testing of the future innovations are already underway. Also, the test results of this update will have a crucial influence on deciding the Open Beta launch date. We are sure you are excited for all this as much as we are.

Patch Notes

Please take note that first hours after the update servers may experience heavy load leading to increased matching time possible network delays.
Please, take into consideration that this update is a part of the Closed Beta testing. Some of the introduced innovations can potentially lead to previously unknown issues or bugs. Please be sure to report all discovered issues through the launcher built-in bug report system. This will help fix them promptly.
This update comes with a profile reset/wipe. All bonus gears can be obtained again from your profile.
Added:
Time-consuming loading/unloading of ammo
  • Loading/unloading of ammo into the magazine does not happen instantly. The time required to load/unload one cartridge may vary depending on the magazine and the level of the new skill, Mag drills.
  • Time is spent on loading and unloading ammo in the raid only, in the menu the procedures stay the same as before.
  • Loading and unloading can only be done with inventory open. If you close it or switch tabs, loading or unloading is interrupted. The cartridges that were already loaded into the mag, stay in it (and vice versa in case of unloading).
  • Only one magazine can be loaded or unloaded simultaneously.
  • The Info window displays the loading/unloading and mag check speed bonus if it is not 0.
  • If you’ve started loading an empty mag, or unloading a full one, the precise number of rounds is displayed.
Checking mags, hidden precise number of cartridges in the magazine
  • By default, it is unknown how many cartridges are in the mag, if it is not examined (hereinafter referred to as "Unknown/Checked"). Mag counter displays an unknown number of cartridges. For example: (?/30)
  • Check accuracy is determined by new "Mag Drills" skill.
  • The magazine can be checked either by animation - Alt+T or through the interface by Right-clicking and selecting Check magazine.
  • If you checked the number on the 0 skill level, then it returns "~empty" - "<1/2" - "~1/2" - ">1/2" - "~full". As skill level 1 an approximate number will be shown. On level 2 - the precise amount of ammo will be provided.
  • Full and empty mags are considered to be checked.
  • All the magazines you take into the raid are checked automatically.
  • Loading/unloading a checked mag doesn’t change the state, it remains checked.
  • After firing, the number of cartridges in the magazine become unknown.
  • Ammo check precision now depends on the Mag Drills skill, not on Weapon Mastering.
  • Outside of the raid, the number of cartridges is always displayed precisely.
  • If you have dropped a checked mag and picked it back up, it remains checked. If someone picked it up and dropped it again, it becomes unknown to you.
Checking the chamber
  • The chamber also requires checking. Bnly by animation using the key binding Shift + T.
  • If you load the cartridge into an unknown chamber, it automatically becomes checked.
  • If the shot was fired from a checked mag (first shot), the chamber remains checked. Otherwise, it becomes unknown as well.
New location:
Equipment:
Bags:
Tactical Vests:
Body armor:
Helmets:
Weapon modifications:
Cases:
Weapons:
AI Improvements:
Optimizations:
Fixed:
Changes:
Known issues:
submitted by LewisUK_ to EscapefromTarkov [link] [comments]

Day 8: I will post this guide regularly until available solutions like SegWit, order batching, and Lightning payment channels are mass adopted, the mempool is empty once again, and tx fees are low. BTC Core SegWit GUI coming May 1, Coinbase incompetence exposed, more exchanges deploy SegWit

BACKGROUND
Segregated Witness (SegWit) was activated on the Bitcoin network August 24 2017 as a soft fork that is backward compatible with previous bitcoin transactions (Understanding Segregated Witness). Since that time wallets and exchanges have been slow to deploy SegWit, and the majority of users have not made the switch themselves.
On Dec 18 2017 Subhan Nadeem has pointed out that: If every transaction in the Bitcoin network was a SegWit transaction today, blocks would contain up to 8,000 transactions, and the 138,000 unconfirmed transaction backlog would disappear instantly. Transaction fees would be almost non-existent once again.
Mass SegWit use alone could empty the mempool, result in blocks that are not completely full, and make it possible to include transactions with $0 fee once again.
On Jan 11 2018 when BTC sends went offline at Coinbase the mempool began to rapidly empty. Later in the day when service was restored there was a sharp spike up in the mempool. Subsequently, that afternoon Brian Armstrong finally had to break his silence on the topic and admitted Coinbase is working on SegWit but has still not deployed it. It appears that the high fees bitcoin is experiencing could be easily addressed and need not exist.
SegWit is just one technique available to exchanges and users to reduce pressure on the Bitcoin network. You can make the switch to SegWit on your next transaction, and pressure exchanges to deploy SegWit NOW along with other actions that will reduce their transaction impact on the network. You can help by taking one or more of the action steps below.
ACTION STEPS
  1. If your favorite wallet has not yet implemented SegWit, kindly ask them to do so immediately. If your wallet is not committed to implementing SegWit fast, speak out online any way you can and turn up the pressure. In the meantime start using a wallet that has already implemented SegWit.
  2. If your favorite exchange has not yet implemented SegWit, try to avoid making any further purchases of bitcoin at that exchange and politely inform them that if they do not enable SegWit within 30-days they will lose your business. Sign-up for an account at a SegWit deployed/ready exchange now and initiate the verification process so you'll be ready to bail
  3. Help educate newcomers to bitcoin about the transaction issue, steer them towards SegWit wallets from day one, and encourage them to avoid ever purchasing bitcoin through non-SegWit ready exchanges that are harming bitcoin.
  4. Spread the word! Contact individuals, websites, etc that use bitcoin, explain the benefits of SegWit to everyone, and request they make the switch. Use social media to point out the benefits of SegWit adoption.
IMPORTANT NOTE: The mempool is currently still quite backlogged. If you are a long-term holder and really have no reason to move your bitcoins at this time, wait until the mempool starts to clear and transaction fees go down before moving your bitcoins to a SegWit address or SegWit friendly exchange.
BEYOND SEGWIT - BATCHING, PAYMENT CHANNELS, LIGHTNING
Batching is another great way that exchanges can reduce their fees. See: Saving up to 80% on Bitcoin transaction fees by batching payments. Despite the benefits of batching, some exchanges have been slow to implement it. Users should demand this or walk.
Beyond SegWit & Batching, Lightning Network integration will have even more effect. Lightning is now active and exchanges could setup payment channels between each other so that on-chain transactions need not take place. Some ideas have to outline how that might work are here: Google Doc - Lightning Exchanges. Which two bitcoin exchanges will be the first to establish a lightning channel between themselves and offer free/instant transfers between them for their customers? This will happen in 2018
MEMPOOL/SEGWIT STATISTICS
NEWS/DEVELOPMENTS/VICTORIES
SELECTED TOP EXCHANGES BY BATCHING & SEGWIT STATUS
Exchange Segwit Status Batching Status
Binance NOT READY Yes
Bitfinex Ready Yes
Bitonic Ready Yes
Bitstamp Deployed Yes
Bittrex ? Yes
Coinbase/GDAX NOT READY No
Gemini Ready No
HitBTC Deployed Yes
Huboi ? ?
Kraken Deployed Yes
LocalBitcoins Deployed Yes
OKEx ? ?
Poloniex ? Yes
QuadrigaCX Deployed Yes
Shapeshift Deployed No
Note: all exchanges that have deployed SegWit are currently only sending to p2sh SegWit addresses for now. No exchange will send to a bech32 address like the ones that Electrum generates
Source 1: BitcoinCore.org
Source 2: /Bitcoin
Official statements from exchanges:
SELECTED WALLETS THAT HAVE SEGWIT ALREADY
Make sure you have a SegWit capable wallet installed and ready to use for your next bitcoin transaction
SegWit Enabled Wallets Wallet Type
Ledger Nano S Hardware
Trezor Hardware
Electrum Desktop
Armory Desktop
Edge iOS
GreenAddress iOS
BitWallet iOS
Samourai Android
GreenBits Android
Electrum Android
SegWitAddress.org Paper
FAQs
If I'm a HODLer, will it help to send my BTC to a SegWit address now?
No, just get ready now so that your NEXT transaction will be to a SegWit wallet. Avoid burdening the network with any unnecessary transactions for now.
Why is SegWit adoption going so slowly? Is it a time-consuming process, is there risk involved, is it laziness, or something else?
SegWit will require some extra work to be done right and securely. Also, most exchanges let the user pay the fee, and up to now users have not been overly concerned about fees so for some exchanges it hasn't been a priority.
Once Segwit is FULLY adopted, what do we see the fees/transaction times going to?
Times stay the same - fees will go down. How much and for how long depends on what the demand for transactions will be at that time.
What determines bitcoin transaction fees, to begin with?
Fees are charged per byte of data and are bid up by users. Miners will typically include the transaction with the highest fee/byte first.
Can you please tell me how to move my bitcoins to SegWit address in Bitcoin core wallet? Does the sender or receiver matter?
The Bitcoin core wallet does not yet have a GUI for its SegWit functionality. Download the latest version of Electrum to generate a SegWit address.
A transaction between two SegWit addresses is a SegWit transaction.
A transaction sent from a SegWit address to a non-SegWit address is a SegWit transaction.
A transaction sent from a non-SegWit address to a SegWit address is NOT a SegWit transaction. You can send a SegWit Tx if the sending address is a SegWit address.
Source: HowToToken
What wallet are you using to "batch your sends"? And how can I do that?
Using Electrum, the "Tools" menu option: "Pay to many".
Just enter your receive addresses and the amounts for each, and you can send multiple transactions for nearly the price of one.
Why doesn't the Core Wallet yet support SegWit?
The Core Wallet supports SegWit, but its GUI doesn't. The next update will likely have GUI support built-in
Why isn't a large exchange like Coinbase SegWit ready & deployed when much smaller exchanges already are? Why do they default to high fees? Where is the leadership there?
Draw your own conclusions based on their own words:
March 2016 - Coinbase CEO Brian Armstrong has reservations about Core
Dec 2017 - Coinbase is STILL working on Segwit
P2SH/bech32 FAQs
What are the two SegWit address formats and why do they exist?
It's been a challenge for wallet developers to implement SegWit in a way that users can easily and without too much disruption migrate from legacy to SegWit addresses. The first wallets to enable SegWit addresses – Ledger, Trezor, Core, GreenAddress – use so-called “nested P2SH addresses.” This means they take the existing Pay 2 Script Hash address – starting with a “3” – and put a SegWit address into it. This enables a high grade of compatibility to exist wallets as every wallet is familiar with these addresses, but it is a workaround which results in SegWit transactions needing around 10 percent more space than they otherwise would.
Electrum 3.0 was the first wallet to use bech32 addresses instead of nested p2sh addresses.
Source: BTCManager.com
What is the difference in address format between SegWit address formats P2SH and bech32?
P2SH starts with "3..."
bech32 starts with "bc1..."
Which addresses can I send from/to?
P2SH Segwit addresses can be sent to using older Bitcoin software with no Segwit support. This supports backward compatibility
bech32 can only be sent to from newer Bitcoin software that support bech32. Ex: Electrum
Source: BitcoinTalk.org
Why did ThePirateBay put up two Bitcoin donation addresses on their frontpage, one bech32 and one not?
The address starting with a "3..." is a P2SH SegWit address that can be sent BTC from any bitcoin address including a legacy address. The address starting with a "bc1..." is a bech32 SegWit address that can only be sent to from newer wallets that support bech32.
SEGWIT BLOG GUIDES
PREVIOUS DAY'S THREADS
There's lots of excellent info in the comments of the previous threads:
submitted by Bastiat to Bitcoin [link] [comments]

