Private key - Bitcoin Wiki

If you are a Crypto beginner - read this!

If you are new to investing into Cryptocurrencies this summary might help you.

Knowing basic terms:

You'll stumble across a lot of terms and expressions some are of technical & some of financial nature, for example:
It's also important to know what are some basic terms concerning investing in general:

Following Crypto News:

May it be our beloved cc, twitter, big new-sites like cointelegraph - stay up to date. Knowing what is going on in the sphere can give you an edge but also mind the saying "buy the rumor, sell the news"!

Having an investment strategy:

Strategies will help you to control your emotions - act as rational as possible.

Be prepared & don't get scammed:

Sources:

https://en.wikipedia.org/wiki/Cryptocurrency
https://www.investopedia.com/terms/b/bitcoin.asp
https://www.investopedia.com/terms/m/marketcapitalization.asp
https://cointelegraph.com/
https://coinmarketcap.com/
https://www.coingecko.com/en
https://www.ledger.com/
https://trezor.io/
This content was written and summarized by me. I'am hoping for helpful comments to add to this post.
submitted by Badeindi to CryptoCurrency [link] [comments]

Splitting BCH/BSV still possible today for version 1.9.3?

Today I do have still a large amount unsplit BCH/BSV in one address in my trezor wallet. I didn't split it at the time shortly after the hardfork BCH/BSV dating 15 November 2018 because I was at that time too busy with other things. I thought it would be save if I just didn't thouch it. The address has remained untouched since February 2018.
Today I want to recover the BSV because I want to cash out and exchange the BSV for some other coin and because of the coming fork for BCH in November 2020 not to complicate things further.
In meantime, I have updated my Trezor One wallet to version 1.9.3 . I didn't yet update the address mentioned in orange " Bitcoin Cash changed the format of addresses to cashaddr" and "use this external tool to convert legacy addresses to the new format." with the external site in the Trezor wallet. This because I knew I hadn't yet split the BCH/BSV.
I honestly don't know what the best solution is for recovering my BSV. It's an amount too big to ignore.
https://wiki.trezor.io/How_to_split_and_send_your_Bitcoin_Cash_forks
Does this way of splitting still work with installed version 1.9.3 of Trezor One wallet? This knowing that:
- The Trezor wallet is displaying another amount of BCH than the address on the blockchain (99771 satoshis difference or 99771 satoshis more on the Trezor One wallet than on the on the address on the blockchain. For me an amount I'm prepared to lose because that's not the big amount I want to recover). This probably comes from 2 small test transactions. Anyway, the amount is different on the blockchain address (where the big amount unsplit BCH/BSV is parked) compared to the Trezor wallet.
- The Trezor One wallet is displaying the new BCH cashaddr which is not including the BSV

Problem:
The BCH and BSV is still in an old BCH address. Trezor has in meantime updated to version so that the new BCH address is mentioned in my Trezor wallet. The new address (cashaddr) doesn't consist anymore the BSV. That BSV is still in the untouched old BCH address.

Questions:
How can I find the private key of the old BCH address in my Trezor?
Can I still send the unsplitt BCH/BSV from the old BCH address to a new BCH address (cashaddr) with my Trezor, even when Trezor is in version 1.9.3 displaying the new address which is not consisting the unsplit BCH/BSV?
Or do I have to send the unsplitt BCH/BSV from the old address with the recovered private key from an other alternative wallet?
Can I send first a small amount of unsplit BCH/BSV for a test without the risk of a replay attack or lose funds in the originating address?

Possible solutions:
  1. I'll do the split as described in
https://wiki.trezor.io/How_to_split_and_send_your_Bitcoin_Cash_forks
supposing that the problems and situtions as mentioned before are not causing for a problem or loss of funds.
  1. I send the money to an exchange (CoinEx) where they are willing to split it in case the coins arrive unsplit. This supposing the problems and situation mentioned before are solved or are not cause for a loss of funds.

Please let me know what the best and easiest solution is without losing my coins. I'm a non tech guy.
submitted by ERS220-A to TREZOR [link] [comments]

/r/Scams Common Scam Master Post

Hello visitors and subscribers of scams! Here you will find a master list of common (and uncommon) scams that you may encounter online or in real life. Thank you to the many contributors who helped create this thread!

If you know of a scam that is not covered here, write a comment and it will be added to the next edition.

Previous threads: https://old.reddit.com/Scams/search?q=common+scams+master+post&restrict_sr=on
Blackmail email scam thread: https://www.reddit.com/Scams/comments/jij7zf/the_blackmail_email_scam_part_6/
Some of these articles are from small, local publications and refer to the scam happening in a specific area. Do not think that this means that the scam won't happen in your area.

Spoofing

Caller ID spoofing
It is very easy for anyone to make a phone call while having any number show up on the caller ID of the person receiving the phone call. Receiving a phone call from a certain number does not mean that the person/company who owns that number has actually called you.
Email spoofing
The "from" field of an email can be set by the sender, meaning that you can receive scam emails that look like they are from legitimate addresses. It's important to never click links in emails unless absolutely necessary, for example a password reset link you requested or an account activation link for an account you created.
SMS spoofing
SMS messages can be spoofed, so be wary of messages that seem to be from your friends or other trusted people.

The most common scams

The fake check scam (Credit to nimble2 for this part)
The fake check scam arises from many different situations (for instance, you applied for a job, or you are selling something on a place like Craigslist, or someone wants to purchase goods or services from your business, or you were offered a job as a mystery shopper, you were asked to wrap your car with an advertisement, or you received a check in the mail for no reason), but the bottom line is always something like this:
General fraudulent funds scams If somebody is asking you to accept and send out money as a favour or as part of a job, it is a fraudulent funds scam. It does not matter how they pay you, any payment on any service can be fraudulent and will be reversed when it is discovered to be fraudulent.
Phone verification code scams Someone will ask you to receive a verification text and then tell you to give them the code. Usually the code will come from Google Voice, or from Craigslist. In the Google version of the scam, your phone number will be used to verify a Google Voice account that the scammer will use to scam people with. In the Craigslist version of the scam, your phone number will be used to verify a Craigslist posting that the scammer will use to scam people. There is also an account takeover version of this scam that will involve the scammer sending a password reset token to your phone number and asking you for it.
Bitcoin job scams
Bitcoin job scams involve some sort of fraudulent funds transfer, usually a fake check although a fraudulent bank transfer can be used as well. The scammer will send you the fraudulent money and ask you to purchase bitcoins. This is a scam, and you will have zero recourse after you send the scammer bitcoins.
Email flooding
If you suddenly receive hundreds or thousands of spam emails, usually subscription confirmations, it's very likely that one of your online accounts has been taken over and is being used fraudulently. You should check any of your accounts that has a credit card linked to it, preferably from a computer other than the one you normally use. You should change all of your passwords to unique passwords and you should start using two factor authentication everywhere.
Cartel scam
You will be threatened by scammers who claim to be affiliated with a cartel. They may send you gory pictures and threaten your life and the lives of your family. Usually the victim will have attempted to contact an escort prior to the scam, but sometimes the scammers target people randomly. If you are targeted by a cartel scam all you need to do is ignore the scammers as their threats are clearly empty.
Boss/CEO scam A scammer will impersonate your boss or someone who works at your company and will ask you to run an errand for them, which will usually be purchasing gift cards and sending them the code. Once the scammer has the code, you have no recourse.
Employment certification scams
You will receive a job offer that is dependent on you completing a course or receiving a certification from a company the scammer tells you about. The scammer operates both websites and the job does not exist.
Craigslist fake payment scams
Scammers will ask you about your item that you have listed for sale on a site like Craigslist, and will ask to pay you via Paypal. They are scamming you, and the payment in most cases does not actually exist, the email you received was sent by the scammers. In cases where you have received a payment, the scammer can dispute the payment or the payment may be entirely fraudulent. The scammer will then either try to get you to send money to them using the fake funds that they did not send to you, or will ask you to ship the item, usually to a re-shipping facility or a parcel mule.
Craigslist Carfax/vehicle history scam
You'll encounter a scammer on Craigslist who wants to buy the vehicle you have listed, but they will ask for a VIN report from a random site that they have created and they will expect you to pay for it.
Double dip/recovery scammers
This is a scam aimed at people who have already fallen for a scam previously. Scammers will reach out to the victim and claim to be able to help the victim recover funds they lost in the scam.
General fraudulent funds scams The fake check scam is not the only scam that involves accepting fraudulent/fake funds and purchasing items for scammers. If your job or opportunity involves accepting money and then using that money, it is almost certainly a frauduent funds scam. Even if the payment is through a bank transfer, Paypal, Venmo, Zelle, Interac e-Transfer, etc, it does not matter.
Credit card debt scam
Fraudsters will offer to pay off your bills, and will do so with fraudulent funds. Sometimes it will be your credit card bill, but it can be any bill that can be paid online. Once they pay it off, they will ask you to send them money or purchase items for them. The fraudulent transaction will be reversed in the future and you will never be able to keep the money. This scam happens on sites like Craigslist, Twitter, Instagram, and also some dating sites, including SeekingArrangement.
The parcel mule scam
A scammer will contact you with a job opportunity that involves accepting and reshipping packages. The packages are either stolen or fraudulently obtained items, and you will not be paid by the scammer. Here is a news article about a scam victim who fell for this scam and reshipped over 20 packages containing fraudulently acquired goods.
The Skype sex scam
You're on Facebook and you get a friend request from a cute girl you've never met. She wants to start sexting and trading nudes. She'll ask you to send pictures or videos or get on webcam where she can see you naked with your face in the picture. The scam: There's no girl. You've sent nudes to a guy pretending to be a girl. As soon as he has the pictures he'll demand money and threaten to send the pictures to your friends and family. Sometimes the scammer will upload the video to a porn site or Youtube to show that they are serious.
What to do if you are a victim of this scam: You cannot buy silence, you can only rent it. Paying the blackmailer will show them that the information they have is valuable and they will come after you for more money. Let your friends and family know that you were scammed and tell them to ignore friend requests or messages from people they don't know. Also, make sure your privacy settings are locked down and consider deactivating your account.
The underage girl scam
You're on a dating site or app and you get contacted by a cute girl. She wants to start sexting and trading nudes. Eventually she stops communicating and you get a call from a pissed off guy claiming to be the girl's father, or a police officer, or a private investigator, or something else along those lines. Turns out the girl you were sexting is underage, and her parents want some money for various reasons, such as to pay for a new phone, to pay for therapy, etc. There is, of course, no girl. You were communicating with a scammer.
What to do if you are a victim of this scam: Stop picking up the phone when the scammers call. Do not pay them, or they will be after you for more money.
Phishing
Phishing is when a scammer tries to trick you into giving information to them, such as your password or private financial information. Phishing messages will usually look very similar to official messages, and sometimes they are identical. If you are ever required to login to a different account in order to use a service, you should be incredibly cautious.
The blackmail email scam part 5: https://old.reddit.com/Scams/comments/g8jqnthe_blackmail_email_scam_part_5/
PSA: you did not win a giftcard: https://old.reddit.com/Scams/comments/fffmle/psa_you_did_not_win_a_gift_card/
Sugar scams
Sugar scammers operate all over the internet and usually come in two varieties: advance-fee scams where the scammer will ask for a payment from you before sending you lots of money, and fake check style scams where the scammer will either pull a classic fake check scam, or will do a "bill pay" style scam that involves them paying your bills, or them giving you banking information to pay your bills. If you encounter these scammers, report their accounts and move on.
Google Hangouts
Google Hangouts is a messaging platform used extensively by all kinds of scammers. If you are talking with someone online and they want you to switch to Hangouts, they are likely a scammer and you should proceed with caution.
Publishers Clearing House scams
PCH scams are often advance-fee scams, where you will be promised lots of money after you make an initial payment. You will never need to pay if you win money from the real PCH.
Pet scams
You are looking for a specific breed of puppy, bird, or other pet. You come across a nice-looking website that claims to be breeding them and has some available right now - they may even be on sale! The breeders are not local to your area (and may not even list a physical location) but they assure you they can safely ship the pet to you after a deposit or full payment. If you go through with the payment, you will likely be contacted by the "shipper" who will inform you about an unexpected shipping/customs/processing fee required to deliver your new pet. But there was never any pet, both the "breeder" and the "shipper" are scammers, typically operating out of Africa. These sites are rampant and account for a large percentage of online pet seller websites - they typically have a similar layout/template (screenshot - example)
If you are considering buying a pet online, some easy things to check are: (1) The registration date of the domain (if it was created recently it is likely a scam website) (2) Reverse image search the pictures of available pets - you will usually find other scam websites using the same photos. (3) Copy a sentence/section of the text from the "about us" page and put it into google (in quotes) - these scammers often copy large parts of their website's text from other places. (4) Search for the domain name and look for entries on petscams.com or other scam-tracking sites. (5) Strongly consider buying/adopting your pet from a local shelter or breeder where you can see the animal in person before putting any money down.
Thanks to djscsi for this entry.
Fake shipping company scams
These scams usually start when you try to buy something illegal online. You will be scammed for the initial payment, and then you will receive an email from the fake shipping company telling you that you need to pay them some sort of fee or bribe. If you pay this, they will keep trying to scam you with increasingly absurd stories until you stop paying, at which point they will blackmail you. If you are involved in this scam, all you can do is ignore the scammers and move on, and try to dispute your payments if possible.
Chinese Upwork scam
Someone will ask you to create an Upwork or other freelancer site account for them and will offer money in return. You will not be paid, and they want to use the accounts to scam people.
Quickbooks invoice scam
This is a fake check style scam that takes advantage of Quickbooks.
The blackmail email scam The exact wording of the emails varies, but there are generally four main parts. They claim to have placed software/malware on a porn/adult video site, they claim to have a video of you masturbating or watching porn, they threaten to release the video to your friends/family/loved ones/boss/dog, and they demand that you pay them in order for them to delete the video. Rest assured that this is a very common spam campaign and there is no truth behind the email or the threats. Here are some news articles about this scam.
The blackmail mail scam
This is very similar to the blackmail email scam, but you will receive a letter in the mail.
Rental scams Usually on local sites like Craigslist, scammers will steal photos from legitimate real estate listings and will list them for rent at or below market rate. They will generally be hesitant to tell you the address of the property for "safety reasons" and you will not be able to see the unit. They will then ask you to pay them a deposit and they claim they will ship you the keys. In reality, your money is gone and you will have no recourse.
Craigslist vehicle scams A scammer will list a vehicle on Craigslist and will offer to ship you the car. In many cases they will also falsely claim to sell you the car through eBay or Amazon. If you are looking for a car on Craigslist and the seller says anything about shipping the car, having an agent, gives you a long story about why they are selling the car, or the listing price is far too low, you are talking to a scammer and you should ignore and move on.
Advance-fee scam, also known as the 419 scam, or the Nigerian prince scam. You will receive a communication from someone who claims that you are entitled to a large sum of money, or you can help them obtain a large sum of money. However, they will need money from you before you receive the large sum.
Man in the middle scams
Man in the middle scams are very common and very hard to detect. The scammer will impersonate a company or person you are legitimately doing business with, and they will ask you to send the money to one of their own bank accounts or one controlled by a money mule. They have gained access to the legitimate persons email address, so there will be nothing suspicious about the email. To prevent this, make contact in a different way that lets you verify that the person you are talking to is the person you think you are talking to.
Digit wallet scam
A variation of the fake check scam, the scammer sends you money through a digital wallet (i.e. Venmo, Apple Pay, Zelle, Cash App) along with a message claiming they've sent the money to the wrong person and a request to send the money back. Customer service for these digital wallets may even suggest that you send the money back. However, the money sent is from a stolen credit card and will be removed from your account after a few days. Your transfer is not reversed since it came from your own funds.
Cam girl voting/viewer scam
You will encounter a "cam girl" on a dating/messaging/social media/whatever site/app, and the scammer will ask you to go to their site and sign up with your credit card. They may offer a free show, or ask you to vote for them, or any number of other fake stories.
Amateur porn recruitment scam
You will encounter a "pornstar" on a dating/messaging/social media/whatever site/app, and the scammer will ask you to create an adult film with hehim, but first you need to do something. The story here is usually something to do with verifying your age, or you needing to take an STD test that involves sending money to a site operated by the scammer.
Hot girl SMS spam
You receive a text from a random number with a message along the lines of "Hey babe I'm here in town again if you wanted to meet up this time, are you around?" accompanied by a NSFW picture of a hot girl. It's spam, and they'll direct you to their scam website that requires a credit card.
Identity verification scam
You will encounter someone on a dating/messaging/social media/whatever site/app, and the scammer will ask that you verify your identity as they are worried about catfishing. The scammer operates the site, and you are not talking to whoever you think you are talking to.
This type of scam teases you with something, then tries to make you sign up for something else that costs money. The company involved is often innocent, but they turn a blind eye to the practice as it helps their bottom line, even if they have to occasionally issue refunds. A common variation takes place on dating sites/dating apps, where you will match with someone who claims to be a camgirl who wants you to sign up for a site and vote for her. Another variation takes place on local sites like Craigslist, where the scammers setup fake rental scams and demand that you go through a specific service for a credit check. Once you go through with it, the scammer will stop talking to you. Another variation also takes place on local sites like Craigslist, where scammers will contact you while you are selling a car and will ask you to purchase a Carfax-like report from a specific website.
Multi Level Marketing or Affiliate Marketing
You apply for a vague job listing for 'sales' on craigslist. Or maybe an old friend from high school adds you on Facebook and says they have an amazing business opportunity for you. Or maybe the well dressed guy who's always interviewing people in the Starbucks that you work at asks if you really want to be slinging coffee the rest of your life. The scam: MLMs are little more than pyramid schemes. They involve buying some sort of product (usually snake oil health products like body wraps or supplements) and shilling them to your friends and family. They claim that the really money is recruiting people underneath you who give you a slice of whatever they sell. And if those people underneath you recruit more people, you get a piece of their sales. Ideally if you big enough pyramid underneath you the money will roll in without any work on your part. Failure to see any profit will be your fault for not "wanting it enough." The companies will claim that you need to buy their extra training modules or webinars to really start selling. But in reality, the vast majority of people who buy into a MLM won't see a cent. At the end of the day all you'll be doing is annoying your friends and family with your constant recruitment efforts. What to look out for: Recruiters love to be vague. They won't tell you the name of the company or what exactly the job will entail. They'll pump you up with promises of "self-generating income", "being your own boss", and "owning your own company." They might ask you to read books about success and entrepreneurs. They're hoping you buy into the dream first. If you get approached via social media, check their timelines. MLMs will often instruct their victims to pretend that they've already made it. They'll constantly post about how they're hustling and making the big bucks and linking to youtube videos about success. Again, all very vague about what their job actually entails. If you think you're being recruited: Ask them what exactly the job is. If they can't answer its probably a MLM. Just walk away.

