Andreas gives a nice summary of BIP119 and how it could be a potential attack vector against bitcoin. Also goes into detail about how it is being rushed through without consensus from the community and another UASF (User Activated Soft Fork) could be in our future.
The Sparrow wallet file does not actually contain any private keys, unless you're using a new or imported *software* wallet keystore. If you're using a Trezor as a keystore, it is not possible for someone to spend from your wallet with just the Sparrow wallet file alone. Nevertheless, the wallet file does store some information that you might want to keep concealed for privacy reasons. Someone could learn your balance and addresses. That's why you can encrypt your wallet with a password (not to be confused with a BIP-39 "25th word" password). So, you *can* delete your wallet file and recreate it each time, but I don't see any compelling reasons to do so. Just set a password on the wallet.
This basically explains what quantum computer have to do in order to break into someone's privet key. Lets assume OP has a quantum computer in his basement that's advanced enough for the task. Now he can brute force couple of addresses. After that new BIP for quantum resistance is provided. Everyone runs it and we return the network to the previous state.
> change it every 3 months to be compliant with company policy This "policy" has been deprecated for years. The real joke is that it still applies in many organizations > You need to pick a password that’s difficult for hackers to guess Passphrase, not password Long and random. Ask the computer to make the random for you, at last 80 bits. Then ask your IT department to supply a tool which converts a bitstring into a list of words, like BIP39 or Diceware (without the dice), so that the passphrase can be memorized
The limit is L1, how many channels you can open in a block. Fortunately we have a solution called channel factories, but it requires a soft fork we have multiple BIPs that can provide the functionality such as BIP-118 anyprevout or BIP-119 CheckTemplateVerifiy. Using Schnorr and Cross input signature aggregation we can reduce on chain channel creation size by 96% in the best case scenario.
there were multiple proposals to increase blocksize The BIP-100 signal is another signal for dynamic blocksize 8mb signal was just for a static 8mb which has support in early 2015 NYA = New York Agreement which was for activating Segwit2x... BTC never got the 2x.
A wallet with a seed phrase is the best way to go because it’s more secure. It also provides a backup for your wallet because its easier to remember/secure for the future compared to a 64 character private key! BIP39 encryption is what turns your 64 character private key into a 12-24 word mnemonic phrase which is much easier to write down/preserve or even memorize. Can you imagine trying to memorize or even input a 64 character private key correctly with letters and numbers from a piece of paper!
Open up a new checking account, write checks to various friends/family in checks numbered from 001 to 024. The dollar amount on each check is the BIP39 mnemonic of the corresponding seed word. (E.g. if your third word is "eye" then you would write a check for $650 on check numbered 003.) Since most banks scan the physical check, it’s memorialized forever. For extra security, split up your checks across multiple banks.
>I have no idea what you are claiming here by 99.99% inefficient If you think Bitcoin 100 years from now can be fine on less than 0.01% of its current security budget then you think more than 99.99% of its current security budget is unnecessary. That means more than 99.99% of the resources spent on securing Bitcoin are unnecessary. That means its more than 99.99% inefficient. This is a simple logical binary. > Comparing centralized business products to a decentralized, permission-less currency is a false comparison. It's weird how I specifically referenced torrents, another decentralized technology in my last reply and you still said this. Something being decentralized doesn't make it immune from becoming obsolete. Lots of decentralized protocols have become obsolete, many of them far more important to the internet than Bitcoin has ever been or ever will be. >What are you talking about? Almost none are a derivative of bitcoin. Almost every single altcoin is a centralized blockchain run by a team of developers, founders, etc. That's not true though is it. Almost every "altcoin" is based on the same shitty idea of having a massive append only chain of hashes as if that's possibly an efficient or scalable way of managing a payment network. Almost every single "altcoin" is secured by economic cost, which is why none of them can efficiently scale because they have to cost more the more the more they scale, which is the opposite of scalable technology which gets more efficient at scale. And don't just assume I've never heard of Lightning before hitting me with the stock response. The petty differences between projects you think are so important don't change the fundamental competitiveness of the design. It's like arguing that your car with square wheels is so much better than cars with triangular wheels. They're both vastly inferior to existing wheels. >BIPs continue to update bitcoin. So obviously technology advancements do get implemented in a consensus based decentralized manner using bitcoin's BIP. How much faster is Bitcoin than it was 10 years ago? How much higher capacity? How much cheaper is it to use? It's an abysmal failure as a currency technology sustained only by the self limiting economics and delusion of greater fool speculation.