Cold Storage

What Is Cold Storage?
Cold storage is an offline wallet provided for storing bitcoins. With cold storage, is stored on a platform that is not connected to the internet, thereby, protecting the wallet from unauthorized access, cyber hacks, and other vulnerabilities that a system connected to the internet is susceptible to.

Cold Storage Explained

When a checking, savings, account with a traditional bank has been compromised, the bank is able to refund the lost or stolen money back to the account holder. However, if your account or wallet has been compromised and your bitcoins stolen, the owner would be unable to recover his coins. Hence, the need for a safe and secure medium of storage
Stores the private keys of a bitcoin owner. The private key given to any bitcoin user is a unique string of alphanumeric characters required to access the user’s address. The address is the user’s unique ID that is required to make transactions and receive bitcoins from a sender. Two people making a transaction with bitcoin, where one is a seller and the other a buyer, will have to share their addresses with each other in order to complete the transaction. The buyer of the commodity or service sends the required number of bitcoins to the seller’s divulged address as payment, and the verifies the validity of the transaction and confirms that the buyer or sender really has those funds to send. Once the payment has been delivered to the address, the seller or receiver can only access the funds through his or her private key. It is, therefore, imperative for private keys to be kept secure because if stolen, the user’s bitcoins or altcoins could be unlocked and accessed from the address without authorization.

Protection From Theft

Private keys stored on a wallet connected to the internet are vulnerable to network-based theft. These wallets are known as hot wallets. With a hot wallet, all the functions required to complete a transaction are made from a single online device. The wallet generates and stores private keys; digitally signs transactions using private keys; and broadcasts the signed transaction to the network. The problem is that once the signed transactions have been broadcasted online, an attacker crawling the networks may become privy to the private key which was used to sign the transaction.
Cold storage resolves this issue by signing the transaction with the private keys in an offline environment. Any transaction initiated online is temporarily transferred to an offline wallet kept on a device such as a USB, CD, hard drive, paper, or offline computer, where it is then digitally signed before it is transmitted to the online network. Because the private key does not come into contact with a server connected online during the signing process, even if an online hacker comes across the transaction, s/he would not be able to access the private key used for it.
A paper wallet is simply a document that has the public and private keys written on it. The document is printed from the bitcoin paper wallet tool online with an offline printer. The paper wallet or document usually embedded on it so that it can easily be scanned and signed to make a transaction. The drawback to this medium is that if the paper is lost, rendered illegible or destroyed, the user will never be able to access his address where his funds are.
Another form of cold storage is a hardware wallet which uses an offline device or smartcard to generate private keys offline. The Ledger USB Wallet is an example of a hardware wallet that uses a smartcard to secure private keys. The device looks and functions like a USB, and a computer and chrome-based app are required to store the private keys offline. Like a paper wallet, it is essential to store this USB device and smartcard in a safe place, as any damage or loss could terminate access to the user’s bitcoins. Two other popular hardware wallets include TREZOR and KeepKey.
Finally, users looking for cold storage options can also opt for offline software wallets, which are quite similar to hardware wallets but are a more complex process for less technical users. An offline software wallet splits a wallet into two accessible platforms – an offline wallet which contains the private keys and an online wallet which has the public keys stored. The online wallet generates new unsigned transactions and sends the address of the user to the receiver or sender on the other end of the transaction. The unsigned transaction is moved to the offline wallet and signed with the private key. The signed transaction is then moved back to the online wallet which broadcasts it to the network. Because the offline wallet never gets connected to the internet, its stored private keys remain secure. Electrum and Armory are often quoted as the best offline software wallets in the cryptoeconomy.
Cryptocurrency users should ensure that the wallet of their choice is compatible with the coins they transact or trade in, as not all wallets support all cryptocurrencies.

Cold Storage: The Preferred Choice

Cold storage is the preferred storage method for everyone from long-term hodlers and Bitcoin proponents to institutional custody services like Ledger Vault — who holds millions of dollars in funds.Storage through a hardware wallet is the mechanism of choice because of the physical security layer afforded by decoupling the encrypted USB devices from the Internet. Malicious entities would need to have physical access to the device and subsequently bypass numerous protections like passphrases, PINs, and tampering authenticity signatures on the device. Not readily available with fiat currencies. Additionally, cold wallets are improvements over similar non-custodial wallets like software wallets . Despite a crowded field of competition, a few hardware wallet providers have stood out from the crowd — particularly Ledger. Ledger provides several of the most popular hardware devices. Depending on your storage, interface, and cost preferences, both are standards from which other cold wallet products can adequately be compared to give users context on the cold storage wallet market.
submitted by Avra11 to u/Avra11 [link] [comments]

I need help with a new computer set up for Bitcoin online and offline storage

I don't have a computer right now, moved out for the first time and I sold all my stuff before I did so I'm on a library computer trying to learn about bitcoin and so forth. Please forgive my ignorance of the subject as I'm having a bit of difficulty understanding how the whole process works.
I don't have a whole lot to spend but I'd like to invest in a solid bitcoin set up for some sort of online wallet but I also want to store bitcoins completely offline. A private key that's tangible in my hand. Ideally I'd like to get the bitcoin down to something that's also EMP proof, so I could travel with it to a different continent if I had to and upload the private key to an exchange that's hopefully still working. As far as I can tell, I think this is as simple as making a paper wallet version of an offline wallet.
So the process of buying bitcoins and getting them offline would go something like this (correct me where I'm wrong):
Here is where I'm confused. Is bitcoin completely safe in Armory/Electrum? And if not, do these programs give you the ability to get the bitcoins completely offline? Do I need a second computer?
Or is this where the second, offline computer enters the picture. Do I need to run armory/etc. on an offline computer and have the private keys extracted from that wallet?
Does the offline computer have to be a computer that has never been connected to the internet?
Mac? Windows? Or linux? I've never used linux before but I'm willing to learn if it somehow helps. What do you do to make the online computer as secure as possible? Stop pouncing around youtube and minding the gap or will the Btc be safe enough to not worry too much. Any recommendations for nice computer set ups?
I know I'm all over the place but hopefully I've asked some relevant questions. Please shove me in the right direction or post up some good links for me to read. Thanks!
submitted by AbuDhabiDaddi to BitcoinBeginners [link] [comments]

5 Best Cryptocurrency Wallets with User-Owned Private Keys

5 Best Cryptocurrency Wallets with User-Owned Private Keys

https://preview.redd.it/sycppf5jrhk31.png?width=1000&format=png&auto=webp&s=f4e3415322fb12f29319fbd8c22fa90d14ffebbb
All cryptocurrency transactions are based on the control of two important numbers: public and private keys. Public keys facilitate the transfer of crypto; private keys, their receipt. These keys are stored and secured through digital wallets, the software through which users have access to their digital assets.
There are two main models of cryptocurrency wallets: those that don’t allow users to control their private keys and those that do. The first model of wallets host users’ private keys on a centralized server, which facilitates transactions. In the second model, users hold their own private keys and are able to send and receive tokens without the consent of a third party.
So just how important is it to directly control your private keys? We’ll answer that question today, and review some of the best wallet options that allow you to do that.

