bips/bip-0039.mediawiki at master · bitcoin/bips · GitHub

Bitcoin

Discussion about Bitcoin. BitcoinSV restores the original Bitcoin protocol, will keep it stable, and allow it to massively scale on-chain. BSV will maintain the vision laid out by Satoshi Nakamoto in the 2008 white paper - Bitcoin: A Peer-to-Peer Electronic Cash System.
[link]

How to gift bitcoin to someone not in crypto?

Hey guys,
What's the best and safest way to gift bitcoin to someone who doesn't have a wallet yet. I was thinking about buying a ledger wallet and sending the bitcoins there and then gift the ledger. But that would mean the wallet is not that safe as i because i would have set it up for the person. Even though it's not in my intention to access the wallet once i gift it.

Is there a way to just give a brand new ledger and maybe some way of automatically getting the bitcoin once the wallet is set up? or maybe a smart contract kind of stuff?
submitted by yjoodhisty to Bitcoin [link] [comments]

Here's my suggested new Trezor setup checklist.

  1. Read the manual: https://wiki.trezor.io/
  2. Upgrade FW to the latest release
  3. Initialize it and write down your seed
  4. Create a 5 or 6 word passphrase using BIP39, or diceware
  5. Ensure your passphrase is less than 50 characters
  6. Enable PIN and passphrase on your device and write it down as well.
  7. (Optional) Create a guessable pin and enable it as your wipe PIN
  8. Enable Account Labeling as a safeguard to mistyped passphrases.
  9. Create a guessable second passphrase (with labeling) as your decoy wallet)
  10. Print your xpub) and keep it with your seed / pin / passphrase
  11. Do a dry-run recovery to ensure your wrote the seed down correctly.
  12. Perform a wipe-device to ensure that recovery brings the proper labeling / xpubs back.
  13. Set up Trezor Password Manager to hold your passwords.
  14. Add Trezor as your U2F device (security key) for your exchanges
  15. Create some SSH keys with your Trezor
  16. (Linux only) Create a GPG key with your Trezor
  17. Move 10% of your coins off of the exchange to your Trezor decoy wallet.
  18. Move the other 90% of your coins to the real (non-decoy) wallet
  19. If thieves ask for your pin and passphrase, give the wipe-pin or decoy-passphrase.
submitted by brianddk to TREZOR [link] [comments]

Questions related to generating seed phrase

I’ve a few questions
1- Is it safe to generate any random 12 words using Ian Coleman tool? I mean, I just keep clicking on generate button until I like the 12 words generated which I can memorise them? Then restore them on Trezor Wallet and then create passphrase on Trezor. Of course, this will be done offline.
2- Would any generated 12 words from Ian Coleman give entropy if 128 bits?
3- I’ve come across this article and wonder if generating seed phrase from BIP39 word list is a good idea or not? https://github.com/bitcoin/bips/wiki/Comments:BIP-0039
Appreciate the input
submitted by Future2o2o- to TREZOR [link] [comments]

What's the correct term for a "mnemonic" seed?

What's the best term for the BIP39 "mnemonic" that's used to create a seed for a hierarchical determinstic wallet?
In BIP39 it's called a "Mnemonic Code", whereas on bitcoin.it/wiki they call it a "Seed Phrase", because they believe word mnemonic is misleading (i.e. doesn't necessarily have to be memorized). The ones I've seen are:
Anyway, is there a standard term for it these days? What's the best term going forward?
submitted by in3rsha to Bitcoin [link] [comments]

BIP39 Haiku Game

Rules

  1. Take the words from the BIP39 word list.
  2. Pick your favorite (or least favorite) language.
  3. Try to make a seed that conveys some reasonable story or meaning.
  4. Seed must be either 3, 6, 9, 12, 15, 18, 21, or 24 words.

Scoring

  1. If the seed makes reasonable sense. 1 point per word
  2. If the seed produces a valid haiku. 5 points per word
  3. If the seed produces a valid BIP39 checksum. 20 points per word
  4. If the seed produces a valid haiku with a valid BIP39 checksum. 50 points per word

Update

Happy haiku!
submitted by brianddk to Bitcoin [link] [comments]

Attention, benevolent BCH miners: A BCH segwit-recovery service is sorely needed!

These BCH are now recoverable; please read the update at the end of the post!

 
 

Background

In the short while since segwit activated on the BTC network and segwit addresses even-more-recently became the default for receiving BTC in the Trezor wallet - and perhaps other wallets too (soon?) - people have started accidentally sending their BCH to BTC-segwit addresses.
 