The beauty of this is that you can do whatever you feel is best. I kept BTC on paper wallets for a couple of years then swept into other formats. Private keys are not inherently secure. Seed words are a product of BIP39. You can use just about any modern wallet to sweep funds from a paper private key to leverage seed words instead. You have a lot of options here, Crypto.com DeFi wallet, Mycelium, many others. Download and give a few some of your time to see what you're comfortable with.
> You actually have to come up with a reason why its a false comparison, not just say "you can't compare X to Y because X isn't Y!" > > I already did in my previous comment. Comparing centralized business products to a decentralized, permission-less currency is a false comparison. > given almost all of them are entirely derivative of the first attempt. What are you talking about? Almost none are a derivative of bitcoin. Almost every single altcoin is a centralized blockchain run by a team of developers, founders, etc. > If you think the technology for digital currency peaked in the late 2000s never to be bettered, that speaks to the lack of creativity and imagination in the space, not the lack of potential. I never said that. BIPs continue to update bitcoin. So obviously technology advancements do get implemented in a consensus based decentralized manner using bitcoin's BIP. > So the block reward can keep halving, and neither price and fees need to keep doubling, but Bitcoin will still be secure 100 years from now when block reward is less than 0.01% what it is today? Yes > So it's more than 99.99% inefficient as of today? I have no idea what you are claiming here by 99.99% inefficient
BIP-39 mnemonics have a grand total of 2048 words. so it's like 24 to the 24th power then multiplied by 2048 if you don't know the exact words. If you think it is doable and if you have a solution, I suggest you reach out to the OP in this thread: https://np.reddit.com/r/Bitcoin/comments/woiu1q/i_have_my_seed_phrase_but_i_forgot_the_order_of/
The perfect application for blockchain has already been found and that is Bitcoin. Blockchain has limited use outside of this case. Think of it as a slow and expensive database. You could waste Bitcoin block space to make immutable records, for example Microsoft Ion DIDs put an ipfs hash onto the Bitcoin blockchain. The interesting areas for Bitcoin development for me are on lightning like RGB or perhaps on a better way to do backups than seed phrases, for example what Jack Dorsey is doing with that new wallet & social recovery. And privacy like BIP47 and payment codes / Paynyms.
I'm pretty sure you only need to know the derivation path with your associated seed to get to your wallet. But you DO need the derivation path, and typically that's not something secret, it can easily be found or known. I don't keep it in mind, but I know where to find it etc. Whether a key is compressed or uncompressed does not come into picture DIRECTLY when using these seed phrases. You only need the 12/24 seed, the extra 'passphrase', and the derivation path ( and the knowledge what type of seed it is BIP39 or something else, for example electrum has a different format).
The passphrase needs to be written down, memorized and stored separately than your BIP39 seed words . This essentially acts similar to the security assumptions of a 2 of 2 multisig and gives you a decoy wallet you can give an attacker Also This is a horrible term Ledger started marketing which confuses many new users into believing the 25th word passphrase is a single word. The passphrase should be at least 5-6 random words at minimum to be secure. There is another problem here with that term as well, it insinuates that users should keep the passphrase backed up with the existing 24 words because its simply another "word" needed to recover the wallet along with the other words (12 to 24) which is incorrect. The passphrase would be backed up but kept separately from the 12 to 24 word seed. Also there is a third problem with that term as it insinuates that there are only 24 word seed backups and the passphrase is the "25th word" which is also wrong. Seed word backups can be 12, 15, 18, 21, or 24 , with 12 being the most common.
The EF has no more control of the Ethereum blockchain than does the actors behind the Bitcoin development. In neither case are they the ones performing issuance or governing underlying assets, nor are they able to provide any transparency into the inner workings of the asset beyond what is readily available on-chain. The EF is simply one of many who perform research and make Ethereum Improvement Proposals (which is same as how the BIP process works in Bitcoin). For any of the proposals to become reality, you would need not only the developers of the client team(s) to implement the changes, and for the nodes to roll out the new software (which is also the same as how the Bitcoin process works). Tasking them with complying with regulatory insight would be meaningless.
Yes, many software wallets allow getting connected to a hw-wallet. This still offers the same level of security. And you can always restore a seed in a software wallet, almost all wallets use the BIP39 standard and are compatible with each other.
