Reddit Posts
Low-Custodial hybrid hot / cold DCA method guide for HWWs
Sonar acquires $2M in funding and soon moves to Arbitrum
Driving me crazy!! Bitcoin core / Sparrow wallet connectivity issues, cant figure it out!!
how can i check my funds in electrum if i have my 24 words + passprhase
How to navigate this upcoming bull run? Please critique my plan.
Amidst legal dramas, crypto behemoths bet on innovation
Chromebook or another device good for DEFI?
Host your own Payment System with your own Bitcoin & Lightning Node, you can even add your own Nostr Relay in PC or Mac for Free, see video.
So I got this spam email with someone's bitcoin address lol
QANplatform Launches the Quantum-Resistant Private Blockchain: The New Era for Web3 OS – | Press release Bitcoin News
Crypto hot wallets on chrome OS / extension?
Should I get the Saga (Solana mobile phone)? Is it worth it?
I keep my bitcoin in electrum on a bootable Tails OS harddrive. Is this safe enough??
Bridge>add network>add token>add more networks>add more tokens>swap>bridge again>wrap and unwrap is the stupidest shit I ever had to do just to accomplish one simple transaction.
Why do you think Microsoft, Google, and Apple are not supporting crypto wallet efforts.
Alpine Racing 3D Reddit collectible avatars -
Every post is about corruption or fraud. I’m adding 1+
Using Old Laptops and mining rigs to run Full Node and Lightning nodes
Which mobile phone is best for multiple crypto wallet ?
GrapheneOS, a privacy preserving mobile OS, just got permanently locked from their PayPal account that they used to receive donations. The alternative solution?
Blockchain will be the Linux of financial systems if it isn't already
Create your own hardware wallet tutorial.
Somebody getting scammed out of 700K worth of NFTs by a malicious contract is not some flaw in the system that inhibits mass adoption, it's extremely negligent user error by a person who has brazenly ignored all security advice.
Did I purchase/transfer Monero correctly & efficiently?
Ledger claiming to be Open Source? "WE ARE OPEN SOURCE AND DEVELOPER-FRIENDLY"
Mac OS Compromised with Atomic Hack
How to (instruction) quickly make wallet with right balance of safety and usability
Ledger CEO Evades Answer About Potential Subpoena Response
Wake up again - it's 2032...
Ledger announces they will accelerate opensource road map and delay the release of Ledger recover Service.
Hate to state the obvious but don’t store your crypto in your daily driver devices if you haven’t got a HW wallet !
Nothing has changed. Ledger OS has always had access to your keys.
An extract from Coin Bureau newsletter regarding the Ledger fiasco
Is your smartphone fit for Web 3.0? Tectone OS runs on all mobile devices, Android and IOS, and provides users with a Web 3.0 data layer to manage and share data. Our OS leverages the power of blockchain to provide users with enhanced security features and control over their data.
How Open-Sourciness Prevents the Ledger Seed Issue
hardware wallets - here are the facts
Ledger and hardware wallets - here are the facts
How Open-Sourciness Prevents the Ledger Seed Issue
How Open-Sourciness Prevents the Ledger Seed Issue
Only ever use open source hardware wallets...and always use Linux
"If you opt-in for the service, as a user, you'll have to enter your PIN and consent to the backup process. Then the OS will encrypt and split the shards to send them to 3 different parties." - Ledger CTO
This is a beginner friendly interface to send and receive crypto I made. If you like it I will add more currencies and features.
What are you all doing to prepare for another bull run?
Katheer Project | Decentralised Blockchain Linux based operating system | NFT Marketplace | Wallet | Audited and KYC | Launching on 2nd May
Katheer Project | Blockchain decentralised Linux-based operating system | Audited and KYC | NFTs Marketplace | Wallet | Launching on 2nd May
Katheer Project | Blockchain decentralised Linux-based operating system | Audited and KYC | NFT Marketplace | Wallet | Launching on 2nd May
How to Stay Secure from the Perspective of a Cyber Security Professional
Please help. Trying to verify signatures for recent bitcoin core download on linux
Config settings for node & BTC RPC Explorer on a Mac?
Crypto is hella strsssful. Everyday I wake up not knowing if my wallet will be empty. Whenever Metamask takes too long to show my balance I freak out. Even as someone in IT
An update on the crypto hack currently taking place
Serious Apple OS Vulnerability Could Jeopardize Crypto Security
Stephen Gary Wozniak and Steve Jobs are Satoshi Nakamoto
Is my cousin getting scammed in some way? (Explanation in post)
Wow Reddit avatars gen 3 has been a shit show, everyone loses but the artists, Reddit, and bots.
Why you should be using Linux while moving coins on MM etc, and why it isn't as hard as it seems
[SATIRE] Steve Jobs, the CIA, Facebook and the real truth behind Bitcoin
Steve Jobs, the CIA, Facebook and the real truth behind Bitcoin
Why your hardware wallet wont protect you [SERIOUS]
Verified: Apple included in each release of MacOS the Bitcoin white paper
1 in 3 US Crypto Investors was the victim of a hack. Here are some good tips to help you take caution
Reddit hasn't learned - TLDR Bots are still winning!
