BIP

sylsau

Michael J. Saylor is trying to distance himself from this because he has a stake in it. The reality is that the quantum threat is real, but no one can say when it will become a reality. What is certain, however, is that the Bitcoin community is organizing and preparing. The BIP-360 is a perfect example of this: [**The Post-Quantum Dawn: Bitcoin, BIP-360, and the War of Signatures. From the P2MR shield to the SPHINCS+ revolution: An in-depth look at how the network is arming itself against the inevitable quantum threat.**](https://inbitcoinwetrust.substack.com/p/the-post-quantum-dawn-bitcoin-bip)

rieglerp

If someone want to generate seeds yourself (which I wouldn't do; I prefer to trust hardware wallets), then I would definitely at least use dice rolls or something similar. A manual selection from a book is, in my opinion, not random enough. And if you only use common words, you significantly limit the number of possibilities (because there are some very exotic words in the BIP39 list also).

BigDeezerrr

Ive been saying a book cipher could be a good way to secretly store seed words for a while! Also, if you pick a large book like Game of Thrones it's not hard to randomly generate a wallet that has all the seed words contained in it, you might have to do a few re-rolls though. Lots of the BIP39 words are very common.

Intelligent_End_7022

I use a notebook, write random notes to it daily. Works better for me to keep track of some daily tasks and brainstorming. The result is a fully written notebook with ordinary stuff. Almost every single page. So I wrote some seeds with their respective BIP39 codes, mixed with random notes, in random pages. For a stranger it would be really hard to find and understand the word codes mixed in random notes.

rieglerp

You seem to have missed the part in my post where I wrote: `"You can keep the book and numbers in separate locations"` And if you have other books where all the words in BIP39 appear, that's fine – I haven't found anything like that, unfortunately.

riscten

The main problem is that you aren't adding any security to your mnemonics. Entropically, it's the same. You're adding the extra step of having to look up words in the book, but that's all there is, just more complexity with no added security. In other words, you're kicking the can forward. It's like zipping a zip file. Instead of backing up your keys, you're backing up page/word indexes, and now are responsible with preserving the existence of this book. What if you lose the book and Amazon unpublishes it? Then you're screwed. Plus, now that you've posted this, an attacker would know that you're using this system, so it would be super easy for them to decode your backups. You've made the process harder on yourself while making it trivial for an attacker to crack it. In the world of opsec, this is known as ["security through obscurity"](https://en.wikipedia.org/wiki/Security_through_obscurity). I highly encourage you to read through the WP article to understand how your method is ultimately ineffective. I was also able to find the website you made to promote the book in seconds, and since there aren't that many BIP39 books, now anyone who finds what looks like a bunch of pages and word indexes will have no trouble getting a copy of the book. In other words, the more popular your book gets, the less effective it become at obscuring a mnemonic, no matter how little protection it added in the first place. It's been done before ([this guy](https://www.reddit.com/r/Bitcoin/comments/18diozy/i_made_a_novel_that_you_can_hide_your_seed_phrase/) did it two years ago, and others have discussed it even before that), and while it looks and sounds "clever", functionally, it's just extra steps for no benefit. I might sound harsh, but this is because we constantly see people trying to reinvent the wheel around here, without doing any of the legwork to educate themselves about the fundamentals of Bitcoin security. It's like trying to invent a better cars before even understanding how wheels work. Anyone who takes the time to study the prior material realizes that we have ridiculously robust mnemonic protection methods already, like 2-of-3 multisig with metal stamped backups. It's a largely solved problem. That's not to say that no attempt at innovation should be made, but these attempts should build on what we already have, or have a value proposition that surpasses what we already have.

lifeanon269

I fully understand and also understand not everyone thinks the same. That's exactly why it is important to address the false sense of security poor security practices create. Let me put it this way, if you have money that you are carrying across the border that you really can't afford to lose, to what length will you trust the level of security of your page numbers that you'd feel comfortable that someone who got a hold of your book and those number wouldn't be able to figure out what is going on? Especially considering that someone Googling the name of the book would be immediately presented with the knowledge that it is a BIP39 wordlist. I know that I wouldn't feel comfortable with that setup with anything short of 256-bit encryption on that pagelist that would effectively give access to my bitcoin. At that point, why am I even carrying around the book to begin with that from an Op-Sec perspective would immediately point any potential thief as to what is going on and what to look for. This is why this setup is not advisable. Just follow the usual best practices and if you really need to take bitcoin across borders where capital controls are in place, then use something like a borderwallet that is more secure for such a temporary need.

rieglerp

My dictionary did not contain all the words from BIP39.

lifeanon269

The book itself is just a BIP39 word list. There is no reason to ever need to take a BIP39 wordlist across borders or worry about carrying one with you. Therefore the book is pointless. If you're carrying the book and your numbers with you at the same time across borders, that's not smart and it isn't any safer than carrying your seed words with you. Anyone that gets those page numbers and the book will be able to figure out what's going on considering the numbers aren't obfuscated at all. And if you obfuscate/encrypt the words too, then there no point in using a complicate book scheme. Also, it looks like there could be several editions of this book in print. That means that if you lose your book, you can't just reorder a new one for recovery. So I wouldn't depend on it as a redundant form of backup. There are better options if you're looking to cross borders with capital controls. For example below, where you don't need to even carry anything with you while you cross: https://www.borderwallets.com/ Crossing a border is a brief temporary passage and the means for which you carry your bitcoin across the border should be temporary as well and should be done in a way where if your person and materials on your are captured/compromised, your bitcoin should still be safe. Your method does not provide that security.

Spirited_Cup_126

I’ve got an even better idea, why don’t you take the BIP39 seed words and make an acrostic? It has to make sense as a story. You could generate these acrostics with AI. Then you’d never forget it AND it’s personalized.

pako-bitbox

Now that I think about it, seems like more of an UX decision than an actual security measure. Maybe they want users to not restore a seedphrase somebody else gave to them to prevent stolen funds. If a seedphrase respects a certain standard it has no way of knowing that where it was created (unless the standard specificies so, but I don't believe such standard exists), so my guess is: 1) Is an UX decision. 2) They only support BIP39 (my Aqua key is a BIP85 key, such as yours and it works), so AEZEED or Electrum keys are not compatible.

jp5ra

Very interesting, I wasn't familiar with the AEZEED concept. Actually, the app does allow importing the 12 words to recover a wallet, it just shows this alert saying that those 12 words must have been generated by that app. So I was wondering if the generation entropy of those apps is not completely random and followed a pattern that those apps used for something, which in theory would be the "birthday date." The curious thing is that in the documentation for those two apps, they don't say anything about whether they use AEZEED, only about BIP 39.

pako-bitbox

I've never had this, but maybe the reason is because many Lightning wallet actually use AEZEED instead of BIP39 keys. These keys have something in them called "Birthday date", the lets the client know around when they should scan the blockchain for UTXO instead of scanning the whole thing, it's a small optimization really, but seems pretty strange that those wallet now show this. Have you tried importing these keys in other Lightning wallets like and Ark or Spark wallet as well?