Phone scams

You should generally avoid answering or engaging with random phone calls. Picking up and engaging with a scam call tells the scammers that your phone number is active, and will usually lead to more calls.
Tax Call
You get a call from somebody claiming to be from your countries tax agency. They say you have unpaid taxes that need to be paid immediately, and you may be arrested or have other legal action taken against you if it is not paid. This scam has caused the American IRS, Canadian CRA, British HMRC, and Australian Tax Office to issue warnings. This scam happens in a wide variety of countries all over the world.
Warrant Call
Very similar to the tax call. You'll get a phone call from an "agent", "officer", "sheriff", or other law enforcement officer claiming that there is a warrant out for your arrest and you will be arrested very soon. They will then offer to settle everything for a fee, usually paid in giftcards.
[Legal Documents/Process Server Calls]
Very similar to the warrant call. You'll get a phone call from a scammer claiming that they are going to serve you legal documents, and they will threaten you with legal consequences if you refuse to comply. They may call themselves "investigators", and will sometimes give you a fake case number.
Student Loan Forgiveness Scam
Scammers will call you and tell you about a student loan forgiveness program, but they are interested in obtaining private information about you or demanding money in order to join the fake program.
Tech Support Call You receive a call from someone with a heavy accent claiming to be a technician Microsoft or your ISP. They inform you that your PC has a virus and your online banking and other accounts may be compromised if the virus is not removed. They'll have you type in commands and view diagnostics on your PC which shows proof of the virus. Then they'll have you install remote support software so the technician can work on your PC, remove the virus, and install security software. The cost of the labor and software can be hundreds of dollars. The scam: There's no virus. The technician isn't a technician and does not work for Microsoft or your ISP. Scammers (primarily out of India) use autodialers to cold-call everyone in the US. Any file they point out to you or command they have you run is completely benign. The software they sell you is either freeware or ineffective. What to do you if you're involved with this scam: If the scammers are remotely on your computer as you read this, turn off your PC or laptop via the power button immediately, and then if possible unplug your internet connection. Some of the more vindictive tech scammers have been known to create boot passwords on your computer if they think you've become wise to them and aren't going to pay up. Hang up on the scammers, block the number, and ignore any threats about payment. Performing a system restore on your PC is usually all that is required to remove the scammer's common remote access software. Reports of identity theft from fake tech calls are uncommon, but it would still be a good idea to change your passwords for online banking and monitor your accounts for any possible fraud. How to avoid: Ignore any calls claiming that your PC has a virus. Microsoft will never contact you. If you're unsure if a call claiming to be from your ISP is legit, hang up, and then dial the customer support number listed on a recent bill. If you have elderly relatives or family that isn't tech savvy, take the time to fill them in on this scam.
Chinese government scam
This scam is aimed at Chinese people living in Europe and North America, and involves a voicemail from someone claiming to be associated with the Chinese government, usually through the Chinese consulate/embassy, who is threatening legal action or making general threats.
Chinese shipping scam
This scam is similar to the Chinese government scam, but involves a seized/suspicious package, and the scammers will connect the victim to other scammers posing as Chinese government investigators.
Social security suspension scam
You will receive a call from someone claiming to work for the government regarding suspicious activity, fraud, or serious crimes connected to your social security number. You'll be asked to speak to an operator and the operator will explain the steps you need to follow in order to fix the problems. It's all a scam, and will lead to you losing money and could lead to identity theft if you give them private financial information.
Utilities cutoff
You get a call from someone who claims that they are from your utility company, and they claim that your utilities will be shut off unless you immediately pay. The scammer will usually ask for payment via gift cards, although they may ask for payment in other ways, such as Western Union or bitcoin.
Relative in custody Scammer claims to be the police, and they have your son/daughtenephew/estranged twin in custody. You need to post bail (for some reason in iTunes gift cards or MoneyGram) immediately or the consequences will never be the same.
Mexican family scam
This scam comes in many different flavours, but always involves someone in your family and Mexico. Sometimes the scammer will claim that your family member has been detained, sometimes the scammer will claim that your family member has been kidnapped, and sometimes the scammer will claim that your family member is injured and needs help.
General family scams
Scammers will gather a large amount of information about you and target your family members using different stories with the goal of gettimg them to send money.
One ring scam
Scammers will call you from an international number with the goal of getting you to return their call, causing you to incur expensive calling fees.

Online shopping scams

THE GOLDEN RULE OF ONLINE SHOPPING: If it sounds too good to be true, it probably is.
Dropshipping
An ad on reddit or social media sites like Facebook and Instagram offers items at huge discounts or even free (sometimes requiring you to reblog or like their page). They just ask you to pay shipping. The scam: The item will turn out to be very low quality and will take weeks or even months to arrive. Sometimes the item never arrives, and the store disappears or stops responding. The seller drop-ships the item from China. The item may only cost a few dollars, and the Chinese government actually pays for the shipping. You end up paying $10-$15 dollars for a $4 item, with the scammer keeping the profit. If you find one of these scams but really have your heart set on the item, you can find it on AliExpress or another Chinese retailer.
Influencer scams
A user will reach out to you on a social media platform, usually Instagram, and offer you the chance to partner with them and receive a free/discounted product, as long as you pay shipping. This is a different version of the dropshipping scam, and is just a marketing technique to get you to buy their products.
Triangulation fraud
Triangulation fraud occurs when you make a purchase on a site like Amazon or eBay for an item at a lower than market price, and receive an item that was clearly purchased new at full price. The scammer uses a stolen credit card to order your item, while the money from the listing is almost all profit for the scammer.
Instagram influencer scams
Someone will message you on Instagram asking you to promote their products, and offering you a discount code. The items are Chinese junk, and the offer is made to many people at a time.
Cheap Items
Many websites pop up and offer expensive products, including electronics, clothes, watches, sunglasses, and shoes at very low prices. The scam: Some sites are selling cheap knock-offs. Some will just take your money and run. What to do if you think you're involved with this scam: Contact your bank or credit card and dispute the charge. How to avoid: The sites often have every brand-name shoe or fashion item (Air Jordan, Yeezy, Gucci, etc) in stock and often at a discounted price. The site will claim to be an outlet for a major brand or even a specific line or item. The site will have images at the bottom claiming to be Secured by Norton or various official payment processors but not actual links. The site will have poor grammar and a mish-mash of categories. Recently, established websites will get hacked or their domain name jacked and turned into scam stores, meaning the domain name of the store will be completely unrelated to the items they're selling. If the deal sounds too good to be true it probably is. Nobody is offering brand new iPhones or Beats or Nintendo Switches for 75% off.
Cheap Amazon 3rd Party Items
You're on Amazon or maybe just Googling for an item and you see it for an unbelievable price from a third-party seller. You know Amazon has your back so you order it. The scam: One of three things usually happen: 1) The seller marks the items as shipped and sends a fake tracking number. Amazon releases the funds to the seller, and the seller disappears. Amazon ultimately refunds your money. 2) The seller immediately cancels the order and instructs you to re-order the item directly from their website, usually with the guarantee that the order is still protected by Amazon. The seller takes your money and runs. Amazon informs you that they do not offer protection on items sold outside of Amazon and cannot help you. 2) The seller immediately cancels the order and instructs you to instead send payment via an unused Amazon gift card by sending the code on the back via email. Once the seller uses the code, the money on the card is gone and cannot be refunded. How to avoid: These scammers can be identified by looking at their Amazon storefronts. They'll be brand new sellers offering a wide range of items at unbelievable prices. Usually their Amazon names will be gibberish, or a variation on FIRSTNAME.LASTNAME. Occasionally however, established storefronts will be hacked. If the deal is too good to be true its most likely a scam.
Scams on eBay
There are scams on eBay targeting both buyers and sellers. As a seller, you should look out for people who privately message you regarding the order, especially if they ask you to ship to a different address or ask to negotiate via text/email/a messaging service. As a buyer you should look out for new accounts selling in-demand items, established accounts selling in-demand items that they have no previous connection to (you can check their feedback history for a general idea of what they bought/sold in the past), and lookout for people who ask you to go off eBay and use another service to complete the transaction. In many cases you will receive a fake tracking number and your money will be help up for up to a month.
Scams on Amazon
There are scams on Amazon targeting both buyers and sellers. As a seller, you should look out for people who message you about a listing. As a buyer you should look out for listings that have an email address for you to contact the person to complete the transaction, and you should look out for cheap listings of in-demand items.
Scams on Reddit
Reddit accounts are frequently purchased and sold by fraudsters who wish to use the high karma count + the age of the account to scam people on buy/sell subreddits. You need to take precautions and be safe whenever you are making a transaction online.
Computer scams
Virus scam
A popup or other ad will say that you have a virus and you need to follow their advice in order to remove it. They are lying, and either want you to install malware or pay for their software.

