A Beginner's Guide to the Electrum Bitcoin Wallet - Bitzuma

Sending address discrepancy

I bought some bitcoin, transferred it from the web wallet to my Electrum wallet, then donated it to MangaDex. I then put my receiving address in the claim box on MD to link it up and get whatever benefits may exist for being a donor. That's supposed to process automatically, but it didn't for me. I ended up speaking to MD support, and they looked up the transaction details and linked it for me. They also gave me the wallet address their system was expecting.
The problem is that I have just gone and poked through every part of Electrum and I can't find that number anywhere.
I have just discovered that I actually gave the wrong address to MD; I went and copied it from the receiving box after sending them the donation, which was also after it had regenerated following me moving the bitcoin in. But the address that I moved it through is also not the address MD's support gave me. (Although if I had given the right address, maybe it would have linked automatically.)
I'm not sure what the etiquette regarding showing addresses is, given they're ostensibly public information... So here are the first and last four characters of the relevant addresses, length preserved:
Address with two transactions in my Electrum wallet: bc1q__________________________________57px Address MD saw: 6671________________________________5abd
So ultimately my question is... What's that address? Where did it come from? And can I verify it with Electrum?
submitted by Zergling_man to Electrum [link] [comments]

CLAMI THAT FREE HEX !!!1! or you could buy it, I guess...

CLAMI THAT FREE HEX !!!1! or you could buy it, I guess...
My No-coiner parent went to Home Depot to buy some edger line so I could do yard work, but they were worried that they got the wrong type, because it wasn't the circular round line we had before.
Nope, I don't see any problem here, It's not what I used before, but somehow it looks like destiny to me !

OK, lets do this !
How to Claim free Hex :

  1. You have your Bitcoin private keys in a Hardware Wallet. ( I hope!)
  2. You download the Electrum Bitcoin wallet
  3. You download the Metamask Chrome extention, this will be your Eth wallet
  4. Set up Metamask, log in, send a small amount of Eth to your Metamask Eth address
  5. You load my referral link to get +10 % on your Hex https://HEX.win/?r=0x2af5f89463e7803233EC5d37dEcadEb7DAa0107d
  6. You connect your Hardware wallet to your PC and unlock it
  7. You load Electrum
  8. Go to Addresses
  9. Go to tools, sign/verify message
  10. Go to go.hex.win
  11. Go to Claim link at the top, when it is live (5 hrs from now)
  12. Enter each of your receiving addresses from Electrum (NOT PRIVATE KEYS)
  13. You sign each statement with the sign function in Electrum
  14. You enter the signed statement back into the claim entry line
  15. You set your autostake time, I suggest at least 364 days, so you will for sure get the big payday. I also suggest you use the same stake length, so you can combine your bags at the end stake time
  16. You do this for every UTXO (receive addresses in Electrum)
  17. Once ALL of your UTXO's are claimed, then you will have some leftover hex, you can sell or stake this, your call
  18. When your stake ends, you unstake your coins on go.hex.win If you don't do this on time, your coins will be lost to penalties, don't forget the date !

How to buy Hex from the Adoption Amplifier :

  1. You download the Metamask Chrome extention, this will be your Eth wallet
  2. Set up Metamask, log in, send a moderate amount of Eth to your Metamask Eth address, only what you can afford to lose ! Not investment advice !
  3. You load my referral link to get +10 % on your Hex https://HEX.win/?r=0x2af5f89463e7803233EC5d37dEcadEb7DAa0107d
  4. Go to go.hex.win
  5. Go to the Transform link at the top of the page
  6. Look at all this insane amount of Eth being pumped into Richard's pocket, that is a lot of Eth, almost 14 THOUSAND ETH as of 5 hours before the end of day 1 !!!1! The more Eth sent here each day, the less Hex each sender gets, THIS IS VERY IMPORTANT
  7. Game theory : This amount of sent Eth will go down each day after day 1, on average, because everyone wants to be first, and excitement does not last. IMO, you should wait 1 week, until at least day 8. I believe the amount of Eth sent will go down by a factor of 10 or more, while the amount of Hex on offer will only go down 50 % or so, so you can 5x your stack, if you can just delay your time preference a little bit. Trust me, I was in an almost identical coin to Hex, and this exact thing happened. Not investment advice, but common sense and experience. 5 X that stack, right off the bat ! Don't over pay !
  8. It's one week later ? Good, now log in late in the day, and check the amount of Eth sent. Is it much higher than the day before ? If so, wait another day, if its the same or less, then send 1/7 th of the Eth you want to transform
  9. Log in each day, get your Hex, check the Eth already sent, is it not too high, then send another 1/7 th of your Eth
  10. After 1 week more, you have dollar cost averaged into Hex, and you should have gotten a good price, too ! You can stake each day, or wait until you have bought what you want. I suggest if you have several stakes, that you time them to end on the same day, so you can combine your stack, and then sell or stake it as a unit. Combining the Hex will save you some gas on staking.
  11. When you set your stake time, I suggest at least 354 days, so you for sure get the big payday. You can also set the stake for 3652 days if you are REALLY hardcore, this will get you 3x your bag, and 3x all your other bonuses, but you have to wait 10 years. I'm going even longer, cause I'm a believer :P
  12. When your stake ends, you unstake your coins on go.hex.win If you don't do this on time, your coins will be lost to penalties, don't forget the date !

Why should you use my referral link ? Because I have explained exactly how to do this somewhat complicated process, I have given you some game theory, I found a funny image from my life, and I'm just a nice guy, so why not ?
HEX is everywhere !
submitted by HODL_monk to HEXcrypto [link] [comments]

PSA: Guide on how to recover your lost Segwit coins using Electron Cash

How to get your recovered SegWit funds using Electron Cash

Background

Thousands of BCH on thousands of coins that were accidentally send to Segwit 3xxx addresses were recovered by BTC.TOP in block 582705.
This was a wonderful service to the community. This had to be done quickly as the coins were anyone can spend and needed to be sent somewhere. This all had to be done before thieves could get their dirty paws on them.
So.. How were they recovered? Did BTC.TOP just take the coins for themselves? NO: They were not taken by BTC.TOP. This would be wrong (morally), and would open them up to liability and other shenanigans (legally).
Instead --BTC.TOP acted quickly and did the legally responsible thing with minimal liability. They were sent on to the intended destination address of the SegWit transaction (if translated to BCH normal address).
This means BTC.TOP did not steal your coins and/or does not have custody of your funds!
But this does mean you now need to figure out how to get the private key associated with where they were sent -- in order to unlock the funds. (Which will be covered below).
Discussions on why this was the most responsible thing to do and why it was done this way are available upon request. Or you can search this subreddit to get to them.

Ok, so BTC.TOP doesn't have them -- who does?

You do (if they were sent to you)! Or -- the person / address they were sent to does!

HUH?

The Segwit transactions have a bad/crazy/messed-up format which contains an output (destination) which contains a hash of a public key inside. So they "sort of" contain a regular bitcoin address inside of them, with other Segwit garbage around them. This hash was decoded and translated to a regular BCH address, and the funds were sent there.
Again: The funds were forwarded on to a regular BCH address where they are safe. They are now guarded by a private key -- where they were not before (before they were "anyone can spend"). It can be argued this is the only reasonable thing to have done with them (legally and morally) -- continue to send them to their intended destination. This standard, if it's good enough for the US Post Office and Federal Mail, is good enough here. It's better than them being stolen.

Ok, I get it... they are on a regular BCH address now. The address of the destination of the Tx, is it?

Yes. So now a regular BCH private key (rather than anyone can spend) is needed to spend them further. Thus the Segwit destination address you sent them to initially was effectively translated to a BCH regular address. It's as if you posted a parcel with the wrong ZIP code on it -- but the USPS was nice enough to figure that out and send it to where you intended it to go.

Why do it this way and not return to sender?

Because of the ambiguity present-- it's not entirely clear which sender to return them to. There is too much ambiguity there, and would have led to many inputs not being recovered in a proper manner. More discussion on this is available upon request.

Purpose of this guide

This document explains how to:
Complications to watch out for:

Step 1: Checking where your coins went

To verify if this recovery touched one of your lost coins: look for the transaction that spent your coins and open it on bch.btc.com explorer.

