Reddit Posts
All bip39 words on 2048 limited edition handmade mugs
A Fork of CLN Implemented Eltoo Useful for Channel Factories Available for Testing
Need Help Deriving Extended Private Key from Bitcoin Root Extended Public Key and Non-Hardened Extended Private Key
Is it normal for the majority of your seed words to start with the same letter?
Need Advice with Crypto Wallets - Hardware vs Mobile Wallets
Entropy: only 121 bits (vs 128) on Blockstream Jade using dice rolls?
Backing up and recovering wallet - seed phrases, private keys, extended private keys, eh???
Best method of long-term cold storage for life-changing amounts?
BIP39 misalignment? Mnemonic vs. Decimal vs. Binary seeds
Mining ALL remaining bitcoins in less than two weeks (difficult adjustment)?
How to make a new wallet address with my own selected BIP39 words
Import private keys from BIP39 paper wallet with passphrase
12 word BIP 39 >> Hardware Wallet - What are the options?
Malware and scams I should be on the lookout for
What happens if Bitcoin price gets high enough, such that it becomes necessary to go ahead and take it to the 9th decimal place? Can that be done w/ backward compatible SF, or is a HF req'd? Can someone with knowledge detail the process? Can't seem to find answers on this researching around...
how to manually encrypt your BIP39 seedphrase with an additional cipher?
Can the BitBox02 show a wrong seedphrase (BIP 39 wordlist)?
What if they planted a bug into BIP 382, which makes it possible to increase block rewards?
Enhancing Bitcoin Security: A BIP39-Compatible Vernam Encryption Approach for Safeguarding Recovery Phrases
Stacking has crept up on me and now I need to upgrade my storage
Any open source, encryption based, 3/5 multi factor wallet already available? If not, can this be developed?
Is it a security risk if your wallet’s extended fingerprint (xfp) has been exposed?
FINCEN MegaThread | Do Not Give Them Your Silent Consent | Remember Remember The 5th of November | Support Bitcoin Privacy
Thoughts on BIP 324 and the increased anonymity of using bitcoin.
ELI5 - What if Ledger or Trezor stops working?
Tutorial: How to use normal (non Casino-grade) dice to generate a seedphrase
Bitcoin Is About To Become More Secure With BIP324
This page offers a comprehensive overview of BIP-329, proposed by Craig Raw, creator of Sparrow Wallet. You'll find information about the current status and adoption progress, highlighting the significance of this proposal.
Coinplate has a BIP39 seed phrase recovery tool.
Walk down the memory lane: Blocksize wars and the Bitcoin XT controversy
How Much a Spot Bitcoin ETF Can Affect The Price - The Bad Version
Can one secret phrase (eventually) access any wallet?
Do you know that you don't need hardware wallets for cold storage?
I made a descriptive post of every item that you can purchase using candies from Coingecko so you do not have to look
How CTV (BIP 119) Could Create Channel Factories for Casual Users
BIP-300 biff: Debate reignites over years-old Bitcoin Drivechain proposal
BIP-300 biff: Debate reignites over years-old Bitcoin Drivechain proposal
The WW2 German Enigma cipher machine has 158,962,555,217,826,360,000 different possibilities (nearly 159 quintillion). The BIP39 seed phrase word list contains 2,048 words, so a 12-word crypto seed phrase has about 2 to the power of 132 possible combinations. That’s 2 with 132 zeroes after it.
"NO" | Rejecting BIP300 Drivechains | Featuring Saifedean Ammous | Bitcoin Standard Author
"NO" | By Saifedean Ammous | Two Open Letters Rejecting BIP300 Drivechains | Voiced by FEEeACH
Why Blockonomics endorses DriveChains (BIP300-301)
🔴LIVE | BIP 300 Debate | Drivechain Softfork Dynamics | @BITC0IN
🔴LIVE | BIP 300 Debate | Drivechain Softfork Dynamics | @BITC0IN
Stumbled on BIP-300: a potential game-changer or just buzz?
There are 2048 possible words that comprise your seed phrase and each of these corresponds to a number in the BIP39 list. Reminder that it’s possible to convert the phrase to numbers for seed storage.
Bitcoin Drivechain Proposal (BIP300) Debate
Holding crypto is not likely to get any more convenient, and it is an inherent problem of self-costody.
COLD STORAGE: Comparing the Best Cold Storage Wallets for 2023
Yesterday was my first time encountering the word 'Satoshi' in a seed phrase. Did you know it was in the BIP39 word list?
What's your self-custody strategy? Do you keep a backup hardware wallet on hand?
BIP300/301 and Drivechain talk with Paul Sztorc and Austin E. Alexander
PSA: Severe Libbitcoin Vulnerability. If you used the "bx seed" command to create seeds/private keys, Immediately move related funds to a different secure address.
In theory, instead of creating a new wallet and memorising the seed, can I just choose words that are easy to remember and generate a wallet from that?
Importing BIP-84 key in Electrum giving wrong address
What is a BIP-39 seed phrase -- a few tips for handling your seed words safely
What is a BIP-39 seed phrase -- a few tips for handling your seed words safely
Keeping KYC & Non-KYC utxos in the same Multi-Sig wallet: will there be a way of these utxos being linked?
Mentions
1) If I remember correctly, the banana split sheets let you break down 24 words into a list such that always 2/3 sheets recover the full seed. 2) What is SeedXOR? 3) Mh, multisig is less convenient because it would require me to travel to 2/3 locations and I'd probably need to buy 2 additional devices to create the signatures? 4) Haven't thought about it. I just followed the recommendation in the video I linked. You're suggesting to roll for words in BIP39 list?
A couple things in no particular order - what is a banana split sheet? - are you aware of SeedXOR? I think it's a better option for what you're doing - if you are this advanced/paranoid, why not do multisig? - why not use BIP39 words for your passphrase?
Been wondering this too honestly. Maybe they're just sticking with what works and don't want to deal with the added complexity of supporting multiple standards? Could also be a security thing where they'd rather focus on perfecting BIP39 implementation instead of spreading resources thin
I‘m long in some of the quantum projects because I think this sector will rocket when the major projects start the Migration process. Spend some time on the BIP360 approach for BTC and it will not be that easy to come to an consensus as several philosophical questions have to be answered (what to do with Satoshis coins?). Nevertheless a lot of bullshit projects out there in the quantum secure area
BIP47 public payment code / PayNym
Yeah, problem is that news like that will keep gaining attention. That's why it would be far better to say there is a BIP that has enough consensus and is being developed. But the topic has been around a long time and people are programmed to fight it rather than address it.