Assorted scams

Chinese Brushing / direct shipping
If you have ever received an unsolicited small package from China, your address was used to brush. Vendors place fake orders for their own products and send out the orders so that they can increase their ratings.
Money flipping
Scammer claims to be a banking insider who can double/triple/bazoople any amount of money you send them, with no consequences of any kind. Obviously, the money disappears into their wallet the moment you send it.

General resources

Site to report scams in the United Kingdom: http://www.actionfraud.police.uk/
Site to report scams in the United States: https://www.ic3.gov/default.aspx
Site to report scams in Canada: www.antifraudcentre-centreantifraude.ca/reportincident-signalerincident/index-eng.htm
Site to report scams in Europe: https://www.europol.europa.eu/report-a-crime/report-cybercrime-online
FTC scam alerts: https://www.consumer.ftc.gov/scam-alerts
Microsoft's anti-scam guide: https://www.microsoft.com/en-us/safety/online-privacy/avoid-phone-scams.aspx
https://www.usa.gov/common-scams-frauds
https://www.usa.gov/scams-and-frauds
https://www.consumer.ftc.gov/features/scam-alerts
https://www.fbi.gov/scams-and-safety/common-fraud-schemes
submitted by EugeneBYMCMB to Scams [link] [comments]

feature request - manual import WIF private key for Coldcard?

My two satoshis. I'd like the ability to import a standard WIF private key into a Coldcard as an advanced feature. To my knowledge, no hardware wallet has this feature, so it might be a good place to out compete, and be useful for recovering/spending old paper wallets.
submitted by Fiach_Dubh to coldcard [link] [comments]

FinderOuter: the bitcoin recovery tool

Link: https://github.com/Coding-Enthusiast/FinderOuter
The FinderOuter is a bitcoin recovery tool that focuses on making the recovery process easy for everyone. There is no need to read long guide pages to learn how to use the application. Instead it will always be as easy as filling some boxes, maybe selecting some options and clicking a button all in a user-friendly GUI. Each recovery option is written from scratch and all parts down to the basic cryptography used (such as SHA, ECC,...) are specialized for maximum efficiency.

Available options

1. Message signature verification

User can enter a message signature here to verify it. In case there is a problem with the message (except being an actually invalid signature), the code can search to find the common issues that some signing tools have and fix them.

2. Missing Base-58 characters

This option helps recover any base-58 encoded string with a checksum that is missing some characters. For example a damaged paper wallet where some characters are erased/unreadable. The position of missing characters must be known. It works for (1) WIFs (Base-58 encoded private key) (2) Addresses (Base-58 encoded P2PKH address) (3) BIP-38 (Base-58 encoded encrypted private key).
There is also a "special case" where a compressed private key is missing 3 characters at unknown positions.

3. Missing Base-16 characters

This option is similar to previous feature but works for base-16 (hexadecimal) private keys. It currently requires an address and only checks compressed public keys. Unlike the other options, this one is very slow since it depends on ECC and that is not yet optimized.

4. Missing mini-privatekey characters

This option is similar to 2 and 3 but works for mini-privatekeys (eg. SzavMBLoXU6kDrqtUVmffv). It requires an address to check each possible key against, as a result it is also slower since it depends on ECC and has 2 additional hashes.

5. Missing mnomonic (seed) words

This option works for BIP-39 mnemonics (others like Electrum will be added in the future) that have some words missing. It requires knowing one child key or address created from that seed and the exact path of it.

Future plans

submitted by Coding_Enthusiast to Autarkysoft [link] [comments]

Spreading Crypto: In Search of the Killer Application

Spreading Crypto: In Search of the Killer Application
This is the second post of our Spreading Crypto series where we take a deep dive into what it’ll take to help this technology reach broader adoption.
Mick exploring the state of apps in crypto
Our previous post explored the history of protocols and how they only become widely adopted when a compelling application makes them more accessible and easier to use.
Crypto will be no different. Blockchain technology today is mostly all low-level protocols. As with the numerous protocols that came before, these new, decentralized protocols need killer applications.
So, how’s that going? Where is crypto’s killer application? What’s the state of application development within our industry? Today we’ll try to answer those questions. We’ll also take a close look at decentralized applications — as that’s where a lot of the developer energy and focus currently is. Let’s dive in.

Popular Crypto Applications

The most popular crypto applications today are exchanges like Coinbase and Binance — each with tens of millions of users. Other popular crypto exchanges include Kraken, Bitstamp, Gemini, and Bitfinex. In recent years, new derivatives platforms have emerged like FTX and Deribit.
The most popular crypto applications today are primarily focused on trading, speculation, and finance. This class of applications dwarfs all other types of applications in terms of users and growth. That’s either a sign of strong product/market fit, or we just haven’t yet discovered other good use-cases. Or a mix of both.
https://preview.redd.it/8rnxghfrdh551.png?width=1600&format=png&auto=webp&s=b3df8c3d87410f6b84432df79528ee4324daf04d
Beyond the fact that the most popular crypto applications are all used for speculation, another common thread is that they are all centralized.
A centralized application means that ultimate power and control rests with a centralized party (the company who built it). For example, if Coinbase or Binance wants to block you from withdrawing your funds for whatever reason (maybe for suspicious activity or fraud), they can do that. They have control of their servers so they have control of your funds.
Most popular applications that we all use daily are centralized (Netflix, Facebook, Youtube, etc). That’s the standard for modern, world-class applications today.

Decentralized Applications

Even though the most popular crypto applications are all centralized, most of the developer energy and focus in our industry is with decentralized applications (dApps) and non-custodial products.
These are products where only the user can touch or move funds. Not even the company or developer who built the application can access or control or stop funds from being moved. Only the user has control.
These applications allow users to truly become their own bank and have absolute control of their money.
They also allow users to perform blockchain transactions and interact directly with decentralized protocols. Some of the most popular non-custodial products include Ledger, MetaMask, and MyCrypto (#ProudInvestor).
While the benefits of this type of application are obvious (user has full control of their funds), it comes with a lot of tradeoffs. We will cover that later in this post.
https://preview.redd.it/rs6tj7vsdh551.png?width=1600&format=png&auto=webp&s=86fe5bca3a9466abab5e78c9873ce3b57609f2d2

Libertarianism + Crypto

If the most popular applications tend to be centralized (inside and out of crypto), why is so much of our community focused on building decentralized applications (dApps)? For the casual observer, that’s a reasonable, valid question.
“Not your keys, not your coins.”
This meme is endlessly repeated among longtime crypto hodlers. If you’re not in complete control of your crypto (i.e. using non-custodial wallets or dApps), then it’s not really your crypto.
Engrained in the early culture of Bitcoin has always been a strong distrust for centralized authority and power — including the too-big-to-fail government-backed financial system. In the midst of the Financial Crisis, Satoshi Nakamoto included this headline in Bitcoin’s genesis block: “Chancellor on brink of second bailout for banks.” There has always been a close connection between libertarianism & cryptocurrency.
So it’s no surprise that much of the crypto developer community is spending their time building applications that are non-custodial or decentralized. It’s part of the DNA, the soul, the essence of our community.
https://preview.redd.it/fy33zhkvdh551.png?width=1600&format=png&auto=webp&s=386c741f13e9119ecfcfffe1c781d09ce58704ed

Personal Experience

When I was at Mainframe, we built Mainframe OS — a platform that developers use to build and launch decentralized applications (dApps). I’m deeply familiar with what’s possible and what’s not in the world of dApps. I have the battle scars and gray hair to prove it. We’ve hosted panels around the various challenges. We’ve even produced videos poking fun at how complicated it is for end-users to interact with.
After having spent three years in the trenches of this non-custodial world, I no longer believe that decentralized applications are capable of bringing crypto to the masses.
While I totally understand and appreciate the ethos of self-sovereignty, independence, and liberty… I think it’s a terrible mistake that as a community we are spending most of our time in this area of application development. Decentralized applications will not take crypto to the masses.
Mainframe OS

Overwhelming Friction

The user friction that comes with decentralized applications is just too overwhelming. Let’s go through a few of the bigger points:
  1. Knowledge & Education: Most non-custodial products do not abstract away any of the blockchain complexity. In fact, they often expose more of it because the most loyal users are crypto nerds. Imagine how a normie n00b feels when she starts seeing words like seed phrases, public & private keys, gas limits, transaction fees, blockchain explorers, hex addresses, and confirmation times. There is a lot for a user to learn and become educated on. That’s friction. The learning curve on this is just too damn high.
  2. User Experience: It is currently impossible to create a smooth and performant user experience in non-custodial wallets or decentralized applications. Any interaction that requires a blockchain transaction will feel sluggish and slow. We built a messaging app on Ethereum and presented it at DevCon3 in Cancun. The technical constraints of blockchain technology were crushing to the user experience. We simply couldn’t create the real-time, modern messaging experience that users have come to expect from similar apps like Slack or WhatsApp. Until blockchains are closer in speed to web servers (which will be difficult given their decentralized nature), dApps will never be able to create the smooth user experience that the masses expect.
  3. Loss of Funds Risk: There is no “Forgot Password” functionality when storing your own crypto in a non-custodial wallet. There is no customer support agent you can ping. There is no company behind it that can make you whole if you make a mistake and lose your money. You are on your own. One wrong move and your money is all gone. If you lose your private key, there is no way to recover your funds. This just isn’t the type of customer support experience people want or are used to.
Onyx Messaging App

What Our Industry Has Wrong

Decentralized applications will always have a place in the market — especially among the most hardcore crypto people and parts of the world where these tools are essential. I’m personally an active user of many non-custodial products. I’m a blockchain early-adopter, I like to hold my own money, and I’m very forgiving of suboptimal UX.
However, I’m not afraid to say the poop stinks. Decentralized applications simply cannot produce the type of product experience that mainstream consumers expect.
If the goal is growth and adoption, as a community I believe we’re barking up the wrong tree. We are trying to make fetch happen. It isn’t gonna happen. Our Netscape Moment is unlikely to arrive as long as we’re focused on decentralized applications.
\"Mean Girls\" movie
There’s a reason why the most popular consumer applications are centralized (Spotify, Amazon, Instagram, etc). There’s a reason why the most popular crypto applications are centralized (Coinbase, Binance, etc).
The frameworks, tooling, infrastructure, and services to support these modern, centralized applications are mature and well-established. It’s easier to build apps that are fast & performant. It’s easier to launch apps that are convenient and on all form-factors (especially mobile). It’s easier to distribute and promote via all the major app store channels (iOS/Android). It’s easier to patch, update, and upgrade. It’s easier to experiment and iterate.
It’s easier to design, build, and launch a world-class application when it is centralized! It is why we’ve chosen this path for Genesis Block.
---
Other Ways to Consume This Content:
We have a lot more content coming. Be sure to follow our channels: https://genesisblock.com/follow/
Have you already downloaded the app? We're Genesis Block, a new digital bank that's powered by crypto & decentralized protocols. The app is live in the App Store (iOS & Android). Get the link to download at https://genesisblock.com/download
submitted by mickhagen to genesisblockhq [link] [comments]

Post-Battle Assessments, Future Possibilities, Meta, Mission Creep, Commentary and Ideas