Normal aka "P2PKH"

Let’s take this one for example.
Observe the input says:
P2SH 160014d376cf1baff9eeed943d58551d53c48377adb98c 
And the output says:
P2PKH OP_DUP OP_HASH160 d376cf1baff9eeed943d58551d53c48377adb98c OP_EQUALVERIFY OP_CHECKSIG 
Notice a pattern?
The fact that these two highlighted hexadecimal strings are the same means that the funds were forwarded to the identical public key, and can be spent by the private key (corresponding to that public key) if it is imported into a Bitcoin Cash wallet.

Multisig aka "P2SH"

If the input starts with “P2SH 220020…”, as in this example, then your segwit address is a script -- probably a multisignature. While the input says “P2SH 22002019aa2610492ee2c18605597136294596d4f0f9bc6ce0974ed3a975d65da4ca1e”, the output says “P2SH OP_HASH160 21bdc73fb15b3bb7bd1be365e92447dc2a44e662 OP_EQUAL”. These two strings actually correspond to the same script, but they are different in content and length due to segwit’s design. However, you just need to RIPEMD160 hash the first string and compare to the second -- you can check this by entering the input string (after the 220020 part) into this website’s Binary Hash field and checking the resulting RIPEMD160 hash. The resulting hash is 21bdc73fb15b3bb7bd1be365e92447dc2a44e662, which corresponds to the output hex above, and this means the coins were forwarded to the same spending script but in "non-segwit form". You will need to re-assemble the same multi-signature setup and enough private keys on a Bitcoin Cash wallet. (Sorry for the succinct explanation here. Ask in the comments for more details perhaps.)

No match -- what?!

If the string does not match (identically in the Normal case above, or after properly hashing in the Multisig case above), then your coins were sent elsewhere, possibly even taken by an anonymous miner. :'(

Step 2: How To Do the Recovery

Recover "Normal" address transactions (P2PKH above)

This is for recoveries where the input string started with “160014”.
Option 1 (BIP39 seed):
Option 2 (single key):
Option 3 (xprv -- many keys):
Code:
mkey = "yprvAJ48Yvx71CKa6a6P8Sk78nkSF7iqqaRob1FN7Jxsqm3L52K8XmZ7EtEzPzTUWXAaHNfN4DFAuP4cdM38yrE6j3YifV8i954hyD5rhPyUNVP" from electroncash.bitcoin import DecodeBase58Check, EncodeBase58Check EncodeBase58Check(b'\x04\x88\xad\xe4'+DecodeBase58Check(mkey)[4:]) 
Option 4 (hardware wallet):

How to Recover Multisignature wallets (P2WSH-in-P2SH in segwit parlance)

This is for recoveries where the input string started with "220020.
Please read the above instructions for how to import single keys. You will need to do similar but taking care to reproduce the same set of multisignature keys as you had in the BTC wallet. Note that Electron Cash does not support single-key multisignature, so you need to use the BIP39 / xprv approach.
If you don’t observe the correct address in Electron Cash, then check the list of public keys by right clicking on an address, and compare it to the list seen in your BTC wallet. Also ensure that the number of required signers is identical.
submitted by NilacTheGrim to btc [link] [comments]

I'm Giving Away 0.5BTC to Whoever Finds My Lost Electrum Password

A little over a year ago, on 10/22/2016, the price of bitcoin was going up, and the size of the blockchain was growing like crazy, so I decided to transfer a 10.511 BTC wallet I had on a thumb drive from a Bitcoin Core wallet to Electrum (I knew I soon wouldn't have enough space on my HDD for the entire blockchain, which Core requires.) So I fired up Electrum, copied down the addresses, and transferred all 10.511 BTC.
One minute later, my heart sank, and I realized what a complete moron I was - this was a wallet I had setup when i first installed Electrum a year earlier, and I had NO IDEA what the password or seed words were.
So now I have 10.511 BTC stuck in an Electrum 2.8.3 (EDIT - I see 2.8.3 now, but that didn't even exist on 8/4/2015, so I must've upgraded at some point - SEE BELOW) wallet that I have no access to whatsoever. I've heard that there are people on bitcoin with cracking capabilities, so I wanted to give the community a shot.
Here's how this will work. I've extracted partial-MPK data from the extract script I received from btcrecover, a popular password recovery program. With this, you can check passwords. Whoever posts or pm's me the correct password first (along with their receiving address) will receive 0.5 BTC from the following address - 1EoKwutew3rfmKbsNcmi53qMRe84v2Cj4H (one of the five addresses in this wallet that makes up the total 10.511 BTC)
Electrum2 partial encrypted master private key, iv, and crc in base64:
For use in btcrecover:
ZTI6goX84upkxg6DGPWNoLhM9nMUz4scIgd8eGAE8yqAGrK55C7F 
For use with JohnTheRipper:
default_wallet:$electrum$2*8285fce2ea64c60e8318f58da0b84cf6*7314cf8b1c22077c786004f32a801ab2 
As far as hints go, here's what I'm 99% sure of:
Or any of the following 6 characters:
1 ! ` ~ ' (backslash - reddit won't display it) 
So those are about all the clues I have. I recommend someone trying a dictionary attack first, and then brute-forcing it. I promise, promise promise I will deliver 0.5BTC to whoever finds the password. I'm recovering 10BTC on top of that, so 0.5BTC is a reasonable price to pay for my idiotic mistake.
Good luck, and Happy Holidays!
. . .
Edit: I will check back every few hours and try all the passwords posted - please don't take random guesses... use btcrecover or John The Ripper to find the actual password using the partial encrypted master private key, iv, and crc in base64 that I posted above (I have to check all these, after all...)
Edit 2: Tried all the passwords posted in this thread until 1:34am EST. Going to bed for now, but will check back in the morning.
EDIT 3: Some people are pointing out that the version doesn't make any sense, since 2.8.3 didn't exist when I created the wallet. You're, right, this version came out in 2017. I am sorry I got this wrong - I've been looking at Electrum 2.8.3 for the past year or so, as I've been trying to open this thing, so I assumed that was it, but its not. All I know is, I downloaded Electrum for the first time on this computer on 8/4/2015 at around 4am EST. Does anyone know what version that is? If its 1.X, PLEASE tell me so I can update the partial encrypted master private key above, as the one above I used an extract script for 2.X!!!
EDIT 4: I'm 99% certain you will find the password if you brute force lowercase letters a-z, after removing some "non-interesting" letters like z,q, etc. Its just about which letters to guess. The ONLY numbers that could POSSIBLY be at the end are "15". So either it ends in 15 or it doesn't, there's no way I'd use any other numbers. So please, whoever has access to a large bank of CPU's, PLEASE try using btcrecover (or better yet, JTR) to try a-z, minus some less-popular characters. Possibly the letters ""a b c d e f i k l m n o r s t w y", but I could be missing some. Also, PLEASE POST YOUR BITCOIN ADDRESS ALONG WITH YOUR ANSWER! I will send you coins from 1EoKwutew3rfmKbsNcmi53qMRe84v2Cj4H, one of the addresses in the locked wallet.
Finally, I just want to be clear - I will give the 0.5 BTC reward to whoever helps me open this wallet - whether they figured out some crazy technical workaround, find the password itself, or gave me hints that allowed me to discover the password myself, whoever helps me unlock these funds first will be rewarded.
EDIT 5: Some people are curious as to whether this is indeed my wallet. Yes, it is: the first 0.1BTC I sent to the wallet on 8/4/2015 was sent directly to this wallet from my Coinbase account. Proof: https://imgur.com/a/zsjZw
EDIT 6 - MAKING PROGRESS BABY! If you're using btcrecover, please put this in your token file:
 ^%[abcdefiklmnorstuwy] ^2^%[abcdefiklmnorstuwy] ^3^%[abcdefiklmnorstuwy] ^4^%[abcdefiklmnorstuwy] ^5^%[abcdefiklmnorstuwy] ^6^%[abcdefiklmnorstuwy] ^7^%[abcdefiklmnorstuwy] ^8^%[abcdefiklmnorstuwy] ^9^%[abcdefiklmnorstuwy] 15$ 
Add as many lines as you think there are digits (probably 9-12), remembering to change the number of the line in the beginning, and change the group of letters that you think might be included in the pw. THE LESS LETTERS YOU INCLUDE, THE GREATER THE LENGTH YOU CAN CHECK. Please remember to add the tags "--no-eta" and "--no-dupchecks" so you don't run out of memory. Unfortunately my machine can only do 600kP/s, so I can't find it myself, but someone with access to a lot of servers can probably find the password very quickly!!!
EDIT 7 - Making a bit of progress, very very slowly. Here's an important clue: when I created this wallet, which, remember, was the very first Electrum wallet I ever created, I would have made sure to add enough complexity so that the complexity meter below the password input box says "Strong". I would've never clicked Continue if the complexity-indicator said I "Weak" or "Medium". So if there's some way to ignore ALL "Weak" or "Medium" passwords, that could speed up the search significantly. It looks like if you use just lowercase a-z, when you add a single "!" at the end for increased complexity, the minimum total characters that gets you a "Strong" password is 12 ((a-z)x11 + "!"). Nobody's been searching for this quite yet, because 11 characters is a lot, and it could be more. The only way I see this happening is if you do a hybrid dictionary+brute force attack, of if you substantially cut down on the number of letters tested by eliminating "uninteresting" letters like q, z, v, x, etc. Based on everything, I think the total is at least 12 characters, but no more than 16, and contains a special character at the end (such as !, 1, ~, (~ if you don't hold shift, reddit won't display it), ', or \ - these are the 6 special characters I usually use by themselves at the end of a password - ' and \ because they're right next to Enter on a standard US keyboard, and ! or 1 (or !1 or 1! together) or ` or ~ because they're my go-to's).
I've also looked through my photo archive from that time period and found a DIFFERENT seed for a wallet I made on Aug. 18th, 2015 (crunch sunny range evoke rapid use bubble gloom pill gossip blanket tired accident - there's about 3 bucks in there for whoever wants it). The password for this wallet was originally "testtesttest".
EDIT 8 - Still no password as of 12/12/2017, and this will be my last edit. If you find the password, PM me.
EDIT 9 - I will update this page as soon as the password is found. If you are seeing this message, it means the password has not yet been found.
submitted by corneliusvanderbilt to Bitcoin [link] [comments]