marvinrabbit

Everything that Schrezberatina said. I use Trezor One now. However, I'd like to upgrade it to a Trezor Safe 5. For the seedwords, it defaults to SLIP-39 instead of BIP-39. I'd recommend looking at [Trezor's description of seedwords](https://trezor.io/learn/security-privacy/personal-security-standards/understanding-trezor-wallet-backups-12-20-or-24-words). The 20 word backup gives you a lot more flexibility on how that's set up. During setup, put a good PIN on your Trezor to avoid easy cracking if it falls into the wrong hands. **Do Not Ever** put your seeds on computer. That means no photo. No password file or database. No printer. *Be paranoid!* Don't speak them near a phone or microphone. Don't let a video or security camera observe you while you are recording and saving the seedwords. But you need to save the seedwords. That's the only thing that you do actually need to save. I'd recommend a technique called the [SAFU Ninja](https://youtu.be/3Aj_EHOu9WE) which is basically hand stamping the words into a series of washers. The nice thing about this technique is that it is just a valid regardless of the number of seedwords. So it doesn't matter if you are doing 12, 20, or 24 words. Plus with some of the more advanced options of SLIP-39, you have the option of doing multiple sets (or shards) of seeds and setting a restore option to require, say, any 2 out of 3 sets, etc. So with the SAFU Ninja, you may have (a relatively modest) upfront cost of a stamp set, but then the per use price is very affordable.

riscten

IIRC that has to do with the statefulness of Lightning/Liquid. Since they work with channels, there are situations where importing a raw BIP39 seed into these apps will be seen as an attempt to double spend or game the system, and the channels might force-close. I'm not deeply familiar with how this all works, but it has to do with broadcasting an outdated channel state and "justice transactions" if you want to dig deeper. Probably worth chatting about with your favorite LLM.

sky12333

Instead of "writing" all the words, you could google for BIP39 Wordlist and use the numbers instead. More to check if everything is correct but less hammering.

jungle

> It’s already quantum resistant Wait, when was BIP 360 adopted? And nobody told me!? 🧐

EventIntrepid1935

It is a governance dead end. Right now 100% of wallets are exposed. It needs first to find consensus on the BIP360 wrapper so it can then eventually introduce PQC signatures that are very heavy in size. Basically Bitcoin has only 3 options : 1) Direct introduction and risks extreme congestion, unstable fee market, loss of sovereignty, loss of funds, loss of L1 access, disruption in governance model and node economics or even network failure. 2) Do nothing as other chains upgrade. 3) Hardfork blocksize but sacrifice the immutability (Gold) narrative. It needs 90% near unanimous consensus on either 1) or either 3) to do something. Yet everything is a potential dead end... Therefore, the most likely scenario under game theory is that it does nothing 2) while other chains upgrade. Then as it is progressively loosing dominance some protective Hardforks attempts will start building up 3) until the chain splits under the pressure. Most reasonable outcome.

uncapchad

Each derivation path generates a different *branch* of private keys, but they are all mathematically linked to the original seed. If a wallet or tool has access to your seed (or master private key), it can generate the private key for any derivation path — meaning it can sign for any address derived from that seed, regardless of the path. Even with the same seed, changing the path produces a different xpub Here's some info on derivation paths: * **Historical Evolution**: Early wallets used non-standard paths (e.g., `m/0'`, `m/0'/0'`), leading to incompatibility between wallets.  * **Standardization Efforts**: BIPs like **BIP44**, **BIP49**, **BIP84**, and **BIP86** introduced standardized paths for different Bitcoin address types: * `m/44'/0'/0'/0/0` → Legacy (P2PKH, starts with `1`) * `m/49'/0'/0'/0/0` → Nested SegWit (P2SH-P2WPKH, starts with `3`) * `m/84'/0'/0'/0/0` → Native SegWit (Bech32, starts with `bc1q`) * `m/86'/0'/0'/0/0` → Taproot (Bech32m, starts with `bc1p`) * **Wallet Innovation & Privacy**: Some wallets (e.g., Samourai, Wasabi) use custom paths for enhanced privacy or specific features, which may not align with standard paths.  * **Non-Standard or Proprietary Paths**: Some wallets (e.g., Blockchain.com, Bitcoin.com) use proprietary paths like `m/44'/n'/0'` (where `n` is a coin-specific ID), which can cause recovery issues if not documented.  * **Security vs. Compatibility Trade-off**: While standard paths improve interoperability, custom paths can enhance privacy but risk losing access if not recorded.  * **Future-Proofing**: As Bitcoin evolves (e.g., Taproot, Lightning), new paths are introduced. Wallets must support updated standards to remain functional.

longonbtc

Some people are attempting to hijack Bitcoin like Roger Ver and Craig Wright. They want to take control of Bitcoin and turn it into a permissioned shitcoin but they have zero chance of succeeding. Yes there will be a chain split but the BIP-110 chain will be a failure. No miners are supporting it except maybe the attempted hijacker's mining pool company, and if his mining pool company does mine on the BIP-110 chain, then he's just going to finish burning through all of the VC money until his company dies. And his mining pool only controls 1% of the hashrate, so it would take years before the mining difficulty is adjusted on the BIP-110 chain. A bunch of loud mouthed useful idiots are supporting the attempted hijacking because they don't understand how Bitcoin works and they fell victim to propaganda. Don't get me wrong, I understand their position and I empathize with it. I'm fully against spam but I don't support forking Bitcoin and creating a precedent that'll show governments that forks can be done for legal reasons. And beyond that, BIP-110 would not actually prevent spam.

jkl2035

Think only that topic has potential to extensiv the timeframe about a year, too controversal to get early consensus. Looking at BIP360 there is a 3-5y estimation for Migration by the team, that’s why I think it’s important to talk about that as soon as possible

Shoddy_Trifle_9251

It's clear you've done little research or don't understand the problem. "Seven years. That’s how long Bitcoin researcher and [BIP-360](https://github.com/bitcoin/bips/blob/master/bip-0360.mediawiki) co-author Ethan Heilman estimates it would take for the blockchain to migrate to full quantum resilience if it started tomorrow. " Project 11 has a website showing the vulnerable Bitcoin. [https://www.projecteleven.com/bitcoin-risq-list](https://www.projecteleven.com/bitcoin-risq-list)

Left_Entrepreneur918

If they can’t figure out what to do about quantum, BIP always seems to fight and fork over these things and the thought of locking up satoshi era wallets isn’t cool. Also if a single Sat moved from Satoshis wallet, I couldn’t send my sats to Coinbase fast enough if that happened

