Reddit Posts
All bip39 words on 2048 limited edition handmade mugs
A Fork of CLN Implemented Eltoo Useful for Channel Factories Available for Testing
Need Help Deriving Extended Private Key from Bitcoin Root Extended Public Key and Non-Hardened Extended Private Key
Is it normal for the majority of your seed words to start with the same letter?
Need Advice with Crypto Wallets - Hardware vs Mobile Wallets
Entropy: only 121 bits (vs 128) on Blockstream Jade using dice rolls?
Backing up and recovering wallet - seed phrases, private keys, extended private keys, eh???
Best method of long-term cold storage for life-changing amounts?
BIP39 misalignment? Mnemonic vs. Decimal vs. Binary seeds
Mining ALL remaining bitcoins in less than two weeks (difficult adjustment)?
How to make a new wallet address with my own selected BIP39 words
Import private keys from BIP39 paper wallet with passphrase
12 word BIP 39 >> Hardware Wallet - What are the options?
Malware and scams I should be on the lookout for
What happens if Bitcoin price gets high enough, such that it becomes necessary to go ahead and take it to the 9th decimal place? Can that be done w/ backward compatible SF, or is a HF req'd? Can someone with knowledge detail the process? Can't seem to find answers on this researching around...
how to manually encrypt your BIP39 seedphrase with an additional cipher?
Can the BitBox02 show a wrong seedphrase (BIP 39 wordlist)?
What if they planted a bug into BIP 382, which makes it possible to increase block rewards?
Enhancing Bitcoin Security: A BIP39-Compatible Vernam Encryption Approach for Safeguarding Recovery Phrases
Stacking has crept up on me and now I need to upgrade my storage
Any open source, encryption based, 3/5 multi factor wallet already available? If not, can this be developed?
Is it a security risk if your wallet’s extended fingerprint (xfp) has been exposed?
FINCEN MegaThread | Do Not Give Them Your Silent Consent | Remember Remember The 5th of November | Support Bitcoin Privacy
Thoughts on BIP 324 and the increased anonymity of using bitcoin.
ELI5 - What if Ledger or Trezor stops working?
Tutorial: How to use normal (non Casino-grade) dice to generate a seedphrase
Bitcoin Is About To Become More Secure With BIP324
This page offers a comprehensive overview of BIP-329, proposed by Craig Raw, creator of Sparrow Wallet. You'll find information about the current status and adoption progress, highlighting the significance of this proposal.
Coinplate has a BIP39 seed phrase recovery tool.
Walk down the memory lane: Blocksize wars and the Bitcoin XT controversy
How Much a Spot Bitcoin ETF Can Affect The Price - The Bad Version
Can one secret phrase (eventually) access any wallet?
Do you know that you don't need hardware wallets for cold storage?
I made a descriptive post of every item that you can purchase using candies from Coingecko so you do not have to look
How CTV (BIP 119) Could Create Channel Factories for Casual Users
BIP-300 biff: Debate reignites over years-old Bitcoin Drivechain proposal
BIP-300 biff: Debate reignites over years-old Bitcoin Drivechain proposal
The WW2 German Enigma cipher machine has 158,962,555,217,826,360,000 different possibilities (nearly 159 quintillion). The BIP39 seed phrase word list contains 2,048 words, so a 12-word crypto seed phrase has about 2 to the power of 132 possible combinations. That’s 2 with 132 zeroes after it.
"NO" | Rejecting BIP300 Drivechains | Featuring Saifedean Ammous | Bitcoin Standard Author
"NO" | By Saifedean Ammous | Two Open Letters Rejecting BIP300 Drivechains | Voiced by FEEeACH
Why Blockonomics endorses DriveChains (BIP300-301)
🔴LIVE | BIP 300 Debate | Drivechain Softfork Dynamics | @BITC0IN
🔴LIVE | BIP 300 Debate | Drivechain Softfork Dynamics | @BITC0IN
Stumbled on BIP-300: a potential game-changer or just buzz?
There are 2048 possible words that comprise your seed phrase and each of these corresponds to a number in the BIP39 list. Reminder that it’s possible to convert the phrase to numbers for seed storage.
Bitcoin Drivechain Proposal (BIP300) Debate
Holding crypto is not likely to get any more convenient, and it is an inherent problem of self-costody.
COLD STORAGE: Comparing the Best Cold Storage Wallets for 2023
Yesterday was my first time encountering the word 'Satoshi' in a seed phrase. Did you know it was in the BIP39 word list?
What's your self-custody strategy? Do you keep a backup hardware wallet on hand?
BIP300/301 and Drivechain talk with Paul Sztorc and Austin E. Alexander
PSA: Severe Libbitcoin Vulnerability. If you used the "bx seed" command to create seeds/private keys, Immediately move related funds to a different secure address.
In theory, instead of creating a new wallet and memorising the seed, can I just choose words that are easy to remember and generate a wallet from that?
Importing BIP-84 key in Electrum giving wrong address
What is a BIP-39 seed phrase -- a few tips for handling your seed words safely
What is a BIP-39 seed phrase -- a few tips for handling your seed words safely
Keeping KYC & Non-KYC utxos in the same Multi-Sig wallet: will there be a way of these utxos being linked?
Mentions
You need to check out the Specter Shield (Lite)! \- Huge Touch Display \- Bitcoin only \- Air Gapped \- BIP85 \- Switch Secure Chip \- Manage multiple Seeds ...
yeah there weren't secret words back then. That came in 2013 with BIP39. Genesis block in 2009, Bitcoin used a simple wallet format where private keys were stored directly in a file called wallet.dat. Each address had its own private key. So that's about 22 000 keys you'd need to find. Even if you found them all you would have 0 powers over anything else. Bitcoin operates on a decentralized consensus model, meaning no single entity, not even the creator, can unilaterally change the protocol, alter transaction history, or influence network rules.