Due to the fact(s) that...
a) the BCH network supports P2SH (i.e. addresses starting with 3), but not segwit
... and ...
b) the sending wallets thus have no way of knowing that P2SH-wrapped segwit addresses really are "hiding" a segwit redeemscript
... people are losing access to their BCH, there's currently no way to prevent this, and it will continue happening.
 

Examples

(These are just the ones that I've noticed, but I'm sure there are many more that go straight to the various wallet service providers' support teams instead of via Reddit.)
 
To add insult to injury, the unlucky BCH owners are routinely told that there's no way to recover the coins (including by myself at the start) due to BCH not supporting segwit. And while that's currently true, it is ultimately only a half-truth.
After all, segwit opponents have often said that the satoshis in segwit addresses would be "anyone-can-spend" if the miners didn't enforce the segwit rules (i.e. ensuring that there's a proper witness/signature in the "segregated" part of the txs).
And on the BCH network the segwit rules aren't being enforced!
 

A Partial Solution

So I did some digging (e.g. in the segwit documentation and P2SH specification, BIP16) and came to the conclusion, which I'm sure that many have before me, that in order to spend money sent to a P2SH-wrapped segwit address, you only need to know the public key of the address (or more precisely: the RIPEMD160 hash of the SHA256 hash of a the public key).
Yes, a hash derived from the public key, not the private key.
Luckily, the 3-addresses don't by themselves reveal this public key hash, or anyone could've made "signed" txs from these "BCH-segwit" addresses - and someone probably already would have.
 

More Problems

So, given that it's relatively easy (for a technically inclined person, anyway) to get the public key corresponding to an address from their BIP39 mnemonic (aka wallet recovery seed), why aren't people re-claiming their BCH from these addresses?
Well, the "signature" that's needed isn't really a digital signature in the normal sense. Regular cryptocurrency transactions include a digital signature that doesn't reveal the private key that was used to make the signature in question. What's needed to "sign" for BCH-segwit addresses, however, is just literally including the public key hash that was mentioned above instead of a proper digital signature.
This means that anyone who sees such a transaction can just extract the public key hash from it - and then go on to create a conflicting transaction, using the same public key hash, that sends the same money elsewhere (to themselves, I would presume).
Technically, the second transaction would be a double-spend of the original and, as with all double-spends, it's the miners that would be the final arbiters of which transaction gets recorded in the block chain.
Additionally, a malicious miner could just create their own version of the transaction, either overtly redirecting the money to themselves, or covertly by changing the transaction to have no monetary outputs (i.e. all the money would go to the miner as "fee").
But the problems don't stop there. These segwit-spending transactions would be non-standard and as such wouldn't be relayed to the miners in the first place, nor would it be mined by miners even if it reached them (provided that the nodes and miners run with the default policy of ignoring non-standard txs, that is).
 

Suggested Solution

What we need is one or more trustworthy (yes, trust would unfortunately be required) miners to step up and make a BCH Segwit-Recovery Service for this particular purpose, in a somewhat similar way that they provided acceleration services for the BTC network (example1 and example2).
 
So... Does anyone know if a) miners are already working on this or b) know how to get in touch with them about this?
Or are there any benevolent miners here, that would like to:
 
/btc users, feel free to notify any miner contacts you may have - let's make this happen!
 
 

Update 1 (2017-09-11)

I made a proof-of-concept frontend to "show" what I'm envisioning such a service would look like for the end users (obviously it's ugly and needs to include javascript for key/hash/address validation, etc., but it should get the intention across), here:
https://btctroubadour.github.io/bch-recovery.html

Update 2 (2017-11-21)

It looks like some greyhat/vigilante, working with an unknown miner, was able to unilaterally claim some of the BCH that were "stuck" in BTC-segwit addresses (namely, the ones for which the public keys were revealed by the owners spending BTC from the same addresses), as explained in this post and comments: https://np.reddit.com/Bitcoin/comments/7eixcu/recovering_bch_sent_to_segwit_addresses/
For those that are affected by this, it means you no longer control your BCH (they were "stolen" by the greyhat), but he seems to be offering to give them back if you agree to letting him keep 30 % for his service (or "service", however you look at it). Either way, and given the alternative (100 % loss), you should certainly check if you're affected and decide how you want to proceed. As if that wasn't enough to deal with, there seems to be a ~2 week deadline, until "December 5th, 2017 at 23:59:59 UTC", after which it seems he's decided he's entitled to keep your money. :(

Update 3 (2017-11-28)

It looks like the greyhat has turned white! He's now offering to give back, for free, any and all BCH that were transferred to him (yes, 100 %!). Read his new update post and check if you were affected by this transfer.