How to protect your crypto accounts tips for device and network security and password management
What we in crypto can learn from Linus Tech Tip hack
Mentions
I'm not sure if this has been emphasized enough: Whatever you do, **don't just delete the wallet with your seed phrase in it**. Otherwise, you will never be able to do anything with the bitcoin you receive. You need to have the seed phrase recorded in some form. Make sure it's stored in as secure a manner as possible, since if anyone finds it, they will be able to "restore" the wallet and steal your coins, and you most likely won't know they found the seed phrase until it's too late. And yeah, a hot wallet is potentially insecure. It's best to avoid generating the seed phrase on a system that is connected to the Internet, or even that *will* be connected to the Internet, in case some malware captures the sensitive data and uploads it somewhere later. > buying a cold wallet would cost me a lot "Cold wallet" is not the same as "hardware wallet". "Cold" just means not having an Internet connection. If you can't afford a hardware wallet, there may be other possible solutions. Not as good, probably, but maybe good enough for your purposes. If you have some sort of PC, you can use a "live operating system", which should reduce malware risks. 1. Take a bootable medium, like a USB drive, and put a live OS on it, with suitable wallet software installed. 2. Shut down. 3. For extra security, disable the network capabilities at as low a level as possible (if by chance you are connected solely through a wired connection, or you use wireless but the adapter is not built-in, just unplug it; if you're connect through wireless with a built-in adapter, though, disabling it would have to be at the BIOS/firmware level). 4. Boot the live OS. 5. Run the wallet software, and use it to create a new wallet. 6. Write down both the seed phrase and the xpub/zpub (used to generate the watch-only). 7. **Test that you can restore from the seed.** If this fails, generate a new wallet, and try again. 8. Write down the first one or two addresses in the wallet. 9. Shut down (and re-enable Internet if you disabled it before). 10. Create your watch-only based on the xpub/zpub. Check that the first one or two addresses match what you wrote down before. What is suitable wallet software? Well, a popular choice is [Electrum](https://electrum.org/). Do note, however, Electrum generates its own seeds that are incompatible with the BIP 39 standard most other wallets use. So only use it if you plan to use only it when you eventually need to spend the coins. You can still use many different applications for the watch-only. Another choice I can vouch for is [Sparrow](https://sparrowwallet.com/), which does fully support BIP 39, so you would be able to use most any other wallet for spending later. It's less popular, though, and is less likely to be installed in a live OS image. Expect to have to install it yourself, and maybe an appropriate Java VM as well; you could download it/them from within the live OS (but only if you haven't disabled Internet), or put the downloadables on the medium beforehand. The interface is also less straightforward, though there is documentation (you may ignore the parts about configuring a server for now).
I bought an NM miner that came without any OS on it, so I had to flash the firmware onto it. I got it working by itself, but It felt like I was missing something, so I looked into getting a screen. I got a screen for the esp32 board I have but I found out later that my board is so heavily modified it would be almost impossible to add a screen to it, because it wasnt meant for tampering. I tried to make the screen work and I emailed NM Miner to try to get the pinout because they didnt label any of the pins. After I got that I got the screen to be white when its turned on but this just hasnt been done with this board before so its very difficult to figure it out with no help on something I know nothing about. I somewhat gave up on the screen part, I will probably just try to get a mineable esp32 board and try to make a crazy solo miner, instead of a plug and play esp32.
I like to have heavy weight on BTC and then a little ETH staked and SOL staked. Because we don’t know which one might actually become the OS for blockchain.
Pretty sure anything malicious monitoring keystrokes doesn't care if it's a keyboard or otherwise. The key input is being grabbed at the OS level.
Being Dutch, I used to be an active member of the tech-site [Tweakers.net](https://tweakers.net/). Through the forum I came across [this video](https://www.youtube.com/watch?v=GmOzih6I1zs) in a mining thread ([still a fun read today]()), which got me experimenting with mining on simple CPUs at the time. I was about to switch jobs, and since mining on my desktop was way too slow, I (stupidly) decided to use the terminal servers of my employer to mine. That was a terrible idea: I got caught and lost my job on the spot… Luckily, this was just two weeks before I could start at my new job. At my new job, I was responsible for prepping laptops and desktops for new hires, so I had access to a lot of (powerful) systems before they were handed out. Just before a laptop or desktop went to a new colleague, I would reimage it with a fresh OS and hand it over. Nobody would ever know. :) Eventually, I switched to my first real miner: a BitForce Jalapeno (10 GH/s) that mined about 0.5 BTC per day. I paid around €250 for it and put it in the comms room at work (I worked in IT, so I had server room access) to avoid paying for electricity. I was young, had no sense of responsibility, and in hindsight took a lot of risks, but I truly believed BTC could change my life. Over time, I managed to accumulate a decent triple digit stack of BTC and never sold a single coin. Then in 2014, I lost everything in the [Mt. Gox hack](https://en.wikipedia.org/wiki/Mt._Gox). I also never received any repayments. This completely crushed me, and I stayed away from crypto for a long time. It wasn’t until the 2021 bull run that I found myself interested again, but this time more in alts and shitcoins. In the end, I guess crypto really taught me how to lose a job, lose all my coins, and still get rugged years later – all without ever having to pay for electricity. So technically, I mined “free lessons for life.”
compare to linux: it was meant as an OS for nerdy coders who compile the software for their 80386 computer directly from the sources. These days, it doesn't just run on intel CPUs, and you don't need to know anything about compilers. It's preinstalled on most routers and other network hardware, and you can download ready-to-run images to boot from any USB stick. Does this mean linux has failed it's original intention? I doubt so. I'd say, it's grown beyond it.
In a world where privacy and security become increasingly important and increasingly compromised, I become increasingly bullish on GrapheneOS. And the newer Pixel phones (Graphene only runs on Pixels) have good hardware support for local AI, etc. If you're not running open source OS's on everything, what are you doing? I think this is probably gonna be considered too off topic for this subreddit, though.
The laptop doesn't have to be old, I only said old because it will be used only for a single purpose (as a cold wallet). Using a USB drive instead of a DVD is fine too, but with USB there's a greater risk that someone could tamper with it and, for example, make the random generator used for creating the seed not random anymore. > What would be the drawbacks if I unplug my PC internet cable and wifi dongle, and boot Tails OS directly from the USB drive? It would probably be just as secure, but since you're doing it on your daily desktop, you can never be 100% sure that nothing unwanted has tampered with your boot process or the operating system you're loading
This is similar to how I am thinking of doing it. You are recommending burning the iso on a DVD, why not use Rufus and a USB drive? And is it important to use an old laptop? What would be the drawbacks if I unplug my PC internet cable and wifi dongle, and boot Tails OS directly from the USB drive?
Because thats whats currently happening. How many retail giants exist now? Its just amazon. How many OS companies exist now?? Its just apple and MS now. The giants can afford to eat the little guys so they will always be the last one standing
>I keep a decoy seed with a little bitcoin on it in my documents to ensure my OS has not been compromised. Hah! A wallet canary, nice. 🤓 Definitely stealing this— Err, the idea 😅
That cold card is not going to export the key, regardless of direct connection. And far more important than connection type, is your OS hygiene. Dual boot so you're not bitcoining in the same environment that you game or run pirate or free software. Preferably a security-focused linux distro like Fedora. I keep a decoy seed with a little bitcoin on it in my documents to ensure my OS has not been compromised. And so I use my cold card va usb because it is way more convenient and I'm safe as houses already.
