Bitcoin Wallet - Secure your Bitcoin (BTC) assets Ledger
Why To Have Multiple Bitcoin Wallets & How Many?
bitcoind - Run multiple wallets on the same system ...
The Art of Managing Multiple Bitcoin Wallets
Manage multiple Bitcoin wallets programatically
Hey, I'm looking for a solution to automate payments in bulk from multiple wallets to multiple wallets. I found read-only solutions like this (https://github.com/unwritereadcash) but nothing to schedule payments. Ideally I would be able to import private keys from multiple wallets and pay to some specific wallets. Thanks
Hey guys, I recently got into trading, and am enjoying it alot. A question I have is: Do you guys use / know any tools to keep track of everything? I find it hard to manage multiple bitcoin wallets, an ethereum wallet, litecoin wallet, multiple webpages for charts, trading platforms, exchanges and logs of all the transactions. It would be nice to have a (software) tool that summarizes how much of your stuff lies where, how prices changed and how much ou earned / lost anywhere. Hope that makes sense.
Is there a wallet interface that can manage multiple wallets from multiple sources? aka Quicken for Bitcoin?
Is there any secure front end wallet program for the PC or phone that can consolidate multiple bitcoin wallets into a single interface? What I was hoping for was something that could manage my Circle, Bread wallet and Blockchain wallets all at ones. Like Quicken for bitcoin.
Putting $400M of Bitcoin on your company balance sheet
Also posted on my blog as usual. Read it there if you can, there are footnotes and inlined plots. A couple of months ago, MicroStrategy (MSTR) had a spare $400M of cash which it decided to shift to Bitcoin (BTC). Today we'll discuss in excrutiating detail why this is not a good idea. When a company has a pile of spare money it doesn't know what to do with, it'll normally do buybacks or start paying dividends. That gives the money back to the shareholders, and from an economic perspective the money can get better invested in other more promising companies. If you have a huge pile of of cash, you probably should be doing other things than leave it in a bank account to gather dust. However, this statement from MicroStrategy CEO Michael Saylor exists to make it clear he's buying into BTC for all the wrong reasons:
“This is not a speculation, nor is it a hedge. This was a deliberate corporate strategy to adopt a bitcoin standard.”
Let's unpack it and jump into the economics Bitcoin:
Is Bitcoin money?
No. Or rather BTC doesn't act as money and there's no serious future path for BTC to become a form of money. Let's go back to basics. There are 3 main economic problems money solves: 1. Medium of Exchange. Before money we had to barter, which led to the double coincidence of wants problem. When everyone accepts the same money you can buy something from someone even if they don't like the stuff you own. As a medium of exchange, BTC is not good. There are significant transaction fees and transaction waiting times built-in to BTC and these worsen the more popular BTC get. You can test BTC's usefulness as a medium of exchange for yourself right now: try to order a pizza or to buy a random item with BTC. How many additional hurdles do you have to go through? How many fewer options do you have than if you used a regular currency? How much overhead (time, fees) is there? 2. Unit of Account. A unit of account is what you compare the value of objects against. We denominate BTC in terms of how many USD they're worth, so BTC is a unit of account presently. We can say it's because of lack of adoption, but really it's also because the market value of BTC is so volatile. If I buy a $1000 table today or in 2017, it's roughly a $1000 table. We can't say that a 0.4BTC table was a 0.4BTC table in 2017. We'll expand on this in the next point: 3. Store of Value. When you create economic value, you don't want to be forced to use up the value you created right away. For instance, if I fix your washing machine and you pay me in avocados, I'd be annoyed. I'd have to consume my payment before it becomes brown, squishy and disgusting. Avocado fruit is not good money because avocadoes loses value very fast. On the other hand, well-run currencies like the USD, GBP, CAD, EUR, etc. all lose their value at a low and most importantly fairly predictible rate. Let's look at the chart of the USD against BTC While the dollar loses value at a predictible rate, BTC is all over the place, which is bad. One important use money is to write loan contracts. Loans are great. They let people spend now against their future potential earnings, so they can buy houses or start businesses without first saving up for a decade. Loans are good for the economy. If you want to sign something that says "I owe you this much for that much time" then you need to be able to roughly predict the value of the debt in at the point in time where it's due. Otherwise you'll have a hard time pricing the risk of the loan effectively. This means that you need to charge higher interests. The risk of making a loan in BTC needs to be priced into the interest of a BTC-denominated loan, which means much higher interest rates. High interests on loans are bad, because buying houses and starting businesses are good things.
BTC has a fixed supply, so these problems are built in
Some people think that going back to a standard where our money was denominated by a stock of gold (the Gold Standard) would solve economic problems. This is nonsense. Having control over supply of your currency is a good thing, as long as it's well run. See here Remember that what is desirable is low variance in the value, not the value itself. When there are wild fluctuations in value, it's hard for money to do its job well. Since the 1970s, the USD has been a fiat money with no intrinsic value. This means we control the supply of money. Let's look at a classic poorly drawn econ101 graph The market price for USD is where supply meets demand. The problem with a currency based on an item whose supply is fixed is that the price will necessarily fluctuate in response to changes in demand. Imagine, if you will, that a pandemic strikes and that the demand for currency takes a sharp drop. The US imports less, people don't buy anything anymore, etc. If you can't print money, you get deflation, which is worsens everything. On the other hand, if you can make the money printers go brrrr you can stabilize the price Having your currency be based on a fixed supply isn't just bad because in/deflation is hard to control. It's also a national security risk... The story of the guy who crashed gold prices in North Africa In the 1200s, Mansa Munsa, the emperor of the Mali, was rich and a devout Muslim and wanted everyone to know it. So he embarked on a pilgrimage to make it rain all the way to Mecca. He in fact made it rain so hard he increased the overall supply of gold and unintentionally crashed gold prices in Cairo by 20%, wreaking an economic havoc in North Africa that lasted a decade. This story is fun, the larger point that having your inflation be at the mercy of foreign nations is an undesirable attribute in any currency. The US likes to call some countries currency manipulators, but this problem would be serious under a gold standard.
Currencies are based on trust
Since the USD is based on nothing except the US government's word, how can we trust USD not to be mismanaged? The answer is that you can probably trust the fed until political stooges get put in place. Currently, the US's central bank managing the USD, the Federal Reserve (the Fed for friends & family), has administrative authority. The fed can say "no" to dumb requests from the president. People who have no idea what the fed does like to chant "audit the fed", but the fed is already one of the best audited US federal entities. The transcripts of all their meetings are out in the open. As is their balance sheet, what they plan to do and why. If the US should audit anything it's the Department of Defense which operates without any accounting at all. It's easy to see when a central bank will go rogue: it's when political yes-men are elected to the board. For example, before printing themselves into hyperinflation, the Venezuelan president appointed a sociologist who publicly stated “Inflation does not exist in real life” and instead is a made up capitalist lie. Note what happened mere months after his gaining control over the Venezuelan currency This is a key policy. One paper I really like, Sargent (1984) "The end of 4 big inflations" states:
The essential measures that ended hyperinflation in each of Germany,Austria, Hungary, and Poland were, first, the creation of an independentcentral bank that was legally committed to refuse the government'sdemand or additional unsecured credit and, second, a simultaneousalteration in the fiscal policy regime.
In english: *hyperinflation stops when the central bank can say "no" to the government." The US Fed, like other well good central banks, is run by a bunch of nerds. When it prints money, even as aggressively as it has it does so for good reasons. You can see why they started printing on March 15th as the COVID lockdowns started:
The Federal Reserve is prepared to use its full range of tools to support the flow of credit to households and businesses and thereby promote its maximum employment and price stability goals.
In english: We're going to keep printing and lowering rates until jobs are back and inflation is under control. If we print until the sun is blotted out, we'll print in the shade.