10-21 18:13 - 'CRYPTOCURRENCY WALLETS PASSWORD RECOVER 2019' (self.Bitcoin) by /u/raiyum removed from /r/Bitcoin within 42-52min

'''
Supported new algorithms of recovery methods.
Very easy to work with it. Just add your file ,check the methods of recovery.
Supports for all Core Wallet.dat files.
Supports for all Electrum wallet_default files.
MyEtherium backup files.

Several attacks can be configured and queued advanced mixed attacks for precise search range setup: -multi-position modifications to cover modern password policies; -simple modifications: add part(s) copy, add reversed copy, etc. -typing errors generation with new multi-position options; -brute-force attacks based on a charset and length selected: -limit number of equal, capital or special chars or digits; -number ranges (e.g. 1-31, 1-12, 2003-2018, etc.); -dictionary attacks with modifications (several wordlists are included): -password in reverse, capitalized, uppercased, lowercased; -adjustable mixed-case mode; -preset or custom char replacements: Ss with $, Ii with !, Aa with 4, etc. -advanced keyboard layouts-aware recovery technique; -"Save passwords to a file" option to verify search settings, generate new wordlist, etc. -Audio, script or web address based post-search notification. -Highly optimized code (SSE, AVX, AVX2, AVX-512) guarantees best performance.info -Utilizes NVIDIA and AMD Graphics processing units with a high-performance methods. -Utilizes integrated GPUs as well.Intel GPU support Supports up to 64 simultaneous processing threads (multi-CPU, multi-GPU). Windows 7 - Windows 10
[[link]2
'''
CRYPTOCURRENCY WALLETS PASSWORD RECOVER 2019
Go1dfish undelete link
unreddit undelete link
Author: raiyum
1: yo***.be/j7mth4Ri*_* 2: *o*tu.be/j7*th4RiJ*_*]^^*
Unknown links are censored to prevent spreading illicit content.
submitted by removalbot to removalbot [link] [comments]

Electrum: Restored wallet with seed, but the bitcoins & history are gone ?!?

Fucking hell, I went to extra lengths to write down the seed and now I restored the wallet with it and my money is gone.
And then I tried to open my wallet, with the password, and it says "Cannot load wallet (2): The addresses in this wallet are not bitcoin addresses"
Are you fucking kidding me? What the hell...
The main tab just shows an empty history and balance is zero.
Did I do something wrong? What's going on? Even if someone stole the money, it should at least show a history right?
Edit: I also compared the addresses in the Adresses tab to an older screenshot and they are NOT the same addresses. That probably related to the problem, isn't it?
Edit 2: SOLVED. (I think). I was using "Electrum Testnet" (whatever that means) instead of the normal Electrum and that's why it couldn't load the wallet I guess. Now I tried with the normal one and it works. Must have accidentally started the wrong version. Repeatedly. I don't get it how that happened lol. Thanks for all the help tho.
submitted by PMmeYOURrareCONTENT to Bitcoin [link] [comments]

MESSAGE TESTING! Looking for feedback, comments, and suggestions from the community