Exactly, for BTC there is a discussion ongoing (BIP360), same for other major projects
Sure - every Technology will have issues, centralized banks as well as decentralized blockchains. I think BTC has a good migration path with BIP360, tricky part will be to come to consensus on what to do with Satoshis/lost coins, interesting to follow the discussions on that in the next months
Important that we Take this topic more serious, I‘m holding some BTC, like the BIP360 concept, but migration with the proposal will Take several years…
I expect a 5-10y Range until quantum Computer are able to solve ecdsa - the Challenge imho is that we don’t know when it will happen (could also Take longer), but it‘s too late when it happens. Take BTC for example - Migration like suggested by BIP360 takes 3-4 years (estimation by author Hunter Beast), this is the reason why the quantum threat is relevant today, I think a lot of people are underestimating the time needed for migration which is really risky
Only once, if he used the most popular paper wallet generator See https://www.bitaddress.org/ Select the "Wallet Details" tab Check the "BIP38 encrypt" checkbox The "Enter BIP38 Passphrase" box is only there once
No BIP39 in this story The OP refers to a BIP38 password, which is a technique for using AES to encrypt a single secret key for a paper wallet Long before 2017, single-key paper wallets and BIP38 were not recommended. The OP's error was that he ignored that advice
Did you know if you encrypt the word oranges with BIP38 it encrypts as the word gullible?
Do you even know anything about Bitcoin? He even states explicitly in the post BIP38 paper wallet. Have you ever made one?
f the wallet uses a standard like BIP-39 for the seed (most do), you can import those words into another compatible wallet. That’s the whole idea: the phrase belongs to you, not the app. Always worth checking what standard they use before you commit big funds
> The last word in BIP39 is a checksum of the first 11 The last 8 bits of the 264 is a checksum of the random 256 bits (first 8 bits of the SHA256 hash of the 256 bits) So the last word is the last 3 bits of the random and the checksum Your brute force count is 2^47
I created a BIP39 wallet. Then in Tools, I see Sweep Private Key but it's greyed out. I don't see how to un-grey it.
What type of wallet is it? BIP38 paper wallet, Electrum, Bitcoin Core? And do you remember anything about the password? Happy to take a look if you want.
1950 MKeys is 1.9 millions per second, so it should be BIP39 in PBKDF HMACSHA512 (is very good for 3080gpu) I achieved 1 billion per second, but it was directly on the private keys, without the extra encoding of BIP39T. [https://github.com/ipsbruno3/secp256k1-gpu-accelerator/tree/main/nafs](https://github.com/ipsbruno3/secp256k1-gpu-accelerator/tree/main/nafs) NAF windows allowed me to further optimize the code.
It's worth remembering that BIP39 uses PBKDF HMACSHA512, which is designed to prevent brute force attacks. This means you won't be able to reach more than 5 million seeds per second... BIP39 is shielded against brute force attacks, which makes it difficult for me to recover my Bitcoins. That's why the idea of the FPGA is to reduce long-term energy costs.
Wow, that's incredible! 2 billion on a modest GPU is absurd. What tool were you using? My secpk accelerator is doing 1 billion per second using point\_add; the trick here is that it doesn't need to keep redoing multiplication on big ints all the time, just add a point on the curve, incrementing and summing. Regarding my seed, you're partially correct. The last 5 are 2048\^4\*128 and not 2048\^5. The last word in BIP39 is a checksum of the first 11. This is the trick that will allow me to recover my Bitcoins in 3 years and not 40 years.
This is one of the reasons why it's hard to recommend passphrases (even for "modern" BIP39 wallets). Other methods have built-in redundancy checks to ensure that a typo won't ruin you. For instance, with multisig, you store your seeds as multiple mnemonics. If you somehow mistype one of the words in your backup, it can be easily corrected by looking up the wordlist. Even before the BIP39 days, mistyping a private key directly could be somewhat avoided using the built-in checksum. The problem with passphrases is that they allow completely arbitrary content, making it very easy for transcription errors to slip in.
Largely agree with everything you said, you're obviously well versed in Bitcoin, except this part: > You literally print all 2048 words from the BIP 39 list and cut them into small individual words and pick them randomly to generate your seed phrase. While this is better than using an online wallet to generate the seed (and honestly even a Ledger), it's still not ideal, as mixing/picking words in a truly random way is quite hard to do, and picking from a cut up list means that each word can only be selected once, limiting the total entropy. Unless you put the words back in after each pick, but then you're back to the mixing problem. This is not to say that mixing pieces of paper in a way that results in high entropy picks is not possible, it can be achieved with specific techniques, but you'll need to ensure that every piece is the exact same size, there are no folds, a hexagonal or octagonal mechanical tumbler is used, the tumbler is made of metal to avoid static electricity, etc. The better/easier analog option is to use dice or coins and match your throws to a printed wordlist. This is best done with octahedral dice (D8), although it can be done with regular cubic dice.