BTC is not gold
Gold is a good asset for doomsday-preppers. If society crashes, gold will still have value. How do we know that? Gold has held value throughout multiple historic catastrophes over thousands of years. It had value before and after the Bronze Age Collapse, the Fall of the Western Roman Empire and Gengis Khan being Gengis Khan. Even if you erased humanity and started over, the new humans would still find gold to be economically valuable. When Europeans d̶i̶s̶c̶o̶v̶e̶r̶e̶d̶ c̶o̶n̶q̶u̶e̶r̶e̶d̶ g̶e̶n̶o̶c̶i̶d̶e̶d̶ went to America, they found gold to be an important item over there too. This is about equivalent to finding humans on Alpha-Centauri and learning that they think gold is a good store of value as well. Some people are puzzled at this: we don't even use gold for much! But it has great properties: First, gold is hard to fake and impossible to manufacture. This makes it good to ascertain payment. Second, gold doesnt react to oxygen, so it doesn't rust or tarnish. So it keeps value over time unlike most other materials. Last, gold is pretty. This might sound frivolous, and you may not like it, but jewelry has actual value to humans. It's no coincidence if you look at a list of the wealthiest families, a large number of them trade in luxury goods. To paraphrase Veblen humans have a profound desire to signal social status, for the same reason peacocks have unwieldy tails. Gold is a great way to achieve that. On the other hand, BTC lacks all these attributes. Its value is largely based on common perception of value. There are a few fundamental drivers of demand:
Means of Exchange: if people seriously start using BTC to buy pizzas, then this creates a real demand for the currency to accomplish the short-term exchanges. As we saw previously, I'm not personally sold on this one and it's currently a negligible fraction of overall demand.
Criminal uses: Probably the largest inbuilt advantage of BTC is that it's anonymous, and so a great way to launder money. Hacker gangs use BTC to demand ransom on cryptolocker type attacks because it's a shared way for an honest company to pay and for the criminals to receive money without going to jail.
Apart from these, it's hard to argue that BTC will retain value throughout some sort of economic catastrophe.
BTC is really risky
One last statement from Michael Saylor I take offense to is this:
“We feel pretty confident that Bitcoin is less risky than holding cash, less risky than holding gold,” MicroStrategy CEO said in an interview
"BTC is less risky than holding cash or gold long term" is nonsense. We saw before that BTC is more volatile on face value, and that as long as the Fed isn't run by spider monkeys stacked in a trench coat, the inflation is likely to be within reasonable bounds. But on top of this, BTC has Abrupt downside risks that normal currencies don't. Let's imagine a few:
A critical software vulnerability is found in the BTC codebase, leading to a possible exploitation.
Xi Jinping decides he's had enough of rich people in China hiding their assets from him and bans BTC.
Some form of bank run takes hold for whatever reason. Because BTC wallets are uninsured, unlike regular banks, this compounds into a Black Tuesday style crash.
Blockchain solutions are fundamentally inefficient
Blockchain was a genius idea. I still marvel at the initial white paper which is a great mix of economics and computer science. That said, blockchain solutions make large tradeoffs in design because they assume almost no trust between parties. This leads to intentionally wasteful designs on a massive scale. The main problem is that all transactions have to be validated by expensive computational operations and double checked by multiple parties. This means waste:
BTC was estimated to use as much electricity as Belgium in 2019. It's hard to trace where the BTC mining comes from, but we can assume it has a huge carbon footprint.
A single transactions is necessarily expensive. A single transaction takes as much electricity as 800,000 VISA transactions, or watching 50,000 hours of youtube videos.
There is a large necessary tax on the transaction, since those checking the transaction extract a few BTC from it to be incentivized to do the work of checking it.
Many design problems can be mitigated by various improvements over BTC, but it remains that a simple database always works better than a blockchain if you can trust the parties to the transaction.
New to this forum so id like to share some of my experience with one of the things that made me a lot, ewhoring. 1) first of your going to want to create a snapchat account, this account must have a high enough snapscore of a couple of thousand to make it look legit as possible, you can boost the snapscore of the account by sending tons of snaps to a bunch of celebrity accounts on snapchat. You can easily find these buy just searching any letter in the search bar and subscribing to all the accounts. add a bitmoji that looks like your girl, you can find a ton of mega links on the internet if you look, try find something not saturated and you should be fine. A good way to look legit on snapchat is of course to send live snaps. To send live snaps uploaded through your camera roll. On iPhone you can use the app prequel. on android you can use chicken cam. Other ways to look legit is to fake your location of the person you’re talking to. My way of doing this was jailbreaking my phone and using snapbreak. you can find tutorials on how to jailbreak everywhere and downloading snapbreak you’ll have to downgrade snapchat first. keep in mind recently snapchat has been banning accounts that have downgraded there snapchat so a way to get around this is to create the account on the downgraded version of snapchat and NEVER update. if you update you won’t be able to use snapbreak without a ban. snapbreak is an amazing tool for all sorts of stuff. Uploading to live snap. faking location. quick switching between accounts, sending snaps to everyone on your snapchat (more than 200 people) 2) one of the first ways i used to get traffic to my account was POF. POF you can create an account with a phone number, with your girl’s pics of course. (do not put add my snap in the bio or you’ll be flagged on the system), just swipe right on everyone and ask everyone to add your snap, "hey add my snap ____ ", people who won’t add you will not buy shit so don’t waste your time. if you do get banned on POF you can use the same phone number a few more times till your perma banned. it’s all about high quality traffic. If you get shit traffic you’ll have a bunch of time wasters on your snap that’s never going to buy. Refrain from doing sfs with other snap chatters unless you want shit traffic. Tinder is also a good source for high quality traffic. all tough once your banned on iPhone you will be mac banned. Changing your ip won’t work and even on a jailbroken iPhone you can’t change your mac. On android devices you can change your mac with rooted devices. I personally wouldn’t go through the effort and I would just make tinder accounts through pc. You can download tmac v6, and any proxy VPN will work. Always remember to clear cookies before creating a new account. Eventually you will run out of phone numbers to use once you get banned but we will get into that in the next step. 3) Smspva.com and smspool are great tools to get disposable phone numbers to create new accounts. For a small payment of like 50c to $1 per phone number. This can be paid through bitcoin. Hopefully you’ve made enough money at this stage through the traffic you got from your own number. (Yes using your own number is fine if you don’t care about getting banned from TindePOF) anyways. We will talk about how to get your ewhoring money into bitcoin in the next step. 4) Once your money is in bitcoin you can do whatever you want with it, in PayPal if you keep the money in your account to long it can be risked getting locked since you’ll be creating a PayPal account with your girls name/email. PayPal will constantly ask you to verify your account by adding a credit card or sometimes locking your account until you send proof of id. You can only get a maximum of 2500 per unverified PayPal account before they ask for verification (proof of id) you can create new PayPal accounts with new phone numbers through smspva/smspool. Paxful is a great tool to transfer your PayPal money to bitcoin. all tough ive heard you can trade PayPal to bitcoin on multiple other sites. Paxful was the one to work best for me. As I wouldn’t recommend keeping money in your PayPal account to long I suggest getting it into bitcoin asap. After a while paxful will ask for verification on your account. At this point you can just create a new account with a new email/phone number using smspool. I don’t think smspva has paxful verification phone numbers. Personally I traded about 300 at a time on paxful. And id be very wary of scammers. Once the bitcoin is in your paxful wallet. Transfer it to a third party wallet like Blockchain. 5) Let’s get back to the snapchat, remember it’s all about social engineering, get rid of the time wasters, all you want to do is create a private story to post a bunch of nude videos in and put on your main story and try advertise to everyone that your selling a premium snapchat, my prices were 20 monthly 30 lifetime to be a premium member. I charged 40 an hour for video calls. Yes I just blocked them after I received the payment. I charged 150 an hour 400 a night for meetups. With meetup scams I would ask them to pay a 75 deposit through PayPal and id send them the address, they can pay rest cash in hand or in PayPal. Once they would arrive at the address I’ve sent, (this would be a random for sale or address where no one lives in) I would tell them to pay the rest in PayPal and I’ll let them into the house. Even if they said they’d pay the rest in cash id still try tricking them into sending the rest of the payment in PayPal. I’ve made 750 of one guy using this method. Tips:
Do not transfer money over to a friend’s account to take it out through the bank its linked to, sometimes PayPal will ban all the accounts you’ve sent money to, I’ve no idea why this is a thing but I’ve had multiple peoples PayPal accounts get banned just because I’ve sent money to it.
Get rid of time wasters, if someone makes it clear they won’t pay block them or ignore. Don’t give away previews. The previews are on your story.
With big money transfers it must be your number one priority to get rid of that money from your PayPal account ASAP, remember that PayPal are always tracking you, they always have their eye on this sort of thing. Once a report has been made about your account it could be locked and you will not get your money back.
Make sure all your customers know to send money through PayPal using friends and family only. Business transfers can be reversed easily and it gets put on hold much more.