There's no function within the software to allow for private key extraction. (*Expect for Ledger devices, because fuck them*) You cannot update the OS remotely with a hacked version, as the bootloader will detect this and inform the user accordingly. Yes, it feels weird connecting a hardware wallet to a computer, but HWWs are basically dumb vending machines. You insert a bitcoin transaction and it'll sign it; you insert anything else, and your HWW won't even know what it is, let alone execute it. If that weirds you out, go with an airgapped HWW.
Yeah there's definitely something awry about it. "fake link, fake call" what does that mean? Did he download something? There's tons of malware but you don't just click a link and get your wallets drained. There *technically* are ways for a sophisticated enough attack to take place where you literally click a link and it initiates drive-by download installing malicious code or spyware etc. But that's exceptionally rare, exceptionally targeted and requires preexisting weaknesses in the system. This is state-sponsored level of sophistication that costs way too much. He must have done something in order to get drained like that. Threat actors are no joke but the teams working on OS, browser and wallet security aren't amateurs either. Usually it requires (you) to do something in order to initiate the scheme or activate the malware. You don't just click a link and get drained unless you've been specifically targeted for a while by an entity with massive resources.
fair enough I will be starting my first node project soon.Any recommendation on hardware? and OS? (UK)
And [smart contracts are coming to Litecoin](https://x.com/BTC_OS/status/1928074743472869441) soon 😁
Why do you think Sparrow on live OS has better random number generation than a hardware wallet? Why do you think an anonimized browsing OS can double as secure secrets management OS?
I know it is a meme at this point, but be patient. It still is the most decentralized crypto that is programmable. There still is a lot of big financial players who are investing into Eth future and developing on top of it. I view it as comparable to Linux. Mainstream just wants an OS that works for desktop. Big companies build their servers on Linux. Normal users have a hard time understanding why. Ethereum has expanded to be so complex that very few see the full potential of such a system. One of the things I believe it will be used for is to reliably and anonymously verify votes. For boards, city councils and even nation states. These applications are barely in the experimental state, but already solve some very real and complex problems. Right now the project has grown so complex that it is hard to sell. IMHO the project is on a very interesting path.
Great question—and you’re absolutely thinking in the right direction. Phantom and MetaMask are great for daily use and DeFi, but **they’re hot wallets**, meaning your keys are always online. That’s fine for small balances or active trading, but for **long-term (10–15 years) storage?** That’s risky. Hacks, device theft, OS vulnerabilities, browser extensions—too many variables. # 🔐 Hardware Wallets: The Safer Path Yes, hardware wallets are much safer for long-term storage. They store your keys **offline**, drastically reducing the chance of them getting stolen. But your concerns are valid: # ❓“What if the device physically breaks?” If you’re using a traditional hardware wallet like Ledger or Trezor, you recover your crypto using the **seed phrase** you backed up when setting it up. So even if the device fails, you can restore your wallet on a new one—as long as you have that seed phrase. **Problem?** The seed phrase becomes the weak point. If it’s lost, stolen, or exposed, you’re at serious risk. And paper fades. Metal backups can corrode. It’s a lot to plan for over a decade. # ✅ What I Personally Recommend: Cypher rock Cold Wallet I switched to a **Cypher rock X1** for long-term holds, and here’s why I think it’s one of the best for 10–15 year storage: * **No seed phrase** at all — It uses **Shamir’s Secret Sharing** to split your private key into **5 pieces**: 1 vault + 4 smart cards. You only need **any 2 parts** to recover your funds. So even if one breaks or is lost over time, your crypto is still safe. * **Redundant and durable** — Unlike a single paper or metal backup, Cypherock’s setup builds in resilience. Store pieces in different places (fire-safe box, trusted family, etc.) to protect against theft, damage, or natural disasters. * **Open-source and security-audited** — Reviewed by KeyLabs & WalletScrutiny. No hidden backdoors. * **Future-proof features** — Supports over 18,000 assets, dApp interaction, and even has a legacy/inheritance system in the works. # Final Thought: If you're planning for 10–15 years, **decentralization, redundancy, and no single point of failure** are what matter most. Hot wallets don’t offer that. Traditional hardware wallets do, but rely heavily on a single fragile seed phrase. **Cypher rock** solves that middle ground by giving you recovery options without exposing your entire key in one place.
tldr; Tether plans to open-source its Bitcoin Mining OS (MOS) by Q4 2025 to enable new miners to enter the market without relying on costly third-party vendors. CEO Paolo Ardoino described MOS as scalable, modular, and built with a peer-to-peer IoT architecture. The initiative aims to promote decentralization within the Bitcoin ecosystem, complementing Tether's previous efforts like partnering with the Ocean mining pool. The open-source software will support existing mining infrastructure, enhancing competition and network security. *This summary is auto generated by a bot and not meant to replace reading the original article. As always, DYOR.
Pengycoin Built a crypto centered OS. Partnered with Solana Mobile. Lowcap, check them out: Pengycoin.com
One way you could do it is to get the PSBT in debian, then use a separate tool to generate a fixed QR code from the PSBT, then capture that on a phone, to then transfer on the other OS. Or you could literally write down the contents of the PSBT then type it back. Have you tried using tools like [this](https://github.com/tony-xlh/QRTransfer/)? Basically scan the animated QR, then display it back after switching OSes.
Look up public pool. You can host your own instance of that which talks to your node and to your asic. The easiest way would be to use some server OS like umbrel or Start9. They have one click installs for the node and pool software.
Yea your right..I even asked chat gpt how to over come naturally skeptical bitcoiners. It is a difficult problem. Chat gpt suggested: like wallet hardware, trng..I need to build things that I can show people how to verify themselves. Possibly make a free pdf or video, showing how to flash the OS, and format the ssd, that way. U dont HAVE to trust, you can verify. That's what im really trying sell...self sovereignty. Im just provding the tools. I appreciate your constructive criticism.
Yeah, but much better to generate it offline. A hardware wallet will do it for you. Alternately a laptop with a fresh OS install and wifi turned off. Point being the keys on your hardware device should never have been connected to the internet in any way, shape, or form.