Memorizing seed phrases is not advised. You open yourself to a $5 wrench attack. If your stack is worth less than 1 month of your labor, you will have bigger problems to worry about if you get a head injury and lose your seed phrase due to memory loss. If your stack is worth more than a year of your labor, consider multi-sig and make no effort to memorize multiple seed phrases. The following is my recommendation: The crucial starting point is to generate seed phrases securely. Best to use entropy that is not linked to any kind of random number generator RNG but uses an analog method, such as rolling dice, or my preferred method, which is picking words from a hat. You literally print all 2048 words from the BIP 39 list and cut them into small individual words and pick them randomly to generate your seed phrase. [https://github.com/hatgit/BIP39-wordlist-printable-en](https://github.com/hatgit/BIP39-wordlist-printable-en) After you have a highly secure and analog seed generator, you are now ready to create wallets. My preferred software wallet is the FOSS sparrowwallet.com. My preferred hardware signing device is the do it yourself and FOSS [SeedSigner project](https://github.com/SeedSigner/seedsigner). With SeedSigner, you can enter 11 words that you picked from the "hat" enter them and it will calculate the 12th as a checksum and then it will guide you through writing by hand a QR code. This QR code is your seed so protect it. With the QR code, you can then scan it with your SeedSigner and then using what's called a partially signed bitcoin transaction PSBT you can create your wallet with Sparrow and sign transactions - spend Bitcoin. This way, your seed, or private keys, have never entered an Internet connected device. Absolutely air gapped. You backup your 12 words by hammering them onto stainless steel washers using the Blockmit jig for clean strikes. Put them on a bolt and secure it. You can wrap them in paper and coat them with clear fingernail polish for a tamper evident layer. With this set up, you are ready to create extremely secure bitcoin wallets. It's also very useful for more complex multi-sig wallet set ups that require multiple seeds to sign transactions. When creating multi-sig wallets, for example, a 2 of 3, you create 3 seeds, and 2 of them are required to sign (spend). A recommended solution for storing your steel seeds is to secure each one with a separate lock box service. These are commercial establishments that provide highly secure lock-boxes similar to safety deposit boxes that some banks offer. Place each seed with a different lock box provider in separate locations, cities or even countries. Remember, your HODL wallet is not for regular transactions, but for very long term storage. An important consideration for multi-sig is that the xpubs must be preserved. xpubs (public keys) are used to set up a watch only wallet for securely depositing funds and tracking all UTXOs. They cannot be used for spending funds (private keys). xpubs should be stored carefully, but do not require the same level of security as the private keys (seed phrases). Therefore, you can store xpubs with your password manager's secure note feature. These can also be encrypted and backed up on internet connected devices. If someone gains access to your xpubs, you lose privacy, but you do NOT lose your Bitcoin. And to verify everything, you run a node preferably on GNU-Linux, and connect your Sparrow wallet to it. My node preference is Knots. Once you have your 3 lockbox locations and seeds secured, you can write up instructions as to their locations which will only be made available to the appointed executor in your will. If you have no heirs, consider willing your Bitcoin to an institution that you support or some philanthropic cause. Being your own bank requires a deep level of responsibility.
Most likely a derivation path issue. Bluewallet and Electrum use different paths depending on the address type: BIP44 (m/44'/0'/0') → Legacy addresses (1...) BIP49 (m/49'/0'/0') → SegWit wrapped (3...) BIP84 (m/84'/0'/0') → Native SegWit (bc1q...) Check which address format you're expecting and make sure your script uses the matching path. That's usually where it breaks.
That's the beauty of BIP38 - unlimited attempts, you just need patience... and a lot of GPU power 😅
Bitcoin Core no utiliza mnemónicos de semilla. Si te equivocas sobre el origen de la billetera y crees que tus seis palabras son, de hecho, la mitad de la oración mnemotécnica para una billetera Bitcoin BIP-39, puedes intentar usar [btcrecover](https://btcrecover.readthedocs.io/en/latest/) ... pero con casi 74 trillones de posibilidades, prepárate para esperar un poco.
Bitcoin core never used BIP39 so this post is just full of shit, probably written by someone looking for attention. Get yourself a life.
Pool shares using Stratum v1 have complete control over mining, and nearly all Bitcoin miners in mining pools use Stratum v1. 2013 was a temporary hard fork + a soft fork. BIP-123 defines a hard fork as "In a hard fork, structures that were invalid under the old rules become valid under the new rules." v0.8 created transactions that were invalid under 0.7.2; thus it's a hard fork. Bitcoin devs asked 2 of the largest mining pools over the bitcoin-dev IRC channel to 51% attack and reorg the chain back in 2013. The mining pools gave very little warning, and there was even a $10k double-spend on OKPay as a result of the sudden reorg.
I would never give my wife my keys to my BTC, my "ex" wife was more concerned about MY money than anything else, and now im using "ex" for a reason... First thing first, you never leave your main pile of BTC on exchange. Have a cold wallet, i for example have a trezor wallet that support BIP39. Here a step by step on a trezor 5 - Open the trezor suite - create a wallet - select 24 words Write down exactly!!! Correct order, correct spelling, number them 1 to 24 Trezor suite will ask you to renter the words. If ever you fail here: redo. Transfer the same 24 words on metal, yes on metal: engraved! Double check spelling, store paper 📃 temporarily then once the metal version is ok 👍 destroy! Never ever take pictures or screenshot of your seeds!!! NEVER Once you got that, enable the passphrase on trezor. Settings->Device->toggle passphrase ON. Choose a strong passphrase, a sentence that you'll never forget anyway unless Alzheimer. Create a standard wallet. This is your real wallet where you will store your BTC, put only 1000 satoshi on the first one. Now: put your engraved seed words ona safety box. You have the keys, your wife a copy. Passphrase: you got a copy and a backup, you give a copy to your lawyer or whatever person of trust your wife dont know/have access to. If ever someone recover your seed they will see only those 1000 satoshi (it will act as a decoy), its a "fake" wallet you dont really use it. The lawyer should receive a sealed envelope wiht clear instructions on how to recove: not digitized, not emailed, not photographed. 2 sealed copies on 2 different locations. Never give him seed, hardware wallet, pin. You clearly states in your letter thst if only 1000 satoshj appears the passphrase is missing or incorrect. So wife has no passphrase until you die, and the lawyer has no idea of the seed location. Its paramount that you test the recovery once!
I have thought about this. The crucial starting point is to generate seed phrases securely. Best to use entropy that is not linked to any kind of random number generator but uses an analog method, such as rolling dice, or my preferred method, which is picking words from a hat. You literally print all 2048 words from the BIP 39 list and cut them into small individual words and pick them randomly to generate your seed phrase. https://github.com/hatgit/BIP39-wordlist-printable-en After you have a highly secure and analog seed generator, you are now ready to create wallets. My preferred software wallet is the FOSS sparrowwallet.com. My preferred hardware signing device is the do it yourself and FOSS SeedSigner project. With SeedSigner, you can enter 11 words that you picked from the "hat" and it will calculate the 12th as a checsum and then it will guide you through writing by hand a QR code. This QR code is your seed so protect it. With the QR code, you can then scan it with your SeedSigner and then using what’s called a partially signed bitcoin transaction PSBT you can create your wallet with Sparrow and sign transactions. This way, your seed, or private keys, have never entered an Internet connected device. Absolutely air gapped. You backup your 12 words by hammering them onto stainless steel washers using the Blockmit jig for clean strikes. Put them on a bolt and secure it. You can wrap them in paper and coat them with clear fingernail polish for a tamper evident layer. With this set up, you are ready to create extremely secure bitcoin wallets. It’s also very useful for more complex multi-sig wallet set ups that require multiple seeds to sign transactions. Being your own bank requires a deep level of responsibility.