Passphrases are part of BIP39. https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki#From_mnemonic_to_seed >A user may decide to protect their mnemonic with a passphrase. If a passphrase is not present, an empty string "" is used instead. > >To create a binary seed from the mnemonic, we use the PBKDF2 function with a mnemonic sentence (in UTF-8 NFKD) used as the password and the string "mnemonic" + passphrase (again in UTF-8 NFKD) used as the salt. The iteration count is set to 2048 and HMAC-SHA512 is used as the pseudo-random function. The length of the derived key is 512 bits (= 64 bytes).
In a text document. The holiest of documents. A document that has every seed, every account, every password- with instructions for my family how to access it all in case I leave unexpectedly. The text document is held in 2 seperate bank safety deposit boxes, 2 different banks. The files are on an IRONKEY- this is the most important part. Google IRONKEY Bitcoin. The password to the IRONKEY is easy and something that only the family knows. It destroys itself after 10 guesses, so no worries about bank personnel intercepting the information. And as an emergency failsafe, just in case the government were to come and take both- and I somehow lost my ledger... I've actually got it stored online on the ethereum network, disguised in the form of what looks like a page of random numbers, but actually they correlate with BIP seed words if you know the secret. For example, 1 is the first word on the BIP list. 2 would be the second. But this is only done for the first half of the seed phrase. For the second half of the seed phrase, 1 is the LAST number of the BIP list and 2 is the SECOND FROM LAST. (This isn't how I do it, but it's an example) The money was Tornado Cashed into the wallet that controls the file, so no worries about anyone finding it- but even if it was... I'm the only one who knows what set of numbers to pick, and what to do to the numbers to make them work.
Yes it is, 25th word is non standard, not part of BIP39. Personally I agree with Jameson Loop when he says that using a 25th word, passphrase or any other obfuscation method is not ideal. This is because it is akin to transforming a single sig wallet in a defacto 2 of 2 multisig since you need the seed phrase + an extra secret to spend your funds. 2 of 2 multisigs should only be used in LN channels, using it as your money wallet greatly increases the chances of loosing your funds forever. Remember that you can hit your head and get amnesia, you can die suddenly, or you can just plain forget the extra secret. My advice is for a clear unobfuscated 24 word seed, and just focus all your efforts in properly hiding and securing it. As you stack more sats, migrate to a 2 of 3 multi sig.
>Reason i'm asking is because i suspect its asking for a seed phrase. Not a password. If thats the case, you can stop searching now because you'll never recover that. Your lack of experience is showing. The BTC Core (and older revisions), do not use BIP38 or otherwise. The wallet can be protected by a passphrase and was the first recommended step to secure a wallet. Just because you're wrong doesn't mean you should double down on being right. Take your own advice and teach yourself what is going on. You're obviously not well-versed in this particular area.
Keep it hammered into steel in a fire-resistant box/safe. Use a BIP39 passphrase on your wallet (supported by all common hw-wallets like Trezor and Ledger). This passphrase adds a salt to the key derivation function and actually calculates another set of private keys. This means when someone steals your seed, it's worthless to them without the passphrase.
If they can get a smart phone (from a very trusted source, so it hasn't been tampered with. Do a factory reset in any case.), install a self custody wallet that gives a mnemonic seed. Memorize that mnemonic until absolute certainty. Write down the first receiving address of that wallet, and use it to receive any BTC down the line. That way, instead of getting paid in other prison currencies, they can receive BTC. A friend on the outside with internet access can confirm incoming amounts for them. This is for self custody for an inmate. Everything else would require trusting other people to hold their wallet for them. Without a phone: they could deeply learn about how to roll their own mnemonic from the BIP39 word list, and derive addresses from it. Could in theory all be done offline, with enough time and motivation.
What I "think" I know are things like... What a block is, what transactions are, UTXOs and how the accounting system doesn't have balances stored, what mining is and how the difficulty adjustment works. An example of what I would like to be able to listen to (I am much better at listening than reading) is what is BIP300? What are the pros and cons of it?
yes, and I believe that BIP would go exactly nowhere. Keep in mind that the fundamental unit is the integer 1. ie, 1 satoshi, 1 bitcoin token. "1 BTC" is just a display value for humans. Likewise the 21 million cap is mostly an illusion (playing with decimals). There only truly exists a 21 quadrillion satoshi cap. Of course, that's not as nice for marketing.... people have been attracted to bitcoin because with 21 million they believe it to be scarce. Your hard fork BIP could only achieve sub-satoshi division by using a larger number of total units/tokens. In this sense at least, it increases the money supply. Existing holders would of course increase their holdings in proportion, but it is hard to see all economic effects due to such a change. Certainly some dynamics are changed. I doubt this will ever happen because it would be a change to consensus code, and will become super controversial if ever seriously proposed. People have been saying for ages that "we can just make BTC more divisible". I believe that will never happen for reasons stated above, and because by the time there is any real need it would be like changing IPv4. time will tell.