> Then continued to lose until IOS. Which is based on Mac OS X. >Unlike Bitcoin. So what are Liquid, Ligthning, Rootstock, Stacks etc? Taproot allows for on chain stuff like Ordinals and BRC-20. Any functionality Ethereum has can be built on top of Bitcoin. >So wait, when it makes Bitcoin look good, we look at activity and usage. When it makes Ethereum look good, we pretend it doesn't exist or doesn't count. That pretty much your philosophy? Ethereum has Bitcoin above it. There's nothing above Bitcoin.
I partially agree with you, but not at the main point that HWW are useless and only existent to be sold. The real risk is, that your OS, doesn't matter which, getting compromised and your PK gets stolen. A HWW will eliminate that risk. Personally I took it a little too far in securing my environment, but mainly because I have the knowledge and I had fun with the project. Environment : Notebook with proxmox, pfsense as a VM to control Net traffic/access, Modified, LUKS encrypted Ubuntu desktop as a VM with Application firewall, Vaultwarden LXC. The notebooks monitor and peripherals are connected to the Ubuntu VM, so you cannot see or recognize the rest. At every shutdown/reboot the Ubuntu VM is getting reset to a snapshot. I'm thinking about also making the file system read only with a pre-boot Trezor Suite update. But doesn't matter, what I wanted to say and show is, that I also like to have a secured and clean environment, but a HWW will add the security directly on your PK.
> Using practically the same interface. MS started over also with their OSs. They won before they started over. They won after. Apple won, then lost, then started over. Then continued to lose until IOS. > Anyway an OS is an OS, not a protocol. Right, and both have in common... people build things on them! Unlike Bitcoin. > Which might be Ethereum judging by it puny market cap (compared to Bitcoin's). So wait, when it makes Bitcoin look good, we look at activity and usage. When it makes Ethereum look good, we pretend it doesn't exist or doesn't count. That pretty much your philosophy?
Don't use hardware wallets. They are useless but heavily shilled by people who have something to sell you. They cannot and will never make it safe to use bitcoin on windows. The OS is what matters; hardware wallets can't change that. Get a Linux computer, use an open source software wallet, you don't have to buy anything from anyone.
>The entire operating system codebase that existed at that time was scrapped and relaunched with OS-X in 2001. Using practically the same interface. MS started over also with their OSs. Anyway an OS is an OS, not a protocol. >You can't be a protocol when no one builds on or uses your system. Which might be Ethereum judging by it puny market cap (compared to Bitcoin's).
> And yet Apple eventually prevailed. Every computer OS company that existed at that time failed, including the version of Apple that was dependent upon Macintosh OS, the Apple-II, and the LISA. The only reason apple even exists today is the ipod and iphone. > TCP/IP is far from perfect yet is still the preferred internet protocol. Bitcoin doesn't have to be perfect to keep its crown. Protocols are hard to usurp. You can't be a protocol when no one builds on or uses your system.
I mean yes i guess I COULD but for starters. Its all open source. You can inspect everything. And next. Im just a pleb like you trying to provide some bitcoin related services. What do I have to gain by shooting my income opp in the foot , so to speak. I thought about bitcoiners neutral paranoia..believe me..but we all trust umbrel and start 9..to down load and flash and run the code they tell us is the OS.
I have 0.04 in a wallet I have no idea how to access as the software it was on is outdated and no longer runs on the OS :(
Let’s pump this!! Come on, it ain’t your average useless shitcoin. This is a legit project with goals and vision. It will become the operating system for all crypto users! The preferred OS interface for all crypto related transactions and news. We just need support to build more. This is a project that literally takes suggestions and input from the community. So we can turn this into whatever crypto users need. Please think about the possibilities. An OS like Ubuntu or Windows, but centered around trading/investing in crypto and current news, stats, and games. Because in the end PengyOS should be about having fun while navigating the world of crypto. I know the transaction volume is low, but we continue to build. But she also need new talented and ambitious holders that are willing to contribute to its growth. Just check it out and imagine how big it can become. Right now it has a crazy low market cap considering what already is, and the growth and possibilities are endless. We are here to stay. No matter what PengyOS will exist and grow. You don’t want to fade this, because you’ll regret it. It should easily be at a 1-10million mcap based on what it already is. Don’t miss this incredible entry price!
Not as stupid as commenting "fucking Americans" on an American platform, using device likely running OS designed by an American company on microprocessor likely designed an other American company.
Maybe better to run the OS(umbrel or whatever) directly on a Bootable 2tb. Then it's only 1 USB and reboot. Boom!
Sure, a Trezor is probably somewhat more secure than an old laptop that has had the networking hardware disabled or removed and is running Electrum under a Linux OS. But in comparison to the security level of using a wallet on a connected device, the difference is not that high. In any event, the greatest security risk with any wallet, including the Trezor line has nothing at all to do with the hardware -- it's how the end user protects their seed phrase and/or private keys from loss or inadvertent disclosure. I'm curious if you have any examples of a serious attack against a dedicated and air-gapped laptop wallet that aren't valid against a hardware wallet.
So here's the thing, which might get me shot, actually probably will, but I don't give a toss: if I didn't design it, and build it OR its a machine with an OS I know the ins and outs of, it ain't going to have my wallet on it. End of.
I use Trezor on my MacBook just fine. Their Mac OS software is sleek and updated frequently. No issues.
I use iPhone and Mac OS. So, it does look like Trezor won’t be good for me, as my previous research has shown. Thanks for confirming. Appreciate it.
I think I recall that on Trezor’s website, that they said they don’t support both iOS and OS. They only support one of those (can’t remember which one, thought I think they said they do not support OS). I need my wallet to support both. Am I mistaken?
There is nothing wrong with that. All I am really saying is if you are building smart contracts, wouldn't you want to use the best? Right now, Hedera Consensus is being utilized by SpaceX, Nvidia chips, Decentralized physical infrastructure (DePin) like Neuron, Carbon credit market/ supply chain OS named Dovu, and also a killer borrow lend platform, DEX, and all that. Dovu migrated from etherum to Hedera and was recently awarded 2 different billion dollar contracts in the last month. The price of Dovu tokens shows that, it is up 175% in the last month and still climbing because it is something innovated, and all through Hedera. Neuron will be another big player. Also WiseKey and SealSQ are utilizing Hedera as well, and they are also big players. Most people don't even talk about Hedera because they don't want to admit that there is a DLT out there being used by real business that is not a blockchain. And there is good reason that companies are using Hedera, partnering with Hedera. And the developer community is very helpful and not at all some centralized network masquerading and decentralized.