Next level is importing that same seed into a dedicated non-custodial wallet and leaving RH as just an on-ramp. I pulled mine into Gem Wallet after doing a couple of tiny test sends. Same BIP-39 phrase, but now it lives in an app that isn’t tied to a stock broker’s business decisions
Whether you want to create wallet gifts for babies or a secure wallet for yourself, the key is to generate seed phrases securely. My preference is to use entropy that is not linked to any kind of random number generator but uses an analog method, such as rolling dice, or my preferred method, which is picking words from the hat. you literally print all 2048 words from the BIP 39 list and cut them into small individual words and pick them randomly. https://github.com/hatgit/BIP39-wordlist-printable-en After you have a highly secure and analog seed generator, you are now ready to create wallets. My preferred software wallet is Sparrow. My preferred hardware signing device is the do it yourself SeedSigner project. With SeedSigner, you can enter 11 words that you picked from the "hat" and it will calculate the 12th as a checsum and then it will guide you through writing by hand a QR code. This QR code is your seed so protect it. with the QR code, you can then scan it with your SeedSigner and then using what’s called a partially signed bitcoin transaction PSBT you can enter the seed into sparrow and sign transactions. This way, your seed, or private keys, never enterwd an Internet connected device. Absolutely air gapped. With this set up, you are ready to create extremely secure bitcoin wallets for yourself and for important people in your life. It’s also very useful for more complex multi-sig wallet set ups that require multiple seeds to sign transactions. Being your own bank requires a deep level of responsibility. Passing this knowledge to babies, to future generations is an incredibly virtuous thing to do. Best of luck, and let me know how it goes.
Bitcoin adopts BIP-341 (Taproot) style upgrades to include Lamport signatures or other PQC methods. By the time IonQ has 8,000 qubits, the "active" Bitcoin network will likely already be using "Quantum-Safe" addresses.
Your seed phrase is your wallet. Your BIP32 root key is your wallet. You have handed over your wallet to some stranger in multiple ways.
Funny how there are over 30 comments but not a single answer to your question. I'll echo every other post and say you shouldn't be putting your seed anywhere. Now that that's out of the way.. No, the BIP32 root key does not give access to your wallet. Regardless, you should move the coins anyway, assume your seed phrase is compromised. https://rya-sge.github.io/access-denied/2025/03/27/bitcoin-keys-102/ https://bip32.tools/?lang=en
So yeah my seed phrase of 12 words is safe in that site. I'm sure. But what about the BIP32 key? If you or someone tells me that they cannot access my wallet using the BIP32 key, I'm probably safe and can be easy.
>Yes but anyone can create another version of a hard cap supply. Yes. Many have tried. The difference is that Bitcoin is decentralized. Decentralization isn't something you can program in. It's a physical process in the real world. Bitcoin had the advantage of being the first mover and had natural, grassroots decentralization as a result. This process is very difficult to replicate without a centralized entity behind it, thus making the project inherently centralized. Bitcoin's decentralization is a critical component of its value proposition. >BTC will be broken by quantum computing. And a new form of digital currency will need to exist. Bitcoin will be updated to fix the vulnerability. One proposition for how to do so is [BIP360](https://bip360.org/). >So many BTC people said gold is dead. And so many gold people are saying BTC is dead. Neither were right.
I didn't give him my seed phrase, I just have him BIP32 Root key. The only thing I did was put my 12 word seed phrase into bip39mnemonic.com to generate the BIP32 Root key. Is that site safe the bip39mnemonic.com? Because the site has my 12 word seed phrase. The guy only has the BIP32 Root key. My assets are still in my wallet about 50$
I pasted the seed phrase into bip39mnemonic.com & just generated a bip32root key. If bip39mnemonic isn't a safe site, then I can say my wallet is compromised. I just sent the bip32rootkey to the persons software. So the person has my BIP32 Root key. My question is that can he use the bip32rootkey to get to my wallet? No one has access to my 12 word seed phrase, just the root key. The 12 word phrase is just put into the site called bip39mnemonic. Unless that site is not official or has been flagged or something or made by a scammer, then I can say I'm safe. But my concern is that can he access my wallet using BIP32 Root key?? That I'm sure he has.
>Can this BIP32 Root Key be used to get into my wallet? Who cares? The seed phrase you gave him will do that just fine.
Good points. Quantum is a long-horizon risk, but there are active proposals like BIP-360 to enable a post‑quantum migration path. BTC is mostly saved today, yet Lightning usage is growing—public capacity recently hit ~5,606 BTC. MSTR index pressure affects MSTR, not Bitcoin’s core rules.
Good for you. Having your assets in a personal wallet is not bad, and a respected phone app is a lot better than a desktop app. Next step when the amount is uncomfortably large is to move on to use a hard signing device such as Trezor. This completely protects your wallet seed from any electronic hacking, making sure the seed is secure even if your computer or phone is completely hacked. Keep in mind that the wallet seed IS your wallet. You must not ever share this with anyone/anything. Your BIP-39 mnemonic is only used for recovering access to the wallet using another wallet app or signing device If you ever get asked to.provide your seed for whatever reason then RUN AWAY. You are dealing.with scammers trying to steal your crypto. Common attack vectors include - "account validation" - "connecting your wallet to some lucrative service" - "recovering locked funds" Andany other. But they all have in common that they are trying to lure you into giving away the keys to your treasure chest. The seed phrase is NOT used in any such context and the only reason they ask for the seed phrase is to steal your assets.
Ah yes, BRD wallet and their custom HD path. To recover, input your 12 words into BlueWallet, then select custom path, and input “m/0’” into the free text field. Finally, select BIP44 P2PKH, and bosh. Wallet recovered.
Current impact…fairly small, but nonzero. Future impact…I would say will be very large. Even if the community moves forward with the BIP(s) to address it, it will be a slow and probably extremely contentious process.