Hey everyone, the Komodo marketing team is finalizing some copy that will be used to send to people interested in building on Komodo. We'd like to message test this with the community before finalizing so please let us know if you have any suggestions or feedback. Thanks everyone!
END-TO-END BLOCKCHAIN SOLUTIONS
Komodo Platform is a thriving, open-source ecosystem of cutting-edge technologies in the burgeoning blockchain sphere. It is Komodo’s mission to accelerate the global adoption of blockchain technology by removing barriers to entry for developers, blockchain startups, and existing businesses alike with simple, end-to-end blockchain solutions.
When looking to integrate blockchain tech, there are many competing technologies and platforms to choose from. What sets Komodo Platform apart from the competition is a proven track record of identifying and innovating solutions to all of blockchain’s most pressing problems.
Rather than focusing on a single use case or feature, Komodo Platform has built a comprehensive toolkit of blockchain solutions that addresses every essential aspect of the technology. In particular, Komodo’s tech focuses on providing top-notch security, scalability, and interoperability, as well as hybrid privacy features.
This holistic approach ensures that all who build on Komodo have the tools they need to be successful, including a variety of customizable white-label products that slash time to market while still providing complete flexibility and control.
All of these strengths, combined with a clear vision for a global blockchain ecosystem, make Komodo Platform the world’s leading provider of end-to-end blockchain solutions.
AN ECOSYSTEM THAT ALWAYS PUTS SECURITY FIRST
For Komodo Platform, security comes first. Security is always at the forefront of the development process. As such, every blockchain launched on Komodo Platform is protected with the power of the Bitcoin hashrate.
At the same time, all blockchains built on Komodo are protected by Komodo’s innovative security mechanism, known as delayed Proof of Work (dPoW), which stores backups of the entire Komodo ecosystem onto the Bitcoin ledger every ten minutes.
Here’s how it works. Every ten minutes, a snapshot is taken of the entire Komodo ecosystem. Then, this snapshot is written into a block on the Bitcoin blockchain. This process is called notarization and it is the backbone of Komodo’s security mechanism. Komodo Platform’s notary nodes carry out the technical work required to successfully complete notarizations.
In essence, dPoW functions as a form of 2FA for blockchain projects. A potential attacker would need to take down both the BTC and KMD networks before they could alter, disrupt, or destroy your chain. Since the backup process takes place every ten minutes, your chain is constantly protected.
LIMITLESS SCALABILITY WHENEVER YOU NEED IT
Komodo provides every project built on the platform with virtually limitless scalability. A new feature from Komodo allows multiple blockchains to work in unison and behave as a single chain.
If one blockchain is no longer providing the performance you need, simply add another chain. If two isn’t sufficient, add a third. With Komodo Platform, you can scale on demand to keep up with the the needs of your business.
No other blockchain platform offers both this level of security and scalability. Some blockchain platforms can provide security, although you’re forced to share infrastructure with other projects. This increases congestion and transaction fees, thus limiting scalability.
Other blockchain platforms offer independent blockchains but leave you to your own devices when it comes to security. This is especially troublesome if you’re using a Proof of Work (PoW) consensus mechanism, since most projects generally do not have a high enough hashrate to protect themselves from 51% attacks. Without security, scalability is completely irrelevant.
THE INDEPENDENCE AND FLEXIBILITY YOU NEED
Blockchains created on Komodo are completely independent in the sense that what happens on one chain cannot and will not affect any other chain in the ecosystem. This is true because, unlike other platforms, chains launched on Komodo do not share infrastructure or networks.
As a result, there is no need to worry about congestion on Komodo Platform. There will never be an increase in the fees or length of time required to complete a transaction.
Moreover, projects built on Komodo may migrate away from the platform at any point in time. If, at any point in time, you feel that another platform is better-suited for the needs of your project, you are free to leave. Every blockchain launched on Komodo is the property of those who created it. There is no vendor lock-in on Komodo Platform.
Finally, every project effectively receives a clone copy of the KMD chain, so as Komodo continues to innovate new technologies, every chain in the ecosystem receives all of the additional enhancements and features. This lets you build on Komodo with peace of mind.
Future-proof your project by building on the world’s premier blockchain platform: Komodo.
CREATE A CUSTOMIZABLE BLOCKCHAIN WITH MAXIMUM FLEXIBILITY
  1. Customization — choose from optional modules to build a tailor-made solution
  2. Scalability — scale on demand to keep up with your project’s growth
  3. Independence — no shared infrastructure, blockchains, or networks
Komodo Assetchain Features
New Features In Testing & Development
ACCELERATE TIME TO MARKET WITH KOMODO’S WHITE-LABEL SOLUTIONS
Once you’ve created your very own secure, scalable, independent blockchain, Komodo offers several white-label apps to help you go to market faster. A multi-coin cryptocurrency app, an atomic-swap-powered decentralized exchange app, and a decentralized crowdfunding app are all included in Komodo’s Blockchain Starter Kit.
WHITE-LABEL MULTI-COIN WALLET
After your blockchain is operational, users will need somewhere to store that chain’s tokens. However, it can be difficult and expensive to have a new coin or token integrated into an existing crypto wallet. Developing a native crypto wallet is also a long and costly process.
That’s why Komodo provides every project with the option of a white-label multi-coin wallet app. Not only will users be able to store your chain’s tokens in it, they will also be able to store other popular cryptocurrencies like Bitcoin, Litecoin, ZCash, and KMD, Komodo’s native coin.
WHITE-LABEL DECENTRALIZED EXCHANGE
In addition, Komodo offers every project the choice of a white-label decentralized exchange app. Komodo’s decentralized exchange (DEX) will provide the backend tech necessary for the white-label app to function.
Komodo’s DEX is the world’s only truly decentralized exchange. While many exchanges claim to be decentralized, they still use proxy tokens, force users to give up their private keys at some point in the trading process, or give admin a backdoor option to freeze a user’s funds. By contrast, Komodo’s DEX is fully-powered by atomic swap technology.
Atomic swaps are peer-to-peer exchanges of cryptocurrency that allow users to retain control of their private keys throughout the entire trading process. As this method of trading occurs wallet-to-wallet, the need for centralized exchanges or other third parties is eliminated.
If a project built on Komodo uses the white-label decentralized exchange app, their blockchain’s tokens will be integrated into the DEX, providing instant access to liquidity. This is an enormous benefit, as many centralized exchanges charge exorbitant fees for listing a new coin or token.
WHITE-LABEL DECENTRALIZED CROWDFUND APP
The final white-label app included in Komodo’s Blockchain Starter Kit is a white-label crowdfunding application. This app is also powered by Komodo’s industry-leading atomic swap technology.
Crowdfunds launched on Komodo Platform are therefore more secure and much faster than a traditional, centralized ICO. Investors maintain possession of private keys throughout the crowdfund. Once the atomic swap is complete, they receive your chain’s tokens instantly.
Komodo’s Blockchain Starter Kit is designed to give you the products and technology you need to accelerate time to market and allow you to focus on ensuring that your project is a success.
INVESTMENT PROTECTION: A VISION FOR A GLOBAL BLOCKCHAIN ECOSYSTEM
The blockchain industry is currently developing at a breakneck pace. For this reason, it is absolutely essential to build on a platform that continues to evolve. At the rate the blockchain industry is currently moving, every platform must continue to evolve or face extinction.
With a long-term vision and a strong commitment to continuing development, Komodo Platform provides the investment protection you need to build comfortably.
Over the last several years, Komodo has been in a constant state of development. Komodo has completed more GitHub commits than any other blockchain project in existence. As Komodo is constantly innovating new technologies at the cutting-edge of the industry, you can build on Komodo Platform without worrying about your project falling behind.
With a clear vision for a global blockchain ecosystem, Komodo is leading the blockchain sphere by developing and implementing solutions to some of blockchain’s most pressing problems. In particular, Komodo is advancing blockchain technology with respect to these five essential features: security, scalability, interoperability, privacy, and simplicity.
Komodo’s unique dPoW security mechanism protects the entire ecosystem with the power of the Bitcoin hashrate. With the ability to launch several chains to meet the performance demands of any project, Komodo is also the world’s most scalable blockchain platform.
Atomic swap technology, pioneered by Komodo Platform, was the first major development towards interoperability. Komodo’s DEX is the world’s most advanced with over 110,000 atomic swaps completed. Users exchange tokens directly with other users, from one wallet to another.
Now, Komodo is advancing interoperability with an innovative new feature that allows thousands of chains to process transactions simultaneously while cross-notarizing and allowing inter-chain transaction proofs. This technology is still in development but will make Komodo a fully-interoperable ecosystem and allow as many as 1 million transactions per second.
Komodo also provides hybrid privacy solutions, such as permissioned and permissionless blockchains as well as optional zero-knowledge transfers of value to protect user privacy.
These end-to-end blockchain solutions are readily available with the simplicity of white-label apps and with support from expert third-party service providers. Get started with Komodo now.
BEGIN BUILDING ON KOMODO PLATFORM TODAY
If you’re ready to implement blockchain solutions, there are two certified third-party Komodo Solution Integrators that can help you navigate your journey into blockchain technology.

Chainmakers

https://chainmakers.co/
[[email protected]](mailto:[email protected])
Twitter: https://twitter.com/kmdchainmakers
Discord: https://discord.gg/Q35CHb
Github: https://github.com/chainmakers

ChainZilla

https://www.chainzilla.io
[[email protected]](mailto:[email protected])
Twitter: https://twitter.com/chainzillaio
Discord: https://discord.gg/G4dxgmv
Github: https://github.com/ChainZilla
submitted by Daniel-C-Pigeon to komodoplatform [link] [comments]

Groestlcoin Christmas Release!

Groestlcoin Dec 2018 Christmas Release Update

As per usual the 3 months has been all hand-on-deck, helping to bring further adoption utilities to Groestlcoin. The markets have been red but as always that doesn't stop the show from going on with regards to the development since the last release update on 24th September. Here's a recap of what has happened so far:

Recap:

What’s New Today?

Groestlcoin on Trezor Model T

As of the latest version of the Trezor Model T firmware, Groestlcoin is now officially supported! The Trezor Model T is the next-generation cryptocurrency hardware wallet, designed to be your universal vault for all of your digital assets. Store and encrypt your coins, passwords and other digital keys with confidence. The Trezor Model T now supports over 500 cryptocurrencies.

Blockbook MainNet & TestNet Block Explorer

Blockbook is an open-source Groestlcoin blockchain explorer with complete REST and websocket APIs that can be used for writing web wallets and other apps that need more advanced blockchain queries than provided by groestlcoind RPC.
Blockbook REST API provides you with a convenient, powerful and simple way to read data from the groestlcoin network and with it, build your own services.

Features:

Blockbook is available via https://blockbook.groestlcoin.org/ Testnet: https://blockbook-test.groestlcoin.org/ Source code: https://github.com/Groestlcoin/blockbook

Edge Wallet

Groestlcoin has been added to the Edge wallet for Android and iOS. Edge wallet is secure, private and intuitive. By including support for ShapeShift, Simplex and Changelly, Edge allows you to seamlessly shift between digital currencies, anywhere with an internet connection.