To be honest, it was a lot less exciting than it sounds. Imagine waking up and reading several pages full of just...whining jibberish from the big blockers. This was prior to the subreddit fork mind you. I just ended up reading about other blockchains during that time because I knew bitcoin was going to win out. There were already BIP's out there for what we have now. It was just a matter of time ...
What I mean is, we could have a BIP that creates a hard fork where the smallest denomination of BTC is sub-Satoshi, if necessary, such as if 1BTC is ever valued at greater than $1million, then 1sat would be greater than $0.01. Also, Lightning Network already allows for sub-Satoshi payments https://bitcointechweekly.com/briefs/probabilistic-lightning-sub-satoshi-transactions-in-the-lightning-network/
There’s no need to send that small of an amount of BTC at the moment, but when 1 say ends up being more than 1 cent, I’m sure there will be discussions to add a BIP to increase the divisibility. I think there are also L2 implementations that allow for smaller denominations too.
> Trezor One has just one "flaw" in my eyes, you type the (BIP39) passphrase into your PC and not the device. On Trezor One you can use [advanced mode](https://wiki.trezor.io/User_manual:Advanced_recovery) to enter the seed phrase using only buttons on the device (and it's a very good idea to do so). But, yeah - if you're utilizing a passphrase (also a very good idea), then with Trezor One it needs to be typed on the keyboard.
Trezor One has just one "flaw" in my eyes, you type the (BIP39) passphrase into your PC and not the device. Of course typing a long passphrase into a hw-wallet with just 2 buttons would take ages (like on the ledgers). All of the wallets of these 2 companies have secure solutions for entering seed and PIN so it's unknown for the PC, even though they use different approaches. If you don't need the features of the more expensive ones, the cheaper alternatives are just as secure. The old Ledger Nano S had way to little storage for apps, but that's fixed with the Plus now.
Firstly, thanks for a reasonable and measured reply. I agree that PoS would be less of a problem for bitcoin with regards to people having a controlling stake from the start. So I will drop that assumption of premined and see it as a serious BIP that could be implemented for Bitcoin. While I agree miners can grow (slowly), to remain profitable they have to dance to the tune of the nodes. If node runners do not validate their blocks then they will not receive a coinbase reward. This would be ruinous for miners and that fear keeps them in line (as it did in 2017). They are independent security contractors that do not control the protocol. There is no such pressure in a PoS environment. It might work well for a few years, maybe decades as stakers work on good faith. But then maybe one day the stakers want more bitcoin for the risk they take on? Maybe they don't like that there are only 21m bitcoins. Who knows? As for the ongoing costs not securing bitcoin, that would be true if it were not for miners needing to constantly renew their hardware. But renew their hardware they must. So their profits must be reinvested to remain competitive. Stakers need no such risky reinvestment, they simply stake more and more to gain more and more. It is not possible for agile actors to find innovative ways to outcompete large stakers. Large stakers have the advantage from day 1. You have already mentioned this point as being in PoWs favour, but it bares repeating. Maybe a government wants to leverage its resources to attack bitcoin. This is currently effectively impossible with Bitcoin because they would have to secretly manufacture vast quantities of ASICS very quickly and in secret, and provide them with several powerplants worth of energy (again, in secret). Then they must mine a longer chain secretly, with nobody noticing, to make a few double spends before being booted off. They would have wasted billions and billions of dollars on paperweight ASICS and wasted energy. If a government wants to attack PoS bitcoin, it can merely buy bitcoin. That's it. And they will know exactly how much they need to buy. Maybe they already own it or have confiscated it secretly. It's not 51% of the supply either. It's 51% of what is staked. Which can be a significantly lower percentage. I have seen estimates put that figure as low as a few % of the total supply. This is very achievable for a determined government with access to money printers. It may not even be unprofitable. (1,2) That fixed cost to attack, instead of constantly growing costs combined with real world practicalities, is intolerable to me personally. I hope this helps clarify my position. (1) https://eprint.iacr.org/2020/019.pdf (2) https://halshs.archives-ouvertes.fr/halshs-00945053/document
Running a node is plenty of power, look up the drama of UASF ((BIP148/149) and how noders thwarted miners who wanted bigger blocks. Jihan Wu of Bitmain squandered many millions backing segwit2x and bcash. He was painfully and publicly schooled on the "power" you think miners have. Miners are hashing specialists who compete with each other to provide security to the network. Security we enjoy. They work for us.