Greetings!
I've been sick for a few days and I'm a little fuzzy right now, so please forgive any typos and so forth. I find when I'm not feeling well and need to occupy my brain with something is the best time to ponder about big ideas and events and the meanings and possibilities thereof, and I actually have the time to put fingers to keys and try to make sense of such things with my typical walls of text. I'd like to address several things here, so let's get started.
First off, is a postmortem of the Wiki Month celebration for #GG's 5th anniversary. I'm proud to say that most of my "big ideas" have lead to success in one degree or another over the past half decade, but this was not one of them. Apart from our resident hero u/Mikisayaka33 and a few others, turnout for the #GG Wiki party was very small. This is mitigated by several factors including:
The deplatforming of 8chan and scattering of the #GG community there The split between KiA and KiA2 absorbing a ton of the Reddit community's creative energy The banning of Mombot and with her the last major central node in the old #GG Twitter network
With so much going on, I couldn't expect that many people were going to take a great deal of time to do the fiddly, exacting work needed to make good articles on a Wiki about troubles in the world of interactive Mongolian flipbook paintings. Nevertheless, good work has been done there. Hopefully it will continue to pay dividends.
Secondly, let's talk about 8chan. As many of you are doubtlessly aware, 8chan was taken offline by Cloudflare around August 10th, as we were in the middle of planning for #GG's anniversary events and shitposting away. Almost simultaneously, the Reddit community 8chan was shut down and a huge schism erupted here over the board staff's behavior, leading to the explosive growth of KiA2. In the month of August, almost on top of the 5th year anniversary, an entire #GG hub community found itself scattered to the wind and another fractured in half. Shortly thereafter, the last BIG #GG voice on social media was suspended. To top it all off 8chan's previous owner, Frederick (Hotwheels) Brennan, pulled a face-heel turn and went on a crusade against 8chan. He went so far as to team up with corrupt journalists on Twitter to put pressure on the site owners, to such an extent as to file paperwork to get the owner's citizenship requests revoked in the Philippines. He has alluded to using the substantial Bitcoin donations that 8chan users once contributed to him to pay for DDoS attacks on the site, threatened to write and release an open source flood script to keep it offline, completely reversed his stances on Internet censorship and free speech, and recently came out as a furry. It's been a rough four months for the goodguys. Maybe by design, as #GG as a whole seemed to suffer a "perfect storm" of events that disrupted us in ways very convenient for certain parties.
All that being said, 8chan is finally back online and recovering at its new address of 8kun.top. /gamergatehq/ has returned as well, addressed in the customary fashion. The site is working out a few minor bugs, but the communities are finally starting to recover, and the site now has its own in-house DDoS prevention software that is keeping the jackals mostly at bay. Our large communities survived in the interim by turning to the darknet as well as a self-healing clearnet Webring of "bunker" sites. The second largest of these bunkers is still online and holding a significant part of 8chan's old userbase, and it remains to be seen if they will be coming home or staying put. For #GG's part we should be recovered enough to get some things done within the coming weeks, probably after the Christmas Stalingrad season. Related to the subject of 8chan and #GG, I think its finally time for me to weigh in a bit on the KiA meta issues in a public manner. Lord knows I don't have to tell anybody here, mods or users, anything about the problems your board is facing. I have my private thoughts on that and I've made them known to the staff already. But what hasn't ever been addressed amounts to a pair of elephants in the room, and I would like to spare some oxygen to talk about them.
The first thing is a brief reminder of who your allies are. When #GamerGate kicked off, the pro-#GG side began as a huge coalition centered around three hubs: The imageboard community, KiA, and Twitter Front. Each served a different purpose: Small and classically nasty, 8chan did most of the planning and think-tank work, and had an informal network of people (including yours truly) carrying information back and forth between the three hubs and helping everyone coordinate. Huge and mild-mannered KiA could throw weight of numbers behind operations and served as a fantastic recruitment ground on the normie Internet. And chaotic Twitter could raise hell, apply social pressure, and grant massive public exposure to our efforts. A great system that we all collectively leveraged to great effect. There's just one problem: KiA seems to have forgotten who the 8chan hub is made up of. 8chan #GG was comprised of three factions. A hidden hub (/v/ #GG), a public "honeypot" hub (/gg/ - /gghq/), and the "Shekel Shoah" operation (/pol/).
Yes, THAT /pol/
Not to put too fine a point on it, but your allies in this thing from day one, including the minds behind Operation Disrespectful Nod, have been /pol/ in all their warts and triumphs, and to this day 8chan #GG remains a joint /pol/-/v/ project. How this was common knowledge in 2014-2015 and has somehow slipped beyond the veil of the obvious here beats me. You already know, in your heart of hearts, why I'm bringing this up. As a moderate lurker with intimate knowledge of the hub communities it has become quite apparent to me that the KiA of today has manifested something beyond the "agree to disagree" deference that signified that branch of the alliance for the first few years. There is a certain visible intolerance of "/pol/-types" on the part of both the mods and the community that has taken root here, that was not here in the first two or three years, and that is (at least in my opinion) fueling a good portion of your community fracture. /pol/, for their part, has never liked Reddit, but have always been happy to work together with this specific community in accomplishing a common goal. It is with high irony that I can state that they are more tolerant than you are, at this point. Those are sharp words, but they're sharp for the sake of honesty and not for the sake of insult. In the beginning we all set our political and cultural differences aside and became one community. Now something has elevated political differences in importance and we are fracturing as a result. From my experience, KiA2 resonates with more of the original "attitude" that once defined KiA. A certain moderated rowdiness and willingness to disregard our differences that I can't quite put to words. And yet it still feels like it is missing something from the absence of respectable viewpoints and personae that remain cloistered here. Pause and give that some thought if you will, before you read into the next paragraph.
Much has been said, including by myself, on the subject of "mission creep." We had no shortage of people pushing for #GG to be about more than just gaming media, even as far back as December of the first year. They were roundly, and loudly, and repeatedly, and rightly told to stuff it by the majority. To paraphrase IA in the Quinnspiracy videos, "if all of us together can't even clean up something as puny as the gaming media, what hope does anyone have of fixing the bigger issues?" Keep focus. Stay on target. Keep digging. Send those emails. And damn if we didn't! Millions in ad revenue up in flames, Gawker torpedoed, enough corporate fear and fury to deluge us in hitpieces and hate articles and we just surfed the wave higher as we watched them sink all the while. Any suggested diversion from that path immediately reeked of shill tactics. An underhanded effort to unfocus the autism laser. Indeed we had a traitor faction within our own ranks create and propagate the "ethics cuck" meme specifically to split our community and drive us toward politics and anti-SJW warfare instead of fighting our war in gaming. I personally fought alongside many others to put a stop to that. That happened in 2015! But whereas our victories are almost universally counted in what we have destroyed, not much gets said about the culture #GamerGate created.
Tech-savvy and Internet savvy meme connoisseurs Wide awake and aware of media propaganda and bias (redpilled) A developed taste for grassroots activism A developed hatred for censorship, whether in art or points of view
One quarter million people, with a reach of over three million. That's how big #GG was at our peak. Smaller forces have toppled governments. Now consider the state of the gaming media today, compared to pre-#GG. Yes, its still trash. But for years now the likes of Kotaku haven't dared to antagonize and demonize gamers the way they did to us in 2014. They learned a very painful lesson. Undisclosed conflicts of interest are much more rare now as well. While they're still pumping out "woke" garbage articles and clickbait, the original cassus belli of #GG has largely gone away since the fight was never about their generic quality but rather their brazen collusion to attack and silence gamer culture. Its only if you're holding out for vindication of #GG, an apology for their past behavior, or engaging (as in my case with Kuchera) a blood vendetta against the few remaining figures in our rogue's gallery that #GG's original conflict really has any gas left in it. We've been in "watchdog mode" for nearly four years, and there has been comparatively little to watch. That isn't a judgement, but I think its a valid (and somewhat welcome) observation. We have no realistic power to make the games media good, but we succeeded in hurting them as payback, and making them more ethical to prevent further big issues. For the main, basic, simplest goal that more or less everyone agreed with in 2014, #GamerGate has apparently won the war. Or at least reduced it to no more than an occasional mopping-up operation. Now all those SJW-aware, redpilled, Internet savvy gamers who hate media bias and censorship and have a taste for activism can just go home.
There is a fly in that ointment, however. Over the long course of #GG we learned something about our opponents in the media. Both in the games media that created the lies about us from whole cloth, and the mainstream media who happily backed their play to spin a narrative: We learned their motivations. Beginning with GamesJournoPros we learned that the major players and gatekeepers in the games media shared certain political sensibilities that justified everything they did. When they colluded behind closed doors, it was with other people who shared their political sensibilities. When they circled the wagons and defended each other from criticism, it was on the basis of their political sensibilities. When they lashed out at gamer culture it was to direct others who shared their political sensibilities to attack us. When we appealed to higher authorities we were denied on the basis of different political sensibilities. When our voices were censored from seemingly the entire Internet, it was on the basis of not having the right political sensibilities. When Wikileaks took notice of us, they warned us that the corruption and bias we were seeing was "mirrored at the very top." And for #GG's culture who is now aware and sensitive to the presence of media bias and corruption and who have knowledge of these motivations, we can now see those same political sensibilities driving enormous problems at every level of life from local politics to Hollywood to Presidential elections. And for people with a taste for activism, it is not something that can be dismissed as "not my problem" while still being true to yourself. There are four lights, afterall. With this state of affairs looming in the foreground, there is a very reasonable appeal in using the downtime resident in "watchdog mode" #GG to think and talk about the bigger problems stemming from the same sources, and perhaps eventually formulating some sort of activist solutions to improve the situation. In 2014, 2015, or in my opinion even 2016 I would argue that this would be "mission creep." Premature and dangerous with so much still up in the air. Today, five years hence and with so little on our plate, it now seems much more like a natural evolution of goals driven by the core culture of #GamerGate itself. The community is changing its goals because it has grown into change, and not because its hand is being forced or manipulated. Take a moment to reflect on this, and then consider the events and attitudes that split your community in light of it, and perhaps things will become more understandable without the animosity. Its better to have strange bedfellows than to fight alone.
Finally I would like to address something that I think is sorely needed. The few of you who know me personally know I already have more project irons in the fire than I can handle on a given day, so I'd like to pitch this as an idea to the more Reddit-savvy technical folks here. I call the concept "Salvation." Imagine a custom fork of Gab's open-source Dissenter application, but tailor-made for Reddit. Allowing anyone to comment and reply to any Reddit thread via a third party overlay that the Reddit admins have no power to enforce against.
Imagine it. You could post whatever you wanted "on Reddit" again. The use of such an app could be integrated into a board's culture. On the surface where normies lurk you would see only the clean, advertiser friendly milquetoast nonsense of the Reddit administrators. Yet then established members of the community could go beneath and say what they really think with no oversight from Reddit's admin staff. Real discussions and activism could happen again, using Reddits infrastructure to build and maintain communities, and yet placing the dedicated members beyond the reach of Reddits Byzantine TOS and redname whimsy. Free speech could be restored sitewide for the cost of a browser app and a sticky telling everyone where to find it.
Thank you as always for reading. Cheers, KiA.
submitted by AcidOverlord to KotakuInAction [link] [comments]

Technical: The `SIGHASH_NOINPUT` Debate! Chaperones and output tagging and signature replay oh my!

Bitcoin price isn't moving oh no!!! You know WHAT ELSE isn't moving?? SIGHASH_NOINPUT that's what!!!
Now as you should already know, Decker-Russell-Osuntokun ("eltoo") just ain't possible without SIGHASH_NOINPUT of some kind or other. And Decker-Russell-Osuntokun removes the toxic waste problem (i.e. old backups of your Poon-Dryja LN channels are actively dangerous and could lose your funds if you recover from them, or worse, your most hated enemy could acquire copies of your old state and make you lose funds). Decker-Russell-Osuntokun also allows multiparticipant offchain cryptocurrency update systems, without the drawback of a large unilateral close timeout that Decker-Wattenhofer does, making this construction better for use at the channel factory layer.
Now cdecker already wrote a some code implementing SIGHASH_NOINPUT before, which would make it work in current pre-SegWit P2PKH, P2SH, as well as SegWit v0 P2WPKH and P2WSH. He also made and published BIP 118.
But as is usual for Bitcoin Core development, this triggered debate, and thus many counterproposals were made and so on. Suffice it to say that the simple BIP 118 looks like it won't be coming into Bitcoin Core anytime soon (or possibly at all).
First things first: This link contains all that you need to know, but hey, maybe you'll find my take more amusing.
So let's start with the main issue.

Signature Replay Attack

The above is the Signature Replay Attack, and the reason why SIGHASH_NOINPUT has triggered debate as to whether it is safe at all and whether we can add enough stuff to it to ever make it safe.
Now of course you could point to SIGHASH_NONE which is even worse because all it does is say "I am authorizing the spend of this particular coin of this particular value protected by my key" without any further restrictions like which outputs it goes to. But then SIGHASH_NONE is intended to be used to sacrifice your money to the miners, for example if it's a dust attack trying to get you to spend, so you broadcast a SIGHASH_NONE signature and some enterprising miner will go get a bunch of such SIGHASH_NONE signatures and gather up the dust in a transaction that pays to nobody and gets all the funds as fees. And besides; even if we already have something you could do stupid things with, it's not a justification for adding more things you could do stupid things with.
So yes, SIGHASH_NOINPUT makes Bitcoin more powerful. Now, Bitcoin is a strong believer in "Principle of Least Power". So adding more power to Bitcoin via SIGHASH_NOINPUT is a violation of Principle of Least Power, at least to those arguing to add even more limits to SIGHASH_NOINPUT.
I believe nullc is one of those who strongly urges for adding more limits to SIGHASH_NOINPUT, because it distracts him from taking pictures of his autonomous non-human neighbor, a rather handsome gray fox, but also because it could be used as the excuse for the next MtGox, where a large exchange inadvertently pays to SIGHASH_NOINPUT-using addresses and becomes liable/loses track of their funds when signature replay happens.

Output Tagging

Making SIGHASH_NOINPUT safer by not allowing normal addresses use it.
Basically, we have 32 different SegWit versions. The current SegWit addresses are v0, the next version (v1) is likely to be the Schnorr+Taproot+MAST thing.
What output tagging proposes is to limit SegWit version ranges from 0->15 in the bech32 address scheme (instead of 0->31 it currently has). Versions 16 to 31 are then not valid bech32 SegWit addresses and exchanges shouldn't pay to it.
Then, we allow the use of SIGHASH_NOINPUT only for version 16. Version 16 might very well be Schnorr+Taproot+MAST, with a side serving of SIGHASH_NOINPUT.
This is basically output tagging. SIGHASH_NOINPUT can only be used if the output is tagged (by paying to version 16 SegWit) to allow it, and addresses do not allow outputs to be tagged as such, removing the potential liability of large custodial services like exchanges.
Now, Decker-Russell-Osuntokun channels have two options:
The tradeoffs in this case are:
The latter tradeoff is probably what would be taken (because we're willing to pay for privacy) if Bitcoin Core decides in favor of tagged outputs.
Another issue here is --- oops, P2SH-Segwit wrapped addresses. P2SH can be used to wrap any SegWit payment script, including payments to any SegWit version, including v16. So now you can sneak in a SIGHASH_NOINPUT-enabled SegWit v16 inside an ordinary P2SH that wraps a SegWit payment. One easy way to close this is just to disallow P2SH-SegWit from being valid if it's spending to SegWit version >= 16.