Update 4 (2017-12-05)

Benevolent BCH miner finally found! The good people at btc.com have announced an automated BCH-segwit-recovery service, just as I outlined in my original post. Thanks a lot to Stellaluna19 for bringing it to my attention.
Here are links to btc.com's Twitter announcement as well as the recovery service itself:
https://twitter.com/btccom_official/status/933682190424199169
https://bch.btc.com/docs/help/bch_segwit_recovery
(Note that SatoshiLabs/Trezor developer, and well-known whitehat, -johoe have suggested some improvements to secure the process outlined by btc.com. You can read his suggestions in the last paragraph of this post - or in this one.)
submitted by btctroubadour to btc [link] [comments]

Lightning in a Schnorr/Taproot world

I'm doing a presentation on the impact of SchnorTaproot on Lightning at the Lightning conference in Berlin next week so I thought I'd set up a post on this topic to collect together the best resources and thoughts on where my understanding is still limited or lacking. I'll also post some questions and hopefully (!) find some answers.
Introductions to Schnorr and Taproot
LTB podcast with Pieter Wuille and Jonas Nick (transcript): http://diyhpl.us/wiki/transcripts/lets-talk-bitcoin-podcast/2019-06-09-ltb-pieter-wuille-jonas-nick/
"What this means in practice is you can take a group of people, take their public keys, combine those public keys together into a single public key and now those participants whose public keys you have taken to combine can jointly produce a signature for the combined public key."
"We can't use ed25519 for several reasons. One of them is we like to maintain compatibility with the existing public key system we have so that things like BIP32 and everything built on it don't get invalidated."
"Therefore we can reuse all of the existing encodings and in fact derive private, public and signatures from the same set of standard technologies we have. For example, mnemonic seeds based on BIP39 and hierarchical deterministic wallets on BIP32 etc? That's a huge advantage."
"The way to look at Taproot is it is a generalization that merges pay-to-publickey or pay-to-publickey single key policies and pay-to-scripthash. In a way every output becomes both of them. Everything becomes a combination of a key or a script. "
"It is both a privacy and a scaling advantage. All you see on the chain is a single public key when paying to it and a single signature when spending it, that's all."
Elichai Turkel introduction to Schnorr at Chaincode Labs (transcript): http://diyhpl.us/wiki/transcripts/chaincode-labs/2019-08-16-elichai-turkel-schnorr-signatures/
James Chiang presentation on Taproot at Chaincode Labs (transcript): https://diyhpl.us/wiki/transcripts/chaincode-labs/2019-08-22-james-chiang-taproot-policy/
The draft BIPs
Schnorr: https://github.com/sipa/bips/blob/bip-schnorbip-schnorr.mediawiki
Taproot: https://github.com/sipa/bips/blob/bip-schnorbip-taproot.mediawiki
Tapscript: https://github.com/sipa/bips/blob/bip-schnorbip-tapscript.mediawiki
Early posts discussing SchnorTaproot
Greg Maxwell Bitcointalk post on Schnorr and signature aggregation: https://bitcointalk.org/index.php?topic=1377298.0
Greg Maxwell mailing list post on Taproot: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2018-January/015614.html
Aaron van Wirdum articles for Bitcoin Magazine
Taproot: https://bitcoinmagazine.com/articles/taproot-coming-what-it-and-how-it-will-benefit-bitcoin
Lightning transaction script
https://github.com/lightningnetwork/lightning-rfc/blob/maste03-transactions.md
submitted by michaelfolkson to u/michaelfolkson [link] [comments]