Of course computers can generate keys themselves, but RNG logic is the hardest part to test and verify on a device. That's why generating from dice is so compelling. As long as your dice are reasonably fair, you're a few throws away from making sure nobody's handing you mnemonics from a preselected pool. Takes 15 minutes at most. Plus, you really only need to do this a few times in your life. Using BIP85, you can generate a single master seed, from which you can derive a near-infinity of mnemonics (from which you can derive a near-infinity of wallets)
> so when that company shuts down, then your coin still gone right? So pretty much every modern wallet supports what's called "BIP39". This is a wallet standard which means the wallet generates 12 or 24 random words (the "seed phrase") from a standard list which are in turn used to create your keys & addresses. These words can be used to recover your wallet completely to any compatible device or app. The words need to be carefully written down (some even stamp them into metal plates) and stored securely *offline*. These words are far more important than the device or app itself. When you hear about scammers stealing someone's bitcoin, it's usually by *tricking* them into typing their seed words into a website, or finding a photo of them on a hacked device or account. You need to protect those words at all costs and never reveal them to the multitude of scammers who are trying to fool you with DMs or spam emails.
You can use your recovery phrase with any wallet compatible with BIP39. The 24 word recovery phrase isn't ledger specific, its universal and will backup your wallet if something like that happened, and would be able to transfer your wallet onto another cold wallet. All of this is possible because you hold your own coins, so even if ledger goes bust, you still have the physical copy of your recovery phrase, along with your private keys (the most important part) Now compare that to if an exchange went bust with your coins on it...
This is not entirely true. Adding a password (BIP-38) just adds more entropy to the seed phrases entropy. Even it its leaked, you don't know the HMAC of the first n words anyway. BIP38 phrase can be full random, not like BIP-39, meaning you better back it up or remember it. Can be possible to brute force if you have the seed phrase in a disaster recovery. Also, you can create a "muggers wallet" on the ledger without the BIP-39 passphrase. Put a small amount of coins there, then use the password for the real holding. The attacker still needs the seed phrase (and the device), which wouldn't show anyway.
I disagree with the OP. Adding a password (BIP-38) just adds more entropy to the seed phrases entropy. Even it its leaked, you don't know the HMAC of the first n words anyway. BIP38 phrase can be full random, not like BIP-39, meaning you better back it up or remember it. Can be possible to brute force if you have the seed phrase in a disaster recovery. Also, you can create a "muggers wallet" on the ledger without the BIP-39 passphrase. Put a small amount of coins there, then use the password for the real holdings.
Great project! Bitcoin implementations from scratch are excellent learning tools. For your collective blockchain storage idea, you're essentially describing a form of "pruned nodes" but with distributed responsibility. Check out BIP 157/158 (compact block filters) and "Neutrino" light clients which handle similar challenges of partial blockchain validation. The challenge with your random block storage idea is reliability - how do you ensure enough redundancy for less-accessed blocks? What happens during network partitions? You might want to look into erasure coding techniques from distributed systems. For educational value, absolutely! Your project reminds me of Jimmy Song's approach in "Programming Bitcoin" but with Zig's memory safety benefits. Consider adding explan
Probably chuckle to myself laughing at whoever wrote that on a floppy considering BTC wallet addresses didn't start using seeds until 2012. And to my knowledge the majority (if not all) of the potential Satoshi wallets all used the original bitcoin core wallet format. Seeds didn't come into play until they started using BIP32 & BIP39.
> What would you do if you found this? Probably roll my eyes remembering that the concept of a "seed" in bitcoin did not exist before ~2013 (before the implementation of the [BIP39](https://trezor.io/learn/advanced/standards-proposals/what-is-bip39)), then further remembering that floppy disks became obsolete way before bitcoin was created, and chuck it into the bin, feeling nice and smug about my absolutely useless knowledge of bitcoin trivia.
Maybe I couldn't clarify, but multisig doesn't mean giving your power to others; you can still take care of multiple keys yourself, or share the minority with others to help in case of emergency. Multisig will handle the single point of failure natively with Bitcoin and as it uses the BIP 174, there will be no vendor lock-in! which I think is a MUST.
To be fair, the write-up looks more insane than it actually is. Once you understand UTXOs + coin control and have Sparrow set up, the whole thing is basically: * find the original input address * refill it * spend that one UTXO for the test It’s annoying, but it’s not rocket science. The real shitshow isn’t “Bitcoin in Europe” as such, it’s the combination of: * EU ToFR rules that were written with a **single account = one address** mental model, and * exchanges that bolt on the cheapest possible implementation instead of doing the work to support **HD wallets + self-custody properly**. There are technically clean solutions that don’t require this circus at all: * message signing (signmessage / BIP-322) from **any** address in your HD wallet * or a standard like AOPP / similar, where the exchange gives you a challenge and your wallet signs it once, off-chain If EU-regulated exchanges in 2025 just implemented a proper “Sign message to prove ownership” flow and stopped insisting on “same address Satoshi tests” glued onto HD wallets, this would be a one-click action instead of a tutorial. So yes, this workaround is stupid – but it’s stupid **because** exchanges refuse to implement the technically obvious solution for self-custody users, not because Bitcoin itself can’t handle it.
Not at all. A complete opposite of holding bitcoin on an exchange. Bluewallet is completely open source so anyone can fork their own version. So even if every developer left the project, anyone can pick it up and keep going or create a PurpleWallet as a fork. https://github.com/BlueWallet/BlueWallet The people developing it don't see your keys, they don't have an access to your coin. You're the one having the access. If bluewallet disappeared tomorrow, you can load the keys (your seed words) into Sparrow, electrum, Blockstream Green, or any wallet that supports BIP39 and access your money.
I use Electrum, and it has been a good experience thus far. I am also dumb, so you are in good company. Here is my protocol: 1. I boot to TailsOS (offline/air-gapped) and I start Electrum in volatile memory - that is - when the session is closed all work is lost (zero permanence). 2. Generate a new wallet. I add custom words at this step. I triple-check that the 12 original words, and any custom words that I add, are part of BIP39. Important: Do not say the words aloud, do not attempt to save the words digitally, do not take a photo of the words. Quietly and with care, write your words down in order on a piece of paper and set it aside. 3. Insert a second, empty flash drive. In a notepad, copy and paste the master public key and your first 3 BTC addresses. Save the notepad file to your flash drive. 4. Close the session and shutdown TailsOS. 5. Start your regular, online computer in Win, macOS, or Linux. 6. Download Electrum and make a watch-only wallet using your master public key. 7. Scrutinize the BTC addresses in your watching wallet against the 3 you saved to your notepad. They should match exactly. 8. From your brokerage or a different wallet, send an EXTREMELY small amount of BTC to one of your new addresses and wait for on-chain confirmation. 9. Next, you will send this BTC back to its original source (less transaction fee). Important: Since this is a watch-only wallet, you cannot sign transactions, and thus you cannot send BTC, but you can generate a transaction file. 10. Save this file to your flash drive. 11. Boot to TailsOS (offline/air-gapped), start Electrum in volatile memory (zero permanence), and recover your wallet using your words. NOTE: Because you are not on the internet, you will not see the BTC in your wallet. 12. Import and sign the transaction and export the confirmation file and save it to your flash drive. 13. Close TailsOS. 14. Start your regular, online computer in Win, macOS, or Linux. 15. Start your Electrum watch-only wallet and import the confirmation file. The BTC should now move to its destination. 16. If all goes well, you have just created a cold storage wallet to which you can send BTC at your convenience, but it requires this layer of security to sign any transactions. 17. Go to a hardware store and purchase stainless steel washers and a through-bolt. Also, purchase a metal stamp kit. 18. Because your words are BIP39, you only need to stamp the first 4 letters regardless of word length. 19. Stamp the word and word # to your washers and place them in a safe place. 20. Make a duplicate washer stack. 21. Make an instruction washer which tells your heirs that you used Electrum and a normal BIP wallet will not work.