Modern CPUs absolutely, but how modern OS uses them it is another story. There are several random number generators, mostly pseudo-random, with seeds from time, decay of isotopes, mouse, keyboards, .... If after that they continue using ECC, there might be a back door.
Mnemonic is a backup. A nice feature a "wallet" has is the ability to securely sign transactions. A hardware wallet does that very well. Creating all the "secure" "offline" "air gapped" signing environments every single time without error can bite ya. Some people have never booted from a live OS USB.
An app can work just fine for such a small amount. If you get a significant amount, like a years salary, you might want to upgrade to something better. I would suggest being wary of hardware wallets. People like them because they are easy, but in truth they are less secure than your phone. The reason is that windows is the core problem, and the hardware added to windows can do nothing to make windows safe or secure. In fact nothing can make windows secure, no virus scanner or firewall or anything can help. If you use windows with bitcoin you will eventually lose it all. So dont make that mistake, no matter how many hardware wallet shills comment at you. If you want higher levels of security: you need a linux computer and an open source wallet like electrum. Open source is the key to bitcoin security, most importantly at the OS. Avoiding closed source is the key to security, at all levels.
The laptop doesn't matter that much as the OS. Don't use windows. Install whatever linux distribution you like selecting full HD encryption on setup. For full bulletproof privacy you should also run your own node and setup sparrow to only use that for transaction propagation and block explorer.
Malwarebytes is a pretty powerful tool. The free version allows scans and removal power. Depending on the malware It should be enough to scan, remove, restart the computer and scan again. But formatting the ssd and reinstalling the OS is the safest route. (I will now share more esoteric information. It shouldn't worry you) There are extremely rare cases (maybe 0.0003%) of malware that penetrates down from OS level into the firmware itself in which case a new OS isn't enough.
No definitely get a hardware wallet first. When you buy your bitcoin move it to the wallet immediately. You don't want to be waiting weeks for your wallet to arrive in the mail while your bitcoin sits on an exchange. Your exchange account could be frozen, or the exchange goes insolvent, or it gets hacked and you lost all your money. If you want to do this the right way, have a wallet ready and take your btc into self custody immediately. Since $5,000 is a lot to you, you shouldn't risk keeping it on an exchange or even a software hot wallet. Hardware wallet is the best security. Order your hardware wallet directly from the manufacturer's website. Do not order through a 3rd party like Amazon because the wallet could be tampered with. Whatever wallet you choose, make sure it's open source, bitcoin only. If you're not able to order a hardware wallet from where you live, there are other ways of setting up an air gapped wallet like Tails OS + USB stick + Electrum software wallet or build your own and install seedsigner software. You just need a raspberry pi 0 and and a small lcd screen.
It's understandable that you're feeling frustrated and confused by this situation. Losing access to your crypto assets is a serious matter. Let's break down the information you've provided and explore potential explanations for how your wallets might have been compromised. Analyzing the Transactions: * METAMASK: The rapid swapping to ETH and subsequent transfer using Mimic:Swapper suggests an automated process likely initiated by a malicious actor who had already gained access to your wallet. The similar timestamps for the ETH and BNB transactions to the same address point to a coordinated action. * TRUST WALLET: The dormant nature of this wallet for over a year with no recent connections makes this particularly concerning. The near-instantaneous activation and draining of XRP to a newly created account ("register") strongly suggests a direct compromise rather than interaction with a malicious dApp in the recent past. * PHANTOM: The swapping to Solana and the Bitcoin transfer to a separate address indicate the attacker had broad control over your wallet. The mention of "arbitrage bots" in relation to the Bitcoin transfer might be a red herring or a detail the attacker left behind, but it doesn't directly explain the initial access. * KEPLR: The ability to transfer Akash and initiate un-staking actions shows the attacker had full control over your account within the Keplr wallet. The fact that you could cancel some un-staking but not the Akash suggests the attacker acted quickly. Potential Attack Vectors: Given your precautions, the most likely scenarios involve a compromise that bypassed your recent interactions: * Compromised Seed Phrase (Past Exposure): Even though you haven't shared it recently, your seed phrase might have been compromised in the past. This could have happened through: * Phishing Attack (Past): You might have unknowingly entered your seed phrase on a fake website sometime ago. * Malware: Malware on your computer or phone in the past could have logged your keystrokes or clipboard data when you entered your seed phrase. * Compromised Backup: If you stored your seed phrase digitally in an unencrypted or poorly secured location (e.g., notes app, email), it could have been accessed. * Compromised Device: It's possible that your computer or phone was compromised by malware that allowed the attacker to gain persistent access to your device and monitor your wallet activities, even without you actively connecting to websites. This malware could have: * Keylogger: Recorded your keystrokes when you unlocked your wallets. * Clipboard Hijacker: Swapped the intended recipient address with the attacker's address when you tried to make a legitimate transaction in the past. * Remote Access Trojan (RAT): Allowed the attacker to remotely control your device and initiate transactions. * Vulnerability in Software: While less likely given the simultaneous compromise across different wallets, a zero-day vulnerability in the wallet software itself or a core dependency could theoretically be exploited. However, such widespread exploits are usually quickly identified and patched. * SIM Swapping: In a SIM swap attack, the attacker convinces your mobile carrier to transfer your phone number to their SIM card. This allows them to intercept SMS-based two-factor authentication codes, potentially granting access to accounts linked to your phone number. While this wouldn't directly give access to your wallet seed phrases, it could be used in conjunction with other compromised information. Addressing Your Hypothesis: Your hypothesis about importing a compromised wallet into another wallet and gaining access to pre-existing accounts is incorrect. Each wallet within Metamask, Trust Wallet, Phantom, and Keplr is independent and secured by its own private keys derived from the seed phrase used to create or import that specific wallet. Importing one compromised account into a wallet application would not automatically grant access to other unrelated accounts within the same application. Deleting the compromised account from the wallet application would prevent you from accessing that specific account through that application, but it would not revoke the attacker's access if they have the private keys or seed phrase for that account. They could simply import it into another wallet elsewhere. Regarding the Trust Wallet XRP Transaction: Yes, the timestamps strongly suggest that the attacker created the "register" account and drained your XRP within approximately 19 seconds (4:10:50 UTC - 4:10:31 UTC). This rapid action further supports the idea of a pre-existing compromise (like a known seed phrase) that allowed for immediate exploitation upon the new account's creation. Recommendations: * Secure Your Devices: * Run a full malware scan on all devices you've used to access your crypto wallets. Consider a clean OS install for maximum security. * Ensure your operating system and all software are up to date with the latest security patches. * Be extremely cautious about clicking links or downloading files from untrusted sources. * Revoke All Permissions (If Possible): Although your funds are drained, it's still good practice to revoke any website permissions connected to your wallets (if you can still access the interfaces). * Generate New Seed Phrases on a Clean Device: For your new Ledger hardware wallet and any software wallets you decide to use, generate entirely new seed phrases on a clean and trusted device. * Use a Hardware Wallet (Ledger or similar): This is the most crucial step moving forward. Hardware wallets store your private keys offline, making them significantly more resistant to online attacks. * Be Vigilant: Continue to be extremely cautious about phishing attempts and only interact with trusted websites. Double-check URLs carefully. * Consider Reporting: Depending on your jurisdiction and the amounts involved, you might consider reporting the incident to local law enforcement and potentially the cryptocurrency exchanges involved (although fund recovery is often difficult). It's important not to blame yourself excessively, as these attacks can be sophisticated. However, learning from this experience and implementing strong security measures is crucial for protecting your assets in the future. Investing in a Ledger is definitely a wise step.