Features:

Android: https://play.google.com/store/apps/details?id=co.edgesecure.app
iOS: https://itunes.apple.com/us/app/edge-bitcoin-wallet/id1344400091?mt=8
Direct Android: https://edge.app/app

CoinID Wallet

We are excited to announce that Groestlcoin has been added to CoinID! With integrated cold and hot wallet support, and a host of other unique wallet features, CoinID can easily become your go-to wallet for storing Groestlcoin. More details can be found here: https://coinid.org/s/groestlcoin-wallet-overview.pdf

Features

Android: https://play.google.com/store/apps/details?id=org.coinid.wallet.grs
iOS: https://itunes.apple.com/us/app/grs-wallet-for-coinid/id1439638550

Groestlcoin Sentinel - Windows Released

Groestlcoin Sentinel is the easiest and fastest way to track balances of your Groestlcoin addresses.
Features
You can download it using the links below.
Download the Windows Wallet (64 bit) here: https://github.com/Groestlcoin/Groestlcoin-Sentinel-Windows/releases/download/1.0/SentinelSetup_x64.msi
Download the Windows Wallet (32 bit) here: https://github.com/Groestlcoin/Groestlcoin-Sentinel-Windows/releases/download/1.0/SentinelSetup_x86.msi
Source code: https://github.com/Groestlcoin/Groestlcoin-Sentinel-Windows/

Groestlcoin BIP39 Tool 0.3.9 Update

The Groestlcoin BIP39 tool is an open-source web tool for converting BIP39 mnemonic codes to addresses and private keys. This enables the greatest security against third-party wallets potentially disappearing – You’ll still have access to your funds thanks to this tool.
What’s New
Download the Groestlcoin BIP39 tool here: https://github.com/Groestlcoin/bip39/archive/master.zip
Source code: https://github.com/groestlcoin/bip39
Or use hosted version: https://groestlcoin.org/bip39/

Electrum-GRS 3.2.3 Update

Electrum-GRS is a lightweight "thin client" Groestlcoin wallet Windows, MacOS and Linux based on a client-server protocol. Its main advantages over the original Groestlcoin client include support for multi-signature wallets and not requiring the download of the entire block chain.
What’s New

Electrum + Android Version 3.2.3:

Android: https://play.google.com/store/apps/details?id=org.groestlcoin.electrumgrs
Windows & OSX: https://github.com/Groestlcoin/electrum-grs/releases/
Linux:
sudo apt-get install python3-setuptools python3-pyqt5 python3-pip python3-dev libssl-dev sudo pip3 install groestlcoin_hash sudo pip3 install https://github.com/Groestlcoin/electrum-grs/releases/download/v3.2.3/Electrum-grs-3.2.3.tar.gz electrum-grs
GitHub Source server: https://github.com/Groestlcoin/electrumx-grs
Github Source server installer: https://github.com/Groestlcoin/electrumx-grs-installer
Github Source client: https://github.com/Groestlcoin/electrum-grs

Groestlcoin ivendPay Integration

ivendPay and Groestlcoin cryptocurrency have announced the start of integration.
IT company ivendPay, the developer of a universal multicurrency payment module for automatic and retail trade, intends to integrate Groestlcoin cryptocurrency — one of the oldest and the most reputable Bitcoin forks into the payment system. Groestlcoin is characterized by instant transactions with almost zero commission and is optimal for mass retail trade where micropayments are mostly used.
According to Sergey Danilov, founder and CEO of ivendPay, Groestlcoin will become the 11th cryptocurrency integrated into the payment module. The first working vending machines for the sale of coffee, snacks and souvenirs, equipped with ivendPay modules, served the visitors of the CryptoEvent RIW exhibition at VDNKh in Moscow and accepted Bitcoin, Go Byte, Dash, Bitcoin Cash, Ethereum, Ethereum Classic, Zcash, Bitcoin Gold, Dogecoin and Emercoin. ivendPay terminals are designed and patented to accept payments in electronic money, cryptocurrencies and cash when connecting the corresponding cash terminal. Payment for the purchase takes a few seconds, the choice of the payment currency occurs at the time of placing the order on the screen, the payment is made by QR-code through the cryptocurrency wallet on the smartphone.
The interest in equipping vending machines with ivendPay terminals has already been shown by the companies of Malaysia and Israel, where first test networks would be installed. ivendPay compiles a waiting list for vending networks interested in buying terminals and searches for an investor to launch industrial production. According to Sergey Danilov, the universal payment terminal ivendPay for the vending machine will cost about $500. The founder of ivendPay has welcomed the appearance of Groestlcoin among integrated cryptocurrencies, as it is another step towards the realization of the basic idea of digital money - free and cross-border access to goods and services for everybody.
submitted by Yokomoko_Saleen to groestlcoin [link] [comments]

[Social X] Architecture of A Decentralised System for Social Payment and Services

Dear fellow Reddheads:
It's been a month since the successful launch of PoSV, which marked the end of stage one of Reddcoin project. There were three main goals for stage one:
  1. fair distribution of Reddcoin to common users (tipping), miners (mining) and investors (IPCO).
  2. an innovative algorithm to secure the network and encourage ownership, participation and decentralisation (PoSV).
  3. to build out a team of super talented and trustworthy developers.
The three goals have all been achieved so it's time for us to enter stage two: the buildout of services to make Reddcoin actually useful. This is what Social X is meant for. I'm still polishing the whitepaper to make it live up to my own self-imposed high standard, but I think the time is right for me to unveil it in broad strokes. There are three main problems Social X aims to solve.

Social X: why are wallets so difficult to use?

To achieve wide adoption of Reddcoin (or any cryptocurrency) by the non-tech-savvy general public, wallets must solve the following issues:
Ever increasing blockchain size discourages users from running full-blown wallets. It takes too much time and efforts to install or repair. A common user tends to find the process frustrating or even impenetrable and is forced to either give up adoption or rely on 3rd-party service providers (e.g. exchanges, wallets using ReddAPI) to take full control of her fund. Blockchain size grows everyday and grows faster with wider adoption.
Current wallets generate private keys randomly. As a user engages in staking or normal transactions, she has to back up wallet.dat file periodically to make sure all newly generated private keys are backed up. If wallet.dat file is corrupted or lost, there is no way to recover lost fund.
Again, due to the fact that private keys are randomly generated, it's impossible for a user to share the same wallet.dat file across multiple devices (e.g. desktop, iOS, Android) and multiple platforms (e.g. Windows, Linux, Mac). Different copies of wallet.dat will get out-of-sync. A user has to manage each wallet independently, which leads to significant operational burden and risk.
It would be extremely valuable for a service provider, such as an exchange or e-commerce site, to be able to generate unique public keys to receive fund while putting the corresponding private keys in cold storage. The impact on security is significant.

Social X: why is it so hard for me to tip someone?

One essential feature of Bitcoin is pseudo-anonymity. To pay someone, you need to get hold of her impenetrable public hash key, somehow. And the hash key, i.e. the wallet address, may not be valid a moment later because the owner might have lost the corresponding private key. Ironically, this awkwardness, even backwardness, is not perceived as a disadvantage by almost all the cryptocurrencies. In fact, on the contrary, the single biggest, hottest, most wanted feature is full decentralised anonymity, which has seen the rise and fall of many cryptocurrencies and their copycats. While all the other cryptocurrencies compete with each other on this front, Reddcoin, aiming to the social currency of the digital age, moves in the opposite direction. Social lives are not possible without social identities.

Social X: why can't I use a service without giving up control?

The vast majority of 3rd-party service providers which hold fund on a user's behalf has exclusive full control of her private keys. If a service is indeed worthy, a user has no choice but to trust the 3rd party with security and integrity. It's ironic, to say the least, that cryptocurrencies which are created to remove exactly this need for blind trust in middlemen end up in a much worse position than fiat currencies due to the fact that many cryptocurrency companies are unregulated and incompetent. Then the question is: is there a way to create an ecosystem where anyone can write and provide valuable social applications in a fully decentralised fashion?

Social X: Architecture for a Decentralised System for Social Payment and Services