BIP-39 came in Sept 2013.most probably whoever try to bruteforce anything will try doormant old legacy addresses prior to this date.
It’s possible. If the bitcoin community doesn’t get its act together via BIP360 or something similar before Q-Day, it could very well happen.
Don't "link you in with youtube liars"? When did I say you were a lying youtuber? Weird statement. Anyways. I'm just saying, core hasn't been making any good arguments on why BIP444 is broken by design. To me it was working fine. So not even sure what the point of an upgrade was.
Really? You could've just Googled them because they're well-known incidents. Add the "https" in front of the links: **2010 reorg**: * Google "Bitcoin Value overflow incident" * Google "The Day Someone Created 184 Billion Bitcoin" **2013 reorg** - Also resulted in a known double-spend: * Google "Analyzing the 2013 Bitcoin fork: centralized decision-making saved the day" * Google "Alert: chain fork caused by pre-0.8 clients dealing badly with large blocks" * Google "Bitcoin BIP 0050"
**2010 reorg**: https://en.bitcoin.it/wiki/Value_overflow_incident https://decrypt.co/39750/184-billion-bitcoin-anonymous-creator **2013 reorg** - Also resulted in a known double-spend: https://blog.citp.princeton.edu/2015/07/28/analyzing-the-2013-bitcoin-fork-centralized-decision-making-saved-the-day/ https://bitcointalk.org/index.php?topic=152030 https://en.bitcoin.it/wiki/BIP_0050
Don't link me with youtube liars I see you're ignoring the facts about the proposal, continuing with the hysteria for its own sake. BIP444 is broken by design
It is even easier than others say. With a BIP-39 12-word pass phrase, that 12th word contains 7 bits of entropy plus 4 bits of checksum. Very few of the final word choices will result in a valid checksum, so only those few words will need to be tested. However, as many have pointed out, checking all 2048 possible words would be trivial, anyway. You may as well simplify it and just try them all.
Picking random words from BIP-39 can lead to invalid checksums = no valid wallet/pk. Beside that its not possible to use a word outside of the 2048 wordlist. If you had a valid public key back then, you had a valid mnemonic phrase. You should read into BIP-39 and try the words by bruteforce if only 1 word is missing.
Maybe in that time I selected 11 random words from BIP39 and added my own passphrase, but using any different of BIP39?
No, BIP-39 wordlist is a standard. There are 2048 words. If you know the position of the missing word you just have 2048 different combinations. Try them all using a brute force algorithm (easy, let chatgpt write that python script) and you got your keys within a seconds.
Is it a standard BIP39 seed phrase (2048 word list) or an early Electrum V1 which used a 1626 word list?
There was a BIP for that already (soft fork to fix the price at 50k): https://github.com/luke-jr/bips/blob/softfork_50k/bip-softfork-50k-price.mediawiki
Did someone upload the Nelson Mandela JPEG to the blockchain due to the size increase? No, it was added in 2013 Did someone upload the Mr Burns JPEG to the blockchain due to the size increase? No, it was added in 2017 Did someone upload the tankman JPEG to the blockchain due to the size increase? No, it was added in 2017 Does BIP444 prevent the addition of arbitrary data to the Bitcoin blockchain? No it does not It doesn't even block the three methods used for the three examples listed above Also, the V30 modification doesn't increase the size of anything. Bitcoin consensus has never limited OP_RETURN sizes > everything I've been reading You obviously avoided reading the debate in the Bitcoin developer mailing list, and completely bought into the manipulative hysteria
From what I know about the topic quantum computing is well known to be coming, so there are already people working on a solution. Someone told me about BIP360
First, ignore DMs. The moment you wrote "I am a noob" you made yourself a target for the dozens of scammers who'll be trying to direct you to their fake platform/wallet/exchange. In terms of wallets, anything in the wiki/faq here or over on /r/BitcoinBeginners is likely a safe bet. I use a hardware wallet (Trezor) so I'm afraid I have no recommendations. Good call to look for BIP39 support, which is still the most widely supported standard. In terms of exchanges, I've always used Kraken. Reasonable fees. Great customer support, but the best choice may depend on your country. Again though, stick to those listed in the wiki/faqs. Any legit exchange will let you withdraw (send) to any legit wallet, so all you need to supply is a receive address, generated by your wallet. No need to "link" your wallet. Some countries may impose extra conditions due to money laundering / KYC rules though.
BIP39 mnemonic seed phrases cannot be arbitrary "items." The seed phrase is explicitly words from a 2048 word list. 12, 24 or potentially another number of words. There is also a checksum as part of the last word, so randomly choosing 12 words from the list has only like a 1-in-1-million chance of being a valid seed word set.
BIP-39 was created in 2013 - years after these emails.