Don’t do anything stupid. Such as sign into the PayPal account on an iPhone. Phones have all your data on it; you can easily be traced on. Manage as many accounts on your pc/laptop and use the same name for everything, clear your cookies and don’t sign into your PayPal account multiple different times under different ip addresses, this will trigger 2fa and you won’t be able to verify your account with a disposable number
If your account does get locked under 2fa and you don’t have the original phone number. You can contact PayPal through live chat and just tell them it’s an old number you no longer have access to. They’ll ask for info such as your email full name and home address linked to the account. (Btw the home address can be set to any address just remember it) once you clarify this with the PayPal live support person they will unlock the account. I don’t know if this works 100 percent of the time but I speak from experience.
To download snapbreak you will have to downgrade using a tweak called Appstore++ snapbreak was a paid tweak that is no longer in development because it got cracked. It was originally 50 but now you can get it for free on some repos. ALWAYS remember to stay on the same version of snap per account.
any feed back on this method would be greatly appreciated, tell me what you think :)
Fill out the spreadsheet. There is a separate Google form for each campaign. After you have filled out Google forms go to the General spreadsheet and find your data. If you find your name in the spreadsheet, publish a post in this thread confirming your participation.
Follow the requirements of the selected campaign carefully, taking into account all the important points.
Publish your Weekly Report in this thread every week until MONDAY UTC 23:59 The reports are checked on TUESDAY.
Get BFG tokens and use it for your own pleasure: stake and get daily dividends, bid in auction to get crypto, play In-house games and hold to exchange in the future.
Participants can’t change their BetFury account nickname after registration.
Check twice your nickname before registering for the campaign.
KYC is not required for the Bounty campaign.
Multiple accounts, fraud and spam are not allowed. You will be immediately disqualified from the Bounty program. Please note that any offensive or inappropriate behavior will result in immediate disqualification from the campaign.
@Manager_BetFury and the project team reserve the right to change the terms of the campaign at any time.
The submission form for articles and videos will be closed 3 days before the end of the Bounty.
Accounts with negative (red) trust are not allowed to participate in the Bounty.
The budget can be reallocated between campaigns in case of a shortage of coins for payments in one of them.
Please check all links in your Weekly Report a few times to make sure they actually lead to your articles, Tweets, Retweets, Posts, Reposts, comments, video. Payments to all members are made every 2 weeks to the internal BetFury wallet.
If you have any questions - write our Bounty manager in the Bounty chat.
**Award:** $3 in tokens for the week = 95 BFG(TRX) + 95 BFG(BTC) *Monthly Bonus + Quarterly Bonus **Do you own a Telegram group? Tell about BetFury in your Telegram group/Channel and earn! **Publish only 3 posts per week in your Group/Channel, that is focused on cryptocurrency, blockchain, gambling, crypto faucets. Posts must remain in the feed until the end of the Bounty campaign. A prerequisite is to make a post about the Bounty every two weeks. You can insert your referral link into the post. **Awards:** 300+ subscribers: $1 per week in tokens = 35 BFG(TRX) + 35 BFG(BTC) 500+ subscribers: $2 per week in tokens = 65 BFG(TRX) + 65 BFG(BTC) 1 000+ subscribers: $5 per week in tokens = 160 BFG(TRX) + 160 BFG(BTC) 10 000+ subscribers: $15 per week in tokens = 490 BFG(TRX) + 490 BFG(BTC) *Monthly Bonus + Quarterly Bonus
**Awards are determined according to the quality of the video:** High quality: $100 in tokens = 3 250 BFG(TRX) + 3 250 BFG(BTC) Excellent quality: $50 in tokens = 1,625 BFG(TRX) + 1,625 BFG(BTC) Normal quality: $20 in tokens = 650 BFG(TRX) + 650 BFG(BTC) *Quarterly Bonus
**Awards are determined according to the quality of the video:** Professional quality: $30 in tokens = 975 BFG(TRX) + 975 BFG(BTC) Excellent quality: $15 in tokens = 485 BFG(TRX) + 485 BFG(BTC) Normal quality: $5 in tokens = 160 BFG(TRX) + 160 BFG(BTC) *Quarterly Bonus
You can insert your referral link into this part of your signature code and get additional bonuses from participating in the campaign. Instruction **Awards:** Jr Member: $2 per week in tokens = 75 BFG(TRX) + 75 BFG(BTC) Member: $5 per week in tokens = 165 BFG(TRX) + 165 BFG(BTC) Full Member: $10 per week in tokens = 325 BFG(TRX) + 325 BFG(BTC) Sr Member: $30 per week in tokens = 975 BFG(TRX) + 975 BFG(BTC) Hero and Legendary: $40 per week in tokens = 1300 BFG(TRX) + 1300 BFG(BTC) The avatar is here. Signatures are here. *Monthly Bonus + Quarterly Bonus *Topics for YouTube videos, articles / reviews / comparisons / posts:
What makes BetFury unique? The main advantages of the platform.
Features of mining at BetFury. Opportunities and prospects for BFG token holders.
Comparison with other projects in the field of gambling.
Acquaintance with the BetFury platform: how to enter, deposit/withdraw, placing bets in In-house games and slots, mining and staking BFG token.
Promotional campaigns and contests on BetFury: current events / personal experience of participation / accrual of winnings / withdrawal of funds.
BetFury: advantages over traditional games.
How does the dividend system and cashback work at BetFury?
Games at BetFury:In-house, Slots, Table Games, Live Games.
Ability to place bets on BetFury: TRX, USDT, BTT, BFG, SUN, BTC + dividends pools.
BetFury benefits: Min bet, Daily tasks, Jackpots, Cashback, Dividends, Rank system.
Ultimate glossary of crypto currency terms, acronyms and abbreviations
https://github.com/gridcoin-community/Gridcoin-Research/releases/tag/22.214.171.124 Finally! After over ten months of development and testing, "Fern" has arrived! This is a whopper. 240 pull requests merged. Essentially a complete rewrite that was started with the scraper (the "neural net" rewrite) in "Denise" has now been completed. Practically the ENTIRE Gridcoin specific codebase resting on top of the vanilla Bitcoin/Peercoin/Blackcoin vanilla PoS code has been rewritten. This removes the team requirement at last (see below), although there are many other important improvements besides that. Fern was a monumental undertaking. We had to encode all of the old rules active for the v10 block protocol in new code and ensure that the new code was 100% compatible. This had to be done in such a way as to clear out all of the old spaghetti and ring-fence it with tightly controlled class implementations. We then wrote an entirely new, simplified ruleset for research rewards and reengineered contracts (which includes beacon management, polls, and voting) using properly classed code. The fundamentals of Gridcoin with this release are now on a very sound and maintainable footing, and the developers believe the codebase as updated here will serve as the fundamental basis for Gridcoin's future roadmap. We have been testing this for MONTHS on testnet in various stages. The v10 (legacy) compatibility code has been running on testnet continuously as it was developed to ensure compatibility with existing nodes. During the last few months, we have done two private testnet forks and then the full public testnet testing for v11 code (the new protocol which is what Fern implements). The developers have also been running non-staking "sentinel" nodes on mainnet with this code to verify that the consensus rules are problem-free for the legacy compatibility code on the broader mainnet. We believe this amount of testing is going to result in a smooth rollout. Given the amount of changes in Fern, I am presenting TWO changelogs below. One is high level, which summarizes the most significant changes in the protocol. The second changelog is the detailed one in the usual format, and gives you an inkling of the size of this release.
Note that the protocol changes will not become active until we cross the hard-fork transition height to v11, which has been set at 2053000. Given current average block spacing, this should happen around October 4, about one month from now. Note that to get all of the beacons in the network on the new protocol, we are requiring ALL beacons to be validated. A two week (14 day) grace period is provided by the code, starting at the time of the transition height, for people currently holding a beacon to validate the beacon and prevent it from expiring. That means that EVERY CRUNCHER must advertise and validate their beacon AFTER the v11 transition (around Oct 4th) and BEFORE October 18th (or more precisely, 14 days from the actual date of the v11 transition). If you do not advertise and validate your beacon by this time, your beacon will expire and you will stop earning research rewards until you advertise and validate a new beacon. This process has been made much easier by a brand new beacon "wizard" that helps manage beacon advertisements and renewals. Once a beacon has been validated and is a v11 protocol beacon, the normal 180 day expiration rules apply. Note, however, that the 180 day expiration on research rewards has been removed with the Fern update. This means that while your beacon might expire after 180 days, your earned research rewards will be retained and can be claimed by advertising a beacon with the same CPID and going through the validation process again. In other words, you do not lose any earned research rewards if you do not stake a block within 180 days and keep your beacon up-to-date. The transition height is also when the team requirement will be relaxed for the network.