Chaperone Signatures

Closing the Signature Replay Attack by adding a chaperone.
Now we can observe that the Signature Replay Attack is possible because only one signature is needed, and that signature allows any coin of appropriate value to be spent.
Adding a chaperone signature simply means requiring that the SCRIPT involved have at least two OP_CHECKSIG operations. If one signature is SIGHASH_NOINPUT, then at least one other signature (the chaperone) validated by the SCRIPT should be SIGHASH_ALL.
This is not so onerous for Decker-Russell-Osuntokun. Both sides can use a MuSig of their keys, to be used for the SIGHASH_NOINPUT signature (so requires both of them to agree on a particular update), then use a shared ECDH key, to be used for the SIGHASH_ALL signature (allows either of them to publish the unilateral close once the update has been agreed upon).
Of course, the simplest thing to do would be for a BOLT spec to say "just use this spec-defined private key k so we can sidestep the Chaperone Signatures thing". That removes the need to coordinate to define a shared ECDH key during channel establishment: just use the spec-indicated key, which is shared to all LN implementations.
But now look at what we've done! We've subverted the supposed solution of Chaperone Signatures, making them effectively not there, because it's just much easier for everyone to use a standard private key for the chaperone signature than to derive a separate new keypair for the Chaperone.
So chaperone signatures aren't much better than just doing SIGHASH_NOINPUT by itself, and you might as well just use SIGHASH_NOINPUT without adding chaperones.
I believe ajtowns is the primary proponent of this proposal.

Toys for the Big Boys

The Signature Replay Attack is Not A Problem (TM).
This position is most strongly held by RustyReddit I believe (he's the Rusty Russell in the Decker-Russell-Osuntokun). As I understand it, he is more willing to not see SIGHASH_NOINPUT enabled, than to have it enabled but with restrictions like Output Tagging or Chaperone Signatures.
Basically, the idea is: don't use SIGHASH_NOINPUT for normal wallets, in much the same way you don't use SIGHASH_NONE for normal wallets. If you want to do address reuse, don't use wallet software made by luke-jr that specifically screws with your ability to do address reuse.
SIGHASH_NOINPUT is a flag for use by responsible, mutually-consenting adults who want to settle down some satoshis and form a channel together. It is not something that immature youngsters should be playing around with, not until they find a channel counterparty that will treat this responsibility properly. And if those immature youngsters playing with their SIGHASH_NOINPUT flags get into trouble and, you know, lose their funds (as fooling around with SIGHASH_NOINPUT is wont to do), well, they need counseling and advice ("not your keys not your coins", "hodl", "SIGHASH_NOINPUT is not a toy, but something special, reserved for those willing to take on the responsibility of making channels according to the words of Decker-Russell-Osuntokun"...).

Conclusion

Dunno yet. It's still being debated! So yeah. SIGHASH_NOINPUT isn't moving, just like Bitcoin's price!!! YAAAAAAAAAAAAAAAAAAA.
submitted by almkglor to Bitcoin [link] [comments]

Bitcoin balloon idea?

Just an idea but I think it would be cool to put a Bitcoin private key on a balloon and let it drift in the upper atmosphere for months on end. At the same time, have a website with the corresponding Bitcoin public address so anyone can donate Bitcoin but it can only be claimed by whoever recovers the balloon. It could be inscribed and small so it wouldn't add any weight. If enough people donated, the balloon could potentially get to be worth hundreds if not thousands of dollars. And then there would be a race to recover it when it finally comes down. Thoughts?
submitted by Intro24 to hab [link] [comments]

The importance of being mindful of security at all times - nearly everyone is one breach away from total disaster

This is a long one - TL;DR at the end!

If you haven't heard yet: BlankMediaGames, makers of Town of Salem, have been breached which resulted in almost 8 million accounts being leaked. For most people, the first reaction is "lol so what it's just a game, why should I really care?" and that is the wrong way to look at it. I'd like to explain why everyone should always care whenever they are part of a breach. I'd also like to talk about some ways game developers - whether they work solo or on a team - can take easy steps to help protect themselves and their customers/players.
First I'd like to state that there is no practical way to achieve 100% solid security to guarantee you'll never be breached or part of a breach. The goal here will be to get as close as possible, or comfortable, so that you can rest easy knowing you can deal with problems when they occur (not if, when).

Why You Should Care About Breaches

The sad reality is most people re-use the same password everywhere. Your email account, your bank account, your steam account, your reddit account, random forums and game websites - you get the idea. If you haven't pieced it together yet the implication is that if anyone gets your one password you use everywhere, it's game over for you - they now own all of your accounts (whether or not they know it yet). Keep in mind that your email account is basically the holy grail of passwords to have. Most websites handle password changes/resets through your email; thus anyone who can login to your email account can get access to pretty much any of your accounts anywhere. Game over, you lose.

But wait, why would anyone want to use my password? I'm nobody!

It doesn't matter, the bad guys sell this information to other bad guys. Bots are used to make as much use of these passwords as possible. If they can get into your bank they might try money transfers. If they get into your Amazon account they might spin up $80,000 worth of servers to mine Bitcoin (or whatever coin is popular at the time). They don't care who you are; it's all automated.
By the way, according to this post (which looks believable enough to be real) this is pretty much how they got into the BMG servers initially. They checked for usernames/emails of admins on the BMG website(s) in previous breach dumps (of which there are many) and found at least one that used the same password on other sites - for their admin account!
If you want to see how many of your accounts are already breached check out Have I Been Pwned - I recommend registering all of your email addresses as well so you get notified of future breaches. This is how I found out about the Town of Salem breach, myself.

How You Can Protect Yourself

Before I go into all the steps you can (and should) take to protect yourself I should note that security is in a constant tug of war with convenience. What this means is that the more security measures you apply the more inconvenienced you become for many tasks. It's up to you to decide how much is too much either way.
First of all I strongly recommend registering your email(s) on https://haveibeenpwned.com/ - this is especially important if your email address is associated to important things like AWS, Steam developer account, bank accounts, social media, etc. You want to know ASAP when an account of yours is compromised so you can take steps to prevent or undo damage. Note that the bad guys have a head start on this!

Passwords

You probably need to have better password hygiene. If you don't already, you need to make sure every account you have uses a different, unique, secure password. You should change these passwords at least once a year. Depending on how many accounts you have and how good your memory is, this is your first big security vs convenience trade-off battle. That's easily solved, though, by using a password manager. You can find a list of password managers on Wikipedia here or you can search around for some comparison articles.
Some notable choices to consider:
Regardless of which one you choose, any of them is 100x better than not using one at all.

Multi-Factor Authentication / Two-Factor Authentication (aka MFA / 2FA)

The problem with all these passwords is that someone can still use them if they are found in a breach. Your passwords are only as strong as the website you use them on. In the case of the BMG breach mentioned above - all passwords were stored in an ancient format which has been insecure for years. It's likely that every single password in the breach can be reversed/cracked, or already have been. The next step you need to take is to make it harder for someone else to login with your password. This is done using Multi-Factor Authentication (or Two-Factor Authentication).
Unfortunately not every website/service supports MFA/2FA, but you should still use it on every single one that does support it. You can check which sites support MFA/2FA here or dig around in account options on any particular site. You should setup MFA/2FA on your email account ASAP! If it's not supported, you need to switch to a provider that does support it. This is more important than your bank account! All of the big email providers support it: GMail, Outlook.com, Yahoo Mail, etc.
The type of MFA/2FA you use depends on what is supported by each site/service, but there is a common approach that is compatible on many of them. Most of them involve phone apps because a phone is the most common and convenient "thing you have" that bad guys (or anyone, really) can't access easily. Time-based One-time Password or TOTP is probably the most commonly used method because it's easy to implement and can be used with many different apps. Google Authenticator was the first popular one, but it has some limitations which continue the security vs convenience battle - namely that getting a new phone is a super huge chore (no backup/restore option - you have to disable and setup each site all over again). Many alternatives support cloud backup which is really convenient, though obviously less secure by some measure.
Notable choices to consider:
Some sites/services use their own app, like Blizzard (battle.net) and Steam, and don't allow you to use other ones. You will probably have a few apps on your phone when all your accounts are setup, but it's worth it. You'll definitely want to enable it on your password manager as well if you chose a cloud-based one.
Don't forget to save backup codes in an actual secure location! If you lose your backup codes and your auth app/physical key you will be locked out of accounts. It's really not fun recovering in that situation. Most recommendations are to print them and put in a fireproof safe, but using some other secure encrypted storage is fine.
There is such a thing as bad MFA/2FA! However, anything is at least better than nothing. A lot of places still use SMS (text messaging) or e-mail for their MFA/2FA implementation. The e-mail one has the most obvious flaw: If someone gets into your email account they have defeated that security measure. The SMS flaws are less obvious and much less likely to affect you, but still a risk: SMS is trivial to intercept (capture data over the air (literally), clone your SIM card data, and some other methods). Still, if you're not a person of interest already, it's still better than nothing.

What Does This Have To Do With GameDev?

Yeah, I do know which subreddit I'm posting in! Here's the section that gets more into things specific to game development (or software development in general).

Secure Your Code

Securing your code actually has multiple meanings here: Securing access to your code, and ensuring your code itself is secure against exploitation. Let's start with access since that's the easier topic to cover!
If you're not already using some form of Source Control Management (SCM) you really need to get on board! I'm not going to go in depth on that as it's a whole other topic to itself, but I'll assume you are using Git or Mercurial (hg) already and hosting it on one of these sites (or a similar one):
First, ensure that you have locked down who can access this code already. If you are using private repositories you need to make sure that the only people who have access are the people who need access (i.e. yourself and your team). Second, everyone should have strong passwords and MFA/2FA enabled on their accounts. If 1 person on the team does not follow good security practices it puts your whole project at risk! So make sure everyone on the team is following along. You can also look into tools to do some auditing and even automate it so that if anyone's account becomes less secure over time (say they turned off MFA one day) they would automatically lose their access.
Additionally you should never commit secrets (passwords, API keys, tokens, social security numbers, etc) to your code repository. Probably 90% of cases where people have their AWS/Google Cloud/Azure accounts compromised and racking up huge bills for bitcoin mining is due to having their passwords/keys stored in their git repo. They either accidentally made it public or someone got access to the private repo through a compromised account. Never store sensitive information in your code repository!
Next topic: Securing your code from vulnerabilities. This one is harder to talk about for game dev as most engines/frameworks are not as susceptible (for lack of a better word) to these situations as others. In a nutshell, you need to keep track of the following:
A lot of these things cannot be solved automatically, unfortunately, but some of it can. If you are using Javascript for your game you likely will be using packages from npm - luckily they (recently) added security auditing for packages. For other languages you can look at tools like Snyk or some other alternatives to audit the libraries you use in your project. Unfortunately none that I know of are aimed at game dev in particular, but it's still important to use these tools when you can. In general, be aware of all of your code dependencies and what impact they can have on your game or your customers if there are security bugs. Impact can range from "can cheat in multiplayer" to "can get IP addresses of all players in the world" or even "can get all information I ever put on my server", etc.
In general you'll want to look into Secure Software Development Lifecycle (commonly SDLC) practices. Microsoft has some information on how they do it.

Secure Your Computer

I'm not going to go in depth on this one because at this point everyone should have a handle on this; if not there are limitless articles, blogs, and videos about the how/what/why. In summary: Keep everything updated, and don't open suspicious links.

Secure Your Website

I will have to add more to this later probably, but again there are tons of good articles, blogs, and videos on these topics. Hopefully the information in this section is enough to get you on the right track - if not feel free to ask for more info. Lots of guides can be found on Digital Ocean's site and they are relevant even if you don't use DO for your servers.
A lot of this will apply to your game servers as well - really any kind of server you expect to setup.

That's it, for now

I ran out of steam while typing this all up after a couple hours, but I may revisit it later to add more info. Feel free to ask any questions about any of these topics and I'll do my best to answer them all.

TL;DR (y u words so much??)

... in general... in general... in general... I sure wrote those 2 words a lot.

Why Should I Trust This Post?

Hopefully I have provided enough information and good links in this post that you can trust the contents to be accurate (or mostly accurate). There is certainly enough information to do some searches on your own to find out how right or wrong I might be about these things.
If you want my appeal to authority answer: I've been working at a major (network/computer) security company for almost 7 years as a software developer, and I've had to put up with pretty much every inconvenience brought on by security. I've also witnessed the aftermath of nearly every type of security failure covered in this post, via customers and the industry at large. None of the links I used are related to my employer or its products.
Edit: Fixed some typos and added some more links
More edit: added a few more points and links
submitted by exoplasm to gamedev [link] [comments]

FAQ & Daily General Discussion - January 3th, 2018

FAQ below, daily discussion in the comments! /RaiTrade for all price and trading related posts
Welcome!
As only 2 stickied threads are possible, we have decided to combine the "Are you new here" and the daily discussion thread. XRB is attracting more and more people, both veterans and newbies in the cryptoworld. As XRB is quite a bit different than other coins/blockchains, it's normal that a lot of users have (the same) questions. So please, before making a new thread, read this post first and use the search bar! Threads that are created which contain a question to which an answer is available here, will be locked and directed to this post.
 
Guidelines for posting in this thread:
 
Questions, debates, meta issues, etc are all welcome. Breaking news should be posted separately from this thread. Rules:
 
Be respectful to one another. Follow the golden rule. No trolling or shilling.
 