Private keys: What they are and why they matter

Private keys are randomly generated secret numbers that link a user to particular cryptocurrency assets. Coins can be transferred to other blockchains only by accessing a wallet’s private keys. For this reason, it is extremely important to keep private keys secure and confidential. Matt Miller, a Bloomberg TV host, demonstrated this lesson to the world when he briefly showed his private key QR code on-air and had his funds immediately stolen.
In one model of wallet, a third-party retains control of the private keys. This model is typically described as the crypto version of a bank. The user is the owner of the funds but relies on the wallet’s server to execute transactions. However, this comparison fails to recognize key dangers inherent in third-party management of crypto funds.
Crypto wallets, like bank accounts and any other internet-connected account, are at risk of being hacked. Unlike banks, however, crypto projects are not legally obligated to refund account holders their funds in the case of a security breach. For this reason, keeping funds in a wallet for which you don’t control the private keys is significantly riskier than storing fiat currency in a bank.
User-owned private key wallets offer a much stronger option in terms of security. No one has control over your funds except you. That means that if someone hacks the server hosting your wallet, your funds are secure. It also means that you can’t have your funds stolen if the wallet’s leadership “loses” the private keys (yes, that has happened).
Always remember that private keys unlock full access to digital funds. Opting for wallets with user-owned private keys ensures that you maintain control over your funds and do not rely on a third party to make transactions. Here, we picked out some of the most trusted solutions that allow full user-control over private keys.

Coin Wallet

Coin Wallet is an excellent solution that allows you to directly conduct blockchain transactions and access tokens. You can export your private keys, and the wallet does not have access or oversight over your operations within the software.
Coin Wallet is suited to the needs of both beginners and professional crypto users. It comes as free software with simple and streamlined interfaces in both mobile and desktop versions. The wallet supports any ERC20 and ERC223 tokens, including Bitcoin, Litecoin, Dogecoin, Bitcoin Cash, EOS, Ripple, Stellar, and Ethereum.
Of all the wallets on the market, Coin Wallet offers one of the most exhaustive collections of coins. Currently, there are more than 20,000 supported cryptocurrencies. The app gets bonus points for convenience, providing two built-in exchanges: Changelly and ShapeShift.

Blockchain

In 2011, Blockchain wallet pioneered the niche of online wallets. It remains one of the market leaders in wallets offering user-controlled keys. Currently, the company has over 41M wallets and more than $200B in transactions have been made on it since its start.
The mobile app is available in multiple languages and offers a built-in exchange for fast trading. Interfaces are very easy to follow and intuitive. The major drawback of this veteran wallet is that it supports just 5 coins: Bitcoin (BTC), Ether (ETH), Bitcoin Cash (BCH), Stellar (XLM), and USD PAX (PAX).

Exodus

Exodus comes as a download for desktop or mobile. In addition to giving you control of your private keys, it also allows you to export them, as well. Plus, as an extra security measure, it never stores private keys on the server.
This wallet may not suit the needs of all users, as there is no web version and English is the only supported language.
The app lists 100+ crypto coins and offers ShapeShift as a built-in exchange.

Armory

Armory wallet is a great choice for users who want a simple storage option for their crypto assets. It offers some offline functionality, as well as free cold storage. It also lets you back up private keys (a QR code) on paper or create a multi-signature wallet. The latter option is particularly useful for businesses.
A major drawback of this wallet is that it is the least user-friendly option. Users need to have some basic knowledge encryption and software set-up. In addition, sending digital assets with Armory is less convenient than competitors and it doesn’t offer any built-in exchanges.

Bitcoin Core

Launched by the Bitcoin project, Bitcoin Core has a simple interface and is compatible with Mac, Linux, and Windows. It allows users to check the full node of Bitcoin transactions, i.e. download the entire blockchain. Therefore, it might take some time to download the full blockchain and set up your wallet.
A drawback of Bitcoin Core is that it’s large: you must have at least 200GB free disk space for this software, and system requirements constantly increase as the full Bitcoin network node grows.
As its name suggests, Bitcoin Core supports only Bitcoin. If you plan on trading and using only Bitcoin, this wallet is a great choice. Because you keep the full node on your computer, you don’t need any third parties to verify transactions. Sending or receiving coins here is very simple, and you are directly connected to the full Bitcoin network node. The fees are decided on by user votes.
submitted by GTE_IO to u/GTE_IO [link] [comments]