Hourglass - This BIP describes a new set of spending rules for Bitcoin called "Hourglass." The intent is to impose a throughput restriction on the number of P2PK spends to one per block-- to slow the inflationary impacts of potential quantum attacks on these addresses
Working on it!!! Hourglass is on the table check it out - https://github.com/cryptoquick/bips/blob/hourglass/bip-hourglass.mediawiki This BIP describes a new set of spending rules for Bitcoin called "Hourglass." The intent is to impose a throughput restriction on the number of P2PK spends to one per block-- to slow the inflationary impacts of potential quantum attacks on these addresses
Look up hourglass - best one so far This BIP describes a new set of spending rules for Bitcoin called "Hourglass." The intent is to impose a throughput restriction on the number of P2PK spends to one per block-- to slow the inflationary impacts of potential quantum attacks on these addresses
Yeah, and they can pay fees to move them slowly... Hourglass proposal helps this be orderly - This BIP describes a new set of spending rules for Bitcoin called "Hourglass." The intent is to impose a throughput restriction on the number of P2PK spends to one per block-- to slow the inflationary impacts of potential quantum attacks on these addresses
Hourglass is a good option gaining steam. This BIP describes a new set of spending rules for Bitcoin called "Hourglass." The intent is to impose a throughput restriction on the number of P2PK spends to one per block-- to slow the inflationary impacts of potential quantum attacks on these addresses
Lame - won't happen. Already working on better options like the Hourglass protocol. https://github.com/cryptoquick/bips/blob/hourglass/bip-hourglass.mediawiki "This BIP describes a new set of spending rules for Bitcoin called "Hourglass." The intent is to impose a throughput restriction on the number of P2PK spends to one per block-- to slow the inflationary impacts of potential quantum attacks on these addresses" Simple and good for everyone
Quantum threat is much more a market problem than a practical problem right now. But if AI advances as fast as some suggest, it may be that a quantum computer with sufficient capacity to find private keys will be with us sooner than expected. Supporting an appropriate BIP now is a good idea. Any Bitcoin not moved to a secure address after a certain date should be burned.
There have been BIP’s for ages on fixing quantum issues. It can be done. We just need a way to queue transactions on a layer 2 during the fix. (BIP = Bitcoin Improvement Proposal paper)
Not sure yet. He posted this on X. There is a BIP or two out there. But no where near consensus yet.
That's not true. There are plenty of fundamentals. Network activity, network hashrate, coins in circulation, how many BIP have been implemented and what they changed, node health and software, software concentration of nodes, etc. Plenty of fundamentals they just have nothing to do with watching the price chart (which is what 99% of people do).
quantum computers are real threat to crypto. they are threat to any system that uses public key cryptography. that is a fact and not some FUD gimmick. the good thing is that we have the tools to upgrade blockchains to be quantum-proof. there are already many quantum-resistant algorithms. and there are already proposals to do this, e.g., BIP360 for bitcoin. but it takes time to achieve consensus, make the technical upgrade, and move all coins to quantum-proof addresses. there is a reason why all the other industries (tech, banking, military, telcom, etc) are working on post-quantum cryptography, for example: * **Cloudflare** uses hybrid post-quantum key exchange by default across its network, which handles \~20% of all websites. In October 2025 they announced a huge milestone: the majority of human-initiated traffic with Cloudflare is using post-quantum encryption. (Source: [Cloudflare](https://blog.cloudflare.com/pq-2025/)) * **Apple** added post-quantum encryption to iMessage in 2024. (Source: [Apple](https://security.apple.com/blog/imessage-pq3/)) * **Google** has added PQC to Chrome and Android. (Source: [Google](https://security.googleblog.com/2024/08/post-quantum-cryptography-standards.html)) * **Microsoft** has integrated PQC into Windows, Azure, and Microsoft 365. (Source: [Microsoft](https://www.microsoft.com/en-us/security/blog/2025/08/20/quantum-safe-security-progress-towards-next-generation-cryptography/)) * **IBM** is testing quantum-safe tools for mobile networks. (Source: [IBM](https://www.ibm.com/quantum/quantum-safe)) * **Amazon Web Services (AWS)** offers PQC options for cloud data protection. (Source: [Amazon](https://aws.amazon.com/security/post-quantum-cryptography/)) * **Intel** added PQC support to its software tools in 2025, enabling quantum-safe encryption for cloud applications. (Source: [Intel](https://builders.intel.com/solutionslibrary/accelerate-post-quantum-cryptography-with-intel-crypto-technologies)) It's a technical problem that we can solve if we want to. but if we do not solve it, it's going to be bad times when Q-day comes. When it comes, no one knows. it can be 5, 10, or 25 years from now, but it is pretty certain that it will come.
OP, I don't understand this missing file you're talking about, but most comments, although tainted with negativity, are right. If you did not properly store your private key back in 2018, these bitcoins are gone. That being said, it is unclear to me under what form the private key was in electrum in 2018. Was it a seed phrase like in BIP 39 ? Was is encoded into a file like like wallet.dat in bitcoin core ? Hard to tell. Therefore, what I suggest is for you to download a 2018 old version of electrum on your daily laptop and to try to create a new wallet with it. This way you will probably redo the steps you did back in 2018 with your windows 7 laptop, which will help you understand under what form the private key was encoded. Then only two possibilities : - You indeed saved the private key back then and can therefore access your bitcoins - You didn't save the private key and the bitcoins are forever inaccessible. In that case, just move on and don't dwell on that loss
its just like the internet where it sounds complicated unless you use it. you can just buy it on an exchange and theres these digital wallets you can make from apps or order a cold wallet from a trusted company. They are called BIP-39 wallets and once you make them they give you a 12 word passcode which is important to remember when sending bitcoin to those addresses. any trusted exchange will give you 500 dollars worth of bitcoin which right now is like 450,000 satoshis and theres 100 million satoshis in one bitcoin.
BIP39 wasn't active back then. Good luck finding that 64-digit hexadecimal string!