Guidelines for posting new threads:
 
Is your thread something that does not fit in the daily thread or in another 'general' thread? Do you have a question, and it's not in the list below? Do you have exiting news to post? Did you use the search bar first? Good, go ahead :-)
 
The Whitepaper: In logical order, we start with the whitepaper. It contains the complete details about RaiBlocks, including some more technical details. Even if you're not technical, take a quick look at it. It will explain a lot! https://raiblocks.net/media/RaiBlocks_Whitepaper__English.pdf
 
The FAQs: Now the technical FAQs, a document explaining how it works, how it compares to other coins, ... https://raiblocks.net/media/RaiBlocks_FAQ.pdf
 
Let's keep a decent overview of other, more practical questions :-)
 
Guide to set up your wallet https://www.reddit.com/RaiBlocks/comments/7bw77e/how_to_setup_your_desktop_wallet/
 
How do I buy or store XRB? Check out these guides: https://www.reddit.com/RaiBlocks/comments/7i0co0/the_definitive_guide_to_buying_and_storing/ https://www.reddit.com/RaiBlocks/comments/7iv89b/how_to_buy_xrb_without_waiting_for_a_transaction/
 
My desktop wallet isn't syncing! Do the numbers between the brackets still move? Good. The numbers before the parentheses are the number of blocks the wallet has verified, the numbers between parentheses is the amount of downloaded-but-not-yet-verified blocks. Is the wallet unlocked? Good, it needs to be unlocked to be able to sync. Still nothing? Go to 'accounts' - 'use account'. Still nothing? Close the wallet, reopen it.
 
What is a representative? Ah, so you haven't read the whitepaper haven't you... When conflicting blocks arise, a vote will have to be cast on which block to accept. Since you won't be online 24/7, you can outsource your voting power to a representative, who are online 24/7. They cannot access your funds, and you can change it anytime.
 
What is the incentive to run a node? Apart from helping the network and making it more secure, this user gives a detailed answer: https://www.reddit.com/CryptoCurrency/comments/7j4xgt/i_just_sent_1000xrb_from_one_wallet_to_anothedr4l587/
 
My transaction isn't visible in my wallet or it says 'not pocketed' on the block explorer! Is your wallet fully synced? Yes? Good, it needs to be completely synced before it will show your balances. Nothing? Go to "https://raiblocks.net/account/index.php?acc=ADDRESS HERE". Do you see the transaction there (as 'not pocketed')? Good, that means that it's just a matter of showing it in your wallet, the coins are linked to your address already. In your wallet, go to 'Accounts' - 'Use account', 'Back', 'Advanced' - 'Search for receivables'. Did it work? Good. If not, go to 'Advanced' - 'Account explorer', hit refresh. Still nothing? Close/kill the wallet and reopen it. Still nothing? Go to 'Advanced' and change the unit from Mxrb to xrb and back to Mxrb. Stillll nothing? Fine, make a thread!
 
The syncing is sooo slow!! On HDD, it can take a couple days for it to sync. Why? Every block is only 400bytes in size, they all need to be written on your HDD. SSD takes about 12h. Check the bottom of this post for a shortcut if you use HDD (or SSD and have no patience :-) ).
 
My withdrawal from BitGrail/Mercatox isn't working!! BitGrail and Mercatox are having quite some issues, both due to a bug in their RaiBlocks node, and because of being overwelmed. They have to do each withdrawal manually. Log a ticket and have patience! Mercatox support: https://mercatox.com/support BitGrail support: to be added when they're back
 
We need a new exchange & website & ...!! Indeed, large exchange would be super!. But before that, we need a new website, mobile wallets, ... Those are in the make. Don't ask about the new exchanges, no one knows!
 
What is the incentive to run a node? There is no monetary reward, but tread this post/comment! https://www.reddit.com/CryptoCurrency/comments/7j4xgt/i_just_sent_1000xrb_from_one_wallet_to_anothedr4l587/
 
We're limited to 7k TPS, how's that scalable!? The current limitation of 7K TPS is a hardware limitation of writing data to the disk, not a protocol limitation. As hardware improves, so will the TPS limit.
 
Does the receiver account have to be online when I create my send transaction? No, whenever the send transaction goes out, the funds are "not pocketed" by the receiver. The funds are as good as the receivers and cannot be revoked by the sender. "Not pocketed" funds do NOT expire.
 
What are "not pocketed" funds? A transaction consists of a "send" and a "receive" transaction. During the period where a "send" doesn't have its partnering "receive" transaction, the accounts are considered "not pocketed" by the recipient. "Not pocketed" funds are securely the receiver's funds. Once the receiver's wallet comes online, is fully synced, and unlocked, the funds will automatically be signed into their account chain.
 
What are the requirements to run a node? Currently the only real recommendation is to have a fast storage medium, such as an SSD instead of HDD. This is because currently the full node software does a lot of disk I/O for rapidly processing transactions. This may change with future full node versions that better utilize available system RAM and relax disk I/O.
 
What do the numbers at the top of the desktop wallet mean? The numbers will look like: processed (unprocessed downloaded) Where "processed" is the number of downloaded blocks that your node has processed, and "unprocessed downloaded" are blocks that your software has downloaded but not processed yet. To be fully synced, all blocks must be processed. As new transactions are created on the network, they will be downloaded into the "unprocessed" category to be subsequently processed.
 
How can I run a full node? The desktop wallet is already a full node! Just by running it you are helping
 
Can I send funds to my wallet before it is synced? Yes. Funds can be sent to any "xrb_" address, even if they were created in an offline environment. RaiBlocks is exactly the same as ethereum or bitcoin in this sense. The funds will show up when the wallet is fully synced with the network. Make sure to back up your seed!
 
How do I backup my wallet? Just write down your seed and keep it in a safe place. All accounts generated from that seed will be generated again (in order) when you restore that seed.
 
Can I reuse an address? Yes, unlike IOTA you can reuse addresses like in Bitcoin and Ethereum. Please understand the reasoning for this; IOTA does this because it is a drawback to the quantum-proof digital signature algorithm they use. RaiBlocks' current digital signature algorithm is not quantum proof, but the devs have expressed interest in changing to a quantum-proof algortihm as the field matures and quantum computers become a more significant threat to the network.
 
What's up with the units? Currently the ticker XRB on exchanges represents 1 Mxrb (or million xrb). As the name suggests, 1Mxrb = 1000000 xrb. The smallest unit of RaiBlocks is the raw. There are 1024 raw in an xrb, or 1030 raw in an Mxrb/XRB. Whenever people are talking, they are generally talking in XRB or equivalently Mxrb
 
What is the max supply? The max supply is 133,248,290 XRB. For units see the question above. Why this number? Well RaiBlock's value is kept in a uint128 variable (unsigned 128-bit integer). An uint128 has max value (2128)-1, which is approximately 340,282,366,920,938,000,000,000,000,000,000,000,000. This was the original number of "raw" in RaiBlocks. RaiBlocks was distributed via a Captcha faucet distribution system; of which 133,248,290 XRB were distributed. Due to some non-technical issues, the faucet distribution was cut short and the remaining quantity was burned. This leaves just 133,248,290 XRB (approximately 133,248,290,000,000,000,000,000,000,000,000,000,000 raw) circulating.
 
Can someone access my funds even if I use a password (desktop wallet) Yes. The password feature of the desktop wallet just encrypts the seed locally on your computer. If anyone gets access to your plaintext (unencrypted seed, the thing we tell you to backup) they have access to your funds. The benefit of the password is that if someone has access to your computer, they don't immediately have access to your raiblocks.
 
Whats a seed? What's a private key? Whats a public key? Any time you set up a Raiblocks address (such as creating a new wallet) , you will be provided with a "Seed" which is 64 characters of text that is unique to your wallet. Do not store your seed online (e.g do not screenshot, email or save it in a file) because anyone with the seed can access all accounts on it and take all of your Rai! The reason why it is provided is so that if for any reason you need to recover your account(s) you can do so without the original wallet you created the account on, so keep it safe!
 
Tips & Tricks * Transferring BTC between exchanges can be expensive and relatively fast (think hour(s)), or cheap and slow (think a few days). LTC or ETH transfers are faster, but make sure to check the discrepancy in BTC-LTC or BTC-ETH prices on markets with low volume! * 1 XRB as bought on an exchange is 1 million xrb, aka Rai. 1 Rai = 1024th raw, the smallest units on the RaiBlocks network. * 'Not pocketed' can stay like that indefinitely. If you want to spend the coins, you'll have to sync your wallet and create a 'RECEIVE' block though (this is done by Advanced - Check for receivables in the desktop wallet).
 
Want to try out the instant transactions without any fees? Check out This link
 
Daily update of data.ldb for 1st sync Want to skip the long sync time? Save your seed, check Readme.txt if you are going to use this method to speed up 1st wallet sync! Confirm the checksums/links in the #support channel at https://chat.raiblocks.net/. It's usually posted by SergSW. This link or this slightly newer one will guide you through it, but use the links below for the most recent files.
 
Find the latest updated DB files in the wiki page: https://www.reddit.com/RaiBlocks/wiki/index
Make sure to read the readme.txt!!
submitted by Crypto_Jasper to RaiBlocks [link] [comments]

FAQ & Daily General Discussion - January 1th, 2018

FAQ below, daily discussion in the comments! /RaiTrade for all price and trading related posts
Welcome!
As only 2 stickied threads are possible, we have decided to combine the "Are you new here" and the daily discussion thread. XRB is attracting more and more people, both veterans and newbies in the cryptoworld. As XRB is quite a bit different than other coins/blockchains, it's normal that a lot of users have (the same) questions. So please, before making a new thread, read this post first and use the search bar! Threads that are created which contain a question to which an answer is available here, will be locked and directed to this post.
 
Guidelines for posting in this thread:
 
Questions, debates, meta issues, etc are all welcome. Breaking news should be posted separately from this thread. Rules:
 
Be respectful to one another. Follow the golden rule. No trolling or shilling.
 
Guidelines for posting new threads:
 
Is your thread something that does not fit in the daily thread or in another 'general' thread? Do you have a question, and it's not in the list below? Do you have exiting news to post? Did you use the search bar first? Good, go ahead :-)
 
The Whitepaper: In logical order, we start with the whitepaper. It contains the complete details about RaiBlocks, including some more technical details. Even if you're not technical, take a quick look at it. It will explain a lot! https://raiblocks.net/media/RaiBlocks_Whitepaper__English.pdf
 
The FAQs: Now the technical FAQs, a document explaining how it works, how it compares to other coins, ... https://raiblocks.net/media/RaiBlocks_FAQ.pdf
 
Let's keep a decent overview of other, more practical questions :-)
 
Guide to set up your wallet https://www.reddit.com/RaiBlocks/comments/7bw77e/how_to_setup_your_desktop_wallet/
 
How do I buy or store XRB? Check out these guides: https://www.reddit.com/RaiBlocks/comments/7i0co0/the_definitive_guide_to_buying_and_storing/ https://www.reddit.com/RaiBlocks/comments/7iv89b/how_to_buy_xrb_without_waiting_for_a_transaction/
 
My desktop wallet isn't syncing! Do the numbers between the brackets still move? Good. The numbers before the parentheses are the number of blocks the wallet has verified, the numbers between parentheses is the amount of downloaded-but-not-yet-verified blocks. Is the wallet unlocked? Good, it needs to be unlocked to be able to sync. Still nothing? Go to 'accounts' - 'use account'. Still nothing? Close the wallet, reopen it.
 
What is a representative? Ah, so you haven't read the whitepaper haven't you... When conflicting blocks arise, a vote will have to be cast on which block to accept. Since you won't be online 24/7, you can outsource your voting power to a representative, who are online 24/7. They cannot access your funds, and you can change it anytime.
 
What is the incentive to run a node? Apart from helping the network and making it more secure, this user gives a detailed answer: https://www.reddit.com/CryptoCurrency/comments/7j4xgt/i_just_sent_1000xrb_from_one_wallet_to_anothedr4l587/
 
My transaction isn't visible in my wallet or it says 'not pocketed' on the block explorer! Is your wallet fully synced? Yes? Good, it needs to be completely synced before it will show your balances. Nothing? Go to "https://raiblocks.net/account/index.php?acc=ADDRESS HERE". Do you see the transaction there (as 'not pocketed')? Good, that means that it's just a matter of showing it in your wallet, the coins are linked to your address already. In your wallet, go to 'Accounts' - 'Use account', 'Back', 'Advanced' - 'Search for receivables'. Did it work? Good. If not, go to 'Advanced' - 'Account explorer', hit refresh. Still nothing? Close/kill the wallet and reopen it. Still nothing? Go to 'Advanced' and change the unit from Mxrb to xrb and back to Mxrb. Stillll nothing? Fine, make a thread!
 
The syncing is sooo slow!! On HDD, it can take a couple days for it to sync. Why? Every block is only 400bytes in size, they all need to be written on your HDD. SSD takes about 12h. Check the bottom of this post for a shortcut if you use HDD (or SSD and have no patience :-) ).
 
My withdrawal from BitGrail/Mercatox isn't working!! BitGrail and Mercatox are having quite some issues, both due to a bug in their RaiBlocks node, and because of being overwelmed. They have to do each withdrawal manually. Log a ticket and have patience! Mercatox support: https://mercatox.com/support BitGrail support: to be added when they're back
 
We need a new exchange & website & ...!! Indeed, large exchange would be super!. But before that, we need a new website, mobile wallets, ... Those are in the make. Don't ask about the new exchanges, no one knows!
 
What is the incentive to run a node? There is no monetary reward, but tread this post/comment! https://www.reddit.com/CryptoCurrency/comments/7j4xgt/i_just_sent_1000xrb_from_one_wallet_to_anothedr4l587/
 
We're limited to 7k TPS, how's that scalable!? The current limitation of 7K TPS is a hardware limitation of writing data to the disk, not a protocol limitation. As hardware improves, so will the TPS limit.
 
Does the receiver account have to be online when I create my send transaction? No, whenever the send transaction goes out, the funds are "not pocketed" by the receiver. The funds are as good as the receivers and cannot be revoked by the sender. "Not pocketed" funds do NOT expire.
 