---------------------------------- **Some foundational Principles of security** If you don't own much value in Bitcoin these principles are not for you. There is no one solution and most people have different risk profiles and make multiple trade offs in a risk vs convenience spectrum. 1) **Never store your bitcoins in a web wallet or exchange . You own 0 bitcoins if you do not control your private keys.** 2) Do not trust strangers on the Internet to help you setup your personal wallet. This is someone you must do yourself or have a personal friend or family member help you with in real life where they cannot see your backup seed. 3) Buy your hardware wallet directly from the producer or amazon site under the producers name. Verify the integrity of the hardware wallet if you are extra paranoid : https://support.ledger.com/hc/en-us/articles/360002481534-Check-if-device-is-genuine https://support.ledger.com/hc/en-us/articles/360019352834-Check-hardware-integrity http://doc.satoshilabs.com/trezor-faq/threats.html#reflashing-the-trezor-with-evil-firmware https://digitalbitbox.com/faq First update the firmware of your HW wallet before using 4) Never brag about your wealth to others 5) Never invest in any investment scheme or get greedy thinking you can quickly increase the amount of Bitcoin you have with daytrading 6) Consider more secure means of backing up your 12 or 24 BIP39 backups in case of floods or fire - https://jlopp.github.io/metal-bitcoin-storage-reviews/ 7) Setup your hardware wallet , transfer a small amount of btc to it, wipe it clean , and restore it to give you confidence that the backup was done right and give you experience in the recovery process. 8) Keep your Mnemonic 12 or 24 word seed secret and private and show to no one. Never use premade 12-24 word backups , you create new keys and backups upon setup. 9) The most secure , "active" wallet would be a hardware wallet integrated with a full node. HW wallet + electrum personal server and electrum is the popular way to do this 10) Use a passphrase with the hardware wallet (most the security concerns with HW wallets are solved with a passphrase.) keep the passphrase written down a separate from your seed words https://wiki.trezor.io/Passphrase https://support.ledger.com/hc/en-us/articles/115005214529-Advanced-passphrase-security https://coldcardwallet.com/docs/passphrase https://shiftcrypto.support/help/en-us/21-optional-passphrase Make sure the passphrase is also written down somewhere private so you do not forget it! Do not keep the passphrase in the same location as your 12-24 seed backup words. Here is a good strategy for most people with hardware wallets - **Location 1** 12 to 24 seed words preferably on metal https://jlopp.github.io/metal-bitcoin-storage-reviews/ **Location 2** same 12 to 24 seed words preferably offsite **Location 3** 5-7 word passphrase unlocking your real wallet preferably offsite **Location your head** pin for HW wallet and passphrase Thus you have both the passphrase and seed word backup in 2 locations and can lose either one and if someone finds your seed words or passphrase alone they can only see your decoy wallet at most and under duress(torture) you can hand over one of your seed word backups or enter in your pin instead of passphrase and give the attacker your decoy wallet alone. Every 6 months check to see if your backup seed words or passphrase written on paper or metal is disturbed or removed.(these need to be stored separately!) It is best to hide them in such a manner if you can tell if someone has tampered with them or found them so you are aware if either your seed words or passphrase becomes compromised. -------------------------
u/Coldstreamer 1)You should not be using obsolete paper wallet designs(single private keys) because they are dangerous for these reasons : https://en.bitcoin.it/wiki/Paper_wallet https://np.reddit.com/r/Bitcoin/comments/670zhy/summary_pitfalls_of_paper_wallets/ All modern paper wallets should be 12 to 24 seed words like BIP39 backups and 1 or multiple addresses (hopefully modern bech32 segwit) 2) You should never use websites to generate private keys as many of these are compromised and have insecure methods of generating entropy https://np.reddit.com/r/Bitcoin/comments/6ss91w/seriously_how_are_you_all_generating_your_private/dlf4uhr/ https://www.youtube.com/watch?v=TYQ-3VvNCHE&feature=youtu.be&t=3072
Your best option is to securely generate a 12 or 24 word BIP39 seed, and stamp it into metal. Hardware wallets will generate the seeds securely. Or you can use a trusted open source wallet app like BlueWallet or Blockstream Green. Ian Coleman also has a BIP39 seed generation tool that can be run offline.