Besides the beacon wizard, there are a number of improvements to the GUI, including new UI transaction types (and icons) for staking the superblock, sidestake sends, beacon advertisement, voting, poll creation, and transactions with a message. The main screen has been revamped with a better summary section, and better status icons. Several changes under the hood have improved GUI performance. And finally, the diagnostics have been revamped.
The wallet sync speed has been DRASTICALLY improved. A decent machine with a good network connection should be able to sync the entire mainnet blockchain in less than 4 hours. A fast machine with a really fast network connection and a good SSD can do it in about 2.5 hours. One of our goals was to reduce or eliminate the reliance on snapshots for mainnet, and I think we have accomplished that goal with the new sync speed. We have also streamlined the in-memory structures for the blockchain which shaves some memory use. There are so many goodies here it is hard to summarize them all. I would like to thank all of the contributors to this release, but especially thank @cyrossignol, whose incredible contributions formed the backbone of this release. I would also like to pay special thanks to @barton2526, @caraka, and @Quezacoatl1, who tirelessly helped during the testing and polishing phase on testnet with testing and repeated builds for all architectures. The developers are proud to present this release to the community and we believe this represents the starting point for a true renaissance for Gridcoin!
Most significantly, nodes calculate research rewards directly from the magnitudes in EACH superblock between stakes instead of using a two- or three- point average based on a CPID's current magnitude and the magnitude for the CPID when it last staked. For those long-timers in the community, this has been referred to as "Superblock Windows," and was first done in proof-of-concept form by @denravonska.
Network magnitude unit pinned to a static value of 0.25
Max research reward allowed per block raised to 16384 GRC (from 12750 GRC)
New CPIDs begin accruing research rewards from the first superblock that contains the CPID instead of from the time of the beacon advertisement
500 GRC research reward limit for a CPID's first stake
6-month expiration for unclaimed rewards
10-block spacing requirement between research reward claims
Rolling 5-day payment-per-day limit
Legacy tolerances for floating-point error and time drift
The need to include a valid copy of a CPID's magnitude in a claim
10-block emission adjustment interval for the magnitude unit
One-time beacon activation requires that participants temporarily change their usernames to a verification code at one whitelisted BOINC project
Verification codes of pending beacons expire after 3 days
Self-service beacon removal
Burn fee for beacon advertisement increased from 0.00001 GRC to 0.5 GRC
Rain addresses derived from beacon keys instead of a default wallet address
Beacon expiration determined as of the current block instead of the previous block
The ability for developers to remove beacons
The ability to sign research reward claims with non-current but unexpired beacons
As a reminder:
Beacons expire after 6 months pass (180 days)
Beacons can be renewed after 5 months pass (150 days)
Renewed beacons must be signed with the same key as the original beacon
Magnitudes less than 1 include two fractional places
Magnitudes greater than or equal to 1 but less than 10 include one fractional place
A valid superblock must match a scraper convergence
Superblock popularity election mechanics
Yes/no/abstain and single-choice response types (no user-facing support yet)
To create a poll, a maximum of 250 UTXOs for a single address must add up to 100000 GRC. These are selected from the largest downwards.
Burn fee for creating polls scaled by the number of UTXOs claimed
50 GRC for a poll contract
0.001 GRC per claimed UTXO
Burn fee for casting votes scaled by the number of UTXOs claimed
0.01 GRC for a vote contract
0.01 GRC to claim magnitude
0.01 GRC per claimed address
0.001 GRC per claimed UTXO
Maximum length of a poll title: 80 characters
Maximum length of a poll question: 100 characters
Maximum length of a poll discussion website URL: 100 characters
Maximum number of poll choices: 20
Maximum length of a poll choice label: 100 characters
Magnitude, CPID count, and participant count poll weight types
The ability for developers to remove polls and votes
[126.96.36.199] 2020-09-03, mandatory, "Fern"
Backport newer uint256 types from Bitcoin #1570 (@cyrossignol)
Implement project level rain for rainbymagnitude #1580 (@jamescowens)
Upgrade utilities (Update checker and snapshot downloadeapplication) #1576 (@iFoggz)
Provide fees collected in the block by the miner #1601 (@iFoggz)
Add support for generating legacy superblocks from scraper stats #1603 (@cyrossignol)
Port of the Bitcoin Logger to Gridcoin #1600 (@jamescowens)
Implement zapwallettxes #1605 (@jamescowens)
Implements a global event filter to suppress help question mark #1609 (@jamescowens)
Add next target difficulty to RPC output #1615 (@cyrossignol)
Add caching for block hashes to CBlock #1624 (@cyrossignol)
Make toolbars and tray icon red for testnet #1637 (@jamescowens)
Add an rpc call convergencereport #1643 (@jamescowens)
Implement newline filter on config file read in #1645 (@jamescowens)
Implement beacon status icon/button #1646 (@jamescowens)
Add gridcointestnet.png #1649 (@caraka)
Add precision to support magnitudes less than 1 #1651 (@cyrossignol)
Replace research accrual calculations with superblock snapshots #1657 (@cyrossignol)
Publish example gridcoinresearch.conf as a md document to the doc directory #1662 (@jamescowens)
Add options checkbox to disable transaction notifications #1666 (@jamescowens)
Add support for self-service beacon deletion #1695 (@cyrossignol)
Add support for type-specific contract fee amounts #1698 (@cyrossignol)
Add verifiedbeaconreport and pendingbeaconreport #1696 (@jamescowens)
Add preliminary testing option for block v11 height on testnet #1706 (@cyrossignol)
Add verified beacons manifest part to superblock validator #1711 (@cyrossignol)
Implement beacon, vote, and superblock display categories/icons in UI transaction model #1717 (@jamescowens)
CashFusion makes Bitcoin Cash a privacy coin. It's already been used to fuse hundreds of thousands of BCH! Make sure to spin up Electron Cash 4.2.0 today and get that liquidity flowing! (The more people using CashFusion at once, the more Fusions happen, and the larger your "anonymity set".) New to CashFusion? No problem, getting set up is EASY =) Just download the Electron Cash desktop wallet. It's got CashFusion built in! Set up your wallet (and be sure to write down your recovery phrase on a physical piece of paper, especially if you are going to hold significant amounts of coin in the wallet), then activate CashFusion by clicking the icon in the lower right: https://i.imgur.com/DXEPLtf.png Once it's activated, your wallet will start "fusing" the Bitcoin Cash it contains. Fusions happen over time as their own, separate transactions, and only cost you the network transactions fees (less than a penny). Each fusion transaction will include some of your coins*, so it will take multiple fusion transactions before all the coins in your wallet will be fused. (In the View menu, toggle the coins tab to see all of the coins in your wallet. In the "Label" field, fused coins will show CashFusion info.) Currently, Electron Cash keeps fusing your coins indefinitely. While it is on the roadmap to give you the option to stop fusing after some number of fusions per coin, there's no downside to leaving it to fuse continuously besides paying the transaction fees. (And every fusion gives you that much more privacy, while you are helping to provide "liquidity" for other fusers.) Also, EC does not yet prevent you from spending unfused coins, nor does it prefer fused coins when spending, so it's probably best to leave it fusing and keep your whole wallet fused, and/or pick your coins manually from the Coins tab. If you want that coin-management taken care of for your (and/or you're not comfortable picking coins to spend from the Coins tab), you can always switch back to CashShuffle for now in the Optional Features window, accessible from the Tools menu. Here's the CashFusion Telegram group where you are welcome to ask questions. (Just remember to be courteous!) Happy Fusing!! <3 *"Coins" are kind of a confusing concept when it comes to Bitcoin, but you can think of them just like discrete "bills" (or... "coins") in your wallet, but instead of coming in only certain sizes like $1, $5, $10, $20, etc, they can be any amount sent to you in a previous transaction, like 0.618 BCH, 0.000001 BCH, or 123.45679 BCH. (They can also be combined and split up. That happens in most transactions!)