1) If I remember correctly, the banana split sheets let you break down 24 words into a list such that always 2/3 sheets recover the full seed. 2) What is SeedXOR? 3) Mh, multisig is less convenient because it would require me to travel to 2/3 locations and I'd probably need to buy 2 additional devices to create the signatures? 4) Haven't thought about it. I just followed the recommendation in the video I linked. You're suggesting to roll for words in BIP39 list?
A couple things in no particular order - what is a banana split sheet? - are you aware of SeedXOR? I think it's a better option for what you're doing - if you are this advanced/paranoid, why not do multisig? - why not use BIP39 words for your passphrase?
Been wondering this too honestly. Maybe they're just sticking with what works and don't want to deal with the added complexity of supporting multiple standards? Could also be a security thing where they'd rather focus on perfecting BIP39 implementation instead of spreading resources thin
I‘m long in some of the quantum projects because I think this sector will rocket when the major projects start the Migration process. Spend some time on the BIP360 approach for BTC and it will not be that easy to come to an consensus as several philosophical questions have to be answered (what to do with Satoshis coins?). Nevertheless a lot of bullshit projects out there in the quantum secure area
BIP47 public payment code / PayNym
Yeah, problem is that news like that will keep gaining attention. That's why it would be far better to say there is a BIP that has enough consensus and is being developed. But the topic has been around a long time and people are programmed to fight it rather than address it.
Of course computers can generate keys themselves, but RNG logic is the hardest part to test and verify on a device. That's why generating from dice is so compelling. As long as your dice are reasonably fair, you're a few throws away from making sure nobody's handing you mnemonics from a preselected pool. Takes 15 minutes at most. Plus, you really only need to do this a few times in your life. Using BIP85, you can generate a single master seed, from which you can derive a near-infinity of mnemonics (from which you can derive a near-infinity of wallets)
> so when that company shuts down, then your coin still gone right? So pretty much every modern wallet supports what's called "BIP39". This is a wallet standard which means the wallet generates 12 or 24 random words (the "seed phrase") from a standard list which are in turn used to create your keys & addresses. These words can be used to recover your wallet completely to any compatible device or app. The words need to be carefully written down (some even stamp them into metal plates) and stored securely *offline*. These words are far more important than the device or app itself. When you hear about scammers stealing someone's bitcoin, it's usually by *tricking* them into typing their seed words into a website, or finding a photo of them on a hacked device or account. You need to protect those words at all costs and never reveal them to the multitude of scammers who are trying to fool you with DMs or spam emails.
You can use your recovery phrase with any wallet compatible with BIP39. The 24 word recovery phrase isn't ledger specific, its universal and will backup your wallet if something like that happened, and would be able to transfer your wallet onto another cold wallet. All of this is possible because you hold your own coins, so even if ledger goes bust, you still have the physical copy of your recovery phrase, along with your private keys (the most important part) Now compare that to if an exchange went bust with your coins on it...
This is not entirely true. Adding a password (BIP-38) just adds more entropy to the seed phrases entropy. Even it its leaked, you don't know the HMAC of the first n words anyway. BIP38 phrase can be full random, not like BIP-39, meaning you better back it up or remember it. Can be possible to brute force if you have the seed phrase in a disaster recovery. Also, you can create a "muggers wallet" on the ledger without the BIP-39 passphrase. Put a small amount of coins there, then use the password for the real holding. The attacker still needs the seed phrase (and the device), which wouldn't show anyway.
I disagree with the OP. Adding a password (BIP-38) just adds more entropy to the seed phrases entropy. Even it its leaked, you don't know the HMAC of the first n words anyway. BIP38 phrase can be full random, not like BIP-39, meaning you better back it up or remember it. Can be possible to brute force if you have the seed phrase in a disaster recovery. Also, you can create a "muggers wallet" on the ledger without the BIP-39 passphrase. Put a small amount of coins there, then use the password for the real holdings.
Great project! Bitcoin implementations from scratch are excellent learning tools. For your collective blockchain storage idea, you're essentially describing a form of "pruned nodes" but with distributed responsibility. Check out BIP 157/158 (compact block filters) and "Neutrino" light clients which handle similar challenges of partial blockchain validation. The challenge with your random block storage idea is reliability - how do you ensure enough redundancy for less-accessed blocks? What happens during network partitions? You might want to look into erasure coding techniques from distributed systems. For educational value, absolutely! Your project reminds me of Jimmy Song's approach in "Programming Bitcoin" but with Zig's memory safety benefits. Consider adding explan
Probably chuckle to myself laughing at whoever wrote that on a floppy considering BTC wallet addresses didn't start using seeds until 2012. And to my knowledge the majority (if not all) of the potential Satoshi wallets all used the original bitcoin core wallet format. Seeds didn't come into play until they started using BIP32 & BIP39.
> What would you do if you found this? Probably roll my eyes remembering that the concept of a "seed" in bitcoin did not exist before ~2013 (before the implementation of the [BIP39](https://trezor.io/learn/advanced/standards-proposals/what-is-bip39)), then further remembering that floppy disks became obsolete way before bitcoin was created, and chuck it into the bin, feeling nice and smug about my absolutely useless knowledge of bitcoin trivia.
Maybe I couldn't clarify, but multisig doesn't mean giving your power to others; you can still take care of multiple keys yourself, or share the minority with others to help in case of emergency. Multisig will handle the single point of failure natively with Bitcoin and as it uses the BIP 174, there will be no vendor lock-in! which I think is a MUST.
To be fair, the write-up looks more insane than it actually is. Once you understand UTXOs + coin control and have Sparrow set up, the whole thing is basically: * find the original input address * refill it * spend that one UTXO for the test It’s annoying, but it’s not rocket science. The real shitshow isn’t “Bitcoin in Europe” as such, it’s the combination of: * EU ToFR rules that were written with a **single account = one address** mental model, and * exchanges that bolt on the cheapest possible implementation instead of doing the work to support **HD wallets + self-custody properly**. There are technically clean solutions that don’t require this circus at all: * message signing (signmessage / BIP-322) from **any** address in your HD wallet * or a standard like AOPP / similar, where the exchange gives you a challenge and your wallet signs it once, off-chain If EU-regulated exchanges in 2025 just implemented a proper “Sign message to prove ownership” flow and stopped insisting on “same address Satoshi tests” glued onto HD wallets, this would be a one-click action instead of a tutorial. So yes, this workaround is stupid – but it’s stupid **because** exchanges refuse to implement the technically obvious solution for self-custody users, not because Bitcoin itself can’t handle it.