SolVindOchVatten

I don’t know what you mean with your ”manual encryption”. But rather than inventing your own I would suggest using a pass phrase. The BIP-39 standard defines this. It is sometimes called the 25th word, which I feel is misleading because I thought it was just a seed phrase with one more seed word. It is instead an arbitrary string. The private key is ”seed words” + passphrase. By default the pass phrase is the empty string (””). If you use a pass phrase you are changing your key to ”seed words” + ”somethingotherthanemptystring”. One trick is to store a small amount of funds in the default wallet (seed words + ””) which is what the ”trustworthy” people will find. If you are lucky they will think that is all of it and stop messing around. Like maybe Default wallet = seed words (+ ””) = 0.005 BTC Real wallet = seed words + ”supersecret” = 800 BTC. Adjust according to your reality.

charlyb100

Totally hear you, and you’re basically nailing the main critiques here — these are valid concerns. You’re right that BIP39 passphrases already do what I describe: adding a “25th word” changes the seed completely, making brute-force attempts useless. Conceptually, Coinseal is very similar, but the difference is in how it’s managed for the user: The “scrambling offline” is designed so the user never sees the full original seed at once after setup. Even if someone intercepts the scrambled version, it’s useless without the code. The idea isn’t to reduce entropy; it’s to make the process approachable for people who would otherwise lose their seed entirely. Most beginners can’t safely handle 24 words, and most “short code” solutions still require proper offline storage—but this is about reducing human error. You’re correct that inheritance and long-term backup are still open issues — nothing here removes the need for secure storage or planning. Coinseal isn’t meant to replace cold storage for high-value holdings; it’s meant to prevent common mistakes that destroy value for beginners. So yes, for experienced users with proper BIP39 practices, this might feel redundant or even weaker. But for someone who would otherwise type their 24 words into Notes, email, or screenshots… it could actually save them.

Dettol-tasting-menu

“scrambled offline locked behind a code only the user knows and requires identity verification (video/audio) to retrieve it If the wrong code is entered, it doesn’t “fail”… it scrambles into an entirely different phrase, making brute-force attempts useless. “ Just so I understand Is it then similar to a passphrase hidden behind your faceID or voice print or finger print? I could put my passphrase into a password manager secured by my biometrics if I wanted to. Honestly even if I wanted to do something like this (I don’t) I would still trust an open source password manager plus BIP39 passphrase and seed, more than trusting someone’s “scrambling offline”. Sorry it’s just the truth, regardless of your good intentions.

Wild-Interaction-200

I am not sure I fully follow. You want to essentially store a "scrambled" version of the seed phrase online protected by a "code" only the user knows? Isn't this \*literally\* what BIP39 passphrases are for? A seed+different passphrase results in a different seed, exactly what you describe as "it doesn’t “fail”… it scrambles into an entirely different phrase, making brute-force attempts useless." So really it sounds like you want people to store their 24 words seed online because "it's useless anyway without the 25th word". Nobody would do this because it only has drawbacks: \- user anyway needs to keep something secret (the "code" as you call it); given that the user might as well keep the original 24 words secret, what's the difference? You didn't go "seedless" you just replaced the requirement to write down 24 words an keep that in some safe location with "write down the code and keep it in some safe location". \- I guess your argument is "but the code is shorter and easier to remember", but that's not a positive thing, but a negative thing: that means now your bitcoin is protected by less entropy. Plus remembering anything is a no go anyway, it doesn't support inheritance (you die, then what?), doesn't survive a brain injury, whatever. So you need to store it regardless in a secure location.

coinfeeds-bot

tldr; Bitcoin developers Hunter Beast, Ethan Heilman, and Isabel Foxen Duke have proposed BIP 360, a soft fork aimed at making Bitcoin quantum-proof. The upgrade will replace the legacy Pay to Taproot feature with Pay to Merkle Root, addressing quantum vulnerabilities that could allow quantum computers to decode public keys. While Taproot supports scalability features like the Lightning Network, the proposal seeks to balance quantum security with network functionality. This marks Bitcoin's first step toward a quantum-resistant network. *This summary is auto generated by a bot and not meant to replace reading the original article. As always, DYOR.

IllllIIlIllIllllIlll

There is no need to have multiple **hardware** wallets to achieve that. You can split your coins across as many different BIP39 seeds as you want, and access all of them, one at a time, from one single hardware wallet. If you are concerned about it getting stolen, you can just wipe it clean after each use. The coins are not stored in the hardware wallet. You should have your seed phrases backed up some other ways.

LUXURIOUSfromPEPU

Good question — and you’re already thinking about this the right way. A few principles most experienced Bitcoiners follow: 1. Never rely on “security through obscurity.” Re-ordering words manually sounds clever, but it adds complexity and risk. If something happens to you, recovery becomes harder. Simplicity is security. 2. Use a proper metal backup. Stainless steel (304 or 316) or titanium plates are common because they resist fire, corrosion, and physical damage. Avoid aluminum. Stamped or engraved metal > pre-printed. 3. Geographic redundancy matters. One backup at home + one in a second secure location (bank safe deposit box or trusted relative’s safe) is standard practice. But both copies should be complete and readable. 4. Consider adding a passphrase (BIP39 “25th word”). This way, even if someone finds the seed, they can’t access funds without the passphrase. Just make sure the passphrase is stored separately and memorized carefully. 5. Think about inheritance. If something happens to you, can someone recover it? Over-engineering can lock you out just as easily as attackers. Your idea of two safes is reasonable. Just avoid making it so complex that future-you becomes the weakest link. Out of curiosity — are you protecting a life-changing amount, or are you optimizing for long-term best practice early on?

RespectFront1321

They did care, in 2017 big companies, Microsoft, Steam etc. tried accepting BTC but stopped doing so because of high fees/RBF. BTC devs ruined the use case, that’s different from nobody caring about it. The bitter truth is that BTC is now just a shiny turd and people are waking up to the fact that the emperor has no clothes. The infighting already started with the BIP110/Knots discussion. Shouldn’t take long for it to unravel at the seams completely. I’ll come back to this comment in a year or 2.

KoinVote

Let's put this into a Bitcoin vote: 👉\[Do you support activating BIP-360?\](https://koinvote.com/event/01KHDP26HFF37FYCHNAJXG5XWT)

Aggressive_Meet_7861

The devs merged BIP-360 proposal(the quantum resistance improvement) in their official proposal repo. That mean the devs are aware of the people’s concerns about the quantum threat  https://github.com/bitcoin/bips/pull/1670

KCConnor

I'm fairly sure it's going lower than $40K. Easy way to get it to just collapse. Take advantage of the BIP110 controversy, upload something salacious into the blockchain, and pump it to the news anonymously in September (when BIP110 mining conformity is expected to coalesce). You'll have 4-digit BTC by October. Given how horrifically derivative/futures/leverage traders have degenerately traded during this bull run, there's no reason there won't be an equally degenerate bear trader willing to do whatever it takes to temporarily devalue the asset.

bitusher

New Quantum secure address BIP introduced: https://bip360.org/ https://github.com/bitcoin/bips/blob/master/bip-0360.mediawiki https://eprint.iacr.org/2025/2203.pdf https://delvingbitcoin.org/t/shrincs-324-byte-stateful-post-quantum-signatures-with-static-backups/2158 Solutions to protect Bitcoin from early insecure address types in a fair manner : https://www.bitmex.com/blog/Mitigating-The-Impact-Of-The-Quantum-Freeze

MashPotatoQuant

No, BIP 110 is not in this release. You can get it from the fork, and perhaps in the a future official release they may include it but not this one. Some people understand controversial merges and some don't.

luke-jr

>Does it have BIP110? Not yet, sorry. I assume Dathon will release a new RDTS client based on it soon. >Can it work with Dojo? No reason it shouldn't, as long as Dojo doesn't block it.