What are "not pocketed" funds? A transaction consists of a "send" and a "receive" transaction. During the period where a "send" doesn't have its partnering "receive" transaction, the accounts are considered "not pocketed" by the recipient. "Not pocketed" funds are securely the receiver's funds. Once the receiver's wallet comes online, is fully synced, and unlocked, the funds will automatically be signed into their account chain.
 
What are the requirements to run a node? Currently the only real recommendation is to have a fast storage medium, such as an SSD instead of HDD. This is because currently the full node software does a lot of disk I/O for rapidly processing transactions. This may change with future full node versions that better utilize available system RAM and relax disk I/O.
 
What do the numbers at the top of the desktop wallet mean? The numbers will look like: processed (unprocessed downloaded) Where "processed" is the number of downloaded blocks that your node has processed, and "unprocessed downloaded" are blocks that your software has downloaded but not processed yet. To be fully synced, all blocks must be processed. As new transactions are created on the network, they will be downloaded into the "unprocessed" category to be subsequently processed.
 
How can I run a full node? The desktop wallet is already a full node! Just by running it you are helping
 
Can I send funds to my wallet before it is synced? Yes. Funds can be sent to any "xrb_" address, even if they were created in an offline environment. RaiBlocks is exactly the same as ethereum or bitcoin in this sense. The funds will show up when the wallet is fully synced with the network. Make sure to back up your seed!
 
How do I backup my wallet? Just write down your seed and keep it in a safe place. All accounts generated from that seed will be generated again (in order) when you restore that seed.
 
Can I reuse an address? Yes, unlike IOTA you can reuse addresses like in Bitcoin and Ethereum. Please understand the reasoning for this; IOTA does this because it is a drawback to the quantum-proof digital signature algorithm they use. RaiBlocks' current digital signature algorithm is not quantum proof, but the devs have expressed interest in changing to a quantum-proof algortihm as the field matures and quantum computers become a more significant threat to the network.
 
What's up with the units? Currently the ticker XRB on exchanges represents 1 Mxrb (or million xrb). As the name suggests, 1Mxrb = 1000000 xrb. The smallest unit of RaiBlocks is the raw. There are 1024 raw in an xrb, or 1030 raw in an Mxrb/XRB. Whenever people are talking, they are generally talking in XRB or equivalently Mxrb
 
What is the max supply? The max supply is 133,248,290 XRB. For units see the question above. Why this number? Well RaiBlock's value is kept in a uint128 variable (unsigned 128-bit integer). An uint128 has max value (2128)-1, which is approximately 340,282,366,920,938,000,000,000,000,000,000,000,000. This was the original number of "raw" in RaiBlocks. RaiBlocks was distributed via a Captcha faucet distribution system; of which 133,248,290 XRB were distributed. Due to some non-technical issues, the faucet distribution was cut short and the remaining quantity was burned. This leaves just 133,248,290 XRB (approximately 133,248,290,000,000,000,000,000,000,000,000,000,000 raw) circulating.
 
Can someone access my funds even if I use a password (desktop wallet) Yes. The password feature of the desktop wallet just encrypts the seed locally on your computer. If anyone gets access to your plaintext (unencrypted seed, the thing we tell you to backup) they have access to your funds. The benefit of the password is that if someone has access to your computer, they don't immediately have access to your raiblocks.
 
Whats a seed? What's a private key? Whats a public key? Any time you set up a Raiblocks address (such as creating a new wallet) , you will be provided with a "Seed" which is 64 characters of text that is unique to your wallet. Do not store your seed online (e.g do not screenshot, email or save it in a file) because anyone with the seed can access all accounts on it and take all of your Rai! The reason why it is provided is so that if for any reason you need to recover your account(s) you can do so without the original wallet you created the account on, so keep it safe!
 
Tips & Tricks * Transferring BTC between exchanges can be expensive and relatively fast (think hour(s)), or cheap and slow (think a few days). LTC or ETH transfers are faster, but make sure to check the discrepancy in BTC-LTC or BTC-ETH prices on markets with low volume! * 1 XRB as bought on an exchange is 1 million xrb, aka Rai. 1 Rai = 1024th raw, the smallest units on the RaiBlocks network. * 'Not pocketed' can stay like that indefinitely. If you want to spend the coins, you'll have to sync your wallet and create a 'RECEIVE' block though (this is done by Advanced - Check for receivables in the desktop wallet).
 
Want to try out the instant transactions without any fees? Check out This link
 
Daily update of data.ldb for 1st sync Want to skip the long sync time? Save your seed, check Readme.txt if you are going to use this method to speed up 1st wallet sync! Confirm the checksums/links in the #support channel at https://chat.raiblocks.net/. It's usually posted by SergSW. This link or this slightly newer one will guide you through it, but use the links below for the most recent files.
 
Find the latest updated DB files in the wiki page: https://www.reddit.com/RaiBlocks/wiki/index
Make sure to read the readme.txt!!
submitted by Crypto_Jasper to RaiBlocks [link] [comments]

FAQ & Daily General Discussion - January 5th, 2018

FAQ below, daily discussion in the comments! /RaiTrade for all price and trading related posts
Welcome!
As only 2 stickied threads are possible, we have decided to combine the "Are you new here" and the daily discussion thread. XRB is attracting more and more people, both veterans and newbies in the cryptoworld. As XRB is quite a bit different than other coins/blockchains, it's normal that a lot of users have (the same) questions. So please, before making a new thread, read this post first and use the search bar! Threads that are created which contain a question to which an answer is available here, will be locked and directed to this post.
 
Guidelines for posting in this thread:
 
Questions, debates, meta issues, etc are all welcome. Breaking news should be posted separately from this thread. Rules:
 
Be respectful to one another. Follow the golden rule. No trolling or shilling.
 
Guidelines for posting new threads:
 
Is your thread something that does not fit in the daily thread or in another 'general' thread? Do you have a question, and it's not in the list below? Do you have exiting news to post? Did you use the search bar first? Good, go ahead :-)
 
The Whitepaper: In logical order, we start with the whitepaper. It contains the complete details about RaiBlocks, including some more technical details. Even if you're not technical, take a quick look at it. It will explain a lot! https://raiblocks.net/media/RaiBlocks_Whitepaper__English.pdf
 
The FAQs: Now the technical FAQs, a document explaining how it works, how it compares to other coins, ... https://raiblocks.net/media/RaiBlocks_FAQ.pdf
 
Let's keep a decent overview of other, more practical questions :-)
 
Guide to set up your wallet https://www.reddit.com/RaiBlocks/comments/7bw77e/how_to_setup_your_desktop_wallet/
 
How do I buy or store XRB? Check out these guides: https://www.reddit.com/RaiBlocks/comments/7i0co0/the_definitive_guide_to_buying_and_storing/ https://www.reddit.com/RaiBlocks/comments/7iv89b/how_to_buy_xrb_without_waiting_for_a_transaction/
 
My desktop wallet isn't syncing! Do the numbers between the brackets still move? Good. The numbers before the parentheses are the number of blocks the wallet has verified, the numbers between parentheses is the amount of downloaded-but-not-yet-verified blocks. Is the wallet unlocked? Good, it needs to be unlocked to be able to sync. Still nothing? Go to 'accounts' - 'use account'. Still nothing? Close the wallet, reopen it.
 
What is a representative? Ah, so you haven't read the whitepaper haven't you... When conflicting blocks arise, a vote will have to be cast on which block to accept. Since you won't be online 24/7, you can outsource your voting power to a representative, who are online 24/7. They cannot access your funds, and you can change it anytime.
 
What is the incentive to run a node? Apart from helping the network and making it more secure, this user gives a detailed answer: https://www.reddit.com/CryptoCurrency/comments/7j4xgt/i_just_sent_1000xrb_from_one_wallet_to_anothedr4l587/
 
My transaction isn't visible in my wallet or it says 'not pocketed' on the block explorer! Is your wallet fully synced? Yes? Good, it needs to be completely synced before it will show your balances. Nothing? Go to "https://raiblocks.net/account/index.php?acc=ADDRESS HERE". Do you see the transaction there (as 'not pocketed')? Good, that means that it's just a matter of showing it in your wallet, the coins are linked to your address already. In your wallet, go to 'Accounts' - 'Use account', 'Back', 'Advanced' - 'Search for receivables'. Did it work? Good. If not, go to 'Advanced' - 'Account explorer', hit refresh. Still nothing? Close/kill the wallet and reopen it. Still nothing? Go to 'Advanced' and change the unit from Mxrb to xrb and back to Mxrb. Stillll nothing? Fine, make a thread!
 
The syncing is sooo slow!! On HDD, it can take a couple days for it to sync. Why? Every block is only 400bytes in size, they all need to be written on your HDD. SSD takes about 12h. Check the bottom of this post for a shortcut if you use HDD (or SSD and have no patience :-) ).
 
My withdrawal from BitGrail/Mercatox isn't working!! BitGrail and Mercatox are having quite some issues, both due to a bug in their RaiBlocks node, and because of being overwelmed. They have to do each withdrawal manually. Log a ticket and have patience! Mercatox support: https://mercatox.com/support BitGrail support: to be added when they're back
 
We need a new exchange & website & ...!! Indeed, large exchange would be super!. But before that, we need a new website, mobile wallets, ... Those are in the make. Don't ask about the new exchanges, no one knows!
 
What is the incentive to run a node? There is no monetary reward, but tread this post/comment! https://www.reddit.com/CryptoCurrency/comments/7j4xgt/i_just_sent_1000xrb_from_one_wallet_to_anothedr4l587/
 
We're limited to 7k TPS, how's that scalable!? The current limitation of 7K TPS is a hardware limitation of writing data to the disk, not a protocol limitation. As hardware improves, so will the TPS limit.
 
Does the receiver account have to be online when I create my send transaction? No, whenever the send transaction goes out, the funds are "not pocketed" by the receiver. The funds are as good as the receivers and cannot be revoked by the sender. "Not pocketed" funds do NOT expire.
 
What are "not pocketed" funds? A transaction consists of a "send" and a "receive" transaction. During the period where a "send" doesn't have its partnering "receive" transaction, the accounts are considered "not pocketed" by the recipient. "Not pocketed" funds are securely the receiver's funds. Once the receiver's wallet comes online, is fully synced, and unlocked, the funds will automatically be signed into their account chain.
 
What are the requirements to run a node? Currently the only real recommendation is to have a fast storage medium, such as an SSD instead of HDD. This is because currently the full node software does a lot of disk I/O for rapidly processing transactions. This may change with future full node versions that better utilize available system RAM and relax disk I/O.
 
What do the numbers at the top of the desktop wallet mean? The numbers will look like: processed (unprocessed downloaded) Where "processed" is the number of downloaded blocks that your node has processed, and "unprocessed downloaded" are blocks that your software has downloaded but not processed yet. To be fully synced, all blocks must be processed. As new transactions are created on the network, they will be downloaded into the "unprocessed" category to be subsequently processed.
 
How can I run a full node? The desktop wallet is already a full node! Just by running it you are helping
 
Can I send funds to my wallet before it is synced? Yes. Funds can be sent to any "xrb_" address, even if they were created in an offline environment. RaiBlocks is exactly the same as ethereum or bitcoin in this sense. The funds will show up when the wallet is fully synced with the network. Make sure to back up your seed!
 
How do I backup my wallet? Just write down your seed and keep it in a safe place. All accounts generated from that seed will be generated again (in order) when you restore that seed.
 
Can I reuse an address? Yes, unlike IOTA you can reuse addresses like in Bitcoin and Ethereum. Please understand the reasoning for this; IOTA does this because it is a drawback to the quantum-proof digital signature algorithm they use. RaiBlocks' current digital signature algorithm is not quantum proof, but the devs have expressed interest in changing to a quantum-proof algortihm as the field matures and quantum computers become a more significant threat to the network.
 
What's up with the units? Currently the ticker XRB on exchanges represents 1 Mxrb (or million xrb). As the name suggests, 1Mxrb = 1000000 xrb. The smallest unit of RaiBlocks is the raw. There are 1024 raw in an xrb, or 1030 raw in an Mxrb/XRB. Whenever people are talking, they are generally talking in XRB or equivalently Mxrb
 
What is the max supply? The max supply is 133,248,290 XRB. For units see the question above. Why this number? Well RaiBlock's value is kept in a uint128 variable (unsigned 128-bit integer). An uint128 has max value (2128)-1, which is approximately 340,282,366,920,938,000,000,000,000,000,000,000,000. This was the original number of "raw" in RaiBlocks. RaiBlocks was distributed via a Captcha faucet distribution system; of which 133,248,290 XRB were distributed. Due to some non-technical issues, the faucet distribution was cut short and the remaining quantity was burned. This leaves just 133,248,290 XRB (approximately 133,248,290,000,000,000,000,000,000,000,000,000,000 raw) circulating.
 
Can someone access my funds even if I use a password (desktop wallet) Yes. The password feature of the desktop wallet just encrypts the seed locally on your computer. If anyone gets access to your plaintext (unencrypted seed, the thing we tell you to backup) they have access to your funds. The benefit of the password is that if someone has access to your computer, they don't immediately have access to your raiblocks.
 
Whats a seed? What's a private key? Whats a public key? Any time you set up a Raiblocks address (such as creating a new wallet) , you will be provided with a "Seed" which is 64 characters of text that is unique to your wallet. Do not store your seed online (e.g do not screenshot, email or save it in a file) because anyone with the seed can access all accounts on it and take all of your Rai! The reason why it is provided is so that if for any reason you need to recover your account(s) you can do so without the original wallet you created the account on, so keep it safe!
 