Not at all. A complete opposite of holding bitcoin on an exchange. Bluewallet is completely open source so anyone can fork their own version. So even if every developer left the project, anyone can pick it up and keep going or create a PurpleWallet as a fork. https://github.com/BlueWallet/BlueWallet The people developing it don't see your keys, they don't have an access to your coin. You're the one having the access. If bluewallet disappeared tomorrow, you can load the keys (your seed words) into Sparrow, electrum, Blockstream Green, or any wallet that supports BIP39 and access your money.
I use Electrum, and it has been a good experience thus far. I am also dumb, so you are in good company. Here is my protocol: 1. I boot to TailsOS (offline/air-gapped) and I start Electrum in volatile memory - that is - when the session is closed all work is lost (zero permanence). 2. Generate a new wallet. I add custom words at this step. I triple-check that the 12 original words, and any custom words that I add, are part of BIP39. Important: Do not say the words aloud, do not attempt to save the words digitally, do not take a photo of the words. Quietly and with care, write your words down in order on a piece of paper and set it aside. 3. Insert a second, empty flash drive. In a notepad, copy and paste the master public key and your first 3 BTC addresses. Save the notepad file to your flash drive. 4. Close the session and shutdown TailsOS. 5. Start your regular, online computer in Win, macOS, or Linux. 6. Download Electrum and make a watch-only wallet using your master public key. 7. Scrutinize the BTC addresses in your watching wallet against the 3 you saved to your notepad. They should match exactly. 8. From your brokerage or a different wallet, send an EXTREMELY small amount of BTC to one of your new addresses and wait for on-chain confirmation. 9. Next, you will send this BTC back to its original source (less transaction fee). Important: Since this is a watch-only wallet, you cannot sign transactions, and thus you cannot send BTC, but you can generate a transaction file. 10. Save this file to your flash drive. 11. Boot to TailsOS (offline/air-gapped), start Electrum in volatile memory (zero permanence), and recover your wallet using your words. NOTE: Because you are not on the internet, you will not see the BTC in your wallet. 12. Import and sign the transaction and export the confirmation file and save it to your flash drive. 13. Close TailsOS. 14. Start your regular, online computer in Win, macOS, or Linux. 15. Start your Electrum watch-only wallet and import the confirmation file. The BTC should now move to its destination. 16. If all goes well, you have just created a cold storage wallet to which you can send BTC at your convenience, but it requires this layer of security to sign any transactions. 17. Go to a hardware store and purchase stainless steel washers and a through-bolt. Also, purchase a metal stamp kit. 18. Because your words are BIP39, you only need to stamp the first 4 letters regardless of word length. 19. Stamp the word and word # to your washers and place them in a safe place. 20. Make a duplicate washer stack. 21. Make an instruction washer which tells your heirs that you used Electrum and a normal BIP wallet will not work.
BIP-39 came in Sept 2013.most probably whoever try to bruteforce anything will try doormant old legacy addresses prior to this date.
It’s possible. If the bitcoin community doesn’t get its act together via BIP360 or something similar before Q-Day, it could very well happen.
Don't "link you in with youtube liars"? When did I say you were a lying youtuber? Weird statement. Anyways. I'm just saying, core hasn't been making any good arguments on why BIP444 is broken by design. To me it was working fine. So not even sure what the point of an upgrade was.
Really? You could've just Googled them because they're well-known incidents. Add the "https" in front of the links: **2010 reorg**: * Google "Bitcoin Value overflow incident" * Google "The Day Someone Created 184 Billion Bitcoin" **2013 reorg** - Also resulted in a known double-spend: * Google "Analyzing the 2013 Bitcoin fork: centralized decision-making saved the day" * Google "Alert: chain fork caused by pre-0.8 clients dealing badly with large blocks" * Google "Bitcoin BIP 0050"
**2010 reorg**: https://en.bitcoin.it/wiki/Value_overflow_incident https://decrypt.co/39750/184-billion-bitcoin-anonymous-creator **2013 reorg** - Also resulted in a known double-spend: https://blog.citp.princeton.edu/2015/07/28/analyzing-the-2013-bitcoin-fork-centralized-decision-making-saved-the-day/ https://bitcointalk.org/index.php?topic=152030 https://en.bitcoin.it/wiki/BIP_0050
Don't link me with youtube liars I see you're ignoring the facts about the proposal, continuing with the hysteria for its own sake. BIP444 is broken by design
It is even easier than others say. With a BIP-39 12-word pass phrase, that 12th word contains 7 bits of entropy plus 4 bits of checksum. Very few of the final word choices will result in a valid checksum, so only those few words will need to be tested. However, as many have pointed out, checking all 2048 possible words would be trivial, anyway. You may as well simplify it and just try them all.
Picking random words from BIP-39 can lead to invalid checksums = no valid wallet/pk. Beside that its not possible to use a word outside of the 2048 wordlist. If you had a valid public key back then, you had a valid mnemonic phrase. You should read into BIP-39 and try the words by bruteforce if only 1 word is missing.
Maybe in that time I selected 11 random words from BIP39 and added my own passphrase, but using any different of BIP39?
No, BIP-39 wordlist is a standard. There are 2048 words. If you know the position of the missing word you just have 2048 different combinations. Try them all using a brute force algorithm (easy, let chatgpt write that python script) and you got your keys within a seconds.
Is it a standard BIP39 seed phrase (2048 word list) or an early Electrum V1 which used a 1626 word list?