It really makes no difference if you have a hot or cold wallet. Crypto is not stored in a wallet, the wallet just has the private keys to spend it. You may need a software update, I don't know this exactly - but this will not be any different to the usual software updates all wallets get on a regular base. Also don't forget almost all wallets use the BIP-39 standard for key derivation, so even if a wallet will not support an upcoming fork, you can always restore the seed in another wallet.
I am assuming that you are talking about BIP 39 here. A BIP 39 mnemonic can have any number of words with the most common being 12, 18, and 24 words. There is a checksum encoded into this mnemonic. This checksum is actually just a "part of" the last word, i.e. the last word encodes some of the actual initial entropy, and some of the checksum, depending on the size of the entropy in bits. The way that BIP 39 makes the mnemonic is by generating some initial entropy that is n bits in length. The checksum is then the first n / 32 bits of the SHA256 hash of the entropy. This is just concatenated to the end of the entropy. The mnemonic is then encoded by dividing the entropy into groups of 11 bits and using the resulting 11 bit number as an index into a list of 2048 words. With a 12 word seed, there are 128 bits of entropy, which gives 128 / 32 = 4 bits of checksum. This gives 132 total bits to be encoded, and 132 / 11 = 12 words. You may have noticed that the checksum is only 4 bits in length, which is shorter than the 11 bits allocated for the last word. So the last word's index is actually composed of both the last 7 bits of the entropy and the entire 4 bit checksum. With a 24 word seed, there are 256 bits of entropy, which gives 256 / 32 = 8 bits of checksum. This is also shorter than the 11 bits for the index of the last word, so this means that the 24th word of a 24 word seed "contains" the last 3 bits of the entropy and all 8 bits of the checksum. BIP 39 itself has a table showing the number of entropy bits, the number of checksum bits, the total bit length, and the total word length for various entropy bit lengths. https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki#generating-the-mnemonic The seed would not be mathematically complete without the checksum
Do yourself a favor and just use entropy to create a strong password. Better yet use BIP39 words, again chosen with proper entropy, as your password. Humans are incredibly inept at mimicking entropy. This is an example of that.
Bitcoin gets constantly improved thanks to Bitcoin Improvement Proposals (BIP), a process where anyone can submit improvements to make bitcoin safer, simpler, faster, stronger. Thanks to that we have "easy" transfers (auto management of "change" addresses), wallet recovery (HD wallets, those 12 words seeds), multi signature wallets and many more changes that make using bitcoin unrecognizable to what it was in the early days.
Not really. Even if a handful of people would per chance find a wallet that wouldn't really change anything. It would need to be a systematic problem in which case you could pass a BIP to lengthen the adresses and it wouldn't happen again...
> How did Wasabi load/create a wallet that has an invalid mnemonic? "Invalid" in the strict BIP39 sense, but it's still a set of words which can be hashed into a 512-bit seed for generating a BIP32 master private key From Wasabi's point of view, you're restoring a wallet made somewhere else. That somewhere else could be a wallet app which doesn't care about the checksum bits. Wasabi (older version) is being helpful Wasabi doesn't know you made up the word list For what it's worth, during wallet recovery ("I already have a seed"), Electrum allows any set of words for BIP39 recovery. It displays "unknown wordlist", but will recover the wallet anyway. It also allows using the BIP39 list with invalid checksum. It displays "checksum: failed", but will recover the wallet anyway > it isn't user error Not user error, just a consequence of the user claiming to be recovering a wallet, but actually just entering a manually selected list of words Zooming out, interpret BIP39 as a flexible specification where the use of the official word list is optional and the checksum is optional In that context, the stricter validation in the later version of Wasabi, is less friendly. But that's not important, because you're not supposed to create a low entropy wallet anyway Be careful not to lose coins. This guy lost his coins to an auto-theft bot by creating a wallet in Electrum using "btc btc btc btc btc ..." https://np.reddit.com/r/Bitcoin/comments/w3h330/help_please/igwoovt/
You are not generating a new key, you are generating the same one that you used on your ledger device. The 24 words are used to generate your key, and anytime you input the same 24 words in a wallet that understands the BIP standard, you will generate the same key and have access to your funds.