*From Trezor Team-* Hello r/cryptocurrency Trezor has been building key innovations since Bitcoin’s early days - you might know our team for inventing the first hardware wallet and creating the BIP39 seed-phrase standard. For this AMA, our CTO, Tomáš Sušánka, will be here to talk about Trezor Safe 7 - our recently launched new model - share insights from development, and answer your questions. If you’re curious about the future of self-custody, this AMA is for you. **What this AMA will cover** **🔐 Trezor Safe 7: our next-generation hardware wallet** TS7 marks the biggest leap forward in the Trezor lineup since our very first device. It brings security, premium materials, and a modern user experience together in one device. **🛡️ Security, explained openly** We’ll break down the security principles behind TS7 - and Trezor wallets in general - including: * How the dual secure-element architecture works, combining the open and auditable TROPIC01 chip with the certified OPTIGA Trust M * What “quantum-ready” means in practice and what users should expect from it * How wireless features & Bluetooth are secured * How Trezor devices handle seed generation, backup & recovery * How open-source firmware supports verifiable security **📌 Other topics we’re excited to discuss** * TS7 shipping timelines & what updates are coming next * Where we see self-custody hardware heading in 2026+ * What our team is working on right now and what new features our customers can expect in the near future **Our CTO, Tomáš Sušánka:** u/tsusanka
Ah, sounds like what you type in to access the 'inner' wallets ***are*** BIP39 passphrases (25th seed words), meaning that if you forget those, the main wallet seed isn't going to recover anything for you 🤔 It's a dangerous game! 😜
This "system" can't destroy your money "at a whim". To destroy somebody coins you must create BIP which proposes to destroy somebody coins and have 50+% miners to accept this BIP. It's extremely hard since miners really don't like to acxept BIPs. Remember that miners money depends on atability of vitcoin and public trust in bitcoin.
many in this sub dont even know about Lightning Network or Liquid Network and many don't even know that Bitcoin is infinitely divisible (lightning network already works with millisatoshi) People think they understand Bitcoin, but they dont even get 17% of the tech, or what a BIP is.
Not sure where you heard that private key cracking algorithm can be reduced to 128 bits. Not saying it's not true as some weird math shortcuts may exist that I'm not aware of, but traditionally old types of addresses use 160 bits (due to RIPEMD160 used to hash public key), while taproot addresses use up to 255 bits (due to two private keys being valid for each xonly public key). For BIP39, you can choose 12, 15, 18, 21 or 24 words, but no idea if your wallet supports all these lengths.
Good example, that 24 word sequence is invalid despite using words from the BIP 39 list. A wallet will reject it as invalid if you tried to import it. For a 24 word phrase to be truly valid, the first 23 words determine the precise mathematical value of the 24th word. You must rely on something like a wallet to generate a truly random and valid seed phrase, as human selection is neither secure nor truly random.
You need to use words from BIP-39 list, not just any word, even if you picked from the list (which isn't recommended) it wouldnt pass the last work checksum. For a distributed key, without a single point of failure, the best is shamir's secret sharing or multi sig
Everyone here is confusing pass phrase and seed phrase. Great question! Here's a clear breakdown of the difference between a seed phrase and a passphrase in the context of cryptocurrency wallets and digital security: --- 🌱 Seed Phrase (Recovery Phrase) - Definition: A sequence of 12, 18, or 24 words generated by your wallet that represents your private key. - Purpose: Used to recover your wallet and access your funds if your device is lost or damaged. - Example: gravity trophy banana sunset mirror canyon ... - Security Role: Anyone with your seed phrase can fully control your wallet. - Standard: Follows the BIP39 standard (used by most wallets). - Storage Advice: Must be stored offline and securely (e.g., written on paper, stored in a fireproof safe). --- 🔐 Passphrase (Wallet Extension or 25th Word) - Definition: An optional extra word or string added to your seed phrase to create a different wallet. - Purpose: Adds an extra layer of security—like a password for your seed phrase. - Example: correcthorsebatterystaple - Security Role: Without the correct passphrase, the seed phrase alone won’t unlock the wallet. - Standard: Also supported by BIP39-compatible wallets. - Storage Advice: Must be remembered or stored securely—losing it means losing access to the wallet. --- 🧠 Analogy Think of the seed phrase as the key to a vault, and the passphrase as the combination to open a hidden compartment inside that vault. Both are critical if you're using the passphrase feature.
It is possible to pick 24 random words from the BIP39 list in a wallet and access someone’s $10B bitcoin wallet. But you are billions of times more likely to find a winning powerball ticket on the ground and get struck by lightning while picking it up and wake up to Sydney Sweeney giving you mouth to mouth resuscitation.
Old news. Already discussed here in several threads three weeks ago BIP-444 isn't going to happen
tldr; The release of Bitcoin Core v30, which removed the spam filter limiting non-monetary data size per block, has reignited a debate among developers about Bitcoin's purpose. Proponents argue the change resists censorship, while opponents claim it risks legal issues and undermines Bitcoin's monetary focus. A soft fork proposal, BIP-444, suggests banning non-monetary data for a year to address these concerns. The debate has divided the community, with accusations of censorship and threats to Bitcoin's neutrality and financial freedom. *This summary is auto generated by a bot and not meant to replace reading the original article. As always, DYOR.
Really? \`\`\` 6. replaceable (boolean, optional, default=wallet default) Signal that this transaction can be replaced by a transaction (BIP 125) \`\`\` Do not signal RBF125, the damn thing is a double-spend at heart. The feature is rubbish and should have never made it into upstream. Use a decent static fee and off you go.
People aren't going to be surprised because hardly anyone was naive enough to fall for BIP 444. It might be a surprise for whatever sheep got conned into falling for it. BIP 444 is an attack on Bitcoin and it will fail. If you honestly believe it will happen on Bitcoin and be successful, then you can literally bet your BTC on it right now and you'll multiply your BTC by 625 times if you're right: https://beta.predyx.com/market/will-the-reduce-data-temporary-soft-fork-be-consensus-enforced-on-the-most-work-bitcoin-chain-tip-by-march-1st-2026-1762275376 BIP 444 has already been proven to be ineffective as someone has already put the proposal’s entire text into a transaction on the blockchain while complying with the proposed specification of BIP 444. But let's just pretend that it wasn't already proven to be ineffective. How would BIP 444 work without turning on auto-updates so that your node knows when to invalidate specific blocks? And what centralized entity would get to push those updates yet? The same guy that created the BIP and this propaganda campaign? I guess he could personally monitor the chain and decide which transactions are ok and which aren't. If BIP 444 is activated, then the speedy activation would happen as soon as the first block containing content the centralized auditor doesn't like is found and they will rollback the chain to that starting point. That will cause a chain split and the new altcoin will now be created and have its own blockchain separate from Bitcoin. What is unknown is whether they will keep rolling back the chain again every time someone gets around the new rules and embeds content they don't like in a seemingly compliant transaction. Are chain rollbacks and block reorgs really something that you're interested in? The person that created BIP 444 and started this whole propaganda campaign is basically the Roger Ver and Craig Wright of this cycle. They have been using both Roger Ver's and Craig Wright's playbook. They are doing this to promote their failed company and to try to build support for their future altcoin (if they have the balls to actually go through with it), but they might not ever go through with it because they have hardly any support. By the way, illegal content already exists on the blockchain and it has for years.