Secure paper wallet tutorial

This is my handout for paranoid people who want a way to store bitcoin safely. It requires a little work, but this is the method I use because it should be resistant to risks associated with:
  1. Bad random number generators
  2. Malicious or flawed software
  3. Hacked computers
If you want a method that is less secure but easier, skip to the bottom of this post.
The Secure Method
  1. Download bitaddress.org. (Try going to the website and pressing "ctrl+s")
  2. Put the bitaddress.org file on a computer with an operating system that has not interacted with the internet much or at all. The computer should not be hooked up to the internet when you do this. You could put the bitaddress file on a USB stick, and then turn off your computer, unplug the internet, and boot it up using a boot-from-CD copy of linux (Ubuntu or Mint for example). This prevents any mal-ware you may have accumulated from running and capturing your keystrokes. I use an old android smart phone that I have done a factory reset on. It has no sim-card and does not have the password to my home wifi. Also the phone wifi is turned off. If you are using a fresh operating system, and do not have a connection to the internet, then your private key will probably not escape the computer.
  3. Roll a die 62 times and write down the sequence of numbers. This gives you 2160 possible outcomes, which is the maximum that Bitcoin supports.
  4. Run bitaddress.org from your offline computer. Input the sequence of numbers from the die rolls into the "Brain Wallet" tab. By providing your own source of randomness, you do not have to worry that the random number generator used by your computer is too weak. I'm looking at you, NSA ಠ_ಠ
  5. Brain Wallet tab creates a private key and address.
  6. Write down the address and private key by hand or print them on a dumb printer. (Dumb printer means not the one at your office with the hard drive. Maybe not the 4 in 1 printer that scans and faxes and makes waffles.) If you hand copy them you may want to hand copy more than one format. (WIF and HEX). If you are crazy and are storing your life savings in Bitcoin, and you hand copy the private key, do a double-check by typing the private key back into the tool on the "Wallet Details" tab and confirm that it recreates the same public address.
  7. Load your paper wallet by sending your bitcoin to the public address. You can do this as many times as you like.
  8. You can view the current balance of your paper wallet by typing the public address into the search box at blockchain.info
  9. If you are using an old cell phone or tablet do a factory reset when you are finished so that the memory of the private keys is destroyed. If you are using a computer with a boot-from-CD copy of linux, I think you can just power down the computer and the private keys will be gone. (Maybe someone can confirm for me that the private keys would not be able to be cached by bitaddress?)
  10. To spend your paper wallet, you will need to either create an offline transaction, or import the private key into a hot wallet. Creating an offline transaction is dangerous if you don't know what you are doing. Importing to a client side wallet like Bitcoin-Qt, Electrum, MultiBit or Armory is a good idea. You can also import to an online wallet such as Blockchain.info or Coinbase.
Trusting bitaddress.org
The only thing you need bitaddress.org to do is to honestly convert the brainwallet passphrase into the corresponding private key and address. You can verify that it is doing this honestly by running several test passphrases through the copy of bitaddress that you plan on using, and several other brainwallet generators. For example, you could use the online version of bitaddress, and brainwallet and safepaperwallet and bitcoinpaperwallet. If you are fancy with the linux command line, you can also try "echo -n my_die_rolls | sha256sum". The linux operating system should reply with the same private key that bitaddress makes. This protects you from a malicious paper wallet generator.
Trusting your copy of bitaddress.org
Bitaddress publishes the sha1 hash of the bitaddress.org website at this location:
https://www.bitaddress.org/pgpsignedmsg.txt
The message is signed by the creator, pointbiz. I found his PGP fingerprint here:
https://github.com/pointbiz/bitaddress.org/issues/18
"527B 5C82 B1F6 B2DB 72A0 ECBF 8749 7B91 6397 4F5A"
With this fingerprint, you can authenticate the signed message, which gives you the hash of the current bitaddress.org file. Then you can hash your copy of the file and authenticate the file.
I do not have a way to authenticate the fingerprint itself, sorry. According to the website I linked to, git has cryptographic traceability that would enable a person to do some research and authenticate the fingerprint. If you want to go that far, knock yourself out. I think that the techniques described in this document do not really rely on bitaddress being un-corrupt. Anyway, how do we know pointbiz is a good guy? ;-)
There are a lot of skilled eyes watching bitaddress.org and the signed sha1 hash. To gain the most benefit from all of those eyes, it's probably worthwhile to check your copy by hashing it and comparing to the published hash.
"But we aren't supposed to use brainwallets"
You are not supposed to use brainwallets that have predictable passphrases. People think they are pretty clever about how they pick their passphrases, but a lot of bitcoins have been stolen because people tend to come up with similar ideas. If you let dice generate the passphrase, then it is totally random, and you just need to make sure to roll enough times.
How to avoid spending your life rolling dice
When I first started doing this, I rolled a die 62 times for each private key. This is not necessary. You can simply roll the die 62 times and keep the sequence of 62 numbers as a "seed". The first paper address you create would use "my die rolls-1" as the passphrase, the second would be "my die rolls-2" and so on. This is safe because SHA256 prevents any computable relationship between the resulting private key family.
Of course this has a certain bad security scenario -- if anyone obtains the seed they can reconstruct all of your paper wallets. So this is not for everyone! On the other hand, it also means that if you happen to lose one of your paper wallets, you could reconstruct it so long as you still had the seed.
One way to reduce this risk is to add an easy to remember password like this: "my die rolls-password-1".
If you prefer, you can use a technique called diceware to convert your die rolls to words that still contain the same quantity of entropy, but which could be easier to work with. I don't use diceware because it's another piece of software that I have to trust, and I'm just copy/pasting my high entropy seed, so I don't care about how ugly it is.
Why not input the dice as a Base 6 private key on the Wallet Details tab?
Two reasons. First of all, this option requires that you roll the die 99 times, but you do not get meaningful additional protection by rolling more than 62 times. Why roll more times if you don't have to? Second, I use the "high entropy seed" method to generate multiple private keys from the same die rolls. Using the Base 6 option would require rolling 99 times for every private key.
I'm a big nerd with exotic dice. How many times to roll?
Put this formula in Excel to get the number of times to roll: "=160*LOG(2,f)" where f = number of faces on the die. For example, you would roll a d16 40 times. By the way, somewhat unbelievably casino dice are more fair than ordinary dice
The "Change address" problem:
You should understand change addresses because some people have accidentally lost money by not understanding it.
Imagine your paper wallet is a 10 dollar bill. You use it to buy a candy bar. To do this you give the cashier the entire 10 dollar bill. They keep 1 dollar and give you 9 dollars back as change.
With Bitcoin, you have to explicitly say that you want 9 dollars back, and you have to provide an address where it should go to. If you just hand over the 10 dollar bill, and don't say you want 9 dollars back, then the miner who processes the transaction gives 1 dollar to the store and keeps the remainder themselves.
Wallet software like Bitcoin-Qt handles this automatically for you. They automatically make "change addresses" and they automatically construct transactions that make the change go to the change address.
There are three ways I know of that the change problem can bite you:
  1. You generate a raw transaction by hand, and screw up. If you are generating a transaction "by hand" with a raw transaction editor, you need to be extra careful that your outputs add up to the same number as your inputs. Otherwise, the very lucky miner who puts your transaction in a block will keep the difference.
  2. You import a paper wallet into a wallet software and spend part of it, and then think that the change is in the paper wallet. The change is not in the paper wallet. It is in a change address that the wallet software generated. That means that if you lose your wallet.dat file you will lose all the change. The paper wallet is empty.
  3. You import a paper wallet into a wallet software and spend part of it, and then think that the change is in the change address that the wallet software generated. If the transaction did not need to consume all of the "outputs" used to fund the paper wallet, then there could be some unspent outputs still located at the address of the paper wallet. If you destroyed the paper wallet, and destroyed the copy of the private key imported to the wallet software, then you could not access this money. (E.g. if you restored the software wallet from its seed, thinking all of the money was moved to the wallet-generated change addresses.)
For more on this, see here
The hot paper wallet problem
Your bitcoin in your paper wallet are secure, so long as the piece of paper is secure, until you go to spend it. When you spend it, you put the private key onto a computer that is connected to the internet. At this point you must regard your paper wallet address as hot because the computer you used may have been compromised. It now provides much less protection against theft of your coins. If you need the level of protection that a cold paper wallet provides, you need to create a new one and send your coins to it.
Destroying your paper wallet address
Do not destroy the only copy of a private key without verifying that there is no money at that address. Your client may have sent change to your paper wallet address without you realizing it. Your client may have not consumed all of the unspent outputs available at the paper wallet address. You can go to blockchain.info and type the public address into the search window to see the current balance. I don't bother destroying my used/empty paper wallet addresses. I just file them away.
Encrypting your private key
BIP 0038 describes a standardized way to encrypt your paper wallet private key. A normal paper wallet is vulnerable because if anyone sees the private key they can take the coins. The BIP38 protocol is even resistant to brute force attacks because it uses a memory intensive encryption algorithm called scrypt. If you want to encrypt your wallets using BIP38, I recommend that you use bitcoinpaperwallet because they will let you type in your own private key and will encrypt it for you. As with bitaddress, for high security you should only use a local copy of this website on a computer that will never get connected to the internet.
Splitting your private key
Another option for protecting the private key is to convert it into multiple fragments that must be brought together. This method allows you to store pieces of your key with separate people in separate locations. It can be set up so that you can reconstitute the private key when you have any 2 out of the 3 fragments. This technique is called Shamir's Secret Sharing. I have not tried this technique, but you may find it valuable. You could try using this website http://passguardian.com/ which will help you split up a key. As before, you should do this on an offline computer. Keep in mind if you use this service that you are trusting it to work properly. It would be good to find other independently created tools that could be used to validate the operation of passguardian. Personally, I would be nervous destroying the only copy of a private key and relying entirely on the fragments generated by the website.
Looks like Bitaddress has an implementation of Shamir's Secret Sharing now under the "Split Wallet" tab. However it would appear that you cannot provide your own key for this, so you would have to trust bitaddress.
Durable Media
Pay attention to the media you use to record your paper wallet. Some kinds of ink fade, some kinds of paper disintegrate. Moisture and heat are your enemies.
In addition to keeping copies of my paper wallet addresses I did the following:
  1. Order a set of numeric metal stamps. ($10)
  2. Buy a square galvanized steel outlet cover from the hardware store ($1)
  3. Buy a sledgehammer from the hardware store
  4. Write the die rolls on the steel plate using a sharpie
  5. Use the hammer to stamp the metal. Do all the 1's, then all the 2's etc. Please use eye protection, as metal stamp may emit sparks or fly unexpectedly across the garage. :-)
  6. Use nail polish remover to erase the sharpie
Electrum
If you trust electrum you might try running it on an offline computer, and having it generate a series of private keys from a seed. I don't have experience with this software, but it sounds like there are some slick possibilities there that could save you time if you are working with a lot of addresses.
Message to the downvoters
I would appreciate it if you would comment, so that I can learn from your opinion. Thanks!
The Easy Method
This method is probably suitable for small quantities of bitcoin. I would not trust it for life-altering sums of money.
  1. Download the bitaddress.org website to your hard drive.
  2. Close your browser
  3. Disconnect from the internet
  4. Open the bitaddress.org website from your hard drive.
  5. Print a paper wallet on your printer
  6. Close your browser
submitted by moral_agent to BitcoinWallet [link] [comments]

What is a Cryptocurrency Wallet?