Damn bro that sucks. Sorry for your loss, and hate to say that you fucked up by generating a wallet on a website. You probably realise this now, but jesus this approach was wrong. Really the best approach is to get a hardware wallet. If you must take risk to save 50 bucks on the hardware wallet, download and install Tails OS on a USB stick, boot from that, generate the wallet address through electrum (in offline mode, which is default on Tails OS).
> 25-50 coins mined in 2010-2011 > Forgets > HDD formatted and new OS installed > Remembers in 2014 > :(((
It is on. Banking apps never auto update though. Always got to fetch. Point is, that it's not going to be straightforward for either side, especially if there are new authentication flows and storage models. Testing is always a mare, might have to update your device's OS first to reach compatibility level, back-end node upgrades, vpn etc. Much to plan and think about for everyone, a lot of dependencies and getting all that communicated. If your comms still work, of course! We have to trust that there are people thinking and planning for all the things, front- and back-end.
Yeah my credit was already frozen from the 2024 NPD breach. I also have physical 2FA on all mobile OS, emails and banking etc. But what's more concerning is photo ID's were included in the leak, along with USD balance. That alone is enough to incentivize crazies to try and show up and peoples doors.
I agree with OP, these are great points. As other points out, you also need to have more than one "secure" device for storing your most crucial information, just in case of fire or other sudden incidents, hardware failure etc. I'll recommend Tails OS as a secure way to store information, this OS is portable and can be imaged onto a USB drive, just boot this up if you need access to private keys etc. Have a strong password with at least 12+ length, personally i would have a much longer password, just know that having a short password you're in danger of someone potentially succesfully bruteforcing it. Store at least another one in another location, if possible in a personal/private vault. Practice recovering your funds, so this isnt a scary and unknown task to you once it could be needed. Think about leaving just enough information to your wife/children, so they can access your funds if you're suddenly not here anymore. Have a talk with your wife about this, so she knows what to do, maybe even leave another much more describing note, ready to read once the Tails OS is booted with the right credentials.
I think my comparison is more similar to Linux vs. Windows. Windows is better for a vast majority of people, but for robust and fail-safe OS experience Linux is better but it requires a little more knowledge.
As others have said, the important part of any wallet (cold or otherwise) is to make sure that the seed phrase is backed up properly, and never exposed to the internet. After that, it's more a question of convenience. My solution is just an old laptop that has had the wifi card removed and the network port blocked. OS and wallet software was installed via USB. Transactions are built via a watch-only wallet that is online, and transferred to the offline laptop and back via QR code. Seed phrase was securely encrypted on the laptop, and copies of the encrypted file have been stored in multiple safe locations. But that's just what I'm comfortable with.
There are plenty of projects like Bitcoin OS, Bitcoin BVM and Bitcoin VMX Force for example, that will enable DeFi and scaling to Bitcoin through trustless parallel L2 integrations. https://bitvmx.org/
Look at the results and evolution of the chain. Charles Hoskins has worked tirelessly to make it here. Obviously it was part of the plan...would you criticize Bill Gates for his history? I doubt it considering the OS changed society and gave us incredible innovation and the ability to chat here on a nice GUI....granted he stole it (Bill Gates) but the results are everywhere. P.S. Too many cry babies shill FUD on ADA due to Charles. Grow up and evolve your perspective.
BlueWallet doesn't have "support". It's an open source wallet, not a business. They don't hold your Bitcoin either. Also your post has zero details. What exactly is not working? What are the steps you tried doing and where/how does it not let you transfer? Any error message or code? What version of the wallet? What OS? Have you tried importing your mnemonic in another wallet (like Nunchuk)? Do you see a balance there? Is it spendable?
Investing such on memecoins will most likely be the worst decision you could ever make, in my opinion. Bitcoin should be your main target, and I'll also suggest you research the fast-rising banking OS, Vaulta, one set to bridge the gap between Traditional finance and the future of the landscape through web3 banking, which will pretty much guarantee its long-term stay and potential to rise in value Whatever investment decision you make should be based on real-world utilities.