LOL thanks for the comics. I do not have ANY problem finding my addresses now that I know in detail what does it means P2WPKH, P2SH, P2PKH, Purpose Coin type Account Receiving or change Index BIIP32/44/49/84/86/141, Entropy, BIP39, Checksum, Seed, Bech32, PBKDF2-HMAC-SHA512 (Password; Salt; Iterations; dkLen), HMAC(Password;m) =SHA-512((K′⊕opad) ∣∣ SHA-512((K′⊕ipad) ∣∣ m)), IL, IR, xprv, xpub, zpub, RIPEMD160, base58, digest, Witness program, etc etc. It is just that I find very strange that I had to build my own tool for calculating and printing all this, i want just to keep a simple paper wallet, no hardware wallets BS. I made the following tentatives : 1) Excel -> no way (it does not have built-in crypto hash functions, too complicated with VBA/Python outer call) But it was useful as a learning experiment. 2) Python -> do you really want me to learn another programming language? Even with chatGPT help it is too complicated to get there. 3) Html by Ian Coleman : even for the version offline I do not trust code with fetch() - network requests , document.cookie, Long Base64-like strings, XMLHttpRequest - classic XHR snippet, sorry. 4) [learnmeabitcoin.com](http://learnmeabitcoin.com) same as above, call me paranoic At the end i just resigned myself to copy and paste by hand all the values to a txt file and print it offline for each wallet - password, mnemonic, script, path, seed, xpriv, address, key of the address, etc. For the wallet apps there is less and less options : Exchange -> not your keys not you coins Exodus -> closed source so no (BTW it creates one BIP44, one BIP84 and one BIP86 address and then decides by itself which one use as receiving/change). So pratically only Electrum, but if you want all your address (BIP44, BIP84, BIP49) you need different wallets (only one script type per wallet? WTF). Even if there is no official organisation, still complicated standards have been negociated and approved, so why not a simple wallet derivation tool? I mean how "normal" people who does not want to engage with all this complicated mess can trust this system?
Your confusion is understandable, but your concern is overstated. There are plenty of tools right now to recover fund visibility (derivation path issues do not cause your funds to be lost, but in the vast majority of cases, merely temporarily unseen). Standards exist. The ecosystem is moving towards descriptors documented in BIP 380/388. Some wallets scan multiple derivation paths, and there are tools like btcrecover that help. Bottom line is that even if you lose your XPUBs, as long as you have your private key (your seed phrase), your funds are secure.
Great video, mate. If I had to nitpick, it would the the 21 million mentioned at around 7:45. It's slightly less than 21 million - 20,999,999.9769. This represents the theoretical upper limit, assuming flawless operations where **miners collect all rewards without errors** or anything else. Here are some examples from the past. The coins created in the genesis block cannot be spent. That's ₿50 down right there. This leaves us with 20999949.9769 BTC. Due to an early problem in Bitcoin, fixed by BIP30, it was possible to create a coinbase transaction identical to a previous coinbase. This caused the coins created by that older coinbase to be irreversibly "overwritten". This happened in block 91842 (overwriting the coinbase of block 91812) and 91880 (overwriting the coinbase of block 91722). **Each time, 50 BTC was lost**. This leaves us with 20999849.9769 BTC. The protocol rules allow creating up to the amounts listed above. Due to various bugs and miners experimenting with code, some blocks claim less than allowed. Those coins can never be recovered. Block 124724 tried to intentionally claim 0.00000001 BTC less than allowed, but accidentally also failed to claim the fees, losing 0.01000001 BTC. Between block 162705 and block 169899, 193 blocks claimed less than allowed due to a bug, resulting in a total loss of 9.66184623 BTC. Between block 180324 and block 249185, another 836 blocks claimed less than allowed, resulting in a total loss of 0.52584193 BTC. Block 501726 had no transaction outputs (except a 0-value commitment), losing the entire 12.5 BTC subsidy. Block 526591 didn't claim half of the block reward, losing 6.25 BTC. This leaves us with 20999821.02921183 BTC. Since a few years ago, there is a concept of provably unspendable coins. Coins can be sent to an "address" which provably burns them (using OP_RETURN). Bitcoin Core tracks these and removes them from its database, so they are easily accounted for. At least 3.71612692 BTC were burned this way. ... on top of that, various wallets have been lost, people forgot they owned bitcoin or just thrown away backups with small (at that time) amount of sats. Some of my sats are there too, I'm sure there are thousands of people like me. Perhaps this could be a good idea for your next video...
I think most of us are dyeing the BIP.
In addition to that, gold is truly trustless. Creating gold requires unrealistic energy, and it cannot be forked. You can bring more gold from underground or even from space, thus creating gold inflation, but what's mine is still mine. On the other hand, bitcoin relies on consensus, i.e. trusting the majority of the community do good. E.g. I saw someone posted yesterday that suggested to confisticate bitcoins not moving for 25 years. And if I remember correctly, there's also a BIP that wants to confisticate bitcoins in non-quantum-safe wallets. And who knows how many fancy reasons people will bring up in the future? If any of them pass, my bitcoin may be gone.
There is even a standard how to generate infinite amount if new bip-39 seed phrases from a single seed. See BIP 85.
I'm against BIP-444. No one gives a shit for compressed 1990's looking thumbnail illegal image. Going down the road of restricting OP_Return is against BTC purpose.
Not at all. A) it does not affect the bitcoin protocol at all B) it is a strong method of storing your HD wallet seed offline C) It is completely open with multiple independent implementations available D) Just like BIP-39 it layers ontop of BIP-32. It is only a different method of building the BIP-32 wallet master seed. The cryptographic hashing in SLIP-39 deriving the wallet seed from the entropy + passphrase is as sound as that of BIP-39, just slightly different. The mnemonic encoding in SLIP-39 is stronger than what is used in BIP-39, with less risk of mistaken words. And leaves no room for interpretation with a single word list and a bidirectional mapping of entropy<=>mnemonic. Malformed SLIP-39 mnemonics are by definition invalid, unlike BIP-39 where the seed mnemonic of the wallet may technically be any free text string not constrained to the word list or format. The drawbacks compared to BIP-39 A) Somewhat longer seed mnemonic phrase B) Some wallets do not let the user easily select the use of more than 128 bits entropy. (20 words mnemonic). This said 128 bits of.entropy is plenty, and SLIP-39 does support up to 256 bits.
Around 6 Million Bitcoin are vulnerable (estimation Hunter Beast mentioned in a talk on BIP360)
Think the problem is that a hard fork will take like 3y (estimation by Hunter Beast who is driving the discussion with BIP360 in the BTC community), looking at the current developments on the quantum roadmaps of the Major Players I‘m afraid that we‘ll wake with a big announcement by Ionq, Alphabet, IBM or whatever telling us they will have 2k logical qbits in a year away. In that case BTC will Crash heavily, that’s why I would appreciate of we would take this topic more serious
BIP-360 is good, answers all organizational questions but leaves open field for any technical solution.