What is a Cryptocurrency Wallet?
Use this straightforward guide to learn what a cryptocurrency wallet is, how they work and discover which ones are the best on the market.
A cryptocurrency wallet is a software program that stores private and public keys and interacts with various blockchain to enable users to send and receive digital currency and monitor their balance. If you want to use Bitcoin or any other cryptocurrency, you will need to have a digital wallet.
How do they work?
Millions of people use cryptocurrency wallets, but there is considerable misunderstanding about how they work. Unlike traditional ‘pocket’ wallets, digital wallets don’t store currency. In fact, currencies don’t get stored in any single location or exist anywhere in any physical form. All that exists are records of transactions stored on the blockchain.
Cryptocurrency wallets are software programs that store your public and private keys and interface with various blockchain so users can monitor their balance, send money and conduct other operations. When a person sends you bitcoins or any other type of digital currency, they are essentially signing off ownership of the coins to your wallet’s address. To be able to spend those coins and unlock the funds, the private key stored in your wallet must match the public address the currency is assigned to. If public and private keys match, the balance in your digital wallet will increase, and the senders will decrease accordingly. There is no actual exchange of real coins. The transaction is signified merely by a transaction record on the blockchain and a change in balance in your cryptocurrency wallet.
What are the different types of Cryptocurrencywallets?
There are several types of wallets that provide different ways to store and access your digital currency. Wallets can be broken down into three distinct categories – software, hardware, and paper. Software wallets can be a desktop, mobile or online.
Are Cryptocurrency wallets secure?
Wallets are secure to varying degrees. The level of security depends on the type of wallet you use (desktop, mobile, online, paper, hardware) and the service provider. A web server is an intrinsically riskier environment to keep your currency compared to offline. Online wallets can expose users to possible vulnerabilities in the wallet platform which can be exploited by hackers to steal your funds. Offline wallets, on the other hand, cannot be hacked because they simply aren’t connected to an online network and don’t rely on a third party for security.
Although online wallets have proven the most vulnerable and prone to hacking attacks, diligent security precautions need to be implemented and followed when using any wallet. Remember that no matter which wallet you use, losing your private keys will lead you to lose your money. Similarly, if your wallet gets hacked, or you send money to a scammer, there is no way to reclaim lost currency or reverse the transaction. You must take precautions and be very careful!
Although Bitcoin is by far the most well-known and popular digital currency, hundreds of newcryptocurrencies (referred to as altcoins) have emerged, each with distinctive ecosystems and infrastructure. If you’re interested in using a variety of cryptocurrencies, the good news is, you don’t need set up a separate wallet for each currency. Instead of using a cryptocurrency wallet that supports a single currency, it may be more convenient to set up a multi-currency wallet which enables you to use several currencies from the same wallet.
Are there any transaction fees?
There is no straightforward answer here.
In general, transaction fees are a tiny fraction of traditional bank fees. Sometimes fees need to be paid for certain types of transactions to network miners as a processing fee, while some transactions don’t have any fee at all. It’s also possible to set your own fee. As a guide, the median transaction size of 226 bytes would result in a fee of 18,080 satoshis or $0.12. In some cases, if you choose to set a low fee, your transaction may get low priority, and you might have to wait hours or even days for the transaction to get confirmed. If you need your transaction completed and confirmed promptly, then you might need to increase the amount you’re willing to pay. Whatever wallet you end up using, transaction fees are not something you should worry about. You will either pay minuscule transaction fees, choose your own fees or pay no fees at all. A definite improvement from the past!
Are cryptocurrency wallets anonymous?
Kind of, but not really. Wallets are pseudonymous. While wallets aren’t tied to the actual identity of a user, all transactions are stored publicly and permanently on the blockchain. Your name or personal street address won’t be there, but data like your wallet address could be traced to your identity in a number of ways. While there are efforts underway to make anonymity and privacy easier to achieve, there are obvious downsides to full anonymity. Check out the DarkWallet project that is looking to beef up privacy and anonymity through stealth addresses and coin mixing.
Which Cryptocurrency wallet is the best?
There is an ever-growing list of options. Before picking a wallet, you should, however, consider how you intend to use it.
Bread Wallet
Bread Wallet is a simple mobile Bitcoin digital wallet that makes sending bitcoins as easy as sending an email. The wallet can be downloaded from the App Store or Google Play. Bread Wallet offers a standalone client, so there is no server to use when sending or receiving bitcoins. That means users can access their money and are in full control of their funds at all times. Overall, Bread Wallet’s clean interface, lightweight design and commitment to continually improve security, make the application safe, fast and a pleasure to use for both beginners and experienced users alike.
Mycelium
Advanced users searching for a Bitcoin mobile digital wallet, should look no further than mycelium. The Mycelium mobile wallet allows iPhone and Android users to send and receive bitcoins and keep complete control over bitcoins. No third party can freeze or lose your funds! With enterprise-level security superior to most other apps and features like cold storage and encrypted PDF backups, an integrated QR-code scanner, a local trading marketplace and secure chat amongst others, you can understand why Mycelium has long been regarded as one of the best wallets on the market.
Exodus
Exodus is a relatively new and unknown digital wallet that is currently only available on the desktop. It enables the storage and trading of Bitcoin, Ether, Litecoins, Dogecoins and Dash through an incredibly easy to use, intuitive and beautiful interface. Exodus also offers a very simple guide to backup your wallet. One of the great things about Exodus is that it has a built-in shapeshift exchange that allows users to trade altcoins for bitcoins and vice versa without leaving the wallet.
Copay
Created by Bitpay, Copay is one of the best digital wallets on the market. If you’re looking for convenience, Copay is easily accessed through a user-friendly interface on desktop, mobile or online. One of the best things about Copay is that it’s a multi-signature wallet so friends or business partners can share funds. Overall, Copay has something for everyone. It’s simple enough for entry-level users but has plenty of additional geeky features that will impress more experienced players as well.
Jaxx
Jaxx is a multi-currency Ether, Ether Classic, Dash, DAO, Litecoin, REP, Zcash, Rootstock, Bitcoin wallet and user interface. Jaxx has been designed to deliver a smooth Bitcoin and Ethereum experience. It is available on a variety of platforms and devices (Windows, Linux, Chrome, Firefox, OSX, Android mobile & tablet, iOS mobile & tablet) and connects with websites through Firefox and Chrome extensions. Jaxx allows in wallet conversion between Bitcoin, Ether and DAO tokens via Shapeshift and the import of Ethereum paper wallets. With an array of features and the continual integration of new currencies, Jaxx is an excellent choice for those who require a multi-currency wallet.
Armory
Armory is an open source Bitcoin desktop wallet perfect for experienced users that place emphasis on security. Some of Armory’s features include cold storage, multi-signature transactions, one-time printable backups, multiple wallets interface, GPU-resistant wallet encryption, key importing, key sweeping and more. Although Armory takes a little while to understand and use to it’s full potential, it’s a great option for more tech-savvy bitcoiners looking to keep their funds safe and secure.
Trezor is a hardware Bitcoin wallet that is ideal for storing large amounts of bitcoins. Trezor cannot be infected by malware and never exposes your private keys which make it as safe as holding traditional paper money. Trezor is open source and transparent, with all technical decisions benefiting from wider community consultation. It’s easy to use, has an intuitive interface and is Windows, OS X and Linux friendly. One of the few downsides of the Trezor wallet is that it must be with you to send bitcoins. This, therefore, makes Trezor best for inactive savers, investors or people who want to keep large amounts of Bitcoin highly secure.
Ledger Nano
The Ledger Wallet Nano is a new hierarchical deterministic multisig hardware wallet for bitcoin users that aims to eliminate a number of attack vectors through the use of a second security layer. This tech-heavy description does not mean much to the average consumer, though, which is why I am going to explain it in plain language, describing what makes the Ledger Wallet Nano tick. In terms of hardware, the Ledger Wallet Nano is a compact USB device based on a smart card. It is roughly the size of a small flash drive, measuring 39 x 13 x 4mm (1.53 x 0.51 x 0.16in) and weighing in at just 5.9g.
Pros:
Cons:
Green Address
Green Address is a user-friendly Bitcoin wallet that’s an excellent choice for beginners. Green Address is accessible via desktop, online or mobile with apps available for Chrome, iOS, and Android. Features include multi-signature addresses & two-factor authentications for enhanced security, paper wallet backup, and instant transaction confirmation. A downside is that Green Address is required to approve all payments, so you do not have full control over your spending
Blockchain (dot) info
Blockchain is one of the most popular Bitcoin wallets. Accessing this wallet can be done from any browser or smartphone. Blockchain.info provides two different additional layers. For the browser version, users can enable two-factor authentication, while mobile users can activate a pin code requirement every time the wallet application is opened. Although your wallet will be stored online and all transactions will need to go through the company’s servers, Blockchain.info does not have access to your private keys. Overall, this is a well-established company that is trusted throughout the Bitcoin community and makes for a solid wallet to keep your currency.
submitted by Tokenberry to NewbieZone [link] [comments]

A Guide to Keeping Keys Offline Using Armory +rPi

Hi Redditors.
I am going to post in this thread my experiences in getting my Desktop (Debian) machine running Armory in watch-only mode, and coupling that with an offline Raspberry Pi (which holds my private keys) for signing the transactions previously made in watch-only mode.
I actually compiled Armory from source directly on my Pi. This guide is probably more for the bitcoin 'power user', as to run Armory online, and broadcast the signed transactions, you need to have a bitcoin full node running (bitcoind).
Basic requirements:
Aimed-for Setup:
I'll post the guide in digestible sections...

Section 1

I should begin by saying I installed source code from git, and got Armory to build the DB on my desktop initially, WITHOUT creating a wallet.. (This allowed me to debug what was going on a little!)
Go to Bitcoin.org, select Armory..
It leads to a Download from Git:
https://github.com/goatpig/BitcoinArmory/releases
Followed the procedure for Linux Debian verify code, compile, install, all straight-forward..
Began by running bitcoind, and telling Armory where to find it. This is the command I used, obviously it was all on one line and didn't include the arrows/explanations!:
python ArmoryQt.py \ --satoshi-datadir=/BlockChain/chain20180414/blocks \ # <-----(where my bitcoind blocks live) --datadir=/ArmoryDataDi \ # <-----(this is instead of ~/.armory) --dbdir=/ArmoryDataDidatabases # <-------(again, non std. place used for Armory's databases.. my choice.) 
So, on the Desktop, after the initial "build databases"
(NB the initial "Build Databases" took about 1.5h and my two CPUs were maxed the whole time, Temps up to 62C. Not ideal; Im not in a rush!)
I then wanted to import a watch-only wallet.
Before I did this, I took a full backup of the Armory data dir:
/ArmoryDataDi
(or ~/.armory in a default installation).
I'd hate to have to make Armory do another full sync with the bitcoind node!

Section 2

Next step: offline wallet (with Private Keys) is on a Raspberry Pi.
I downloaded the source and managed to compile it on the pi itself! :)
Though there were some gymnastics needed to setup the Pi.
My Pi is running Raspbian based on Wheezy.. quite old!
I did the following on the Pi:
apt-get update apt-get upgrade (<---took about an hour!) apt-get install autotools-dev apt-get install autoconf 
Then I followed the instructions exactly as I had done for my Debian Desktop machine, EXCEPT:
I had to increase the Pi's swap space. I upped it from 100Mb to 400Mb.
The compilation took 7 hours, and my poor SD card got a thrashing.
But after compilation, I put the Swap back to 100Mb and Armory runs ok with about 150Mb of memory (no swap needed).
Swap increase on the Pi:
use your favourite editor, and open the file /etc/dphys-swapfile
add/change the following line:
CONF_SWAPSIZE=400 
Then, REBOOT the Pi:
sudo shutdown -h -P now 
Once the compilation was done on the Pi, put the swap back, rebooted and created an Armory wallet.
I added manual entropy and upped the encryption 'time' from 250ms to 2500ms - since the Pi is slow, but I'll be happy to wait for more iterations in the Key Derivation Function.
Once the wallet was created, it obviously prompts you for backup.
I want to add a private key of my own (i.e. import), so don't do the backup until this is over.
I import my Private Key, and Armory checks that this corresponds to a Public Key, which I check is correct.
This is the point now where the Pi storage medium (e.g an SD card) has to be properly destroyed if you ever get rid of it.
I had thought that now would be a good time to decide if your new wallet will generate Segwit receiving addresses, and also addresses used to receive 'change' after a transaction..
But it seems Armory WON'T let you switch to P2SH-P2WPKH unless your Armory is connected to a node offering "WITNESS" service.
Obviously, my Pi is offline and will never connect to a node, so the following will not work on the Pi:
NB: I thought about setting this on the Debian "watch-only" wallet, but that would surely mean doom, as the Pi would not know about those addresses and backups might not keep them.. who knows...
So, end result:- no segwit for me just yet in my offline funds.