This is a follow-up on https://old.reddit.com/Bitcoin/comments/hqzp14/technical_the_path_to_taproot_activation/ Taproot! Everybody wants it!! But... you might ask yourself: sure, everybody else wants it, but why would I, sovereign Bitcoin HODLer, want it? Surely I can be better than everybody else because I swapped XXX fiat for Bitcoin unlike all those nocoiners? And it is important for you to know the reasons why you, o sovereign Bitcoiner, would want Taproot activated. After all, your nodes (or the nodes your wallets use, which if you are SPV, you hopefully can pester to your wallet vendoimplementor about) need to be upgraded in order for Taproot activation to actually succeed instead of becoming a hot sticky mess. First, let's consider some principles of Bitcoin.
You the HODLer should be the one who controls where your money goes. Your keys, your coins.
You the HODLer should be able to coordinate and make contracts with other people regarding your funds.
You the HODLer should be able to do the above without anyone watching over your shoulder and judging you.
I'm sure most of us here would agree that the above are very important principles of Bitcoin and that these are principles we would not be willing to remove. If anything, we would want those principles strengthened (especially the last one, financial privacy, which current Bitcoin is only sporadically strong with: you can get privacy, it just requires effort to do so). So, how does Taproot affect those principles?
Taproot and Your /Coins
Most HODLers probably HODL their coins in singlesig addresses. Sadly, switching to Taproot would do very little for you (it gives a mild discount at spend time, at the cost of a mild increase in fee at receive time (paid by whoever sends to you, so if it's a self-send from a P2PKH or bech32 address, you pay for this); mostly a wash). (technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash, so the Taproot output spends 12 bytes more; spending from a P2WPKH requires revealing a 32-byte public key later, which is not needed with Taproot, and Taproot signatures are about 9 bytes smaller than P2WPKH signatures, but the 32 bytes plus 9 bytes is divided by 4 because of the witness discount, so it saves about 11 bytes; mostly a wash, it increases blockweight by about 1 virtual byte, 4 weight for each Taproot-output-input, compared to P2WPKH-output-input). However, as your HODLings grow in value, you might start wondering if multisignature k-of-n setups might be better for the security of your savings. And it is in multisignature that Taproot starts to give benefits! Taproot switches to using Schnorr signing scheme. Schnorr makes key aggregation -- constructing a single public key from multiple public keys -- almost as trivial as adding numbers together. "Almost" because it involves some fairly advanced math instead of simple boring number adding, but hey when was the last time you added up your grocery list prices by hand huh? With current P2SH and P2WSH multisignature schemes, if you have a 2-of-3 setup, then to spend, you need to provide two different signatures from two different public keys. With Taproot, you can create, using special moon math, a single public key that represents your 2-of-3 setup. Then you just put two of your devices together, have them communicate to each other (this can be done airgapped, in theory, by sending QR codes: the software to do this is not even being built yet, but that's because Taproot hasn't activated yet!), and they will make a single signature to authorize any spend from your 2-of-3 address. That's 73 witness bytes -- 18.25 virtual bytes -- of signatures you save! And if you decide that your current setup with 1-of-1 P2PKH / P2WPKH addresses is just fine as-is: well, that's the whole point of a softfork: backwards-compatibility; you can receive from Taproot users just fine, and once your wallet is updated for Taproot-sending support, you can send to Taproot users just fine as well! (P2WPKH and P2WSH -- SegWit v0 -- addresses start with bc1q; Taproot -- SegWit v1 --- addresses start with bc1p, in case you wanted to know the difference; in bech32 q is 0, p is 1) Now how about HODLers who keep all, or some, of their coins on custodial services? Well, any custodial service worth its salt would be doing at least 2-of-3, or probably something even bigger, like 11-of-15. So your custodial service, if it switched to using Taproot internally, could save a lot more (imagine an 11-of-15 getting reduced from 11 signatures to just 1!), which --- we can only hope! --- should translate to lower fees and better customer service from your custodial service! So I think we can say, very accurately, that the Bitcoin principle --- that YOU are in control of your money --- can only be helped by Taproot (if you are doing multisignature), and, because P2PKH and P2WPKH remain validly-usable addresses in a Taproot future, will not be harmed by Taproot. Its benefit to this principle might be small (it mostly only benefits multisignature users) but since it has no drawbacks with this (i.e. singlesig users can continue to use P2WPKH and P2PKH still) this is still a nice, tidy win! (even singlesig users get a minor benefit, in that multisig users will now reduce their blockchain space footprint, so that fees can be kept low for everybody; so for example even if you have your single set of private keys engraved on titanium plates sealed in an airtight box stored in a safe buried in a desert protected by angry nomads riding giant sandworms because you're the frickin' Kwisatz Haderach, you still gain some benefit from Taproot) And here's the important part: if P2PKH/P2WPKH is working perfectly fine with you and you decide to never use Taproot yourself, Taproot will not affect you detrimentally. First do no harm!
Taproot and Your Contracts
No one is an island, no one lives alone. Give and you shall receive. You know: by trading with other people, you can gain expertise in some obscure little necessity of the world (and greatly increase your productivity in that little field), and then trade the products of your expertise for necessities other people have created, all of you thereby gaining gains from trade. So, contracts, which are basically enforceable agreements that facilitate trading with people who you do not personally know and therefore might not trust. Let's start with a simple example. You want to buy some gewgaws from somebody. But you don't know them personally. The seller wants the money, you want their gewgaws, but because of the lack of trust (you don't know them!! what if they're scammers??) neither of you can benefit from gains from trade. However, suppose both of you know of some entity that both of you trust. That entity can act as a trusted escrow. The entity provides you security: this enables the trade, allowing both of you to get gains from trade. In Bitcoin-land, this can be implemented as a 2-of-3 multisignature. The three signatories in the multisgnature would be you, the gewgaw seller, and the escrow. You put the payment for the gewgaws into this 2-of-3 multisignature address. Now, suppose it turns out neither of you are scammers (whaaaat!). You receive the gewgaws just fine and you're willing to pay up for them. Then you and the gewgaw seller just sign a transaction --- you and the gewgaw seller are 2, sufficient to trigger the 2-of-3 --- that spends from the 2-of-3 address to a singlesig the gewgaw seller wants (or whatever address the gewgaw seller wants). But suppose some problem arises. The seller gave you gawgews instead of gewgaws. Or you decided to keep the gewgaws but not sign the transaction to release the funds to the seller. In either case, the escrow is notified, and if it can sign with you to refund the funds back to you (if the seller was a scammer) or it can sign with the seller to forward the funds to the seller (if you were a scammer). Taproot helps with this: like mentioned above, it allows multisignature setups to produce only one signature, reducing blockchain space usage, and thus making contracts --- which require multiple people, by definition, you don't make contracts with yourself --- is made cheaper (which we hope enables more of these setups to happen for more gains from trade for everyone, also, moon and lambos). (technology-wise, it's easier to make an n-of-n than a k-of-n, making a k-of-n would require a complex setup involving a long ritual with many communication rounds between the n participants, but an n-of-n can be done trivially with some moon math. You can, however, make what is effectively a 2-of-3 by using a three-branch SCRIPT: either 2-of-2 of you and seller, OR 2-of-2 of you and escrow, OR 2-of-2 of escrow and seller. Fortunately, Taproot adds a facility to embed a SCRIPT inside a public key, so you can have a 2-of-2 Taprooted address (between you and seller) with a SCRIPT branch that can instead be spent with 2-of-2 (you + escrow) OR 2-of-2 (seller + escrow), which implements the three-branched SCRIPT above. If neither of you are scammers (hopefully the common case) then you both sign using your keys and never have to contact the escrow, since you are just using the escrow public key without coordinating with them (because n-of-n is trivial but k-of-n requires setup with communication rounds), so in the "best case" where both of you are honest traders, you also get a privacy boost, in that the escrow never learns you have been trading on gewgaws, I mean ewww, gawgews are much better than gewgaws and therefore I now judge you for being a gewgaw enthusiast, you filthy gewgawer).
Taproot and Your Contracts, Part 2: Cryptographic Boogaloo
Now suppose you want to buy some data instead of things. For example, maybe you have some closed-source software in trial mode installed, and want to pay the developer for the full version. You want to pay for an activation code. This can be done, today, by using an HTLC. The developer tells you the hash of the activation code. You pay to an HTLC, paying out to the developer if it reveals the preimage (the activation code), or refunding the money back to you after a pre-agreed timeout. If the developer claims the funds, it has to reveal the preimage, which is the activation code, and you can now activate your software. If the developer does not claim the funds by the timeout, you get refunded. And you can do that, with HTLCs, today. Of course, HTLCs do have problems:
Privacy. Everyone scraping the Bitcoin blockchain can see any HTLCs, and preimages used to claim them.