Social X has many components which are already being actively developed. Below I give a brief description of some of them.
  1. In the future, there will be two types of official Reddcoin wallets. QT wallet and reddcoind are full wallets required to run a full node. A second type of wallets, called thin wallets or SPV wallets will use the technology of Electrum modified and enhanced to support PoSV and staking. These wallets include mobile wallets on iOS, Android, next-generation Social Wallet on desktop and wallets inside browsers (Chrome/Firefox/Safari). I've already finished writing and started testing the reference implementation of Reddcoin Electrum server and client. Each client only needs to download 25M of data vs the current full blockchain at 660M. This is how we solve the blockchain size problem.
  2. All our official wallets, whether full or thin, will be deterministic. All private keys are generated deterministically from a long passphrase. This passphrase is all you need to remember and backup and with it you can fully recover your wallet and funds anytime anywhere. You will also be able to support multiple wallets on multiple platforms and devices and they will all be in sync. This is how we solve the portability problem.
  3. All our official wallets, whether full or thin, will be hierarchical. They will allow users to generate public keys on demand while keeping private keys in cold storage. This is how we solve the cold storage problem.
  4. I'm writing code (~30% finished) for sth we call Reddcoin Social ID (Redd-ID):
    • It's a new service provided at the blockchain level.
    • It allow users to associate a username with one private key.
    • The user can choose to bundle extra information such as email, address and avatar.
    • The information is public and embedded in the blockchain. As a result, any user can send Reddcoin to another by simply specifying the recipient's Redd-ID.
    • Redd-ID registration costs Reddcoins. The costs vary depending on many factors such as the length of the username. For example, we expect popular names like tom to cost at least 7 figure.
    • Redd-ID registration is verified in PoSV blocks. Therefore all active Reddcoin stakers will be the provider of Redd-ID service.
    • Redd-ID registration fee goes to the Reddhead who successfully mints the PoSV block that verifies and confirms the registration. In a sense, it will feel like a lottery. And this is why this service doesn't make sense for any PoW coin where each block is pool-mined.
    • Redd-IDs can be transferred to new addresses and by default auto-expire annually and can be renewed.
    • Small Reddcoin holders, as long as they keep staking, may double, triple or 10x their existing holdings just by receiving registration fees.
    • Businesses and organisations can register usernames for purposes like receiving donation.
  5. There will be several services available to provide more ways for Redd-ID to be used on Internet. I don't want to disclose all our cards here. Please wait for my whitepaper and see what we have for you as surprises. Meanwhile, do share with us how you imagine Redd-ID can be used.
  6. Different components of Social X will allow decentralised tipping across all social networks. In our next-generation social tipping platform, there will be no tipbots! When you tip someone on Reddit, Twitter, Twitch, Youtube or Facebook, the tipping goes straight from local wallet, whether on your mobile or desktop to the recipient.
  7. There will be APIs to allow 3rd parties to write and offer decentralised social applications.

Social X: where are we now?

  1. I'm finishing the whitepaper in coming weeks (while writing a lot of code). The whitepaper will contains much more information than this post.
  2. Reddcoin Electrum wallets for iOS and Android are being actively developed.
  3. Reddcoin full wallets (QT/reddcoind) are already hierarchical deterministic in the development branch and are being internally tested.
  4. The Social Tipping Platform is being actively developed.
  5. I need volunteers to host and test Reddcoin Electrum server and clients. I'll make a separate post next week.

Epilogue

Below I'll only answer questions selectively. Much more details will be available in the whitepaper and there is no reason to jump the gun and repeat it here. Stage one took us 6 months. We expect stage two to take 6 months also. It may be the most exciting period in the history of Reddcoin project.
Regards
laudney
submitted by laudney to reddCoin [link] [comments]

Hardware Wallet Standard | Jonas Schnelli | Aug 16 2016

Jonas Schnelli on Aug 16 2016:
Hi
Unfortunately, there is no standard in how desktop- or mobile-wallets
can interact with a hardware device resulting in wallet vendors adding
plugins with proprietary code for non-standardized interfaces.
I started a BIP (extreme draft, feel free to improve language, grammar
and content) to address this missing part of the ecosystem.
I think it would be extremely helpful if @ledger, @trezor,
@voisin/@breadwallet, @electrum, @bitpay (and more?!) would help working
on a such standard.
The BIP describes two approaches how to communicate (pipe and
URI-scheme) with the signing-devices app, although, in my opinion, all
major platform do support the URI approach (maybe we could drop the pipe
approach then).
The URI approach means that there is no need to configure the
application location in order to start a inter-process(-app) communication.
Mediawiki:
https://github.com/jonasschnelli/bips/blob/8abb51f0b21b6664388f6e88f6fd642c90d25dca/bip-undef-0.mediawiki
---- BIP (rough early stage draft)
BIP: ???
Title: Detached Signing
Author: Jonas Schnelli
Status: Draft (early stage!)
Type: Standards Track
Created: 2016-08-02
== Abstract ==
This BIP describes a way how wallet applications can decouple sensitive
privatekeys from the internal keychain and interact with a
signing-devices (hardware wallet, "cold" storage) over a generic
interface in order to get signatures.
== Motivation ==
It seems like that the current approach for allowing signing-devices to
interact with third party wallets is to build a plugin [1][2][3]. Adding
plugins for each hardware wallet type will increase possible security
issues and result in multiple proprietary-third-party code within the
wallet application with very similar structures.
A generic interface how wallets can interact with signing-devices would
result in better user experience, less critical code and simpler
adaption for various signing-devices.
== Specification ==
In order to support desktop- and smartphone-wallet-applications, this
BIP describes two slightly different approaches (process pipe and URI
call) in how to interact with the signing-devices. If possible, the
modern URI approach should be chosen.
=== Signing-Device-Controller-Application ===
To allow a generic interface while still allowing different ways how to
internally communicate with the signing device itself (USB, TCP/IP,
air-gapped Qr-Code scanning, etc.) a controller-application is required.
=== General signing process ===
The wallets signing process must be according the following principal:
or message together with metadata (scriptPubKey, hd-keypath of the inputs)
signing-device-controller-application
signing-request-object, eventually shows UI, user can sign or cancel
signing-response-object with signatures or an error
creating process (example: add signatures to transaction and broadcast)
=== Desktop Process Intercommunication ===
Desktop wallets can interact with a signing device over process
intercommunication (pipe) together with a
signing-device-controller-application.
As specified below, the signing-request-object is a URI string passed
through the pipe. The desktop wallet needs to wait (with a recommended
timeout between 1 and 5 minutes) until the signing-response-object will
be sent back by the signing-device-controller-application.
=== Smartphone/URI App Intercommunication ===
Smartphones and modern operating systems are trying to sandbox
applications and interprocess communication (on pipe level) is mostly
disallowed.
On smartphones, we must use URI-schemes.
The wallet can pass information to the
signing-device-controller-application by using a predefined URI scheme.
detatchedsigning://?&returnurischeme;=
The querystring must be URI encoded.
RFC 2616 does not specify a maximum length of URIs (get request). Most
modern smartphone operating system allow URIs up to serval megabytes.
Signing complex data-structure is therefore possible.
The returnurischeme must contain a URI schema where the
result of the signing process should be returned to.
The returnurischeme must be populated and "opened" once the signing
process has been completed (or cancled).
=== Signing Request ===
The signing request is a flexible URI-Query-String that will be used by
the Signing-device-controller-application for user confirmation as well
as for creating the signature.
The URI-query-string must conform to the following format:
detatchedsigning://sign?type=&data;=&inputscripts;=,,...&inputhdkeypath;=,,...&returnscheme;=
type = type of the data to sign
data = raw unsigned bitcoin transaction or text-message
(optional)inputscripts = scriptPubKey(s) of the inputs in exact order
(optional)inputhdkeypath = hd-keypath of the inputs in exact order
(optional)returnscheme = a URI scheme where the response must be sent to
(smartphone approach)
  • inputhdkeypath or inputscripts must be provided.
=== Signing Response ===
The signing response is a flexible URI-Query-String that will be sent
back to the wallet application and must contain the signatures or an
error code.
The URI-query-string can be opened (smartphone approach) or will be sent
back though the interprocess pipe.
://signresponse?errorcode=&signatures;=,,...
In case of ECDSA, the returned signatures must be normalized compact
signatures with the size of 64bytes (128 hex chars).
==== Possible error code ====
0 = no error
1 = user canceled
2 = timeout
10 = missing key identifier (missing HD keypath or input scriptpubkey)
11 = unsupported signing type
12 = could not resolve script
50 = unknown internal error
==== Examples ====
===== Simple p2pkh transaction =====
Unsigned raw transaction:
0100000001fd3cd19d0fb7dbb5bff148e6d3e18bc42cc49a76ed2bfd7d760ad1d7907fd9ce0100000000ffffffff0100e1f505000000001976a9149062e542a78d4fe00dcf7cca89c24a8013c381a388ac00000000
(input ced97f90d7d10a767dfd2bed769ac42cc48be1d3e648f1bfb5dbb70f9dd13cfd
vout:1, output: P2PKH mtgQ54Uf3iRTc9kq18rw9SJznngvF5ryZn 1 BTC)
signing-request URI must be:
detatchedsigning://sign?type=bitcoin-p2pkh&data=0100000001fd3cd19d0fb7dbb5bff148e6d3e18bc42cc49a76ed2bfd7d760ad1d7907fd9ce0100000000ffffffff0100e1f505000000001976a9149062e542a78d4fe00dcf7cca89c24a8013c381a388ac00000000&inputscripts=76a914531148ad17fdbffd4bac72d43deea6c7cf0387d088ac&inputhdkeypath=m/0'/0'/1&returnscheme;=myapp
The inputhdkeypath is optional in this case
signing-response URI must be:
detatchedsigning://signresponse?error=0&signatures=<128hex-chars>
===== Simple a bitcoin message =====
Message: Lorem ipsum dolor sit amet
signing-request URI must be:
detatchedsigning://sign?type=bitcoinmsg&data=Lorem+ipsum+dolor+sit+amet&inputhdkeypath=m/0'/0'/2
signing-response URI must be:
detatchedsigning://signresponse?error=0&signatures=<128hex-chars>
=== Support for multiple signing-devices ===
Must operating systems allow only one registered application per
URI-scheme. To support multiple signing-devices, wallets and
signing-devices can optional add support for brand based URI-schemes.
In addition to the standard URI scheme,
signing-devices-controller-applications can register an additional URI
scheme (with the identical request/response syntax and logic) including
a brand-identifier.
Registering a brand-identifier based URI scheme without registering the
default URI scheme is not allowed.
Wallets can detect if a certain brand based URI scheme is supported and
therefore gives user a selection if multiple signing-devices where
detected [4][5].
detatchedsigning://
Supported brand-identifiers are:
  • trezor
  • ledger
  • keepkey
  • digitalbitbix
== References ==
[1] https://github.com/spesmilo/electrum/pull/1662
[2] https://github.com/spesmilo/electrum/pull/1391
[3] https://github.com/bitpay/copay/pull/3143
[4]
https://developer.apple.com/library/ios/documentation/UIKit/Reference/UIApplication_Class/
[5]
https://developer.android.com/reference/android/content/pm/PackageManager.html
== Acknowledgements ==
== Copyright ==
This work is placed in the public domain.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20160816/fe4471a9/attachment.sig
original: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2016-August/013008.html
submitted by dev_list_bot to bitcoin_devlist [link] [comments]