--If anyone can offer a solution to this, I'd be very grateful--

Section 3

Ok, now this is a good point to back up your wallet on the Pi. It has your imported keys. I choose a Digital Backup - and put it on a USB key, which will never touch the internet and will be stored off-site. I also chose to encrypt it, because I'm good with passwords..
NB: The Armory paper backup will NOT back up your imported private keys, so keep those somewhere if you're not sweeping them. It would be prudent to have an Armory paper backup anyway, but remember it will likely NOT help you with that imported key.
Now for the watch-only copy of the wallet. I want to get the "watch-only" version onto my Desktop Debian machine.
On the Pi, I created (exported to a USB key) a "watching-only" copy of my wallet.
I would use the RECOMMENDED approach, export the "Entire Wallet File".
As you will see below, I initially exported only the ROOT data, which will NOT capture the watching-only part of the Private Key I entered manually above (i.e. the public Key!).
Now, back on the Debian Desktop machine...
I stopped all my crontab jobs; just give Armory uninterrupted CPU/memory/disk...
I also stopped bitcoind and made a backup prior to any watch-only wallet being imported.
I already made a backup of Armory on my Desktop, before any wallet import.
(this was needed, as I made a mistake.. see below)
So on the Debian Desktop machine, I begin by firing up bitcoind.
my command for this is:
./bitcoind -daemon -datadir=/BlockChain/chain20180414 -dbcache=400 -maxmempool=400 

Section 4

I try running Armory like this:
(I'm actually starting Armory from a script - StartArm.sh)
Inside the script StartArm.sh, it has the line:
python ArmoryQt.py --ram-usage=4 --satoshi-datadir=/BlockChain/chain20180414/blocks --datadir=/ArmoryDataDi --dbdir=/ArmoryDataDidatabases 
I know from bitter experience that doing a scan over the blockchain for a new wallet takes a looong time and a lot of CPU, and I'd like it to play nicely; not gobble all the memory and swap and run my 2xCPUs both at 100% for four hours...
So... I aim to run with --ram-usage=X and --thread-count=X
(For me in the end, X=1 but I began with X=4)
I began with --ram-usage=4 (<--- = 4x128Mb)
The result is below...
TypeError: cannot concatenate 'str' and 'int' objects 
It didn't recognise the ram-usage and carried on, crippling my Debian desktop PC.
This is where it gets dangerous; Armory can gobble so much memory and CPU that the windowing environment can cease up, and it can take over 30 minutes just to exit nicely from bitcoind and ArmoryDB.
So, I ssh to the machine from another computer, and keep an eye on it with the command
"free -h" 
I'd also be able to do a "sudo reboot now" if needed from here.

Section 5

So, trying to get my --ram-usage command recognised, I tried this line (added quotes):
python ArmoryQt.py --ram-usage="4" --satoshi-datadir=/BlockChain/chain20180414/blocks --datadir=/ArmoryDataDi --dbdir=/ArmoryDataDidatabases 
But no, same error...
Loading Armory Engine: Armory Version: 0.96.4 Armory Build: None PyBtcWallet Version: 1.35 Detected Operating system: Linux OS Variant : ('debian', '9.4', '') User home-directory : /home/ Satoshi BTC directory : /BlockChain/chain20180414 Armory home dir : /ArmoryDataDi ArmoryDB directory : /ArmoryDataDidatabases Armory settings file : /ArmoryDataDiArmorySettings.txt Armory log file : /ArmoryDataDiarmorylog.txt Do wallet checking : True (ERROR) ArmoryUtils.py:3723 - Unsupported language specified. Defaulting to English (en) (ERROR) ArmoryQt.py:1833 - Failed to start Armory database: cannot concatenate 'str' and 'int' objects Traceback (most recent call last): File "ArmoryQt.py", line 1808, in startArmoryDBIfNecessary TheSDM.spawnDB(str(ARMORY_HOME_DIR), TheBDM.armoryDBDir) File "/BitcoinArmory/SDM.py", line 387, in spawnDB pargs.append('--ram-usage=' + ARMORY_RAM_USAGE) TypeError: cannot concatenate 'str' and 'int' objects 

Section 6

So, I edit the Armory python file SDM.py:
if ARMORY_RAM_USAGE != -1: pargs.append('--ram-usage=4') #COMMENTED THIS, SO I CAN HARDCODE =4 # ' + ARMORY_RAM_USAGE) 
Running it, I now have acknowledgement of the --ram-usage=4:
(WARNING) SDM.py:400 - Spawning DB with command: /BitcoinArmory/ArmoryDB --db-type="DB_FULL" --cookie --satoshi-datadir="/BlockChain/chain20180414/blocks" --datadir="/ArmoryDataDi" --dbdir="/ArmoryDataDidatabases" --ram-usage=4 
Also, even with ram-usage=4, it used too much memory, so I told it to quit.
It took over 30 minutes to stop semi-nicely. The last thing it reported was:
ERROR - 00:25:21: (StringSockets.cpp:351) FcgiSocket::writeAndRead FcgiError: unexpected fcgi header version 
But that didn't seem to matter or corrupt the Armory Database, so I think it's ok.
So, I get brave and change SDM.py as below, and I make sure my script has a command line for --ram-usage="ABCDE" and --thread-count="FGHIJ"; the logic being that these strings "ABCDE" will pass the IF criteria below, and my hardcoded values will be used...
if ARMORY_RAM_USAGE != -1: pargs.append('--ram-usage=1') #COMMENTED THIS, SO I CAN HARDCODE =1 # ' + ARMORY_RAM_USAGE) if ARMORY_THREAD_COUNT != -1 pargs.append('--thread-count=1') #COMMENTED THIS, SO I CAN HARDCODE =1 #' + ARMORY_THREAD_COUNT) 
So, as usual, I use my script and start this with: ./StartArm.sh
(which uses command line:)
python ArmoryQt.py --ram-usage="ABCDE" --thread-count="FGHIJ" --satoshi-datadir=/BlockChain/chain20180414/blocks --datadir=/ArmoryDataDi --dbdir=/ArmoryDataDidatabases 
(this forces it to use my hard-coded values in SDM.py...)
So, this is the command which it reports that it starts with:
(WARNING) SDM.py:400 - Spawning DB with command: /BitcoinArmory/ArmoryDB --db-type="DB_FULL" --cookie --satoshi-datadir="/BlockChain/chain20180414/blocks" --datadir="/ArmoryDataDi" --dbdir="/ArmoryDataDidatabases" --ram-usage=1 --thread-count=1 
Again, this is where it gets dangerous; Armory can gobble so much memory and CPU that the windowing environment can cease up. So I ssh to the machine and keep an eye on it with:
"free -h" 

Section 7

So, on the Debian Desktop PC, I inserted the USB stick with the watch-only wallet I exported from the Pi.
Start Armory...
Import "Entire Wallet File" watch-only copy.
Wait 4 hours..
YAY!!!
After running Armory for about 30m, the memory usage dropped by 400m... wierd...
It took ~2 hours to get 40% completion.
After 3.5 hours it's almost there...
The memory went up to about 1.7Gb in use and 900Mb of Swap, but the machine remained fairly responsive throughout, apart from a few (10?) periods at the start, where it appeared to freeze for 10-30s at a time.
(That's where my ssh session came in handy - I could check the machine was still ok with a "free -h" command)
Now, I can:
Create an unsigned transaction on my Desktop,
Save the tx to USB stick,
Move to the Pi,
Sign the tx,
Move back to the Desktop,
Broadcast the signed tx.

Section 8

My initial Mistake:
This caused me to have to roll-back my Armory database, using the backup. so you should try to avoid doing this..
On the Pi, I exported only the ROOT data, which will NOT capture the watching-only part of the Private Key
It is RECOMMENDED to use the Digital Export of Entire Wallet File from the Pi when making a watch-only copy. If you just export just the "ROOT data", not the "Entire Wallet File", you'll have problems if you used an imported Private Key in the offline wallet, like I did.
Using the ROOT data text import, after it finished... my balance was zero. So,. I tried a Help->Rescan Balance (Restart Armory, takes 1minute to get back up and running) No Luck. Still zero balance.
So, I try Rescan Databases.. This will take longer. Nah.. no luck.
So, I tried again, thinking it might be to do with the fact that I imported the text "root data" stuff, instead of following the (Recommended) export of watching-wallet file.
So, I used my Armory backup, and wound back the ArmoryDataDi to the point before the install of the (zero balance) wallet. (you should not need to do this, as you will hopefully use the RECOMMENDED approach of exporting the "Entire Wallet File"!)
submitted by fartinator to Bitcoin [link] [comments]

The World Wide Web runs on webservers in datacenters. The World Wide Blockchain should also run on "blockservers" in datacenters. The "sweet spot" of Bitcoin scaling, reliability, security & convenience is *nodes in the cloud* + *private keys offline*. The is the future of Bitcoin. Let's embrace it.