This can be mitigated by using offchain techniques so HTLCs are never published onchain in the happy case. Lightning would probably in practice be the easiest way to do this offchain. Of course, there are practical limits to what you can pay on Lightning. If you are buying something expensive, then Lightning might not be practical. For example, the "software" you are activating is really the firmware of a car, and what you are buying is not the software really but the car itself (with the activation of the car firmware being equivalent to getting the car keys).
Even offchain techniques need an onchain escape hatch in case of unresponsiveness! This means that, if something bad happens during payment, the HTLC might end up being published onchain anyway, revealing the fact that some special contract occurred.
And an HTLC that is claimed with a preimage onchain will also publicly reveal the preimage onchain. If that preimage is really the activation key of a software than it can now be pirated. If that preimage is really the activation key for your newly-bought cryptographic car --- well, not your keys, not your car!
Trust requirement. You are trusting the developer that it gives you the hash of an actual valid activation key, without any way to validate that the activation key hidden by the hash is actually valid.
Fortunately, with Schnorr (which is enabled by Taproot), we can now use the Scriptless Script constuction by Andrew Poelstra. This Scriptless Script allows a new construction, the PTLC or Pointlocked Timelocked Contract. Instead of hashes and preimages, just replace "hash" with "point" and "preimage" with "scalar". Or as you might know them: "point" is really "public key" and "scalar" is really a "private key". What a PTLC does is that, given a particular public key, the pointlocked branch can be spent only if the spender reveals the private key of the given public key to you. Another nice thing with PTLCs is that they are deniable. What appears onchain is just a single 2-of-2 signature between you and the developemanufacturer. It's like a magic trick. This signature has no special watermarks, it's a perfectly normal signature (the pledge). However, from this signature, plus some datta given to you by the developemanufacturer (known as the adaptor signature) you can derive the private key of a particular public key you both agree on (the turn). Anyone scraping the blockchain will just see signatures that look just like every other signature, and as long as nobody manages to hack you and get a copy of the adaptor signature or the private key, they cannot get the private key behind the public key (point) that the pointlocked branch needs (the prestige). (Just to be clear, the public key you are getting the private key from, is distinct from the public key that the developemanufacturer will use for its funds. The activation key is different from the developer's onchain Bitcoin key, and it is the activation key whose private key you will be learning, not the developer's/manufacturer's onchain Bitcoin key). So:
Privacy: PTLCs are private even if done onchain. Nobody else can learn what the private key behind the public key is, except you who knows the adaptor signature that when combined with the complete onchain signature lets you know what the private key of the activation key is. Somebody scraping the blockchain will not learn the same information even if all PTLCs are done onchain!
Lightning is still useful for reducing onchain use, and will also get PTLCs soon after Taproot is activated, but even if something bad happens and a PTLC has to go onchain, it doesn't reveal anything!
Trust issues can be proven more easily with a public-private keypair than with a hash-preimage pair.
For example, the developer of the software you are buying could provide a signature signing a message saying "unlock access to the full version for 1 day". You can check if feeding this message and signature to the program will indeed unlock full-version access for 1 day. Then you can check if the signature is valid for the purported pubkey whose private key you will pay for. If so, you can now believe that getting the private key (by paying for it in a PTLC) would let you generate any number of "unlock access to the full version for 1 day" message+signatures, which is equivalent to getting full access to the software indefinitely.
For the car, the manufacturer can show that signing a message "start the engine" and feeding the signature to the car's fimrware will indeed start the engine, and maybe even let you have a small test drive. You can then check if the signature is valid for the purported pubkey whose privkey you will pay for. If so, you can now believe that gaining knowledge of the privkey will let you start the car engine at any time you want.
(pedantry: the signatures need to be unique else they could be replayed, this can be done with a challenge-response sequence for the car, where the car gathers entropy somehow (it's a car, it probably has a bunch of sensors nowadays so it can get entropy for free) and uses the gathered entropy to challenge you to sign a random number and only start if you are able to sign the random number; for the software, it could record previous signatures somewhere in the developer's cloud server and refuse to run if you try to replay a previously-seen signature.)
Taproot lets PTLCs exist onchain because they enable Schnorr, which is a requirement of PTLCs / Scriptless Script. (technology-wise, take note that Scriptless Script works only for the "pointlocked" branch of the contract; you need normal Script, or a pre-signed nLockTimed transaction, for the "timelocked" branch. Since Taproot can embed a script, you can have the Taproot pubkey be a 2-of-2 to implement the Scriptless Script "pointlocked" branch, then have a hidden script that lets you recover the funds with an OP_CHECKLOCKTIMEVERIFY after the timeout if the seller does not claim the funds.)
Now if you were really paying attention, you might have noticed this parenthetical:
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash...)
So wait, Taproot uses raw 32-byte public keys, and not public key hashes? Isn't that more quantum-vulnerable?? Well, in theory yes. In practice, they probably are not. It's not that hashes can be broken by quantum computes --- they're still not. Instead, you have to look at how you spend from a P2WPKH/P2PKH pay-to-public-key-hash. When you spend from a P2PKH / P2WPKH, you have to reveal the public key. Then Bitcoin hashes it and checks if this matches with the public-key-hash, and only then actually validates the signature for that public key. So an unconfirmed transaction, floating in the mempools of nodes globally, will show, in plain sight for everyone to see, your public key. (public keys should be public, that's why they're called public keys, LOL) And if quantum computers are fast enough to be of concern, then they are probably fast enough that, in the several minutes to several hours from broadcast to confirmation, they have already cracked the public key that is openly broadcast with your transaction. The owner of the quantum computer can now replace your unconfirmed transaction with one that pays the funds to itself. Even if you did not opt-in RBF, miners are still incentivized to support RBF on RBF-disabled transactions. So the extra hash is not as significant a protection against quantum computers as you might think. Instead, the extra hash-and-compare needed is just extra validation effort. Further, if you have ever, in the past, spent from the address, then there exists already a transaction indelibly stored on the blockchain, openly displaying the public key from which quantum computers can derive the private key. So those are still vulnerable to quantum computers. For the most part, the cryptographers behind Taproot (and Bitcoin Core) are of the opinion that quantum computers capable of cracking Bitcoin pubkeys are unlikely to appear within a decade or two.
Current quantum computers can barely crack prime factorization problem for primes of 5 bits.
The 256-bit elliptic curve use by Bitcoin is, by my (possibly wrong) understanding, equivalent to 4096-bit primes, so you can see a pretty big gap between now (5 bit primes) and what is needed (4096 bit primes).
A lot of financial non-Bitcoin systems use the equivalent of 3072-bit primes or less, and are probably easier targets to crack than the equivalent-to-4096-bit-primes Bitcoin.
Quantum computers capable of cracking Bitcoin are still far off.
Pay-to-public-key-hash is not as protective as you might think.
We will probably see banks get cracked before Bitcoin, so the banking system is a useful canary-in-a-coal-mine to see whether we should panic about being quantum vulnerable.
For now, the homomorphic and linear properties of elliptic curve cryptography provide a lot of benefits --- particularly the linearity property is what enables Scriptless Script and simple multisignature (i.e. multisignatures that are just 1 signature onchain). So it might be a good idea to take advantage of them now while we are still fairly safe against quantum computers. It seems likely that quantum-safe signature schemes are nonlinear (thus losing these advantages).
If you are a singlesig HODL-only Bitcoin user, Taproot will not affect you positively or negatively. Importantly: Taproot does no harm!
If you use or intend to use multisig, Taproot will be a positive for you.
If you transact onchain regularly using typical P2PKH/P2WPKH addresses, you get a minor reduction in feerates since multisig users will likely switch to Taproot to get smaller tx sizes, freeing up blockspace for yours.
If you are using multiparticipant setups for special systems of trade, Taproot will be a positive for you.
Remember: Lightning channels are multipartiicpiant setups for special systems of lightning-fast offchain trades!
I Wanna Be The Taprooter!
So, do you want to help activate Taproot? Here's what you, mister sovereign Bitcoin HODLer, can do!
If you have developer experience especially in C, C++, or related languages
Review the Taproot code! There is one pull request in Bitcoin Core, and one in libsecp256k1. I deliberately am not putting links here, to avoid brigades of nontechnical but enthusiastic people leaving pointless reviews, but if you are qualified you know how to find them!