This happened about 4 years ago and I will use the same machine. I wiped the hard drive clean and reinstalled the OS just to be sure. Haven't had a problem since. But man, was it scary as the moment I realized it was a hacker, I tried to move the mouse, but the hack took control of the mouse to get back to the Crypto Exchange. I tried stopping him again, but he again quickly took control of the mouse. So then I immediately shutdown and disconnected the network wire in a mad scramble. It was certainly mad scary!
tldr; PayPal announced its Financial Operating System (Financial OS) tailored for AI agents at its 2025 Dev Days event. This system aims to support autonomous software agents that handle transactions independently. With over 430 million users and $1.5 trillion in annual payment volume, PayPal is positioning itself as the infrastructure for agent-driven commerce. The initiative includes tools like the Agent Toolkit, support for its stablecoin PYUSD, and partnerships with Google, AWS, and Microsoft. PayPal's move signals a shift towards AI-powered, seamless, and autonomous financial transactions. *This summary is auto generated by a bot and not meant to replace reading the original article. As always, DYOR.
tldr; Cardano (ADA) has surpassed Ethereum (ETH) in monthly development activity, according to analytics from Santiment and Cryptometheus. Cardano averaged 449 daily GitHub commits over the past month, significantly outpacing Ethereum's 183. This marks the second recent instance of Cardano leading in developer engagement. The platform's Extended UTXO model and upcoming integrations, such as a Bitcoin OS bridge and XRP support via the Lace Wallet, are driving its ecosystem growth. These developments aim to counter the 'ghost chain' narrative and enhance Cardano's real-world adoption. *This summary is auto generated by a bot and not meant to replace reading the original article. As always, DYOR.
Many of the points you addressed may not even do anything. Setting up the OS from scratch may or may not be enough. We don't know your browsing habits, what other stuff runs in your network, etc. You could just get compromised again. So you either trust your setup, or you don't. But for reference: I'm well versed with windows for 15+ years, and I wouldn't trust mine. > making a secondary non admin account That won't help much either. If you are compromised malicious software likely has elevated privileges already and can read data of that user anyway. Electrum on tails is fine. If you are paranoid you can even remove the disks and unplug ethernet, boot into tails from a $5 USB flash drive, do your things, then wipe or even destroy the USB. Receiving is simple. Copy the address from tails somewhere and simply send to it. For sending, you could look into PSBT. Or take the small risk of using tails, connect it to the internet, and send to an address of your hw wallet immediately.
Make sure to worry about backing up your seed phrase properly. You won't be the first one to lose funds after updating your smartphones' OS.
Not tema, EOS is native to Vaulta, a banking OS that currently bridges the gap between TradFi and the financial future through web3 banking, while UOS is native to Ultra, a next-gen gaming platform
You don't understand what "attack surface" means in the context of a software wallet running on a machine you are in physical control of. You're just think you sound smart. Put wireshark and burp on it, and OS-specific tools to watch what it's trying to open you up to the world, you spoon. It's not rocket surgery. Or go use Trust or Coinomi and quit bitching. But even with your own ChatGPT-assisted code-review, there's little guarantee it's any safer. Though I do personally go open-source myself whenever possible for other reasons. TLRD: You keep saying that phrase. It doesn't mean what you think it means in this context.
What exactly do you think the large attack surface is, on a patched OS behind a hardware and software firewall?
Absolutely, not trying to prove a point, I’m trying to understand the why. This wasn’t a false positive I setup. You can’t find it with an OS, I haven’t dug deeper to see if there’s a wallet in the binary associated with it
Halo22B makes a good point. To be EXTRA safe, take an old laptop and wipe and reinstall the OS so you're 100% sure there's no malware on it, connect it to your home internet to download Ledger Live, then sync to your Nano, and then do the transfer.
You just needed Tor Browser, Tails (an OS built to forget) has that built in.
Besides Bitcoin you only need Cardano. UTXO brothers. Cardano will bring Defi to Bitcoin with Bitcoin OS. Dig in. Also, Cardano is the most decentralized crypto asset with on chain governance. Effectively, there's no commander, no CEO. Cardano is for the people, owned by the people. Much like Bitcoin early ethos.
It's recommended to use Linux as that operating system is open source and is verified that the system isn't sending data to other companies. The same thing can't be said with Chrome OS, windows, and Mac OS. While it's not recommended it's not the end of the world. In reality, if you have a good cold storage wallet like a coldcard or something similar, you never have to plug it into a computer and it'll generate addresses on the device itself.
It would be difficult to maintain backups regardless of node choice, because the blockchain is almost 750GB. Add electrum and the OS, and it's getting close to a terabyte for one full backup. Who would need to back this up anyways? I can plug the SSD into another PC and it boots up just fine. So I don't need to worry about PC hardware failures. If you're worried about disk failure, then use imaging software to clone it to another SSD. It's not that hard. I won't do that because it's a waste of time. SSD failures are infrequent. It's less time and money investment rebuilding a node than constantly maintaining backups for it.
Definitely run a full node. But you don't need to buy the umbrel setup for it . You can run bitcoin core on any old laptop or download Umbrel OS - its free. If you want to buy hardware for convenience and performance, look at Start9.
It is an easy way to generate wallets while not needing to connect to the internet. ("Air gapped"). Yeah it boots an OS with a tool to generate a private key. It is easy. My question was, is it secure
What's an air-gapped wallet got to do with it? Doesn't this old thing basically boot an OS up that has a tool to generate a private key? If so, that private key can be loaded on any device, be it a hardware wallet or a hot wallet. Air-gapping doesn't come in to play until you load the key on to a device that can operate air-gapped, I would assume. WTF Are you doing with this clearly old and no longer used device and why do you think it is necessary to use to generate private keys?
What's an air-gapped wallet got to do with it? Doesn't this old thing basically boot an OS up that has a tool to generate a private key? If so, that private key can be loaded on any device, be it a hardware wallet or a hot wallet. Air-gapping doesn't come in to play until you load the key on to a device that can operate air-gapped, I would assume. WTF Are you doing with this clearly old and no longer used device and why do you think it is necessary to use to generate private keys?
Damn. Would I need to download something like Graphene OS to use the crypto atm anonymously?
Just a month ago Apple announced a zero-day vulnerability in their OS. Malware can also end up on your phone through apps, social engineering, spoof sites etc.
Coins are in the blockchain. Wallet.dat stores a list of keys to spend them. If you're ever going to spend you'll have to decrypt and open the wallet file and hopefully that's going to be on an offline system every time which doesn't log the keys. Hardware wallet mitigates this. You can plug it in and use it on a system that isn't necessarily secure since the keys and transaction signing happens on chip inside the device and computer OS never sees them. With the mnemonic and passphrase you have extreme portability also. Just use any compatible hardware wallet to restore the mnemonic and securely spend. Even if the hardware is lost or stolen it's useless without passphrase (it's a feature you must enable and use).