It's a BIP-32 standard. The 24 words are not your key. They're the recovery phrase to get your key. Your recovery phase could be used on any other wallet with that standard. Electrum would be one. [https://www.ledger.com/academy/crypto/what-is-a-recovery-phrase](https://www.ledger.com/academy/crypto/what-is-a-recovery-phrase) (down at the bottom) And even if all the wallets went belly up at once, you could still run your passphrase through the BIP-32 algo to generate your private key to use anywhere you want. Needless to say, if Ledger went under, the forums would be going wild with github links to open source applications to allow you to do this, but you'd obviously want to be cautious to use only trusted sources.
Any BIP 39 compatible wallets should be interchangeable; the sticking point is that some wallets may use nonstandard derivation paths. Ideally you would include your derivation path with your phrase backup for passing down access to a wallet. More information on BIP 39 wallet here: https://coinguides.org/bip39-wallets/
Hey, just as a acknowledgment, I finished setting up my first electrum wallet using BIP 39 + tails in a offline old reseted computer. I started reserching from your link, and, only now, I really have my own bitcoin fractions. No more worries about bitcoin in Exchange hands. Thank you very much for the input.
wallets should *always* generate avatars based on the wallet address. This should be a standard, just like BIP39, all wallets should implement it, and it should be displayed prominently next to all addresses, even within QR codes of addresses. This way people will notice that they're different when they get copy/paste hacked. With enough resolution and the avatar not being derived from a hash, you might even be able to use this avatar as your actual address. A good wallet should explain some basics about crypto in the walkthrough wizard so many are putting in their applications nowadays. What's an address, what does the address format look like, just a handful of things beyond just how to use the app. Too many people get into crypto without even putting in 5 minutes to understand the basics, and then they blame the engineers for themselves not understanding what they're doing. It's understandable when something is needlessly senseless, or there is a comparable engineering solution to a UX problem, but for the most part the complaints I hear are basically "I don't like addresses." This is dumb, the idea that a user doesn't need to expend any effort or cognition to use something novel is lazy and people that say this are stupid, even banks have things like routing numbers, every new tool comes with some degree of a learning curve, if you're unwilling to learn a handful of easy concepts then you shouldn't be messing with it.
Like others mentioned, the labels are based on the software not the actual bitcoin network. A recommendation for KYC/NonKYC is to have two separate wallets for each or use a BIP39 passphrase to make multiple wallets under the same seedphrase so then your bitcoin are split and not at risk of being combined.
I think almost every relevant hardware wallet used this, like Trezor, Ledger, Coldcard, BitBox, ... And also some software wallets like Exodus, Electrum, ... And since it's defined in BIP39, all these wallets passphrase features are also compatible with each other. I seriously think a passphrase is about the most important feature when storing your seed.
Perfectly doable because they use the same derivation schemas (and the same output script): BIP44 Legacy derivation BIP49 p2sh-p2wpk segwit into p2sh BIP84 segwit. ​ Things will get much more complicated in the future with complex scripts and taproot but, for now, they are compatible. A Ledger and a Trezor can share the same seed. It is always advisable to know the basics behind to avoid panic in case something goes wrong. The most common case is a different derivation path used as default in the two different wallets. In this case you wouldn't see the balance on the Trezor because the wallet is looking for balance on a different derivation path/script. The most "trendy" today is the BIP84.
Everyone advises against using a brain wallet. But you will excuse me if I ask for more details and question this issue. Granted that the last word (checksum) will have to be calculated, would it really be so unsafe to choose, say, three sentences disconnected from each other? a kind of meaningless speech, or rather, one that makes sense only to me, created by choosing words from the BIP39 dictionary? How does one prove that their entropy is indeed too low, without simply taking it for granted?