There was a BIP for that already (soft fork to fix the price at 50k): https://github.com/luke-jr/bips/blob/softfork_50k/bip-softfork-50k-price.mediawiki
Did someone upload the Nelson Mandela JPEG to the blockchain due to the size increase? No, it was added in 2013 Did someone upload the Mr Burns JPEG to the blockchain due to the size increase? No, it was added in 2017 Did someone upload the tankman JPEG to the blockchain due to the size increase? No, it was added in 2017 Does BIP444 prevent the addition of arbitrary data to the Bitcoin blockchain? No it does not It doesn't even block the three methods used for the three examples listed above Also, the V30 modification doesn't increase the size of anything. Bitcoin consensus has never limited OP_RETURN sizes > everything I've been reading You obviously avoided reading the debate in the Bitcoin developer mailing list, and completely bought into the manipulative hysteria
From what I know about the topic quantum computing is well known to be coming, so there are already people working on a solution. Someone told me about BIP360
First, ignore DMs. The moment you wrote "I am a noob" you made yourself a target for the dozens of scammers who'll be trying to direct you to their fake platform/wallet/exchange. In terms of wallets, anything in the wiki/faq here or over on /r/BitcoinBeginners is likely a safe bet. I use a hardware wallet (Trezor) so I'm afraid I have no recommendations. Good call to look for BIP39 support, which is still the most widely supported standard. In terms of exchanges, I've always used Kraken. Reasonable fees. Great customer support, but the best choice may depend on your country. Again though, stick to those listed in the wiki/faqs. Any legit exchange will let you withdraw (send) to any legit wallet, so all you need to supply is a receive address, generated by your wallet. No need to "link" your wallet. Some countries may impose extra conditions due to money laundering / KYC rules though.
BIP39 mnemonic seed phrases cannot be arbitrary "items." The seed phrase is explicitly words from a 2048 word list. 12, 24 or potentially another number of words. There is also a checksum as part of the last word, so randomly choosing 12 words from the list has only like a 1-in-1-million chance of being a valid seed word set.
BIP-39 was created in 2013 - years after these emails.
*From Trezor Team-* Hello r/cryptocurrency Trezor has been building key innovations since Bitcoin’s early days - you might know our team for inventing the first hardware wallet and creating the BIP39 seed-phrase standard. For this AMA, our CTO, Tomáš Sušánka, will be here to talk about Trezor Safe 7 - our recently launched new model - share insights from development, and answer your questions. If you’re curious about the future of self-custody, this AMA is for you. **What this AMA will cover** **🔐 Trezor Safe 7: our next-generation hardware wallet** TS7 marks the biggest leap forward in the Trezor lineup since our very first device. It brings security, premium materials, and a modern user experience together in one device. **🛡️ Security, explained openly** We’ll break down the security principles behind TS7 - and Trezor wallets in general - including: * How the dual secure-element architecture works, combining the open and auditable TROPIC01 chip with the certified OPTIGA Trust M * What “quantum-ready” means in practice and what users should expect from it * How wireless features & Bluetooth are secured * How Trezor devices handle seed generation, backup & recovery * How open-source firmware supports verifiable security **📌 Other topics we’re excited to discuss** * TS7 shipping timelines & what updates are coming next * Where we see self-custody hardware heading in 2026+ * What our team is working on right now and what new features our customers can expect in the near future **Our CTO, Tomáš Sušánka:** u/tsusanka
Ah, sounds like what you type in to access the 'inner' wallets ***are*** BIP39 passphrases (25th seed words), meaning that if you forget those, the main wallet seed isn't going to recover anything for you 🤔 It's a dangerous game! 😜
This "system" can't destroy your money "at a whim". To destroy somebody coins you must create BIP which proposes to destroy somebody coins and have 50+% miners to accept this BIP. It's extremely hard since miners really don't like to acxept BIPs. Remember that miners money depends on atability of vitcoin and public trust in bitcoin.
many in this sub dont even know about Lightning Network or Liquid Network and many don't even know that Bitcoin is infinitely divisible (lightning network already works with millisatoshi) People think they understand Bitcoin, but they dont even get 17% of the tech, or what a BIP is.
Not sure where you heard that private key cracking algorithm can be reduced to 128 bits. Not saying it's not true as some weird math shortcuts may exist that I'm not aware of, but traditionally old types of addresses use 160 bits (due to RIPEMD160 used to hash public key), while taproot addresses use up to 255 bits (due to two private keys being valid for each xonly public key). For BIP39, you can choose 12, 15, 18, 21 or 24 words, but no idea if your wallet supports all these lengths.
Good example, that 24 word sequence is invalid despite using words from the BIP 39 list. A wallet will reject it as invalid if you tried to import it. For a 24 word phrase to be truly valid, the first 23 words determine the precise mathematical value of the 24th word. You must rely on something like a wallet to generate a truly random and valid seed phrase, as human selection is neither secure nor truly random.
You need to use words from BIP-39 list, not just any word, even if you picked from the list (which isn't recommended) it wouldnt pass the last work checksum. For a distributed key, without a single point of failure, the best is shamir's secret sharing or multi sig
Everyone here is confusing pass phrase and seed phrase. Great question! Here's a clear breakdown of the difference between a seed phrase and a passphrase in the context of cryptocurrency wallets and digital security: --- 🌱 Seed Phrase (Recovery Phrase) - Definition: A sequence of 12, 18, or 24 words generated by your wallet that represents your private key. - Purpose: Used to recover your wallet and access your funds if your device is lost or damaged. - Example: gravity trophy banana sunset mirror canyon ... - Security Role: Anyone with your seed phrase can fully control your wallet. - Standard: Follows the BIP39 standard (used by most wallets). - Storage Advice: Must be stored offline and securely (e.g., written on paper, stored in a fireproof safe). --- 🔐 Passphrase (Wallet Extension or 25th Word) - Definition: An optional extra word or string added to your seed phrase to create a different wallet. - Purpose: Adds an extra layer of security—like a password for your seed phrase. - Example: correcthorsebatterystaple - Security Role: Without the correct passphrase, the seed phrase alone won’t unlock the wallet. - Standard: Also supported by BIP39-compatible wallets. - Storage Advice: Must be remembered or stored securely—losing it means losing access to the wallet. --- 🧠 Analogy Think of the seed phrase as the key to a vault, and the passphrase as the combination to open a hidden compartment inside that vault. Both are critical if you're using the passphrase feature.