Trying to protect Bitcoin private keys; need advice

Gentlemen,
I'm conducting automated, online transactions with a few dozen anonymous parties. They don't know me and I don't know them. There are occasions when my web application, or I as an individual, may hold Bitcoin in a custodial capacity for said parties. It's important that I protect the private keys corresponding to a large number of Bitcoin addresses which my application creates on-the-fly as needed.
I have a software development background and have read as much as I can about protecting sensitive data but am fairly new to the latter so I'd like to present you with an overview of my private key protection strategy and then ask what you, as experts, perceive to be possible vulnerabilities in my plan.
Here's my layout and plan:
My main work computer is a MacBook Pro running El Capitan. It's typically plugged into a multi-monitor setup in my home although I'll occasionally take it on the road with me, making it somewhat vulnerable to theft. The OS's built-in FileVault disk encryption is turned on.
My web application runs on a grid of Windows 2008 servers that live at Amazon Web Services (AWS). This grid of servers, plus my laptop, constitute the entirety of my network.
One of the servers in the grid is running SQL Server and in that database is a table, and in that table is a field called 'privateKey' which contains the private key for a single Bitcoin address. The table will contain many rows since there are many addresses to deal with. The 'privateKey' field is a binary stream containing (1) an initialization vector (length=16 bytes) and (2) an encrypted representation of the private key. My program uses the initialization vector and a secret password (length=32 bytes) as inputs into a symmetric encryption algorithm (.NET/RijndaelManaged) to decrypt and use the private key.
The secret password isn't stored in a file on the server. It's stored on my laptop in a human-readable document called 'specialFolder\myPasswords.txt'' in hex format. When the server app is started, a secondary helper app prompts for the secret password which I then copy/paste into the helper app's console over a Remote Desktop connection. The helper app's console is then closed and the secret password is then only held in RAM on the server, within the process of my application.
There are also Bitcoin private keys held outside of my application in "wallets" managed manually, by me, using a third party program called Electrum. Electrum runs on my laptop and uses one file to represent each wallet. (A 'wallet' is just a collection of Bitcoin addresses and their respective private keys). I've configured Electrum to store the wallet files in 'specialFolder\myWalletFolder' on the laptop. Electrum encrypts the wallet files such that the private keys contained therein can't be used without a strong password which is entered by me as needed at runtime.
Electrum uses a mechanism wherein the public/private keypairs it generates are created in a predetermined fashion using what the documentation refers to as a 'seed.' The seed is a long series of human words. If one knows the seed, the keys can be regenerated and the wallet restored. I keep backups of the wallet seeds in a file called 'specialFolder\myElectrumSeeds.txt' on my laptop.
If you've read this far, you may have noticed that I'm keeping a lot of sensitive information in plain text within 'specialFolder' on the laptop. But this really isn't a folder at all. It's actually a volume created and maintained using a program called VeraCrypt. I only 'mount' this encrypted volume when I need to access its contents and then I immediately 'unmount' it. The laptop is never left alone when 'specialFolder' is mounted. Mounting the volume requires a password. That password is known only to me and isn't stored on the laptop.
VeraCrypt stores and accesses the 'specialFolder' volume through a single file. That file is named 'veracryptFile.' veracryptFile lives on my laptop on a Dropbox-synchronized folder. Whenever the VeraCrypt volume (and thus 'veracryptFile') is modified, the changes are immediately propegated to (1) DropBox-owned servers and (2) a server in the grid at AWS, and (3) another private server at AWS that's in a different geographical location.
In addition, a physical printout of the contents of 'specialFolder\myPasswords.txt' and 'specialFolder\myElectrumSeeds' is kept in a safe deposit box at a local bank, to which only I have the key.
The parties with whom I do business may occasionally login to my app and execute transactions which result in Bitcoin being sent to them. Password theft obviously weighs heavily on my mind.
The SQL Server discussed earlier contains a table of all of my users, and that table contains a field called 'password.' The 'password' field contains: (1) a random byte sequence (length=32 bytes) and (2) a hash of a concatenation of the user's password and the random byte sequence. My program uses the random byte sequence and the password the user supplies at login as inputs into a hashing algorithm (.NET/SHA256Managed). If the hashing algorithm's output matches the hash stored in the database, the user is considered authenticated.
A user must be authenticated prior to executing a transaction that would result in a Bitcoin disbursement. In addition, each user is required to have a BitMessage address. When the transaction is submitted online, my program creates a 10-digit random string and sends it to the user's BitMessage address. That string must be entered by the user in order to begin execution of his transaction.
This BitMessage confirmation protocol is also required if the user wants to: (1) change his password, or (2) specify a different BitMessage address in his profile.
Given the strategy outlined above, do you see any glaring vulnerabilities ? Here are the attack vectors I've considered thus far:
LAPTOP IS STOLEN: perp would have to defeat Apple's FileVault encryption (assuming laptop was powered off when stolen) plus the VeraCrypt encryption on 'SpecialFolder'. I could recover the lost files via DropBox or my AWS-hosted DropBox peers.
LAPTOP IS TARGETED BY ROGUE APPLE STORE TECH-SUPPORT EMPLOYEE WITH ADMIN ACCESS: perp would have to defeat VeraCrypt encryption on 'SpecialFolder'.
DROPBOX ACCOUNT IS HACKED: perp would have to defeat VeraCrypt encryption on 'SpecialFolder'.
AMAZON SERVER IS ATTACKED: perp would need physical access to machine and have a way to probe RAM to obtain 'secretPassword' since it's not stored on the hard drive.
USER PASSWORD(S) ARE STOLEN: perp would also need access to the user's BitMessage account in order to steal Bitcoin from the compromised user.
Are there other attack scenarios I've overlooked? For the sake of this forum post, I'd like to limit attack vectors to technical exploits, not those of the violent or gangster variety (extortion, blackmail, etc.).
Thank you for your thoughts.
Best,
Shaniqua
submitted by shaniquaJones44 to Bitcoin [link] [comments]

Looking For Community Help To Review Possibly Malicious Script.