Create a truly RANDOM seed with high entropy (research this, like rolling a die 128 times) & open source software. Write the seed down ONLY on paper / steel. NEVER digitally!! Make a small test transaction. Wipe the device (assuming this is a hardware wallet) & put your seed in. If you see your test transaction, then YOU'RE GOOD. Next steps are to use a BIP-38 passphrase (not a PIN) to generate a NEW wallet, based off that seed. Store your funds in that NEW wallet, and then stamp/engrave your seed into 2 or 3 stainless steel plates, stored in various locations. Let your family know where the seed plate(s) are... but come up with a dead man's switch that gives them a treasure map to where the passphrase & other personal passwords might be.
Oh okay thanks again. I went with this setup since I would be running my own node and trying to keep everything under my own control and the tutorial I followed seemed to be perfect for this. I just started to think if something bad happened to my computer and I had to use the backup of my bitcoin core wallet to get my funds back I wanted to make sure it would work. Or if my sparrow wallet would be the only way to recover (which it does sound like now) Thanks for the help again! Makes me feel better knowing that as long as I have the seed phrase for sparrow wallet then I will be able to recover it within any BIP39 wallet system
I only skimmed through the video but I think I understand the scenario. In this case, your wallet is only backed up in Sparrow. Bitcoin Core is **not** your wallet, it only serves as a tool to interact with the Bitcoin blockchain. You don't need to back anything up in Bitcoin Core. You can recover your backup with other wallets than Sparrow (any wallet that supports the BIP39 standard), but not with Bitcoin Core itself (because it uses a different standard).
I also think it’s not a major risk, but assume we should take this a little Bit more serious than most of the folks do today - I‘m watching the discussion on BIP360 and they are Talking about a 3y duration to implement it. Don’t think we are close to a quantum threat in a 3-5y period from now but we have to start now
Thank you for a discussion, this is what we're all here for, all good. House fires happen more often than wrench attacks. On average, 350,000 homes are on fire per year, a house fire is more of a liability than a wrench attach in my opinion. Of course depending on temperature, titanium metal is a better option. Seed memorisation. i don't trust my brain to remember 24 words, this would give me anxiety on a daily basis. This is without any black swan events like a concussion or amnesia or something. With respect, paper and my brain are a liability. How hard is it to hide a little chunk of metal? Check out this smaller solution with 'Microseed' where everything in one titanium washer. (Let's say you have flee and get through an airport) Can be easily magnetised to the underside of your watch, put on a necklace or magnetised to your belt buckle. Here: [https://postimg.cc/jwvKHDhP](https://postimg.cc/jwvKHDhP) If I have to flee a country in a hurry, yes, maybe put in onto paper in that short temporary scenario, soon as I'm safe, i'm putting it onto metal for peace of mind. Thank you for your input, gonna take a look at BIP39
“People like me” There is a difference between refusing to learn and not knowing something that exists. Calm down friend. We’re not in a war. Microseed is a smaller way to put it on one singular washer. Still way better than your paper suggestion. The fact you advise paper only makes me think your advice is not credible And no. I don’t have a safe. I think it’s better to stash it somewhere rather than make the safe a prime target. Can add a decoy stack in there to thwart off the attack I will google what BIP39 in the meantime, thanks. But can still be amicable.
Splitting seed is not a good idea. Do not DIY your security, use standards. Use passphrase, multi-sig, SLIP-39, BIP-85, plenty of options with different trade offs. Just do not split your seed. Also consider a standard scenario requires to protect you from 3 events: \- accidental loss -> fool-proof \- theft -> secure \- inheritance -> accessible Ah, and do not rely on your memory, ever.
Some downsides of seed splitting: 1. Reduced entropy / weakened security Splitting a full‐mnemonic into parts generally means each part contains fewer words. That reduces the brute‐force resistance dramatically. For example, Andreas Antonopoulos states splitting a 24‐word seed into parts can reduce security from ~256-bit to ~80-bit equivalent. Also, if the split part includes the checksum word it further weakens the scheme. 2. Loss of standard interoperability The mnemonic format (e.g., BIP-39) expects the full phrase. Splitting it manually is non-standard and may not be recoverable by standard wallets without reconstruction. Antonopoulos warns against DIY splitting schemes. 3. Increased operational complexity and risk of loss • If you split into N parts and require K parts to recover, you have multiple physical locations or storage units. More items to track means more points of failure. • If you lose enough pieces (below threshold K) you lose access permanently. Some split schemes reduce resilience. • For day-to-day spending or emergency recovery you may need to gather multiple pieces from separate locations—makes quick recovery harder. 4. False sense of increased security Users may believe splitting gives stronger protection, but without a proper cryptographic scheme like SLIP‑39 (Shamir’s Secret Sharing for wallets) the splitting is insecure and fragile. Antonopoulos says: “If you’re doing splitting you should use a standard such as SLIP-39.” 5. Estate planning/inheritance risk For heirs or future recovery: multiple pieces mean multiple responsible locations or persons. More complexity means more chance something goes wrong (lost key-holder, disaster at location, etc.). 6. Single point of failure remains / new points introduced Splitting often results in a scheme where you rely on “both secrets” (or multiple parts) which introduces new single points of failure (if any part is lost) and doesn’t eliminate the attack surface properly.