But I am not a cryptographeBitcoin Core contributomathematician/someone as awesome as Pieter Wuille
That's perfectly fine! The cryptographers have been over the code already and agree the math is right and the implementation is right. What is wanted is the dreary dreary dreary software engineering: are the comments comprehensive and understandable? no misspellings in the comments? variable names understandable? reasonable function naming convention? misleading coding style? off-by-one errors in loops? conditions not covered by tests? accidental mixups of variables with the same types? missing frees? read-before-init? better test coverage of suspicious-looking code? missing or mismatching header guards? portability issues? consistent coding style? you know, stuff any coder with a few years of experience in coding anything might be able to catch. With enough eyes all bugs are shallow!
If you are running a mining pool/mining operation/exchange/custodial service/SPV server
Be prepared to upgrade!
One of the typical issues with upgrading software is that subtle incompatibilities with your current custom programs tend to arise, disrupting operations and potentially losing income due to downtime. If so, consider moving to the two-node setup suggested by gmax, which is in the last section of my previous post. With this, you have an up-to-date "public" node and a fixed-version "private" node, with the public node protecting the private node from any invalid chainsplits or invalid transactions. Moving to this setup from a typical one-node setup should be smooth and should not disrupt operations (too much).
If you are running your own fullnode for fun or for your own wallet
Be prepared to upgrade! The more nodes validating the new rules (even if you are a non-mining node!), the safer every softfork will be!
If you are using an SPV wallet or custodial wallet/service (including hardware wallets using the software of the wallet provider)
Contact your wallet provider / SPV server and ask for a statement on whether they support Taproot, and whether they are prepared to upgrade for Taproot! Make it known to them that Taproot is something you want!
But I Hate Taproot!!
Raise your objections to Taproot now, or forever hold your peace! Maybe you can raise them here and some of the devs (probably nullc, he goes everywhere, even in rbtc!) might be able to see your objections! Or if your objections are very technical, head over to the appropriate pull request and object away!
Maybe you simply misunderstand something, and we can clarify it here!
Or maybe you do have a good objection, and we can make Taproot better by finding a solution for it!
Edit: Currently writing a new version of this, dont know when it will be done. Edit: Since first post I have updated a few sections with additional information. I recommend reading it all even if it is very long, I might have placed some relevant info in different sections while thinking about what else needed to be added, plenty of steps remains mostly the same except when I comment directly on it. It is not necessary to do 100% security all the time, unless you absolutely need it, combining some high and some lower security ideas for a balance of security and convenience is useful. I will base this mostly on Windows, Linux users probably know this, and I have no idea how apple machines work (tho many things in here are still relevant for other operating systems, as they are just general tips) Disclaimer: There are certainly other steps that can make you more anonymous or safer, however I think for most people this will surfice. Any software I recommend should be independently verified for security, and examples of software are not to be taken as endorsements. I simply use examples and give recommendations when I believe it necessary, or helpful. I will not really differentiate between anonymity and security, they are often the same thing. As such the word security can mean either more anonymous, less vulnerable, or both. -------- Everyday Simple Info Sec:
Password for the device is an obvious one (8+ characters minimum, best if over +12), if there is sensitive information on any of the drives, either encrypt the entire drive or just the sensitive files, and make encrypted backups on a different memory storage device (There many programs to encrypt files and drives I'm sure a search will figure it out)
-There could be a hidden administrator user on your PC, make sure to change its password
Always use the device on a non admin account
a VPN that doesn't log (use with kill switch on, should be enough for everyday stuff, more safe stuff in the high security section) (VPNs that claim they don't log sometimes do, it's bad, but I would like to point out that not using a VPN will always expose your traffic to your ISP and also remove additional encryption. Even if the VPN tracks, there is no downside because your ISP would track anyways, and VPNs can be more anonymous, and also add extra encryption)
disable location tracking (preferably make all your privacy setting to release minimal info, get rid or cortana, change privacy settings in all of your accounts as well, there's no reason why you should allow Facebook to give you target ads. Use the setting they give you.
TOR, Firefox or similar browser, stay the fuck away from Google Chrome.
your preferred search engine should be duckduckgo (other privacy focused search engines exist as well)
use an adblocker that also prevents the adding of tacking cookies
Use pgp with all your friends or messaging services that implemented end to end encryption (Implemented services can still be bypassed, but are way more convenient so for everyday use they should suffice, some examples should be Telegraph, Signal, WhatsApp etc) (more info on pgp in high security section)
(Snapchat msgs, reddit dms, discord msgs, are just a few examples of msgs that are never encrypted) -Any info even send in encrypted msgs (and obviously non encrypted) should still be kept with possible deniability, don't say "I'm gonna do MDMA", say "I'm going out with molly."
use software (like ccleaner) that purges cookies and other data after every use, before shutting down your device
use a virus scanner daily (I like spy bot Search and destroy, many other options also exist)
never use the same password/passphrase twice (I will address what passphrase are below) (Better yet use randomized passwords that are stored in a master key chain, make them as long as possible (tho it is okay to go with the minimum of 12 never go below 7, I recommend 15+ depending on how often you have to manually enter the password instead of copying/pasting it) Don't generate too long keys for things you need to access regularly without copy/paste, except your master key ring)
its ideal to never use the same email or username as well, especially username, email is obviously tricky and also very annoying, but it would be best to always change the email.
-DO NOT STORE ANY PASSWORDS ON GOOGLE, IF GOOGLE LOGIN IS AUTHENTICATED IT WILL AUTFILL ALL PASSWORDS IT HAS SAVED (same with other similar services) (This means if you are logged in to chrome and someone has access to your machine, they can auto fill passwords without entering a single password) -use a rememberable passphrase, especially for your master key ring aka password manager A long sentence that is memorable makes an okay password (decent example,: "I met my wife at Little Ceasers for the first time on 07/09/20" better even if it's just something you know, if its impersonal, and if you can add special characters or numbers that you won't forget) (A better example for a passphrase is: "There is 0nly 0ne letter that d0esn’t appear in any U.S. state nameQ")
for your main password manager(key ring), I highly recommend Keepass 2, make backups of the file save to separate devices and drives (Flash drives, phone, PC, laptop, etc, if you loose that file, you lose all of your passwords) (Other good password managers exist as well, I don't recommend online password managers as you lose the control over passwords)
-Purge your internet activity frequently, there's a reason why I only have one post, and a few comments appearing in my account, but thousands of kama. Exposing information needlessly is not good. -Never post private information publicly, and if you do, do it vaguely as possible. (Example: Not "I'm 15", say "I'm a teenager") Do not post any vital information ever, no birthdays, mother's maiden name, age, or anything you have ever seen in a security question. Never post your current activities while they are ongoing. You going on a vacation? Don't announce it to the world, taking picture there? Post them when you are home.
Any account that is supposed to remain anonymous and as secure as possible should only be used on secured devices. A unsecured device can link you to the account.
always shutdown your machine when leaving it (To prevent access, and to prevent a possible attack vector)
2 factor factor authentication is not great anymore. Unless you can do it over a anonymous source. A cell phone is usually directly connected to you, so it is not a anonymous device. There might still be secure/anonymous 2 factor authentication methods that won't expose you, for example over a secure email. (If there is 2FA that doesn't need a device that removes anonymity and is secure, use it.) (Please don't misunderstand, 2FA is great, however it can remove the anonymity that you worked hard to establish)
-Rethink how you do security questions. Many answers to security questions can be found in your internet history. One could use the first word of the security question as an answer, or a different sceme that will mean you always remember it. (Security question need to go, the amount of personal info an average person puts on the internet makes it easy to attack anything using security question) -------_ High level crimimal information security: The motto here is, "All the Security, All the Time" As one fuck up can end with you leaving a lick of traceability, and you could be fucked. Pre Note: All of your software should always be up to date. Also even perfect info sec does not guarantee you are completely safe, a new zero day (exploit) can still fuck you, but good info security makes you significantly safer, by eliminating as many attacks as possible. -Get a new device (or make a already owned device seem like you never owned it, do this only if you know how to, there's a lot of stuff that goes into that, like changing your mac adress etc) buy with cash, and your face covered, preferably far away from where you live. (Do I need to specify to not bring your phone or anything else that tracks your location to anywhere you want to go anonymously?) (Be aware that even hardware can have vulnerabilities, many cpus have known vulnerabilities, I can't list them all, do some research before buying)
Do not EVER use a high security device at any lower level of security. There are unique identifiers to your device, exposing them once can expose you for everything you do.