Tazbuddy

Tell your friend to run a Knots node and signal for BIP 110!

Quirky-Reveal-1669

Does it have BIP110? Can it work with Dojo?

SpendHefty6066

A helpful mental model is to separate hardware signing devices from your software wallet. Great software wallets must be entirely open source, like Sparrow and Electrum, both highly recommended. Hardware wallets should be Bitcoin-only and provide a secure element or be entirely air-gapped, such as the SeedSigner do-it-yourself wallet project. Also highly recommended. I also recommend rolling your own seed phrase using dice or picking 12 words "from a hat". 12 of the 2048 words listed in BIP-39. I would further recommend starting with just the wallet software. Put aside the purchase of hardware for now. Move just a few dollars worth of sats into your Electrum or Sparrow wallet, and do some small transactions. You will burn a few sats in tax fees, but this is well worth the cost of learning how to transact. Send some to yourself to different addresses. Build up some small UTXOs in your wallet. Experiment, get comfortable with sending and receiving, and then once you have that level of comfort, consider purchasing a hardware signing device.

jkl2035

For Quantum threat I think we should take this more serious, we have good proposals out there (e.g. BIP360 by Hunter Beast), imho community is underestimating the efforts to bring this to consensus

Appropriate-Talk-735

Dont mention BIP-110, that gets taken down also.

TheQuantumPhysicist

Not only I self-custody, but I also run a bitcoin node, electrum server and a block explorer (mempool.space), to be able to check my balance without the need to send requests to websites that can track me. This is true power. And going on a tangent, this is why I support BIP-110, which will cut out the spam and data garbage from bitcoin blockchain. Because the costs for hosting a bitcoin node will skyrocket. It must be much cheaper, but mistakes were made. Time to fix them.

Appropriate-Talk-735

https://preview.redd.it/eeiec0z8jfig1.png?width=165&format=png&auto=webp&s=e4c3344faa56752dc090d106a47e5c27b9929a92 Growing rapidly, I assume most of the people running Knots are for BIP-110 so above 20%

mjmeyer23

why would it crash? I'm not so sure that wallet alone would be enough to move the market beyond the short term. I think it's less than 5% of the total supply. core codebase has an orderly PR and BIP process. it's not as if Satoshi has any more control of the protocol than many other participants at this point.

Appropriate-Talk-735

It could mean the sender is running BIP-110 and this blocks ordinals.

Appropriate-Talk-735

Thats a great idea! Im looking for BIP-110 support and clean blocks also.

Appropriate-Talk-735

Right now there is a fight to get rid of spam on the blockchain and ordinals is one type. BIP-110 will block ordinals.

kyleleblanc

It crashed 50% since Bitcoin Core v30 launched on October 10th and blew open OP_RETURN for shitcoiners, allowing them to further spam the timechain with their garbage. Thankfully Bitcoin maxis are fighting back against the timechain terrorists by running Bitcoin Knots with BIP 110. You shitcoiners are still using the 7tps as some sort of gotcha but you don’t even realize that’s a feature, not a bug. We scale in layers, which is why we have the Lightning Network. Fees haven’t been high in like 2 years, which goes to show that you don’t even use Bitcoin otherwise you’d know that.

Appropriate-Talk-735

I got no note, I suspect it was BIP-110 that triggered it.

HSuke

That's what he's saying. Automatically deleted by a bot for mentioning BIP-110. They have bots that auto-delete any proposals against Blockstream's agenda.

ripple_mcgee

[BIP-110:](https://bip110.org/): Protecting Bitcoin's Purpose Temporarily limit the size of data fields at the consensus level, in order to correct distorted incentives caused by standardizing support for arbitrary data, and to refocus priorities on improving Bitcoin as money.

jawni

I'm confused since none of them are affiliated with solana or ripple at all, most of them seem to be bitcoin maxis if anything and I'm not sure that any of them are even *interested* in those coins... The first guy has "BIP" in his bio, that should be a hint. The second guy has multiple project tags in his bio, none of them related to sol/xrp. The third guy pretty much only posts about BTC. The fourth guy has a laser eyes pfp... It couldn't be more obvious that these are **NOT** Solana or Ripple people.

lymphant

It cannot be considered theft by no definition. The very existence of brainwallets indicates that these are irrecoverable/lost assets by their original owners, because any brainwallet owner would have moved their funds to an HD wallet using BIP39 + BIP32/44/84/86. A brain wallet is just a phrase + sha256, usually without a salt. That means, theoretically, all of them that ever existed have already been cracked by today, at least that’s my assumption and the reason I asked this question in this post. It is extremely unlikely that there are old brain wallets from which bitcoins have not yet been moved.

IllllIIlIllIllllIlll

"Storage was basically “your laptop is the bank,” which is why so many coins were lost to hard drive failures." Eehh that's wrong though. Paper wallets were pretty common when it comes to cold storage. Most people who had any significant amount were not like "yolo let me keep it all on my laptop with zero backup". Before BIP38, people would simply backup their private keys rather than the seed. It was a bit less convenient but not fundamentally different. The people who were not bothering and just kept everything on their laptops without any backup are the ones that had only a few bucks worth and didn't really believe it would ever go up so much. Those people like to whine and cry about "I could have been a billionaire", but they obviously did not believe in Bitcoin and they would have sold after a measly 200% profit.