This is the approach used in the article, so it is recommended to use two different devices to encrypt a phrase with a different passwords. If all your devices are infected with a virus controlled by one person, then by the same logic tomorrow someone can break into your home and steal a physical medium with a phrase. If you practice good digital hygiene, it is very difficult to infect all your devices, especially if they are different OS
Dude, you messed up the moment. You thought you could do everything inside a virtual box. The best thing you could have done was run tails OS from a USB drive. Electrum is built in on that. The best thing I think you should have done was purchased a hardware wallet, like ledger, nano X and connect it to Cake Wallet or Phantom Wallet. Virtual machine is the worst place to store Internet money that can’t be reversed. Sorry for your loss.
A virtual machine to run a windows OS or similar.
There are many options, my personal recommendation is [Start9](https://start9.com/), it simply works, you can also buy a MiniPC and install the OS by yourself, but you wont get support if you do it that way.
Well, sorry for your loss, good luck moving forward. There are a few good suggestions here. Backup personal files to USB scan them with a couple different online scanners. Them reinstall OS, windows you can do a 'reset my computer' or better download the windows boot media to a different USB drive (not the one you backed up files to), and do fresh install formatting hard drive. Go through sites changing passwords, maybe start using a password manager. Couple people suggested hardware wallet. I feel that's just not realistic when buying a brand new, from manufacturer hardware wallet is so expensive. My rule was 1/10, if I had $2000 USD of crypto, and a hardware wallet was $200 USD, it was time to get one to protect it.
\> become the ubiquitous money OS for the world Nobody is going to do this until they figure out a neat solution to the trilemma. That coin will likely become the new 'first' like bitcoin.
does it come with a software OS?
> ability to become the ubiquitous money OS for the world. It absolutely has it I understand L2, but what on earth was the rational behind the design that limited Ethereum to 15 TPS?
Ethereum price action has surprised many and continues to do so. I can’t explain that one away for you - there’s tons of speculation why but nobody truly knows. As far as actual development and technical ability to become the ubiquitous money OS for the world. It absolutely has it and what it lacks at the moment is actively being worked on with the biggest developer and research mindshare in all of crypto. Can’t make price predictions but the fact people are trying their darnest to solve problems with Ethereum and on Ethereum is undisputed.
Internet failing is like catastrophy level. Less drastic things could do it. If a shortcut was found to any of the cryptography it could be exploited. Even just a shortcut to hashes, someone could use that to do things from rolling back transactions to fabricating transactions entirely. It could be pretty devastating, but I doubt there would be trust would ever recover if an exploit were successful. If Internet fragmentation occurs because countries start practicing isolationism, this would fragment the network, all chains other than the longest one would be discarded and the transactions rolled back. Who wins the chain war would presumably be whoever had the highest hashrate to begin with, but I bet there's a way to figure out the optimal hashrates to use to solve blocks faster for a short time. A virus/trojan that had enough penetration and had a payload for Bitcoin miners could take the network down. Even a DoS attack. That includes OS level or user level exploits.
Well, I tried the phone version, but after disassembling it I was not able to remove/neutralize all the wireless communication components, so I decided against it. I don't trust having a wireless device on it, even if I disable it via software - I guess I am a bit paranoid. I have gone with 2 setups eventually. Setup one is a Seedsigner that I built, very cool and cheap. Setup two is Tails OS on an old pc where I removed the wireless card. I agree that I really don't care about updating. If and when I am forced to update, I will get a newer version of Tails OS and simply reimport the seed in a newer system. I use one setup to sign offline and one to check the signed transaction (to check that the receiving address as well as all the numbers match to avoid having a compromised device change the intended receiving address - that would be one vulnerability)
Finally one normal post about this, i have been scrolling on this reddit topic for last 1hr and everyone is against it and i can only see that they don't understand that this is the way to go! I prefer PC version but love the phone idea too! I think this is best version of cold wallet and no one can prove me it isn't just qr codes and you can see what are you signing and that's it. anything you have to connect with wire,usb, or sd card can be compromised. \+ there is no need to ever update tails OS for any reason when you just use it for offline signing! I loved old keystone airgapped wallet but they ruined it with this new version that you can choose to airgap. Still i like it for using with hot wallets with memecoins but they ruined it.
They require you to download a DMG with an obfuscated (but easily readable, it's just base64) applescript code that copies a hidden file into a hidden directry and then removes the Mac OS quarantine flag on it, and immediately executes it. The executable does not appear in the "Force Quit" menu, and shows a password prompt. WTF. They are trying to install malware at the very least. I have used a throwaway non-admin user on an old (non-daily-user) laptop for the executable steps, so I'm fairly sure they did not do anything badm but it's worth a report.
Control comes from custody, And the only tru custodian way over your btc is to have and keep your wallet private key by yourself. So how can I be afraid if I have my own generated wallet private keys. You can actually generate those keys offline if you don't trust your OS/Device. If you're looking for a (User/Password) solution. there are many third party platforms whom will be more than happy to store your btc for you. And there are many hardware wallets you can purchase for this reason. But remember, not your keys, not your coins. And at this point, I recommend that you educate yourself a little before losing your coins due to lack of knowledge.
Great! I ran Umbrel for 3.5 years, then Start OS for a week, and the last year I've been using a custom built node. If I were to recommend something to a non technical person, I'd say Start OS seems to be the most reliable, but Umbrel is the most user friendly.
That makes for an interesting discussion. The OP Stack is definitely a strong force, especially with its growing adoption and ecosystem support. However, Cartesi brings something novel and unique to the table as well. Its Cartesi Virtual Machine has not been reproduced by any other protocol I am aware of. It perfectly runs a full Linux OS off-chain, enabling developers to write smart contracts in mainstream programming languages rather than being restricted to Solidity. The Dave Fraud Proof protocol has also been lauded as superior to other Fraud Proof systems by the L2BEAT research team. That's not something that happens on a whim. Finally, it’s not necessarily about one being ‘better’—they solve different problems. The OP Stack is awesome for standard rollup deployments, but Cartesi is pushing the boundaries of what rollups can do.