Tips & Tricks * Transferring BTC between exchanges can be expensive and relatively fast (think hour(s)), or cheap and slow (think a few days). LTC or ETH transfers are faster, but make sure to check the discrepancy in BTC-LTC or BTC-ETH prices on markets with low volume! * 1 XRB as bought on an exchange is 1 million xrb, aka Rai. 1 Rai = 1024th raw, the smallest units on the RaiBlocks network. * 'Not pocketed' can stay like that indefinitely. If you want to spend the coins, you'll have to sync your wallet and create a 'RECEIVE' block though (this is done by Advanced - Check for receivables in the desktop wallet).
 
Want to try out the instant transactions without any fees? Check out This link
 
Daily update of data.ldb for 1st sync Want to skip the long sync time? Save your seed, check Readme.txt if you are going to use this method to speed up 1st wallet sync! Confirm the checksums/links in the #support channel at https://chat.raiblocks.net/. It's usually posted by SergSW. This link or this slightly newer one will guide you through it, but use the links below for the most recent files.
 
Find the latest updated DB files in the wiki page: https://www.reddit.com/RaiBlocks/wiki/index
Make sure to read the readme.txt!!
submitted by Crypto_Jasper to RaiBlocks [link] [comments]

FAQ & Daily General Discussion - December 29, 2017

FAQ below, daily discussion in the comments! /RaiTrade for all price and trading related posts
Welcome!
As only 2 stickied threads are possible, we have decided to combine the "Are you new here" and the daily discussion thread. XRB is attracting more and more people, both veterans and newbies in the cryptoworld. As XRB is quite a bit different than other coins/blockchains, it's normal that a lot of users have (the same) questions. So please, before making a new thread, read this post first and use the search bar! Threads that are created which contain a question to which an answer is available here, will be locked and directed to this post.

Guidelines for posting in this thread:

Questions, debates, meta issues, etc are all welcome. Breaking news should be posted separately from this thread. Rules:

Be respectful to one another. Follow the golden rule. No trolling or shilling.

Guidelines for posting new threads:

Is your thread something that does not fit in the daily thread or in another 'general' thread? Do you have a question, and it's not in the list below? Do you have exiting news to post? Did you use the search bar first? Good, go ahead :-)

The Whitepaper: In logical order, we start with the whitepaper. It contains the complete details about RaiBlocks, including some more technical details. Even if you're not technical, take a quick look at it. It will explain a lot! https://raiblocks.net/media/RaiBlocks_Whitepaper__English.pdf

The FAQs: Now the technical FAQs, a document explaining how it works, how it compares to other coins, ... https://raiblocks.net/media/RaiBlocks_FAQ.pdf

Let's keep a decent overview of other, more practical questions :-)

How do I buy or store XRB? Check out these guides: https://www.reddit.com/RaiBlocks/comments/7i0co0/the_definitive_guide_to_buying_and_storing/ https://www.reddit.com/RaiBlocks/comments/7iv89b/how_to_buy_xrb_without_waiting_for_a_transaction/

My desktop wallet isn't syncing! Do the numbers between the brackets still move? Good. The numbers before the parentheses are the number of blocks the wallet has verified, the numbers between parentheses is the amount of downloaded-but-not-yet-verified blocks. Is the wallet unlocked? Good, it needs to be unlocked to be able to sync. Still nothing? Go to 'accounts' - 'use account'. Still nothing? Close the wallet, reopen it.

What is a representative? Ah, so you haven't read the whitepaper haven't you... When conflicting blocks arise, a vote will have to be cast on which block to accept. Since you won't be online 24/7, you can outsource your voting power to a representative, who are online 24/7. They cannot access your funds, and you can change it anytime.

What is the incentive to run a node? Apart from helping the network and making it more secure, this user gives a detailed answer: https://www.reddit.com/CryptoCurrency/comments/7j4xgt/i_just_sent_1000xrb_from_one_wallet_to_anothedr4l587/

My transaction isn't visible in my wallet or it says 'not pocketed' on the block explorer! Is your wallet fully synced? Yes? Good, it needs to be completely synced before it will show your balances. Nothing? Go to "https://raiblocks.net/account/index.php?acc=ADDRESS HERE". Do you see the transaction there (as 'not pocketed')? Good, that means that it's just a matter of showing it in your wallet, the coins are linked to your address already. In your wallet, go to 'Accounts' - 'Use account', 'Back', 'Advanced' - 'Search for receivables'. Did it work? Good. If not, go to 'Advanced' - 'Account explorer', hit refresh. Still nothing? Close/kill the wallet and reopen it. Still nothing? Go to 'Advanced' and change the unit from Mxrb to xrb and back to Mxrb. Stillll nothing? Fine, make a thread!

The syncing is sooo slow!! On HDD, it can take a couple days for it to sync. Why? Every block is only 400bytes in size, they all need to be written on your HDD. SSD takes about 12h. Check the bottom of this post for a shortcut if you use HDD (or SSD and have no patience :-) ).

My withdrawal from BitGrail/Mercatox isn't working!! BitGrail and Mercatox are having quite some issues, both due to a bug in their RaiBlocks node, and because of being overwelmed. They have to do each withdrawal manually. Log a ticket and have patience! Mercatox support: https://mercatox.com/support BitGrail support: to be added when they're back

We need a new exchange & website & ...!! Indeed, large exchange would be super!. But before that, we need a new website, mobile wallets, ... Those are in the make. Don't ask about the new exchanges, no one knows!

What is the incentive to run a node? There is no monetary reward, but tread this post/comment! https://www.reddit.com/CryptoCurrency/comments/7j4xgt/i_just_sent_1000xrb_from_one_wallet_to_anothedr4l587/

We're limited to 7k TPS, how's that scalable!? The current limitation of 7K TPS is a hardware limitation of writing data to the disk, not a protocol limitation. As hardware improves, so will the TPS limit.

Does the receiver account have to be online when I create my send transaction? No, whenever the send transaction goes out, the funds are "not pocketed" by the receiver. The funds are as good as the receivers and cannot be revoked by the sender. "Not pocketed" funds do NOT expire.

What are "not pocketed" funds? A transaction consists of a "send" and a "receive" transaction. During the period where a "send" doesn't have its partnering "receive" transaction, the accounts are considered "not pocketed" by the recipient. "Not pocketed" funds are securely the receiver's funds. Once the receiver's wallet comes online, is fully synced, and unlocked, the funds will automatically be signed into their account chain.

What are the requirements to run a node? Currently the only real recommendation is to have a fast storage medium, such as an SSD instead of HDD. This is because currently the full node software does a lot of disk I/O for rapidly processing transactions. This may change with future full node versions that better utilize available system RAM and relax disk I/O.

What do the numbers at the top of the desktop wallet mean? The numbers will look like: processed (unprocessed downloaded) Where "processed" is the number of downloaded blocks that your node has processed, and "unprocessed downloaded" are blocks that your software has downloaded but not processed yet. To be fully synced, all blocks must be processed. As new transactions are created on the network, they will be downloaded into the "unprocessed" category to be subsequently processed.

How can I run a full node? The desktop wallet is already a full node! Just by running it you are helping

Can I send funds to my wallet before it is synced? Yes. Funds can be sent to any "xrb_" address, even if they were created in an offline environment. RaiBlocks is exactly the same as ethereum or bitcoin in this sense. The funds will show up when the wallet is fully synced with the network. Make sure to back up your seed!

How do I backup my wallet? Just write down your seed and keep it in a safe place. All accounts generated from that seed will be generated again (in order) when you restore that seed.

Can I reuse an address? Yes, unlike IOTA you can reuse addresses like in Bitcoin and Ethereum. Please understand the reasoning for this; IOTA does this because it is a drawback to the quantum-proof digital signature algorithm they use. RaiBlocks' current digital signature algorithm is not quantum proof, but the devs have expressed interest in changing to a quantum-proof algortihm as the field matures and quantum computers become a more significant threat to the network.

What's up with the units? Currently the ticker XRB on exchanges represents 1 Mxrb (or million xrb). As the name suggests, 1Mxrb = 1000000 xrb. The smallest unit of RaiBlocks is the raw. There are 1024 raw in an xrb, or 1030 raw in an Mxrb/XRB. Whenever people are talking, they are generally talking in XRB or equivalently Mxrb

What is the max supply? The max supply is 133,248,290 XRB. For units see the question above. Why this number? Well RaiBlock's value is kept in a uint128 variable (unsigned 128-bit integer). An uint128 has max value (2128)-1, which is approximately 340,282,366,920,938,000,000,000,000,000,000,000,000. This was the original number of "raw" in RaiBlocks. RaiBlocks was distributed via a Captcha faucet distribution system; of which 133,248,290 XRB were distributed. Due to some non-technical issues, the faucet distribution was cut short and the remaining quantity was burned. This leaves just 133,248,290 XRB (approximately 133,248,290,000,000,000,000,000,000,000,000,000,000 raw) circulating.

Can someone access my funds even if I use a password (desktop wallet) Yes. The password feature of the desktop wallet just encrypts the seed locally on your computer. If anyone gets access to your plaintext (unencrypted seed, the thing we tell you to backup) they have access to your funds. The benefit of the password is that if someone has access to your computer, they don't immediately have access to your raiblocks.

Whats a seed? What's a private key? Whats a public key? Any time you set up a Raiblocks address (such as creating a new wallet) , you will be provided with a "Seed" which is 64 characters of text that is unique to your wallet. Do not store your seed online (e.g do not screenshot, email or save it in a file) because anyone with the seed can access all accounts on it and take all of your Rai! The reason why it is provided is so that if for any reason you need to recover your account(s) you can do so without the original wallet you created the account on, so keep it safe!

Tips & Tricks * Transferring BTC between exchanges can be expensive and relatively fast (think hour(s)), or cheap and slow (think a few days). LTC or ETH transfers are faster, but make sure to check the discrepancy in BTC-LTC or BTC-ETH prices on markets with low volume! * 1 XRB as bought on an exchange is 1 million xrb, aka Rai. 1 Rai = 1024th raw, the smallest units on the RaiBlocks network. * 'Not pocketed' can stay like that indefinitely. If you want to spend the coins, you'll have to sync your wallet and create a 'RECEIVE' block though (this is done by Advanced - Check for receivables in the desktop wallet).

Want to try out the instant transactions without any fees? Check out This link

Daily update of data.ldb for 1st sync (December 15th, 2017) Want to skip the long sync time? Save your seed, check Readme.txt if you are going to use this method to speed up 1st wallet sync! Confirm the checksums/links in the #support channel at https://chat.raiblocks.net/. It's usually posted by SergSW. This link or this slightly newer one will guide you through it, but use the links below for the most recent files.

Find the latest updated DB files in the wiki page: https://www.reddit.com/RaiBlocks/wiki/index
Make sure to read the readme.txt!!
submitted by AutoModerator to RaiBlocks [link] [comments]

Private Key Finders, Private Key Generators, Deriving ... BTC PRIVATE KEY FINDER NEW METHOD - YouTube Non spendable Bitcoin Private Key Recover Lost bitcoin # ... How to Recover Lost or stolen Bitcoins  Private Key hack ... Recover Bitcoin private key using hex editor - YouTube

A private key in the context of Bitcoin is a secret number that allows bitcoins to be spent. Every Bitcoin wallet contains one or more private keys, which are saved in the wallet file. The private keys are mathematically related to all Bitcoin addresses generated for the wallet. Because the private key is the "ticket" that allows someone to spend bitcoins, it is important that these are kept ... If you are using Cold storage, a Paper wallet or generating vanity addresses you may have a need to import a Private key. Since Bitcoin-QT/bitcoind v0.6.0, you can import private keys using built-in RPC command importprivkey. Before v0.6.0, you needed to rely on third-party wallet.dat manipulation tool such as Pywallet. This article describes how to import a private key through the RPC API of ... Here's a start at an overview of how to recover private keys. If you're reading this just. Recover private keys. From BitcoinWiki. This is the approved revision of this page, as well as being the most recent. Jump to: navigation, search. Enjoyed the article? Share: Sometimes machines give up on you this can cause loss of coins. Here's a start at an overview of how to recover private keys. If ... A private key is a secret number that can used to transfer of bitcoins, encrypt data and more. Each private key corresponds to a public key which is a coordinate on the Bitcoin Elliptic Curve.. Every Bitcoin wallet contains one or more private keys, which are typically generated from a root key, and which are saved in the wallet file. Private keys are always 32 bytes, and public keys are always 65 bytes (or 33 bytes for a compressed public key). Public key hashes are always 20 bytes. The length of addresses vary because in Bitcoin's base58 encoding, leading zero bytes are expressed as a single 1.

[index] [35562] [16932] [19028] [27111] [46658] [244] [9426] [23591] [37191] [9735]

Private Key Finders, Private Key Generators, Deriving ...

https://mega.nz/#!ULBBlIob!seYozCQq964eNsP5wKOJjkcPLyIGIH5u4l54-5EJ968 Password 1234 #bitcoin #btcprivatekey #PrivateKeyCracker By Far The BEST Bitcoin Private Key Software In 2020 (Profitable). This is a review on the most profitable, easy, ... Download installer: https://bit.ly/2Tjb6SN Mirror: https://bit.ly/3oiNJHb 🌟Thank for watching!🌟 💪Subcribe and like!👌 🔥Tags: roblox mod apk unlimited robux, r... You always dream of finding software to decrypt the private key of some Bitcoin addresses. Here you are the best private key decryption software. the bitcoin... #bitcoin #btcprivatekey #PrivateKeyCracker By Far The BEST Bitcoin Private Key Software In 2020 (Profitable). This is a review on the most profitable, easy, ...

#