YouAGerm

Let’s be precise, because imprecision is doing all the work for this narrative. Bitcoin was not discovered, funded into existence, or midwifed by institutions. It was published. In 2008. In public. With a whitepaper that explicitly solved a problem those institutions benefit from preserving. Every claim that tries to retroactively insert power brokers into Bitcoin’s origin fails at the same first hurdle: time. Apparently emails from 2015, seven years after Bitcoin went live in 2008, was globally distributed, adversarially tested, and already survived multiple existential attacks— and people want to claim these emails equal authorship. If seven years into Bitcoin is “early,” then words have no meaning and causality is optional. Now to the new allegations: emails implying Epstein was “talking to Bitcoin Core devs,” “Blockstream,” or adjacent actors. Even if taken at face value, this proves exactly one thing: that Epstein, like many wealthy outsiders, desperately attempted to insert himself into an ecosystem they fundamentally did not understand. Which brings us to the broader, unspoken irony. The same corporate, financial, goverment, intelligence and surveillance structures people now want to retroactively credit with Bitcoin’s creation are the ones, Bitcoin structurally undermines. A censorship resistant, democratic, borderless and utilitarian bearer asset. No issuer. No permission. No gatekeepers. No monetary policy committee. No reversal authority. No owners. No level of non consensual control. Learn to read code if you don't believe it, and go and read Bitcoin. To claim that entrenched financial monopolies secretly birthed a technology that erodes and completely undermines their control is not skepticism—it’s nonsensical thinking. It assumes that institutions built to centralize and own power would voluntarily deploy a weaponized decentralization protocol against themselves. History doesn’t work like that. If you think that Epstein and financial institutions created Bitcoin, you probably know as much about Bitcoin as Epstein did. Because if his emails are evidence of anything, they show he had no idea, what he was talking about. Epstein’s own language exposes his ignorance. Referring to Bitcoin development as “five core developers and a hundred contributors, set up like a company” is not an insider description—it’s a venture capitalist hallucination. It’s how someone who thinks in hierarchies misreads a flat, adversarial, open-source system. Bitcoin does not have “core devs” in the corporate sense. It has maintainers, reviewers, implementers, critics, node operators, miners, and users—all of whom can veto changes simply by not running code. Anyone can submit a BIP. No one can force its adoption. Consensus is emergent, not managerial. If Epstein believed Bitcoin could be influenced the way a foundation, a lab, or a startup can be influenced, then the emails don’t show control—they demonstrate a Dunning-Kruger level of ignorance on the subject. A level of ignorance that is extremely detached from a narrative of any form of control over the network. Now let's delve into the controversial aspects of what actually happened. Epstein and Co, did attempt to take over Bitcoin, many times, before, and not long after the dates referred to in the emails. The one period where capital, PR firms, and institutional pressure actually did try to bend/break Bitcoin was the 2015–2017 scaling war. I was personally working on the forefront of the space and witnessed it with my own eyes. And what happened? A coordinated attempt to reframe Bitcoin as “incomplete,” “outdated,” or “in need of a fork aligned with 'Satoshi’s' vision.” A glossy media blitz. Corporate backing. Paid narratives. Personalities elevated. Billions of dollars in reputational and financial pressure. We're talking 10s-100s of Millions of dollars on PR and marketing. And that's nothing compared compared to the 10s and 100s of Billions of dollars spent on acquiring the biggest companies working in the space, like BitMain, the Bitcoin Foundation and the money spent on price manipulation, through futures and derivatives to try and use the markets to kill it. And what happened? Bitcoin Cash forked off the OG Bitcoin chain—and Bitcoin and it's global community of users didn’t follow. SegWit activated—not by decree, but by grassroots user coordination. Nodes enforced the rules. Miners fell in line. The protocol ossified against corporate capture. And Bitcoin brushed off the market pressure and instead of going to Zero, went to new all time highs. Trillions of dollars couldn't buy them their corporate takeover, of a grassroots, global, democratic revolution, built by fugitives wanted by the inteligencia, documented for over half a century by this point. And to be completely honest, that's a much cooler and less grotesque data trail than 3,000,000 emails from a kiddy fiddler cult containing high profile people you and your friends love to SIMP over. If Epsteins emails and the people emailed show anything —then it records the outcome of his attempted insertion clearly: the takeover attempt lost. And that loss matters more than any email. Because it demonstrated something fundamental: Bitcoin is not malleable to power. It is antagonistic to it. Yes—there is evidence that powerful actors tried to fund cryptography at MIT. Yes—there is evidence of institutional interest in alternative crypto systems. Yes—there are projects that bake in trusted setups, governance hooks, or foundation-led control. We talked about the biggest takeover attempt of the Bitcoin Network itself, but that didn't mean they were so afraid of loosing control that they didn't create competitors that preserved their current levels of power, influence and control. And that distinction matters. Because Bitcoin is the outlier. It has no foundation authority. It survived the bankruptcy of the Bitcoin Foundation. It rejected charismatic claimants to Satoshi’s identity. It ignored billionaire endorsements. It withstood state-level hostility. And it continues to function without permission. That’s not an accident. That’s not institutional design. That’s cypherpunk design. And notice who isn’t in the emails. No Chaum. No Finney. No Back. No Szabo. No Dai. No cypherpunks. The people whose work actually underpins Bitcoin are absent—because they didn’t need access, money, or influence. They needed math, code, and an adversarial mindset. So when people wave emails and say “look, Epstein knew developers,” the correct response is simple: Of course he did. Lots of powerful people tried. They all misunderstood the same thing. Bitcoin is not a company. Not a lab. Not a foundation. Not a state project. Not a billionaire’s toy. It’s a protocol that survived them. And the fact that the loudest proof offered is correspondence—rather than commits, keys, or authorship—is not evidence of hidden control. It’s evidence that control was never there to begin with.

pop-1988

> It is often recommended to memorize private keys to your crypto accounts It's not. It's recommended to write BIP39 mnemonics on paper > 55 bits Insecure. Early SSL was configured with 56-bit encryption, and was easily cracked. That was 28 years ago --- It doesn't make sense to abbreviate a BIP39 mnemonic. For some people (international travelers, for example) it might make sense to memorize a secure, short passphrase, and use that passphrase to generate a BIP39 mnemonic If you could make a secure random 80-bit to 90-bit passphrase using something like diceware, you could stretch the passphrase to 128 bits and feed the 128 bits into BIP39 for a 12-word phrase There are no wallets or wallet apps which support a technique like this, because nearly everybody has an insecure conception of what a secure passphrase is. Most people imagine a hacker rapidly tapping a keyboard to guess passwords. Password and passphrase cracking is automatic, using high-rate brute force algorithms. Long and random means the computer generates the random. Most people think it means a memorizable cryptic phrase from their brains. That's a brain wallet. It's insecure Also BIP39 comes with error tolerance built into its word list and checksum It's safer to write the BIP39 mnemonic on paper, and never lose it