-If you know how to use Tails (A linux distro designed for Info sec) use that, preferably on a USB. (Or learn how to use tails, its better, but complicated) Otherwise a clean copy of windows (make sure its not in any way associated with you) can do the job too, tho not as well. (Using a VM might give extra security, since VMs usually erase all data and RAM they were using on shutdown) -Get a non tracking VPN, Enable the kill switch (a setting that disables all traffic that doesn't go through the VPN) (change your firewall settings to only allow the traffic from the VPN, windows guide (Change settings so only traffic from the tor application is send) Edit: (Due to complaints: do not use vpn over tor, use tor over vpn. tor over vpn has no notable downside, if the VPN logs it makes no difference, your ISP will always log anyways, and vpns remove other attack vectors and also provide backup security should tor fail. Again even if the VPN tracks you only change the people doing the tracking, but now you are further removed making it more anonymous and also with less vulnerabilities) -rember privacy settings, cookie cleaner, and antivirus, password (There could be a hidden administrator user on your PC, make sure to change its password) -Always use the device on a non admin account
-Ideally use this device only on networks that are not connected with you. Such as public networks (try to never use the same public networks twice, move around) (a home network should be fine now, as it should never be exposed, but more security is always better) (Its just a conveniences vs security trade) -Never use accounts that have been exposed to lower security on higher security machines -your browser is now TOR (or your preferred security focused browser, if you dont plan on using onion ) Make sure you get the standalone version of tor not the addon build (the standalone is safer, because there are less settings and options to tweak) -Change your tor settings, to safest mode, enable a bridge (to my knowledge there's no difference in security between the build in bridges in tor), enable automatic updates, set duckduckgo onion as your primary browser. Set dark.fail onion page as your home page. (Or your preferred privacy search engine and onion directory)
set up a new pgp (can't use the same one you use for regular use, again less safer accounts are never used on safer devices) Cleopatra is my choice, its simple to use. Make sure you back up the private key multiple times, on safe devices. (Dont let the private key fall into anyone's hands) Give it a generic name like "HighSecurityPGP" do not give the pgp key pair a name that could identify you. (No initials etc) (Some pgp key pair programs want an associated email for a key pair, you can create a safe email, or which I recoend you can use a different program (like Cleopatra) (Feds & LEOs are known to copy private keys if they have your machine, so you will need to set up a new key pair if they ever take a device with a private key copy)
a high security machine that facilitates criminal activity can not use many programs. Many programs collect your devices mac adress, which is a unique identifier, amongst other things. It's should be used only for the activity you want to do.
-------_ How to use dark net markets (DNMs) If you finished your High Security setup, we can dive right in. Otherwise go do that. This is where all that is essential. Quick info on Tor, and onion sites. There is no search engine. It's all based of directories and addresses you are given by others. Tor will likely not be very quick, it has to pass through multiple networks to get to the destination. DNMs sometimes exit scam, an exit scam is when a market shuts down completely and takes all the money, this is a risk when using DNMs, it's not too common but happens maybe 0-4 times a year. The admins of thoese servers need to get out at some point, before they get jailed, so they exit the game, and scam everyone out of their money. -A very useful onion directory is dark.fail it has a lot of links, for all kinds of stuff. News, email, DNMs, Psychonautwiki (harm reduction website), forums etc. (Other directories also exist) -Pick a market, preferably one that handles secure connection server side instead of requiring you to establish the secure connection. Then create an account. Your account once created should include an entry box in your profile for a pgp key, post your PUBLIC key in there. (Verify the link is not a scam, most markets should provide a pgp signature) -Next is currency setup. All major cryptocurrency exchangers can be used, I can recommend coin base but there could be better ones out there. Unless you find a small non U.S., exchange, they will always ask for your identity. So unless you can find a trustworthy exchange that doesn't ID, you will need to give it to them. (Side note, all major crypto exchangers report to the IRS, if the IRS asks you if you bought cryptocurrency and you bought while having IDed yourself SAY YES, DO NOT COMMIT TAX FRAUD WHEN THEY KNOW YOU DID)
I recommend using Monero, it's hard to track, so it makes your job a lot easier. (If you use bitcoin you should run it through a scrambler, because BTC is tracable to anyone who knows what they are doing)
-Transfer (monero you can send directly, btc you should scramble) to your wallet. There are two options a cold wallet (physical) or a software wallet. Software wallets usually dont cost anything so I recommend them, even if often less safe. Electrum is easy to use, and pretty safe. You can also do your own research and find a wallet that fits your needs.
decide where you want to ship it. You can send to your home, to a PO box, to a PO box that you opened with a fake ID (I don't recommend), an abandoned house, general mail (sending to a post office instead of a street adress) pickup up with fake ID, use a remailing service. These are some options, sending it to your own home, isn't ideal, but its pretty much the only easy way.
-now you are ready to buy, only buy using escrow (it means the money is held by the market as a middle man until the product is delivered, they will also handle any issues like wrong quantity, cuts, etc), judge the reviews for a product, and if available look at the history of the vendor, until you find a product from a vendor you trust. (I recommend to buy within your country as much as possible, so it doesn't go through customs, it's very rare that something is found, but it can happen) -now you get to buy, depending on market, you either have cryptocurrency stored in their wallets (not recommend, you will lose it in an exit scam) or you can send it every order. When you send your delivery adress (or the one you want it to go to) encrypt the adress using the sellers public key. Make sure the adress is correct. -wait for the product, make sure to extend the escrow until the product arrives, if you can't extend it anymore dispute the order, and a moderator will step in -test the product, use it, and leave a review. PLEASE LEAVE A REVIEW, DNMs only work because of reviews. Edit: Didn't imagine I would write over 15000 words. Oh well, it was fun. Hope it helps, if you have any questions feel free to ask. No idea how long this will stay up, I might purge it in 7 days, or never.
“The next way is to use multiple wallets but split your total bitcoin holdings between them. To do this, it requires backing up more than one wallet seed, but each is isolated from the other if one develops a problem. Tracking your total bitcoin holdings is harder this way. Some people even use spreadsheets or other financial software to follow it all, especially if they have paper wallets ... Bitcoin wallet update trick has netted criminals more than $22 million. Criminal gangs are sending fake updates to owners of Electrum wallets, installing malware, and stealing user funds. Can You Have Two Or Multiple Bitcoin Wallets? #1. Back-up & Restore Purposes. It is good to have 2 or more hardware wallets for back-up & restore purposes. Let me explain. I know you are a smart guy who has already taken the back-up of your seed for a rainy day. One day that rainy day comes and due to some reason your one hardware wallet is damaged or lost. You are in a hurry to use your coins ... The software you have installed on your PC can manage multiple wallets, though. This link describes how you can have a single bitcoin-qt installation using multiple wallets. share improve this answer follow edited Feb 7 '19 at 0:49. answered Aug 16 '15 at 19:19. ndvo ndvo. 589 4 4 silver badges 12 12 bronze badges. add a comment 0. You can also import private keys into your wallet, so ... Crypto wallets that can hold and manage multiple cryptocurrencies are called multicurrency wallets and are helpful for crypto exchanges. Before choosing a crypto wallet, one needs to take into account several factors like its security, mode of operation, and how safe it is from cyber-attacks or infiltration. Best Multi Crypto Wallets [Multiple Cryptocurrency] Here are some of the best ...
Trust wallet is a multi-functional wallet with a lot of applications, making sure everyone feels safe and easy to use. 1. Trust Wallet - Best in class mobile Ethereum wallet Trust provides a user ... https://bitmake.io/ - Video URL: http://www.BitcoinGenerator.us/ Video Title: Multiply Your Bitcoin Wallet Balance X2 !! Top 5 Best Cryptocurrency Wallets You'll receive $10 in free bitcoin by signing up with this link http://bit.ly/2oesV41 Bitcoin & Etherum Storage Wallet: htt... Cancoin Multi-signature (PS2H) Bitcoin Wallets. Available now at http://cancoin.co Cryptocurrency Wallet Manage your Bitcoin, Ethereum, XRP, Litecoin,XLM and over 300 ohters coins and tokens. Download Link: https://bit.ly/2Bn55ig Use My pro...