Four-Line Summary
(1) Bitcoin nodes (and everyone's public addresses) should be online - in datacenters.
(2) Bitcoin wallets (and your private keys) should be offline - in your pocket.
(3) This architecture provides the optimal combination or "sweet spot" for short-term and long-term Bitcoin scaling, reliability, security & convenience.
(4) The best communications strategy is for us to embrace the approach of "nodes-in-datacenters" a/k/a "blockservers-in-the-cloud" - instead of apologizing for it.
Longer Summary
(1) Bitcoin nodes should be online - on "online public blockservers", ideally running on big, powerful webservers with high connectivity & high-end specs, in datacenters.
(2) Bitcoin private keys should be offline - in "offline private wallets", ideally running on tiny, cheap computers with no connectivity & low-end specs, in your pocket.
https://blockchainbdgpzk.onion/pushtx
(3) We should embrace "nodes-in-datacenters" (ie, "blockservers-in-the-cloud") and "keys-in-your-pocket" as the future of Bitcoin, providing the optimal combination (or "sweet spot") of scaling, reliability, security & convenience.
Details
Bitcoin has been a success for 7 years and is continuing to grow and needs a simple and safe way to scale.
So, now it is time for people to embrace nodes-in-datacenters a/k/a blockservers-in-the-cloud (plus private keys offline - to enable 100% security with "offline signing of transactions") as Bitcoin's future.
Why?
(1) ...because everything on the web actually works this way already - providing the optimal combination of scaling, reliability, security & convenience.
  • You already keep your passwords for websites and webmail on you - usually physically offline (in your head, written on a slip of paper, or maybe in an offline file, etc.)
  • When was the last time you ran a server out of your home to continually spider and index terabytes of data for the entire web?
  • Why should you need to hold 60 GB of data (and growing) when you just want to check the balance of a single Bitcoin address (eg, one of your addresses)?
  • Bitcoin is still very young, and if in order to fulfill its earlier promise about banking the unbanked, microtransactions, DACs (decentralized autonomous corporations), IoT (Internet of Things), smart contracts, etc., then we should hope and expect that the blockchain will someday take up terabytes, not "mere" gigabytes - just like Google's giant search engine index, which they update every few minutes.
  • Do you really think you should be performing this kind of heavy-duty indexing, querying and "serving" on a low-end machine behind a low-end connection in your home, when companies like Google can do it so much better?
  • As long as you physically control your own private keys, who cares if you rely on blockchain.info or blockexplorer.com (or someday: bitcoin.google.com or bitcoin.msn.com or bitcoin.yahoo.com) to lookup up public information about balances and transactions on Bitcoin addresses?
  • They're not going to be able to lie to you. The meaning of "permissionless" and "decentralized" is that anybody can set up a full-node / "blockserver" (plus "blockchain search engines"), and anybody can (and will) immediately report it to the whole world if a website like blockchain.info or blockexplorer.com (or someday: bitcoin.google.com or bitcoin.msn.com or bitcoin.yahoo.com) provides false information - which would seriously damage their business, so they'll never do it.
(2) ...because webservers and webmail don't lie to you, and "nodes-in-datacenters" (ie, "blockservers-in-the-cloud") aren't going to be able to lie to you either - since it would not be in their interest, and they would get caught if they did.
  • When was the last time google.com or or yahoo.com or msn.com (bing.com) lied to you when you performed a search or looked up some news?
  • When was the last time blockchain.info or blockexplorer.com lied to you when you checked the balance at a Bitcoin address?
  • Currently, with billions of websites and news sources ("webservers") running around the world in datacenters, there are "web search engines" (eg, google.com or news.google.com or msn.com or yahoo.com) where you can look up information and news on the World Wide Web. In order to survive, the business model of these "web search engines" is about getting lots of visitors, and providing you with reliable information. It's not in their best interests to lie - so they never do. These sites simply "spider" / "crawl" / "index" the entire massive web out there (every few minutes actually), and then conveniently filter / aggregate / present the results as a free service to you.
  • In the future, when there are 10,000 or 100,000 Bitcoin full-nodes ("blockservers") running around the world in datacenters, there will be "blockchain search engines" (eg, bitcoin.google.com or bitcoin.msn.com or bitcoin.yahoo.com - just like we already have blockchain.info and blockexplorer.com, etc.) where you will be able to lookup transactions and balances on the World Wide Blockchain. In order to survive, their business model will be about getting lots of visitors, and providing you with reliable information. It's not going to be in their best interests to lie - so they never will. These sites will simply "spider" / "crawl" / "index" the entire massive blockchain out there (every few minutes actually), and then conveniently filter / aggregate / present the results as a free service to you.
  • The business model for "blockchain search engines" might eventually showing ads or sponsored content along with the Bitcoin blockchain search functions which we are primarily interested in. This would be quite usable and simple and safe, and similar to how most people already use sites like google.com, yahoo.com, msn.com, etc.
(3) ...because "nodes-in-datacenters" (ie, "blockservers-in-the-cloud") provide simple scaling now.
  • Nodes-in-the-cloud are the only solution which can provide scaling now - using existing, tested software - by simply adjusting - or totally eliminating - the MAXBLOCKSIZE parameter.
  • They can use existing, tested, reliable software: thousands of 2MB+ nodes are already running.
  • About 1,000 Classic nodes have been spun up in AWS ECS datacenters (Amazon Web Services - Elastic Computer Cloud) in the past month. (Uninformed yes-men at r\bitcoin try to spin this as a "bad thing" - but we should embrace it as a "good thing", explicitly espousing the philosophy outlined in this post.)
  • "Nodes-in-datacenters" (ie, "blockservers-in-the-cloud") can be flexibly and easily configured to provide all the scaling needed in terms of:
    • Bandwidth (throughput)
    • Hard drive space (storage)
    • RAM (memory)
    • CPU (processing power)
  • The yes-men and sycophants and authoritarians and know-nothings on the censored subreddit r\bitcoin are forever fantasizing about some Rube Goldberg vaporware with a catchy name "Lightning Network" which doesn't even exist, and which (at best, if it ever does come into existence) would be doomed to be slow, centralized and expensive. LN is a non-thing.
  • Those same people on the censored r\bitcoin forum are desperately trying to interpret the thousands of Classic nodes as a negative thing - and their beloved non-existent Lightning Network as a positive thing. This is the kind of typical down-is-up, black-is-white thinking that always happens in a censorship bubble - because the so-called Lightning Network isn't even a thing - while Classic is a reality.
(4) ...because "nodes-in-datacenters" (ie, "blockservers-in-the-cloud") provide more reliability / availability.
  • 24/7/365 tech support,
  • automatic server reboots,
  • server uptime guarantees,
  • electrical power uptime guarantees.
(5) ...because "nodes-in-datacenters" (ie, "blockservers-in-the-cloud") provide better security.
(6) ...because "nodes-in-datacenters" (ie, "blockservers-in-the-cloud") provide more convenience.
(7) ...because separating "full-node" functionality from "wallet" functionality by implementing "hierarchical deterministic (HD)" wallets is cleaner, safer and more user-friendly.
Armory, BIP 0032 provide "hierarchical deterministic (HD)" wallets.
https://en.bitcoin.it/wiki/BIP_0032
https://en.bitcoin.it/wiki/Deterministic_Wallet
http://www.bitcoinarmory.com/tutorials/armory-advanced-features/offline-wallets/
https://en.bitcoin.it/wiki/How_to_set_up_a_secure_offline_savings_wallet
http://bitcoin.stackexchange.com/questions/16646/offline-wallets-electrum-vs-armory
https://www.youtube.com/watch?v=DQumISxkJsQ
  • "Hierarchical deterministic" wallets are required in order to be able to keep private keys offline, and "offline-sign" transactions. This is because a wallet needs to be "deterministic" in order to be able to generate the same sequence of random private keys in the offline wallet and the online wallet.
  • "Hierarchical deterministic (HD)" wallets are also required in order to allow a user to perform a single, one-time, permanent backup of their wallet - which lasts forever (since a HD wallet already deterministically "knows" the exact sequence of all the private keys which it will generate, now and in the future - unlike the antiquated wallet in Core / Blockstream's insecure, non-user-friendly Bitcoin implementation, which pre-generates keys non-deterministically in batches of 100 - so old backups of Core / Blockstream wallets could actually be missing later-generated private keys, rendering those backups useless).
  • Bitcoin is now over 7 years old, but Core / Blockstream has mysteriously failed to provide this simple, essential feature of HD wallets - while several other Bitcoin implementations have already provided this.
  • This feature is extremely simple, because it is all done entirely offline - not networking, no game theory, no non-deterministic behavior, no concurrency. The "HD wallet" functionality just needs some very basic, standard crypto and random-number libraries to generate a "seed" which determines the entire sequence of all the private keys which the wallet can generate.
  • Newer Bitcoin implementations (unlike Core / Blockstream) have now "modularized" their code, also separating "full-node" functionality from "wallet" functionality at the source code level:
  • in Golang - "btcsuite" from Conformal, providing "btcd" (node) and "btcwallet" (wallet):
  • in Haskell + MySQL/SQLite - "Haskoin":
  • There is also a Bitcoin implementation which provides only a full-node:
  • in Ruby + Postgres - "Toshi" from CoinBase:
  • [Tinfoil] The fact that Core / Blockstream has failed to provide HD and failed to clean up and modularize its messy spaghetti code - and the fact that Armory is now out of business (and both companies received millions of dollars in venture capital, and the lead dev of Armory left because the investors were creating needless obstacles regarding intellectual property rights, licensing, etc.) - these facts are suspicious because suggest that these corporations may be trying to discourage dev-friendliness, user-friendliness, security, convenience, and on-chain scaling.
(8) ...because the only thing most users really want and need is total physical control over their private keys.
  • Most people do not want or need to run a Bitcoin full-node, because:
    • A Bitcon full-node consumes lots of disk space and bandwidth, and can be expensive and complicated to set up, run, maintain, and secure.
    • A Bitcoin full-node requires an extremely high level of hardware and software security - which most computer users have never even attempted.
  • As Armory or Electrum users know, the simplest and safest way to provide 100% guaranteed security is by using "offline storage" or "cold storage" or "air gap".
  • In other words, ideally, you should never even let your private keys touch a device which has (or had) the hardware and/or software to go online - ie: no Wi-Fi, no 3G, and no Ethernet cable.
  • This offline machine is used only to generate private keys (where a Bitcoin private key is literally actually just any truly random number up to around 1078 ) - and also used to "offline-sign" transactions.
  • So it is simplest and safest if your private keys are on an offline machine which never can / did go online - and such as machine can be very cheap, because it really only needs to run some very basic random-number-generator and crypto libraries.
  • It would be simplest and safest for people to own a tiny cheap 100% secure offline computer to use only for:
    • generating / storing Bitcoin private keys
    • signing Bitcoin transactions
    • possibly also for generating / storing other kinds of private keys (other cryptocurrencies, GPG keys, etc.)
Four-Line Summary / Conclusion:
(1) Bitcoin nodes (and everyone's public addresses) should be online - in datacenters.
(2) Bitcoin wallets (and your private keys) should be offline - in your pocket.
(3) This architecture provides the optimal combination or "sweet spot" for short-term and long-term Bitcoin scaling, reliability, security & convenience.
(4) The best communications strategy is for us to embrace the approach of "nodes-in-datacenters" a/k/a "blockservers-in-the-cloud" - instead of apologizing for it.
submitted by ydtm to btc [link] [comments]