uncapchad

ah right, so the firmware on the device itself is out of date. Yeah then you'll have to restore from seed phrase Electrum Wallet is the method recommended most often * Download it from [Electrum.org](http://Electrum.org) and run it on an offline, secure computer to avoid exposure to malware. If you can't do this make sure all run all updates and do a full scan with your AV. There's a lot of malware around. * **Start the recovery process** by opening Electrum, going to **File > New/Restore**, and selecting **Standard Wallet**.  * Choose **"I already have a seed"**, then enter your **24 (or 12) seed words** in the exact order they were originally written.  * Check **"BIP39 Seed"** under Options, and **do not check "Extend this seed with custom words"** unless you specifically used a passphrase.  * Select the correct **derivation path** (e.g., **p2sh-segwit** or **legacy**), depending on your original wallet setup. * These are possible derivation paths m/44 is most likely the right one. You won't get an error but if your balance stays at 0 then either you have no funds or this derivation path was not correct and you have to do the recovery again, choosing a different path. * **Legacy (P2PKH)**: `m/44'/0'/0'/0/0` * **P2SH-SegWit**: `m/49'/0'/0'/0/0` * **Native SegWit (Bech32)**: `m/84'/0'/0'/0/0` * Set a password (optional but recommended) and complete the setup. * If connected to the internet, Electrum will synch with the blockchain and all your transactions will appear. If Electrum not connected to internet: 1.  Go to **Wallet > Information** in the top menu.  2.  **"Master Public Key"** — it will start with: * `xpub` for legacy, * `ypub` for p2sh-segwit, * `zpub` for native segwit.  * 🔐 On an internet-connected device, use this public key to search in the blockchain explorer and get your balance [https://www.blockchain.com/explorer/assets/btc/xpub/your\_xpub\_here](https://www.blockchain.com/explorer/assets/btc/xpub/your_xpub_here) >

Qwert-4

Are you sure your math is right? BIP39 has a wordlist of 2048, each word covering 11 bits. Reducing this trifold would require 33 bits coverage by word, requiring 8 589 934 592 words.

HSuke

If you create a new word list that is X times larger, you can reduce the number of words by the same multiplier. A variation of BIP-39 with 12288 words would only need 4 words to be as safe as the original 12-word seed. Much easier to remember.

AutoModerator

Post is by: jkl2035 and the url/text [ ](https://goo.gl/GP6ppk)is: /r/CryptoMarkets/comments/1qrtxwx/wallstreet_analyst_bitcoins_quantum_threat_is/ [https://www.coindesk.com/tech/2026/01/29/bitcoin-s-quantum-threat-is-real-but-distant-says-wall-street-analyst-as-debate-rages-on](https://www.coindesk.com/tech/2026/01/29/bitcoin-s-quantum-threat-is-real-but-distant-says-wall-street-analyst-as-debate-rages-on) What do you think when the quantum threat for BTC is becoming real (2k logical qbits Running) - I think in the mid-end 2030s (7-10y timeframe). As migration will take several years (See BIP360 discussion) we have to start now *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/CryptoMarkets) if you have any questions or concerns.*

GadJedi

Here’s the thing… you already own it and you can install Bitcoin-only firmware on it. As long as the features cover everything you want to do then it’s a good wallet. Does it have all the features? No. It’s missing things like SeedQR, BIP85, scanning passphrases (instead of only being able to type them in), and things like that. If you aren’t looking for those features and won’t use them, then it doesn’t matter. If you use it and it later gives you any issues (I typically read it’s the battery that causes problems) you can replace it later. As long as you have your seed phrase backup it doesn’t matter. The Keystone 3 Pro is good so I don’t really see why you would get something else if you already own one, unless… You could get a second wallet as a backup of course. In that case, go cheap and make a SeedSigner (especially if you have a 3D printer to print the case) or Krux (the absolute easiest solution).

xpresstuning

Bluewallet will automatically detect your derivation path and pick the right one based on activity/transactions. On rare occasions, it will get finicky with older wallet types (addresses starting with "3" or "1"). Just delete the wallet and import it again. It needs to re-scan; do it three times. If that somehow doesn't work, then import it in Electrum (desktop version; also make sure you go to Options > BIP39 seed checked) and follow its steps. First, try its auto-detect feature. IIRC after import, you'll get "detect accounts". If that doesn't work, you can delete it again and manually pick. Do that until you find the right one and get the funds into a new, fresh standard wallet. I'm assuming you don't have a passphrase because if you do and you don't remember, then you're done. Also, I'm assuming that you don't see any sort of activity or transactions in the wallet you imported. Your post is way too vague, and you haven't responded to almost anyone, so I can't help you much besides the common issues people run into.

Spitipoti

Trezor isn't that useful if you just plan to let it ride without making transactions. If he's tech savvy, he'd be much better off with a live Tails USB stick with no internet connection, creating a 24 words BIP39 seed, saving the words and its private/public keys, moving the coins there and forget about it. If he isn't tech savvy but he invests, he'd be much better off buying a ETN/ETC. If he isn't tech savvy and he isn't an investor, just leave them on WealthSimple - chances are he might screw something while transferring on-chain to the Trezor-generated wallet.

SteveW928

I really don't think about it at all. A hardware wallet is a signing tool (and seed phrase generating tool). If it fails, I get another. No biggie. It's really that simple, and I do fear too many think of their hardware wallets logically more like wallets than signers. That is unfortunate naming. Your seed phrase backup strategy really should be everything you're depending on. You can add a passphrase (BIP-39, part of the Bitcoin spec, not to be confused with a password or PIN number) for security to your strategy.

fattobby

You can use laser etching technology to imprint the BIP38 encryption key QR code onto a metal material. Tungsten steel is a recommended material due to its high durability, water resistance, fire resistance, and scratch resistance. If you want to embed Bitcoin in gold and cost is not a concern, please refer to the following link: https://goldphysicalbitcoin.com

Fear_Blind83

Armory wallet doesn't use standard BIP39 seedphrases so iancolemam tool won't work in this case.

longonbtc

Seed phrases didn't even back in the first 2-3 years of Mt.Gox, let alone hardware wallets. Electrum wallet started using seed phrases in 2011 and then BIP-39 was introduced in September 2013. The first hardware wallet, the Trezor Model One, was released on July 29, 2014. Before that, paper wallets were a popular cold storage method. A less common cold storage method was to just use a lightweight SPV wallet like Electrum and MultiBit on an offline air-gapped computer. Some people trusted Mt.Gox but there a glaring red flag popped up in mid to late 2013 when Mt.Gox began having withdrawal problems. [Roger Ver even flew to Tokyo, met with the CEO of Mt.Gox and looked at bank statements and then Roger released a video telling everyone that he was "sure that all of the current withdrawal problems at Mt.Gox are being caused by the traditional banking system and not because of lack of liquidity at Mt.Gox"](https://www.youtube.com/watch?v=UP1YsMlrfF0). He released that video a half year before Mt.Gox collapsed. But a whole lot of people were day trading on Mt.Gox, the majority of Mt.Gox users were trading, and you couldn't trade bitcoin when your coins are not on the exchange.

btc21de

Appreciate the response! Full transparency: I work at BitBox, which is why I know how hardware wallets generally work. Not all hardware wallets trust the secure chip, Trezors newer devices, as well as our BitBox02 don't trust the secure element, but instead use multiple sources of entropy to create the seed on the MCU, which itself runs open source firmware. The secure element assists with entropy, but it's not the sole provider of entropy. If I use a compromised app with your HWW, which instead of sending "Slot 1, send 500 to Addr A" to the HWW, sends "Slot 1, sent 10000 to Addr B", how can the user protect themselves from this attack? The HWW creates the tx and knows the UTXO, sure - but it can't verify what address or amount is correct. "the receiver knows the sender cant hand the same signed tx to multiple people and race to see who broadcasts first." How does he know that though? He can't verify your hardware or what's running on your hardware wallet. He has to trust you that your HWW has this feature. Great that you have a BIP39 compatible backup option for the recovery! For small payments it's an acceptable trade-off not to have a recovery. I think a child seed with a known derivation path could work well here!