You make judgements about my character but I'll ignore this, I've likely been in crypto long before 95% of this subreddit (early 2013 Bitcoiner) and I very much understand what I'm talking about. You mentioned Pow or Pos, which I understand very well. You yourself ADMITTED that YOU ARE NOT SPECIAL WITH YOUR 0.00000001% ownership. Do you really think crypto will go truly mainstream and flourish as a new economic model that can carry the world if every normal user that steps in has 0.00000001% say in how it goes and rich miners have 20,30,40,50% say in how it goes? Absolutely not. Yes, we have decentralized the process in which everyone runs the same code and we have timestamping but there isn't any decentralization in the development or governance. It's distributed, not decentralized. If you, alongside the userbase can't change the devs on Bitcoin for example, do you have any real control? What if the rich miners, Blockstream and Core decided they can do what they wanted today? Well you and your 0.00000001% would do absolutely jack shit about it. I'm arguing for a system that can detect the true consensus of the userbase and automate the development process. That's not anarchy because the users, by consensus, can make the system bullet proof to nefarious attacks. You'll probably say BUT THAT'S SCIENCE FICTION. Why don't you want more? Well, first you'd have to recognize flaws which you're simply not ready to you yet. Onto your BIP/EIP argument. Again, there's no consensus detection. 1. Only devs can truly make a proposal, eliminating 99% of Bitcoin users. You might say, well why don't you learn to code. Again, do you really think that's fair and will be a system that the global market will accept, a world run by devs? We don't have a fair and equal right to propose what to vote over. Even the system of voting is selectively chosen by the Bitcoin devs in most cases. In other cases, every decision is made without the consensus of the userbase, yes you can vote but it's inherently hierarchical. Decision without the entire userbase is inherently centralized. 2. You skimped over the miners/stakers point. Who are miners? They are backed by million/billion dollar ventures and you're acting like they work for you? Ask yourself, if someone raised 10M and becomes a serious mining operation, is their duty to you or to themselves and their investors? You're seeing some Utopia without seeing anyone's true incentive and allegiance. Trust me. No mining company would defect from their investors and risk getting sued. By the way, most large mining operations are done by companies/organizations around the world. Again, very centralized. 3. Any developer can make changes to Bitcoin. You can make a puny fork and get laughed out the door. You have ideas on how the world should function right? You're not into Bitcoin for no reason right? Why haven't you made a change, you know Bitcoin isn't perfect. It's because your puny suggestion wouldn't get adopted. I challenge you to make a change and get ANYTHING adopted, the best idea you have, it could be anything, super simple, super small. PM me when that gets done. You have no control over anything and you're afraid to admit it.
It's possible in Electrum, I recently discovered. The context was a thread where the OP was wondering why his coin was instantly spent when he received it Something along these lines ... File->New/Restore->Standard wallet->I already have a seed->Options->BIP39 seed Then enter your words. If the first word isn't in the BIP39 standard list, Electrum will let you enter as few or as many of any words you want, without verifying any checksum There are bots which will instantly steal your coins if your seed phrase is on their easy-to-guess list. In the incident a few days ago, the theft transaction was so fast that it was confirmed in the same block as the victim received the coin https://www.reddit.com/r/Bitcoin/comments/w3h330/help_please/igwoovt/ > I understand I could memorize the random ones they give me The BIP39 system is designed for the words to be hand-written on paper. The word list is carefully constructed to be error-tolerant
Nope, just Blockstream’s CEO (must have missed that part). You can change the protocol through the consensus, and Blockstream can influence miners to adopt a BIP - and don’t be confused, the miners **are** what determine the protocol changes (exercise for the reader: consider a 51% attack in this regard, not monetary and not hash power related). So, there you have it. Mutability where no one thinks it can be mutated. Worse yet (other point of my comment which might have been hard to pull out), we have people who aren’t criticizing Bitcoin (thank you for proving my point, btw, this has been great. You’re a gem, never change), and are ultimately doing more harm than good. I would much prefer a L1 that had scaling built in from the beginning, and is taking steps to address the underlying issue of this huge looming concern.
It actually was better. In software you want the easy and straightforward approach, every time. Changing the integer was the most simple thing to do. If you're balking at changing the protocol, that is done all the time through BIP. Remember all of that TAPROOT crap we saw for 1.5 years? Instead you're saying "Well we have this slush ball, but instead of freezing it lets make a real snowball and pack it on top. Yeah, this is best."
> Well you’re not really explaining anything, just saying it’s not true. I did explain. I'll explain again. Algorand foundation and executive team is literally funded by free Algorand given to them at the creation of Algorand. Blockstream is NOT funded by free bitcoin given to them at the creation of Bitcoin. This distinction is extremely important. > Blockstream has used their influence and devs to steer the BTC protocol. Decentralization means that anyone can submit a BIP