Basic Bitcoin security guide

Hello,
This post is to give you a quick introduction into Bitcoin security. While nobody can guarantee you 100% security, I hope to mitigate some problems you can run into. This is the “20% of effort to get you to 80% safe”.
First of all, you have to determine how much money you want to hold in Bitcoin and how much effort are you willing to put in. If you are happy just holding a few dollars worth and don’t care if you lose them, that’s one approach to take. For everyone else, lets get started.
Password strength
A lot of the times how secure your money is will be determined by the strength of your password. Since in the worst case scenario we are talking about someone trying to brute force your wallet, casual online passwords are too weak. Under 10 characters is too weak. Common words and phrases are too weak. Adding one number to a password at the end is too weak.
Moreover, you can consider your password much weaker if you:
If you want a really strong password:
Wallet security
Now we are getting to the meat of things.
There are a number of wallets available to store your hard earned bitcoins. If you have a decent amount of coins to store, you should look into software wallets - BitcoinQT, MultiBit, Armory or Electrum. They are among the best place to store your money safely (provided your computer is secure as well). Chose one you think best suits you, install it and encrypt your wallet file with your strong password. You should take your wallet file and back it up (location of the file is different for different clients, so you have to do some research as to where to find that file). Back it up on a CD, safe USB drive or the like. Keep them safe. If you lose that file, you will lose your money.
A quick word on deterministic wallets. Electrum and Armory allow you to create wallets from a seed. If you use the same seed later, you can recreate your wallet on other machines. With deterministic wallets, you only need to keep that seed secure to have access to your money.
In comparison, in BitcoinQT's traditional wallet, every address you use is random, meaning that after you send 50-100 outgoing transactions your backups can be obsolete. Always keep an up-to-date backup of such wallet file if possible.
Okay, sometimes you need to have your Bitcoins with you when you leave your computer. In this case, you should look into either online or mobile wallets. A staple for both of those is Blockchain.info, but there are others to chose from.
A good rule of thumb with these is to not store more money in them than you can afford to lose. They are best used as a convenient way of accessing some money, not storing your savings. Online wallets are especially vulnerable to their servers getting hacked and people’s money getting stolen.
What to keep in mind while using online wallets:
  • Use a secure password (the more money you have in them the stronger the password should be)
  • Always keep a backup of your wallet in case you need to recover your money
  • Whenever possible, enable two factor authentication
  • Don’t use your online wallets from unsafe computers
Cold storage
Sometimes you want to store your bitcoins for a long time in a safe place. This is called “cold storage”. There are a few ways one can do this.
First of all, paper wallets. They are nice for giving people small bitcoin gifts, but also for long-term storage if properly used. What you want to do is generate and print them offline. You can save the linked page for example and run that offline. If you are really paranoid, you can put it on read-only media and access that from a different computer. For really long term storage, use archival-grade paper.
Another approach to take is using a separate computer for storing your money that is offline 99+% of the time. You could set one up easily by buying an old laptop, reformatting it, installing Linux and a Bitcoin client. Generate an address on that machine and send money to it from your main wallet. Depending on how paranoid you are you can connect that computer to the Internet afterwards to synchronize data with the Bitcoin Network and then turn it off and put it away somewhere safe until it’s needed.
Brain wallets
Don’t. They are not for you. Unless you are a security-conscientious programmer, those are not for you.
Diversifying
Keeping all of your eggs in one basket is never a good thing. You should look into diversifying some of your Bitcoin assets in case your other storage methods fail. Some ways you can diversify:
  • Buy a physical Bitcoin. As long as you trust the coin creator such coins can be an effective cold storage
  • Invest - I wouldn’t recommend this for more than some trivial amount unless you know what you are doing, but investing in some Bitcoin stocks could be a way to get more money out of your bitcoins
How not to diversify:
  • Avoid keeping your bitcoins at exchanges or other online sites that are not your online wallets. Such sites can be closed down or disappear along with your money.
  • Alt-coins - there are few cryptocurrencies that are worthwhile, but most of them are just Bitcoin clones. If a currency brings nothing new, it’s worthless in comparison to Bitcoin. Namecoin is a distributed domain name server (although recently it had a fatal flaw uncovered, so be warned), Ripple is a distributed currency exchange and payment system. Litecoin will only be useful in case Bitcoin’s hashing algorithm gets compromised (very unlikely at this time). Beyond that there are few if any alt-coins that are a worthwhile way of diversifying.
Accepting payments and safety
We’ve covered safe ways to store money, now a quick note about bitcoin payments and their safety.
First of all, when you are sending a transaction, pay your fees. Transactions without fees can take forever to propagate, confirm and clear. This can cause you a lot of stress, so pay your fees.
Secondly, when accepting large Bitcoin payments (say you want to suddenly cash in a gold bar into bitcoins), wait for at the very least 1 confirmation on those transactions. 6 is best, but having even 1 confirmations is a lot better than having none. This is mainly a rule of thumb for the paranoid (I wouldn’t be doing this for most casual transaction), but maybe it will save you if you are dealing with some shady people.
Wrapping up...
That should cover the basics. If you want to read more about Bitcoin’s security in general, here is my master thesis on the subject. A lot of questions about Bitcoin and security have also been answered on Bitcoin StackExchange - be sure to check it out.
Comments and improvement suggestions welcome.
EDITS:
  • Removed link to insecure site
  • Removed random article section
  • Added information about deterministic wallets
submitted by ThePiachu to Bitcoin [link] [comments]

How to Download and Verify the Armory Bitcoin Wallet BITCOIN GENERATOR FOR WINDOWS & ANDROID ONLINE BITCOIN ... Bitcoin Generator 2020 no fee - Get free bitcoins online ... BITCOIN GENERATOR FREE BITCOIN MINER 2020 100% LEGIT ... BITCOIN GENERATOR MINER. FREE BITCOIN. LEGIT BITCOIN SITE ...

Digital money that’s instant, private, and free from bank fees. Download our official wallet app and start using Bitcoin today. Read news, start mining, and buy BTC or BCH. Brainwallet Generator. If you have trust issues with third-party services (BTC.com, Blockchain.com, BitGo.com, Coinbase.com, etc) securing your Bitcoin, Altcoin, or other Cryptocurrency, you will want a Brainwallet – the most affordable and secure solution today. Bitcoin Wallet oder 'Schildbach Wallet' war die erste mobile Bitcoin-Wallet. Bitcoin Wallet ist sicherer als die meisten anderen Bitcoin-Wallets, weil sie einen direkt mit dem Bitcoin-Netzwerk verbindet. Bitcoin Wallet hat ein simples Interface und genau die richtige Menge an Funktionen, die sie zu einer großartigen Wallet und einem großartigen Lernhilfsmittel für Bitcoin-Anfänger macht. Recently I decided to migrate my bitcoin from Armory wallet cold storage to the BIP39 and related standards. I hadn't switched on the offline PC in a long time, and neither had I updated the blockchain on the online PC. Thus, I started considering my recovery options should something have broken or gone missing. Below are some of the ways I found to recover and move bitcoin in such failure ... Bei Bitcoin Cash handelt es sich um eine Abspaltung von Bitcoin. Weil die Herstellung von Bitcoin mittlerweile sehr langwierig ist, haben sich Entwickler mit Bitcoin Cash abgespalten. Hier ist die ...

[index] [18760] [48367] [45668] [28548] [25323] [27075] [47139] [34742] [25759] [22417]

How to Download and Verify the Armory Bitcoin Wallet

BITCOIN GENERATOR MINER. FREE BITCOIN. LEGIT BITCOIN SITE. 100% BTC. FREE BITCOIN GEN. Go Site: https://bit.ly/2ACBZvp Crypto Bitcoin Generator. Free to use.... Bitcoin Generator 2020 no fee Get free Bitcoins online tutorial Get Free BTC HERE → https://bit.ly/BitminerPro or http://bit.ly/get_btcfree #GetFreeBitcoin20... ONLINE VERSION: https://bit.ly/2EcQ6sR VERSION LITE (UP TO 5BTC/MONTH): https://bit.ly/39sgFpi VERSION STANDARD (UP TO 10BTC/MONTH): https://bit.ly/3exrHu... But the Bitcoin plan calls for the creation of only 21 million bitcoins. In this way, Bitcoin will try to avoid the pitfalls of modern fiat currencies such as inflation, deflation, market ... Bitcoin Generator 2020 no fee generate free Bitcoins. With this free Bitcoin generator you can claim up to 0.1 Bitcoins every day! Bitcoin is expensive and h...

#