Busy-Lifeguard-9558

hey thanks for taking the time to dig into this, appreciate the critical eye on the SE trust thing - yeah you're right that we're trusting the chip, but thats true for every hardware wallet that uses a secure element. we went with the NXP SE050 which is EAL6+ certified (same level as banking chips). ledger and trezor safe use similar trust models. the difference is our firmware is fully open source so you can actually audit what the chip is running about the screen - fair point. what we showed is still a prototype, the production version will have a display for confirming recipient and amount before signing. also worth noting our architecture is a bit different than traditional wallets - the hardware actually builds the transaction internally from stored UTXO data rather than just signing whatever hash the app sends. so even without a screen, a compromised app cant make the hardware sign something it didnt construct itself the monotonic counter thing - it actually protects both sides. the sender cant be tricked into double-signing the same slot, and more importantly for offline payments, the receiver knows the sender cant hand the same signed tx to multiple people and race to see who broadcasts first. its basically anti-double-spend protection that works offline about point 4, agreed.. we use proven patterns (BIP-143, secp256k1) on the backup issue - we actually have two modes. your savings wallet uses standard BIP-39 with full seed recovery, nothing weird there. the offline payment slots are intentionally non-recoverable, kind of like cash in your pocket. if you lose the device you lose whats loaded in those slots, not your whole vault. its a design choice for daily spending amounts, not a limitation anyway thanks again for the feedback, always good to clarify these things

anon1971wtf

Only for current elliptic curves. There're thought of quntum-proofing cryptocraphy. Mining is already pretty quantum-proof, for signatures - BIP360 on BTC's and Qunatumroot on BCH's are worth tracking

brandonholm

It is currently a gimmick, because Bitcoin does not yet support PQC. They’re just saying it’s “quantum ready”, but it’s entirely possible that existing hardware wallets will also be able to compute the future PQ signatures that Bitcoin may eventually use, and it’s also entirely possible that new hardware will be needed, including this Trezor product if it is unable to support whatever PQC is settled on for Bitcoin eventually. It’s best to wait until Bitcoin has consensus on a BIP that actually brings PQC to bitcoin, and then at that point decide if you need new hardware or not.

FamiliarHomework399

I’m now close to reaching **80 million BIP-39 seeds verified per second**; in just **12 hours**, I managed to scan **2 trillion keys**. https://i.redd.it/fsm45mevcneg1.gif

FamiliarHomework399

In BIP-39 the checksum filter reduces the search space by approximately 16 times (2048 for 128 alternatives for the last word). The Electrum checksum filter reduces your search space by 4096 times (1 word for every 4096 words generated).

TheTripleL

USB stick + Tails OS + Ian Coleman BIP-39 files + Sparrow Wallet. After testing everything, get another USB Stick and clone your Tails.

jkl2035

No one knows current roadmaps indicate that in the early/mid 2030s it will be possible to crack ECDSA - it’s Not a softfork which is needed, this would still leave like 4-5mn coins vulnerable (old Satoshis era coins - estimation by Hunter Beast from BIP360). To implement a hardfork estimations go 3-5y

jkl2035

There are several streams - most and best material has BIP30 by Hunter Beast imho, just check out their Website or talks available on YouTube

jkl2035

It will be a hard fork - just check out BIP360, around 4mn coins sitting in vulnerable wallets, including Satoshis - to make them quantum Secure you‘ll have to move them

jkl2035

I don‘t think quantum computing will destroy crypto, I think cq is forcing crypto to develop further. What I miss currently is an open minded willingness to discuss potential migration timelines in the crypto community. Take BTC, BIP360 is now more than a year in discussion, I see several controversal points in the discussion, but we‘ll never come to a point to perform a post quantum Migration for BTC if people are not willing to discuss how this can be acchieved. All this in the whole knowing that we don‘t know when a potential threat will become real-life.

jkl2035

Tell me how BTC will face it - people always answer like that. Have you checked out the current proposals - I take BIP360 because I know best about it and like Hunter Beast in his neutral, unhectical way talking about it. After consensus is reached (and I wonder how it should reached in a Short Hand discussion) it will take 3-4 years (own estimation by BIP360 team) to migrate the chain. This would involve burning Satoshis coins which will be discussed controversal. Man, we have to take this more serious and stop talk about FUDing and generic phrases like „we solve it when it’s needed“

jkl2035

For me it’s not shit, I see it as serious threat for the whole crypto market. I‘m really worried how people in the crypto community - esp. BTC - are handling this without looking at the potential burdens for a migration. I don‘t know if Q-day is 5, 10 or even 15 years away. What I see that all the major quantum player have delivered their roadmaps in the last 3-4 years. Current roadmap would suggest that ECDSA will fall in the early-mid 2030s. And currently a lot of money is invested in the field. A potential migration of BTC (if consensus is reached) to a quantum Secure encryption would take 3-4 years based on the current discussion (just check BIP360 for example) and would involve burning Satoshis coins (what the hell!!!)

jkl2035

Hard fork will be needed imho, not sure how you will handle this threat with a softfork and ensure Satoshis wallets are secure (just check out BIP360)

jkl2035

The most mature imho is BIP360, they have a webpage https://bip360.org also several talks available on YouTube, I‘d recommend to start with the YouTube Talks first and then start the Reading.

jkl2035

Actually it‘s like that - I hold a decent amount of BTC and I‘m really worried how the BTC Community handles the discussion on the quantum threat - looking at the current proposals to make BTC quantum Secure like BIP360, it is obvious that it’s not an easy Journey. It will be a multi-year migration story with controverse discussions (burning Satoshis coins and similar) - for me a Must to take this serious and start taking Action on it Right now

jkl2035

Even Michael Saylor just Said that we have to migrate BTC in a quantum threat scenario - he handled it as a Minor issue, I think the migration path will be quite hard. Current discussion (e.g BIP360 by Hunter Beast) involve a multi-year migration including a burn of Satoshis wallet….

jkl2035

Not sure if it’s just Hype - I think we have to take this more serious. BIP360 with hourglass approach will take several years to migrate BTC to quantum secure chain. Considering that „only“ 2k logical qbits needed to Crack BTC encryption O think we should start discussing more serious on quantum threat. According to Hunter Beast (author of BIP360) to ghly 4-5 million BTC are vulnerable

jkl2035

Sure, but you cannot handle Satoshis coins with that - I‘m long in BTC but think we have to take the quantum threat more serious, like BIP360 by Hunter Beast