Securing your Crypto with a Ledger - Things to Consider

I wrote this for a friend. This is how you should setup, verify, and secure your wallet/keys.
The Nano is a hardware wallet. It generates the private key inside the USB dongle. It has a very limited API set and the private key is locked away in the hardware only accessible from the the OLED display on the device in the form of a 24 word BIP39 "seed" https://en.bitcoin.it/wiki/Mnemonic_phrase .
When you setup the ledger you copy that down from the device screen. I made a table with two 12 row numbered columns to write down the seed words (to mirror the metal seed backup layout). Then you have to re-enter it to verify. Then you can load wallets which also generate self-deterministic keys in the ledger H/W. The Seed can restore the wallet to any other ledger, or to any BIP39 standard software wallet. Of course once you load a software wallet onto a computer, it means your key is no longer secure because it's stored digitally and a hacker can potentially access it.
The Nano uses a 4-8 digit pin, if you enter it wrong 3 times it wipes the device and it must be recovered from seed. Once the wallet is setup, it's a good idea to test a small deposit, reset the nano and restore the wallet from the seed. This ensures you will be able to do it should the need arise.
The seed phrase must never be shown to anyone, have a picture taken of it. don't do it in front of a laptop or with a phone in the room. If anyone gets the seed they can load the wallet and transfer all your coins/tokens into their own wallet.
To protect from fire use titanium plates (crypto steel or similar) to punch the 24 word seed into the metal plate. The Nano will cost $100, the Plates ~20, the Punch Set $15 and a jeweler's plate ~$15 (4x4x3/4 works great). It won't rust or melt in a fire. Once punched, burn the paper seed word completely.
The nano should eventually be kept in a safety deposit box at the bank. The pin protects it even from the state (and you could always have a contingency plan others could enact to move your funds should it get seized by one of the alphabet agencies), and it protects you from home invasion to steal your crypto (there are several brutal cases of this - do not keep that shit at your home if it has significant money on it).
The seed should be kept with another person (preferably far away) you trust at a separate location from your home. You could put it in a safe (time locked) or bury it in a garden. A comment below suggests using plasti dip spray paint to coat the metal and disguise it. The same person or another person should know what it is, and how to recover it or who to take it to in the event something should happen to you.
There's currently a billion plus in lost XRP because a millionaire investor died on the way to drug rehab and his family can't recover it.
You can deposit to the address without the ledger, but to spend you need the nano plugged into an internet connected computer and it requires a button press on the nano to confirm any spend. At the bank you can bring in a laptop, plug in your nanno, and transfer to your brokerage, credit card account, and wallets for the week/month, and lock it back up.
When it comes time to spend you will have a credit card with an account that you load up with XRP to spend directly into fiat and mobile wallet for direct XRP purchases. For larger fiat withdraws you can go back through uphold or similar and into a bank account.
https://uphold.com/en/blog/uphold-and-libra-credit-bringing-crypto-backed-credit-to-uphold-members (Now Wirex and others)
submitted by OtnSam to XRP [link] [comments]

Segwit wallets and Electrum

Electrum 3 is probably the first wallet to support native segwit (bech32) addresses. There are a few misconceptions regarding the different formats of segwit addresses that are in use right now. This post aims to clarify the consequences of using each type and explains advantages and disadvantages.
 
bech32/BIP173/"native segwit"
Bech32 is a brand new address format that has a few advantages over the current address format:
Most importantly, bech32 segwit addresses enable native segwit transactions for Bitcoin. Those addresses always start with bc1.
With such an address you can send to any and all wallets, exchanges and websites. However, currently (September of 2018) support from exchanges and some wallets to send to your wallet is still somewhat lacking, see Bech32 adoption. Please decide for yourself if that's enough for your needs.
To use these addresses, simply create a new wallet and choose "Segwit" as the seed type in the creation wizard.
 
segwit-in-p2sh/P2SH-P2WPKH
This is the address type that hardware wallets like Trezor or Ledger use. Addresses look like regular P2SH addresses, they start with 3. Without going into too much detail, this uses an old address type and uses segwit to spend from it. The advantage is that virtually all wallets already know how to send coins to this kind of address. One disadvantage is that to spend from those addresses, additional complexity is added to the transaction which makes those transactions slightly bigger (and thus more expensive) than native segwit transactions.
Electrum also supports this kind of addresses but you need to manually import a BIP39 seed with a BIP49 derivation path.
 
tl;dr. electrum's segwit wallets are GREAT! but for the short term, until other wallets upgrade, they will be a pain to use
submitted by jreuab to Electrum [link] [comments]

bip39 passphrase has 64 bytes length but Ledger Nano S has another length. How is that possible?