The discrepancy is obvious. A crypto wallet is self-contained, like a physical wallet full of cash banknotes. You're solely responsible for securing it. There's no crypto help desk to recover or change your seed phrase for you It's also obvious that online banking as described is horrendously insecure. It used to be that bad. Now there's a lot of 2FA, and in the phone apps, there's a hidden layer of asymmetrical cryptography used for authentication Of course, there are also phishing techniques which compromise 2FA, so make sure your banking password isn't the same as your gmail password, or don't use email 2FA. Also, "SIM swapping" can be used to compromise SMS 2FA, so don't use that either Don't split your seed phrase If you want to split your security, append a BIP39 passphrase to your seed phrase For example: https://trezor.io/guides/backups-recovery/advanced-wallets/what-is-a-passphrase
> someone will find a way around it Other data insertion methods have been known for years The proposal addresses OP_RETURN txoutputs and the use of OP_IF in txinputs (as used in the Ordinals "protocol") Ordinals uses OP_IF followed by multiple 520-byte pushes. The OP_IF follows OP_FALSE, so that in the consensus context the data push ops are never executed by a node. But the data is stored immutably. This is a kindness to the node operators - not straining the node's memory by loading it with arbitrary data https://docs.ordinals.com/inscriptions.html But there are other methods which have been used for years For example, there's a Simpsons JPEG in transaction 94e319d09fc236fb9d7a24e60af8f47ed41ca3cc01e9950c925d806153ed8aa3 The Simpsons JPEG in 2017 uses a repeating sequence of OP_PUSH, 520 bytes, OP_DROP. Unlike Ordinals, these opcodes are executed in the node, although they only occupy 520 bytes of memory at a time (thanks to the OP_DROP) The OP_DROP method and several other methods are discussed in this 2018 paper https://ledgerjournal.org/ojs/ledger/article/view/101 Bitcoin script has a rich set of opcodes https://en.bitcoin.it/wiki/Script The BIP444 proposal can't hope to predict all possible uses of Script for arbitrary data insertion, so it chooses a couple of known methods, ignores other known methods, and isn't aware of unknown methods which will be chosen to bypass its filters
Great. Let's all be clueless and irrational Everybody kneejerking about "legal threats" are only fueling support for this half-baked proposal. There are no threats. There's a claim that a blameless node operator could be exposed to criminal charges The supposed "legal issue" is that the node network is a volunteer operation. Every node operator is independent, and every node contains a copy (or part-copy for a pruned node) of the Bitcoin blockchain. In the early days of Bitcoin, there were discussions about whether every node operator is guilty of possessing and distributing unlawful content if one or more Bitcoin transactions embeds such content. In those old discussion threads, the consensus opinion was that the node operator is not liable The proposal can't work. It's not going to be implemented. Publicly shouting lame misconceptions about the proposal's justifications is pointless Logic If a Bitcoin node operator might be liable for unlawful material on his copy of the blockchain, and if it's necessary to change Bitcoin to eliminate this risk, then the change must completely prevent the storage of unlawful material The BIP444 proposal does not prevent the storage of unlawful material. It's a "we gotta be seen to be doing something" proposal which tweaks a couple of Bitcoin script opcodes and parameters. The tweaks only invalidate one current method of storing arbitrary data in a txinput scriptSig, and impose a consensus limit on the OP_RETURN txoutput The obvious indication that the proposal is a failure is that it's proposed to have a 12-month expiry - supposedly to give us enough time to work out a proper solution. We've seen arbitrary data on the Bitcoin blockchain for many years. The proper solution isn't a couple of hopeful parameter tweaks. If it's to be solved at all, it requires an overhaul of the fundamental structure of the Bitcoin block, and to abandon immutability
The ability to store arbitrary data on the blockchain was not enabled by Taproot The ability to store arbitrary data on the blockchain has existed since the beginning, and still exists on all Bitcoin-like blockchains - BCH, BSV, LTC, DOGE For reasons explained in a bitcointalk thread, Satoshi implemented payment transactions as executable scripts. A payment script requires data push operators to store the pubkey or pubkey hash in the locking script, and to store the signature and pubkey on the unlocking script. A data push operator can not be constrained against storing arbitrary data The BIP444 proposal doesn't remove the ability to store arbitrary data on the Bitcoin blockchain. It only tweaks a couple of parameters. These tweaks are ineffective. They don't make it more difficult to post arbitrary data. They only change the methods Please remove the personal insults from your post. Debate the issue. Attacking the people only demonstrates that you're unwilling to understand and discuss
No The pre-Taproot limits to txinput scriptSig sizes meant that data greater than 100kb had to be spread over multiple transactions Taproot removed that restriction, on the basis that data used is anyway constrained by the per-byte fee cost. Fee cost is the reason that the Ordinals scam eventually died out, and the traded NFT trash and "BRC-20" shittoken pump-n-dumps moved off-chain, anchored only by a reference hash in an OP_RETURN This new "BIP444" proposal includes reducing the limit of a single data push to 256 bytes. But the current limit is 520, and the storage method used by Ordinals (for example) simply does dozens or hundreds of 520-byte data pushes. Reducing 520 to 256 is completely ineffective BIP444 is half-baked
> The debate is over conflicting ideas for how to ensure they don't bog down the network This is true But there is a new outlier proposal which seems to have a PR campaign giving it more exposure than it deserves, moving the emphasis to "but what about the children?". Search for "Bitcoin BIP444". All the usual crypto blog/news sites are running it as a major drama Technically, the difference is that the new proposal is a soft fork with a 12-months sunset, as "let's try this and see what happens". Ignoring the drama, it's likely to be impossible to revert a soft fork after 12 months without a hard fork, even if the sunset time is hard-coded as a specific future block number The previous debate was about relay policy rules - blocking unconfirmed transactions as they traverse the node network in mempools. This "BIP444" is proposing temporary changes to consensus rules
We gotta talk about BIP-444. Though this hasn't been submitted properly yet. While I don't like spam on Bitcoin, I agree with Core developers' argument on being against censorship, and avoiding a precedent on government control via legal bounds. https://atlas21.com/bip-444-the-temporary-soft-fork-dividing-developers-and-the-community/
> The Cold-Wallet creates a seed-phrase which is my ultimate way to get to my bitcoins even when losing or changing devices, correct? Yup. > But what about a pass phrase... So a pass phrase is basically an optional feature to generate a "hidden" wallet alongside the main wallet generated by your 12/20/24 word seed phrase. The idea is that if someone got hold of your seed phrase through theft or coercion, they would only see your main or "default" wallet. By entering an additional pass phrase, you can access a second (or third, or fourth) wallet. You might e.g. keep a decoy balance in your main wallet, with the rest in a hidden wallet. If someone has a gun to your head demanding your seed phrase, you could hand it over without them being aware of the hidden wallet(s). It's also sometimes called the "13th word", since the standard 12-word BIP39 seed would generate one wallet, but adding this extra word (or phrase) would generate a completely different one. If you use this feature, just be sure not to lose/forget your pass phrase.
Not just the first four letters. Yes, the first four letters are unique but the words in the BIP39 word list were chosen for easy recognition. Trimming them to four letters cancels that advantage. Stamped "BUIL" looks very similar to stamped "BULL", stamped "PRES" looks very similar to stamped "FRES", stamped "BECO" looks very similar to stamped "RECO", stamped "PION" looks very similar to stamped "PICN", and so on. If, in ten years, your seed is invalid because a T looks like an I or an R looks like a P or an O looks like a C SOMEWHERE in your 24 word mnemonic, how long will it take you to figure out which of the 24 word fragments has a glitch?
Ok I will take Sathoshis wallets then… would be horrible if we reach that State without migrating. Hope BIP360 discussion get more in focus and will get implemented in some time
As noted by others, it's as secure as the device it's stored on (computer, HDD, USB thumb drive, etc), including where that device is physically kept, how many copies there are on other devices, and if password(s) are used. The wallet.dat can utilize a password. And the file can also be put into a secured format like a password-protected .ZIP for extra layer of protection. Nothing wrong with a wallet.dat, but there may be benefits in moving to a BIP39 (eg: 24 word) format that can be stored in a more physical manner without worry about electronic storage failing due to age or an obscure event like electromagnetic damage. Also allows for use of shamir secret sharing to better protect against various risks of loss/theft/hacking.