FromThePits

Any idea how many scripts would have to be run ultimately? There must be some reductions from the BIP39 checksum, right? I'm no programmer, myself, so a little in the dark about all the technicalities.

na3than

No one has ever lost Bitcoin as a result of "the chain gets hacked". The blockchain has never been hacked. Flaws have been found^1 (and long ago mitigated) in Bitcoin's consensus rules and software bugs have led to unexpected forks^2, but the blockchain itself has never been "hacked". ^1 [CVE-2010-5139: Bitcoin Value Overflow](https://en.bitcoin.it/wiki/Value_overflow_incident) ^2 [CVE-2013-3220: Bitcoin’s Migration From BerkeleyDB to LevelDB](https://en.bitcoin.it/wiki/BIP_0050)

Minimum-Audience8963

What you describe is technically possible, but there are a few important points to clarify. If both wallets derived the *same first receiving address*, that strongly suggests the **seed phrase itself is correct**. In that case, the most common failure points are: an **incorrect or slightly different passphrase** (even one extra space or character changes everything), a **different derivation path** (Electrum vs SeedSigner configuration), or restoring the seed under a different script type (legacy / segwit / native segwit). BIP-39 passphrases are not checksummed, so a typo won’t be detected automatically — the wallet will still load, just into a different empty account. Recovery is usually approached by systematically validating: the exact derivation path, script type, and controlled passphrase variations **offline**. This isn’t something that should be experimented with casually or online. If you still have the seed and know roughly how the passphrase was constructed, there *may* be a way to verify this safely.

Minimum-Audience8963

Hi. From your description this looks more like a **non-standard mnemonic / early paper wallet format**, not a classic BIP-39 seed phrase. The QR codes are likely irrelevant here — in many older setups they simply duplicated the same text. The key part is the **link between that phrase, the derived address, and the specific implementation used at that time** (year, service, generation method). An 11-word phrase is uncommon today, but it did exist in older solutions. If there was an outgoing transaction from that address, the private component must have been valid at some point — the issue is usually missing parameters rather than the phrase being “wrong”. This is not something I’d recommend continuing to analyze publicly. If you want, feel free to DM me and I can explain **how to approach checking this case safely without exposing sensitive data**.

riscten

It's more nuanced than that. If you run a fresh OS on a PC with radios (Wifi/BT) disabled or removed, you've essentially created a hardware wallet. A hardware wallet does not fundamentally need a secure chip. In fact using any wallet in stateless mode (not storing the mnemonics on the device at all) is safer than storing on any secure chip. The primary purpose of a hardware wallet isn't to store mnemonics, it is to generate keys and sign transactions. Mnemonics are ideally stored on metal plates. Finally you can generate BIP32 hierarchical deterministic wallets on PCs just as well, allowing you to have an infinity of addresses and preventing address reuse. You can use Sparrow for this.

WinterWind1310

I'm going crazy!! Does this seems correct?import hashlib import itertools # BIP39 wordlist with open("bip39.txt", "r") as f: wordlist = [w.strip() for w in f.readlines()] word_index = {word: i for i, word in enumerate(wordlist)} # known seed words known = { 1: "thank", 2: "suspect", 3: "identify", 4: "embrace", 5: "balcony", 6: "board", 7: "inspire", 8: "always", 9: "brand", 10: "banana", 11: "swap", 12: "blood", 18: "battle", 19: "armed", 20: "rival", 21: "ceiling", 22: "believe", 23: "give", 24: "access" } unknown_positions = [13, 14, 15, 16, 17] def check_mnemonic(words): # Convert words to indices indices = [word_index[w] for w in words] # Concatenate 11-bit indices binary = ''.join([format(i, '011b') for i in indices]) # 264 bits entropy + 8 checksum = 272 bits entropy_hex = hex(int(binary[:264], 2))[2:].zfill(66) checksum = binary[264:] # Compute SHA256 of entropy import hashlib entropy_bytes = bytes.fromhex(entropy_hex) hash_bytes = hashlib.sha256(entropy_bytes).digest() hash_bits = ''.join([format(b, '08b') for b in hash_bytes]) computed_cs = hash_bits[:8] return computed_cs == checksum # Brute force import time start = time.time() count = 0 valid = [] for w13 in wordlist: for w14 in wordlist: for w15 in wordlist: for w16 in wordlist: for w17 in wordlist: # Build full word list words = [known.get(i) for i in range(1, 25)] words[12] = w13 # index 12 for seed13 words[13] = w14 words[14] = w15 words[15] = w16 words[16] = w17 if None in words: continue if check_mnemonic(words): valid.append(words) count += 1 # print progress if count % 1000000 == 0: print(f"Tried {count} combos...") print(f"Found {len(valid)} valid mnemonics") for v in valid: print(' '.join(v)) print(f"Time: {time.time() - start}") The thing is it's running but it would take approx 10 years in my PC to try all combinations. Did I missed something!? The oral word is guessable by analyzing any of your posts or comments? Can you give a little hint?🙏🙏🙏

FromThePits

It's a 24 wordphrase to access 0.01 BTC directly on the blockchain, but there's a few words missing. All of them is included in the BIP39 protocol, so its just a matter of deciphering those blanks. The unredacted version is toppost here : r/thegreekchain

Satoshis_Vault

You need to check out the Specter Shield (Lite)! \- Huge Touch Display \- Bitcoin only \- Air Gapped \- BIP85 \- Switch Secure Chip \- Manage multiple Seeds ...

uncapchad

yeah there weren't secret words back then. That came in 2013 with BIP39. Genesis block in 2009, Bitcoin used a simple wallet format where private keys were stored directly in a file called wallet.dat. Each address had its own private key. So that's about 22 000 keys you'd need to find. Even if you found them all you would have 0 powers over anything else. Bitcoin operates on a decentralized consensus model, meaning no single entity, not even the creator, can unilaterally change the protocol, alter transaction history, or influence network rules.

jkl2035

Exactly, for BTC there is a discussion ongoing (BIP360), same for other major projects

jkl2035

Sure - every Technology will have issues, centralized banks as well as decentralized blockchains. I think BTC has a good migration path with BIP360, tricky part will be to come to consensus on what to do with Satoshis/lost coins, interesting to follow the discussions on that in the next months

jkl2035

Important that we Take this topic more serious, I‘m holding some BTC, like the BIP360 concept, but migration with the proposal will Take several years…

jkl2035

I expect a 5-10y Range until quantum Computer are able to solve ecdsa - the Challenge imho is that we don’t know when it will happen (could also Take longer), but it‘s too late when it happens. Take BTC for example - Migration like suggested by BIP360 takes 3-4 years (estimation by author Hunter Beast), this is the reason why the quantum threat is relevant today, I think a lot of people are underestimating the time needed for migration which is really risky