Hello,
The situation I'm currently in can be found here. TLDR: Basically I copied down my 51 character private key wrong, but I am convinced it is 99.9% correct. Now I was given a script to try and remedy this situtation by someone I believe to be with good intentions in truly helping me. Before running the script and adding insult to injury if my coins were to be stolen. I would like to ask the community whether or not this script is malicious. I don't have any "in-person" Bitcoin friends I can trust to talk about this let alone anyone knowledgable enough with computer science to help me in my current situation so I'm stuck trusting the hopefully good people on the internet and in this community. I know all about Dave with wallet recovery services, but I'm still cautious as I would have to send him the entirety of my private key. If anyone is local to Utah and can help I would be interested in meeting.
The instructions I was given are here
For this script to work it needs to be run on linux with electrum bitcoin wallet installed with no wallet ever created. If do not have linux a good bootable linux with electrum included is TAILS at https://tails.boum.org just copy paste the script into a file called bit-recovery.sh and make it executable with command chmod +x bit-recovery.sh then run with command ./bit-recovery.sh This script will generate and scan all possible keys assuming one letter was incorrect when saving the original private key. 
THE SCRIPT
echo "Please input private key to recover then hit enter:" read inputkey #Correcting key into BASE58 characters from supplied key #Replacing zeros and capital O's with lowercase o #Replacing capital I's and lowercase l with number 1 correctedkey=$( echo $inputkey | sed -e 's/0/o/g' | sed -e 's/O/o/g' | sed -e 's/I/1/g' | sed -e 's/l/1/g' ) clear echo "Try this key. If this is still incorrect, please hit enter to continue so we can generate list of possible corrected keys, or Ctrl+C to cancel" echo "Corrected key format" echo $correctedkey read -p "" #Bitcoin addresses utilize Base58. A set of 58 alphanumeric symbols consisting of easily distinguished uppercase and lowercase letters (0OIl are not used). Corrections to compensate for these unused characters have already been implemented in previous step. echo $correctedkey >> possible_private_keys.txt awk -v list=123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz -v string=$correctedkey 'BEGIN{for(i=1;i<=length(string);i++){for(j=1;j<=length(list);j++){print substr(string,1,i-1)substr(list,j,1)substr(string,i+1)}}}' >> possible_private_keys.txt echo "Assuming that original private key had one typo, all possible private keys are saved in the file possible_private_keys.txt there should be about 3,000 keys total" echo "" echo "To scan private keys for balance, hit ENTER. (Must have Electrum installed first)" awk '$0="electrum restore "$0' possible_private_keys.txt > key_scan.sh chmod +x key_scan.sh ./key_scan.sh #echo "Import this private key database into a bitcoin wallet. Electrum is one known wallet that can import a file containing multiple private keys. Wait for import to complete then check balance to see if funds have been recovered" #echo "" #echo "Note: If file is too large to import, then can split file into parts to try each part individually" #IGNORE note do dev for bitcoin cli compatibility. for i in `cat list`; do echo "bitcoin importprivkey $i; sleep 1"; done 
submitted by Mentally- to btc [link] [comments]

Looking For Bitcoin Community Help To Review Possibly Malicious Bitcoin Script.

Hello,
The situation I'm currently in can be found here. TLDR: Basically I copied down my 51 character private key wrong, but I am convinced it is 99.9% correct. Now I was given a script to try and remedy this situtation by someone I believe to be with good intentions in truly helping me. Before running the script and adding insult to injury if my coins were to be stolen. I would like to ask the community whether or not this script is malicious. I don't have any "in-person" Bitcoin friends I can trust to talk about this let alone anyone knowledgable enough with computer science to help me in my current situation so I'm stuck trusting the hopefully good people on the internet and in this community. I know all about Dave with wallet recovery services, but I'm still cautious as I would have to send him the entirety of my private key. If anyone is local to Utah and can help I would be interested in meeting.
The instructions I was given are here
For this script to work it needs to be run on linux with electrum bitcoin wallet installed with no wallet ever created. If do not have linux a good bootable linux with electrum included is TAILS at https://tails.boum.org just copy paste the script into a file called bit-recovery.sh and make it executable with command chmod +x bit-recovery.sh then run with command ./bit-recovery.sh This script will generate and scan all possible keys assuming one letter was incorrect when saving the original private key. 
The Script
echo "Please input private key to recover then hit enter:" read inputkey #Correcting key into BASE58 characters from supplied key #Replacing zeros and capital O's with lowercase o #Replacing capital I's and lowercase l with number 1 correctedkey=$( echo $inputkey | sed -e 's/0/o/g' | sed -e 's/O/o/g' | sed -e 's/I/1/g' | sed -e 's/l/1/g' ) clear echo "Try this key. If this is still incorrect, please hit enter to continue so we can generate list of possible corrected keys, or Ctrl+C to cancel" echo "Corrected key format" echo $correctedkey read -p "" #Bitcoin addresses utilize Base58. A set of 58 alphanumeric symbols consisting of easily distinguished uppercase and lowercase letters (0OIl are not used). Corrections to compensate for these unused characters have already been implemented in previous step. echo $correctedkey >> possible_private_keys.txt awk -v list=123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz -v string=$correctedkey 'BEGIN{for(i=1;i<=length(string);i++){for(j=1;j<=length(list);j++){print substr(string,1,i-1)substr(list,j,1)substr(string,i+1)}}}' >> possible_private_keys.txt echo "Assuming that original private key had one typo, all possible private keys are saved in the file possible_private_keys.txt there should be about 3,000 keys total" echo "" echo "To scan private keys for balance, hit ENTER. (Must have Electrum installed first)" awk '$0="electrum restore "$0' possible_private_keys.txt > key_scan.sh chmod +x key_scan.sh ./key_scan.sh #echo "Import this private key database into a bitcoin wallet. Electrum is one known wallet that can import a file containing multiple private keys. Wait for import to complete then check balance to see if funds have been recovered" #echo "" #echo "Note: If file is too large to import, then can split file into parts to try each part individually" #IGNORE note do dev for bitcoin cli compatibility. for i in `cat list`; do echo "bitcoin importprivkey $i; sleep 1"; done 
submitted by Mentally- to Bitcoin [link] [comments]

How to Setup a Bitcoin Wallet- Bitcoin tutorial - How to get a wallet and your first bit coins How to Setup a Bitcoin Wallet with Electrum BitcoinKeyGenerator (hack) HOW TO GET ELECTRONEUM WALLET ADDRESS  ETN MINING HELP Simple, but Costly Mistake to Avoid (Change Addresses, Multiple Outputs in Crypto Transactions)

To receive bitcoin all you need to do is share one of the addresses in your wallet with the person who wants to pay you. With the receive tab Electrum tries to create a workflow for receiving bitcoin that incorporates adding a label to your address, an expected amount and saving all this in the wallet as a receive request. Why does Electrum give me a different address everytime? Why am I being told my address is an invalid bitcoin address? < 2.0: Seeds from Electrum versions less than 2.0 were 12 words in length. 2.0 was released on With Electrum 2.x, a wallet can contain either keys you've imported from elsewhere, or keys which are generated (deterministically) by Electrum. You cannot store both types of keys in a single Electrum 2.x wallet. Since your wallet is of the former type, Electrum will refuse to generate any new keys for your wallet. Receiving Bitcoin into an Electrum Wallet. Unless you are using a permanent Bitcoin address, which is generally only done by businesses or Websites with a donation button, every time you receive Bitcoin, your Wallet will provide a new receiving address to protect your confidentiality. the length of time it takes for the transaction to move The “Pay to” field holds a Bitcoin address of your intended payee, which can be manually entered or pasted from the clipboard. The fee is the product of two terms: the transaction length, in bytes; and the market fee density. The fee density fluctuates with network transaction volume. Electrum and Bitcoin offer many more

[index] [11590] [12545] [9261] [6009] [15699] [23511] [6474] [18991] [27722] [23052]

How to Setup a Bitcoin Wallet- Bitcoin tutorial - How to get a wallet and your first bit coins

I hope you enjoyed this video on how to get a bitcoin wallet address, below are the links to the 3 methods/wallets shown in the video as well as the bonus. 1. Electrum - https://electrum.org If you are new to Crypto, my suggestion is that you start with buying ~$150 worth of Bitcoin, Ethereum, Litecoin @ Coinbase and get familiar with storing it, moving it around, etc. This video demonstrates recovery of Bitcoin sent to a Litecoin address, Litecoin sent to Bitcoin addresses, BCH sent to Bitcoin addresses and Bitcoin sent to BCH addresses. ... Electrum and Ian ... Blockchain Live Bitcoin Giveaway - Meeting Airdrop 10000 Bitcoin 比特币 Blockchain 9,418 watching Live now How to transfer Electroneum to offline Wallet - Duration: 9:42. How to Install the Genuine Electrum Bitcoin Wallet (and Avoid the "Fake" One) - Duration: ... How to get a Bitcoin Wallet Address - FREE & in under a minute - Duration: 16:19. Moocharoo 27,040 ...

Flag Counter