What in the midwit-ass-kinda take is this? BIP360 for the quantum FUD. Network can pivot/fork as needed. Old FUD, next. Gold is the bet against human progress. Inherently incentivizes violence because it is material and can be confiscated by force.
There will be a Solution on this threat, See for example BIP360, will be a Challenge but we will solve this
This whole thing has a certain smell. But I digress. Ok... How was it "gifted"? Were you given a private key? Back in 2011 there were no seed phrases. BIP 39 was published in 2013. Is it still sitting on your computer in the wallet.dat file? Which means someone set up Bitcoin Core for you back in the day? Were you handed an account on Mt. Gox? Or some other now defunct exchange, other than maybe Kraken (opened in July 2011)? Your lack of knowledge or interest most likely results in your Bitcoin being lost forever, or you just made this whole thing up.
Bro if you don’t already know that the old wallets that didn’t migrate to bip 32 will be at risk in the coming years, then I urge you to get off Reddit and go do some research. Hell do a simple search and you’ll find out that with large enough scale even the current BIP32 wallets won’t be safe and everyone will have to upgrade and migrate to something better. This is just common knowledge you should already know. As far as when satoshis gets hacked…. Bitcoin could form then.
Looking at the recent development in quantum computing (see Ionq roadmap) I think we have to prepare. Possible Solution with BIP360 is available, lets see how this works out
You mix BIP38 and BIP39. BIP38 is used by many paper wallets generators (now also out of favor). Basically you encode your private key with a password. BIP39 is a standard way of encoding entropy (random bit data) into a word list usually used to encode a seed. Here you convert words into a seed. Basically, if you have 12 words, then it mostly likely not BIP38, but BIP39.
第一点的困难在于集中式系统可以更容易地迁移到量子安全硬件和软件。我认为在短期/中期范围内,这次讨论将对 BTC 社区产生巨大影响。我们将能够解决这个问题 - 例如参见 Hunter Beast 的 BIP360,但结果将产生巨大影响(硬分叉)
The problem with this puzzle is that even with the discovered words moon, tower, food, breathe, this, subject, real, and black, finding the solution remains impossible. If these are indeed 12 BIP39 words, there are 12! permutations—that’s almost half a billion combinations. Running a brute-force search would consume energy worth tens of bitcoins. There must be a definitive system for ordering the words; otherwise it’s simply mathematically unsolvable. The runic inscriptions hint at something (“sum of two numbers,” “rainy day number X”), but there are no concrete details.
Good question. What most people miss is that Bitcoin Core doesn’t own the protocol — it just maintains one of many implementations of it. The rules that matter (supply cap, block size, difficulty adjustment, validation logic) are enforced by the nodes, not by GitHub maintainers. A clear historical example: during the 2017 block size debate, the Core maintainers didn’t “authorize” SegWit activation — it was activated through BIP141 and BIP148 by node operators enforcing the new rules themselves. Miners and users coordinated outside of GitHub, and consensus emerged on-chain. That’s the key difference: Bitcoin Core can suggest, but the network decides. Consensus lives with the nodes, not with the maintai
If 1 bitcoin was worth $10m, then 1 sat would be worth 10 cents. A satoshi, or sat for short, can already be divided into one thousand smaller units on the Lightning Network. These smaller units are called millisatoshis, or millisats & msats for short. So 1000 msats = 1 sat. By the way, millisatoshi (msat) is actually the native unit on the Lightning Network. If a bitcoin is ever so valuable that it would be highly beneficial to have a smaller unit than a sat on the base layer, then a BIP (Bitcoin improvement proposal) could be proposed that would add additional decimal places. Thus, enabling sats to be divided into smaller units on the base layer. With smaller units being so beneficial in this situation and without there being any downsides to adding additional decimal places, the users running full nodes would most likely come to consensus on adding additional decimal places if this were to ever happen.
This headline pops up every few years, but it’s not as bad as it sounds. Quantum computers *theoretically* could break current cryptographic signatures, but that’s still a long way off from being practical. The Bitcoin developer community has already been preparing for this. **BIP-360** (Quantum Safe Bitcoin Signatures) lays out a framework for migrating Bitcoin’s signature system to one that can resist quantum attacks. Even if quantum computers ever reached that point, Bitcoin could soft-fork to adopt quantum-resistant cryptography well before it became a real issue. That’s the strength of an open-source network — it can adapt and evolve. So, no, Bitcoin isn’t doomed by quantum computing. It’s already building its defense!
Huh, I wasn't aware BIP39 itself supported that! Thanks.
bitcoin actually rolled back due to exploits for a very short period of time in the early years where people could give themselves millions of BTC but i dont think it was ever attempted before the BIP was rolled out
I believe the BIP42 case is indeed what you were talking about, and Grok is talking about something unrelated. /u/TheGreatMuffin: it wasn't me who fixed the bug, but the (indeed, one-off) "ditto-b" (see https://github.com/bitcoin/bitcoin/pull/3842). All I did was write up a funny BIP about it, as it happened to be around April 1st.
Pieter Wuille said he just wrote the BIP for it. Funny read, btw. But the credit for the solution goes to a few others, including one anonymous 'ditto-b'.
Exactly, spread it out across different LLMs under different accounts and do one at a time. Combine this with the list of BIP39 words. It is your best bet, love it or hate it, AI is your friend in this scenario (if this said scenario is actually real ofc)
There is a defined list of BIP39 words. Use the list of words https://www.blockplate.com/pages/bip-39-wordlist to back into the riddle answers. Likely will be easier than trying to guess each riddle
There have been plenty of soft forks in Bitcoin's history already. BIP 16 and 34 in 2012, BIP 66 and 65 in 2015, SegWit (141, 143, 147) in 2017, and the most recent was Taproot (340,341,342) in 2021. One of the more prominent BIPs related to quantum resistance is 360 if you want to research that.
> The story goes someone made a new github account, fixed that one bug, and dipped. Do you mean BIP42? If so, it was Pieter Wuille who fixed that, who is far away from being a "one bug fixer account" :D The way the BIP42 is written is not less fun though (formulated as an April's Fools joke, see also the date, but actually fixing a hugely important bug). https://github.com/bitcoin/bips/blob/master/bip-0042.mediawiki
Don’t 3D print your seed, period. Slicers and clouds leak: OctoPrint, Prusa Connect, Creality Cloud; even API backends like DreamFactory can log job names/G-code. G-code, timelapse cams, printer flash, and backups all expose words. Use metal stamping or engrave a steel plate, add a BIP39 passphrase or Shamir split, and keep everything offline/air-gapped. If you already printed it, assume compromise and rotate. Don’t 3D print your seed, period.
BIP39 seeds have a weak checksum last word, you just guessed enough times to come up with a valid checksum word (there are multiple options for words that will pass the check)