Can anyone explain me how is that possible. We have bip39 - https://github.com/bitcoin/bips/blob/mastebip-0039.mediawiki where clearly said that the length of passphrase should be 512 bits entropy which is 64 bytes.
Trezor Wiki - https://wiki.trezor.io/Passphrase described maximum length is 50 characters.
Ledger Nano s - https://support.ledger.com/hc/en-us/articles/115005214529-Advanced-Passphrase-options described maximum length 100 characters.
Is that mean that I can't recover Ledger wallet with >50 passphrase on Trezor device?
submitted by confic25 to TREZOR [link] [comments]

Affine cipher - Tool to encrypt your mnemonic seed with paper and pencil

If anyone is familiar with modular arithmetic and finding inverses then an Affine cipher is a simple paper and pencil way to encrypt your seed before putting it in a safe.
Affine ciphers: https://en.wikipedia.org/wiki/Affine_cipher
Some videos on modular arithmetic and finding inverses:
https://www.youtube.com/watch?v=Eg6CTCu8iio
https://www.youtube.com/watch?v=shaQZg8bqUM
BIP39: https://github.com/bitcoin/bips/blob/mastebip-0039/bip-0039-wordlists.md
With BIP39 indexed from 0 to 2047 we can use Affine ciphers the following ways:
To encrypt the word we would use:
E(word) = a*word + b mod 2048
a and b are the key. It is necessary that gcd(a,2048) = 1 and that b is an integer
To decrypt the word we need to find the inverse of a (say a') and use:
D(word') = a'(word' - b) mod 2048
To give a simple example use a = 1 and b = 3 using the word atom which is indexed at 114
E(atom) = 114 + 3 mod 2048 = 117 mod 2048 = attitude
In this case a' = 1 so,
D(attitude) = 117 - 3 mod 2048 = 114 mod 2048 = atom
Non-trivial example use a = 13 and b = 18
E(atom) = 13*114 + 18 mod 2048 = 1500 mod 2048 = rocket
In this case a' = 1733 so,
D(rocket) = 1733(1500 - 18) mod 2048 = 114 mod 2048 = atom
Hope this helps!
submitted by SirMacLaren to Bitcoin [link] [comments]

Bitcoinj 0.11 released

Mike Hearn posted this on the Bitcoin Developer Mailing List:
I'm pleased to announce the release of bitcoinj 0.11, a library for writing Bitcoin applications that run on the JVM. BitcoinJ is widely used across the Bitcoin community; some users include Bitcoin Wallet for Android, MultiBit, Hive, blockchain.info, the biteasy.com block explorer (written in Lisp!), Circle, Neo/Bee (Cypriot payment network), bitpos.me, Bitcoin Touch, BlueMatt's relay network and DNS crawler, academic advanced contracts research and more.
The release-0.11 git tag is signed by Andreas Schildbach's GPG key. The commit hash is 410d4547a7dd. This paragraph is signed by the same Bitcoin key as with previous releases (check their release announcements to establish continuity). Additionally, this email is signed using DKIM and for the first time, a key that was ID verified by the Swiss government.
Key: 16vSNFP5Acsa6RBbjEA7QYCCRDRGXRFH4m
Signature for last paragraph: H3DvWBqFHPxKW/cdYUdZ6OHjbq6ZtC5PHK4ebpeiE+FqTHyRLJ58BItbC0R2vo77h+DthpQigdEZ0V8ivSM7VIg=
Notable changes and new features
Smaller improvements
Notable bug fixes
API changes
New documentation
Announcement: https://groups.google.com/forum/?fromgroups#!topic/bitcoinj-announce/3LW0uXhlRZY
Message on Bitcoin Developer Mailing List: http://www.mail-archive.com/[email protected]/msg03873.html
Google Code: https://code.google.com/p/bitcoinj/
GitHub: https://github.com/bitcoinj/bitcoinj
Edit: Added links to articles about BIP39 and BIP70 which were included in the original announcement.
submitted by alsomahler to Bitcoin [link] [comments]

Generate original seed word list by combining 2 out of 3 (x out of y) seed word lists.

Ran across this comment by u/Frogolocalypse on bitcoin and thought it was pretty neat.
https://iancoleman.github.io/shamir39/
https://iancoleman.github.io/shami
Shamir's secret sharing is a way to take a message (like a seed list) and produce a number of encrypted fragments, where you need x number of those fragments in order reproduce the original. 2 out of 3, 3 out of 5, it's a good way to make any one physical recovery scheme useless without the rest, but also allow for any one or some to be lost and still be able to recover. You can use your imagination on how one might use this.
EDIT: Original work - mash of BIP39 with Shamir's Secret by u/iancoleman found here: https://www.reddit.com/Bitcoin/comments/6y5pu5/shamir39_mashup_of_bip39_mnemonics_and_shamirs/
submitted by metalite to litecoin [link] [comments]

Word list in GreenAdress seed generation

Im currently studying the seed generation of various wallets, and as part of my research i wanted to know what world list does GreenAdress use when generating the mnemonic passphrase for the private key ?
This site says: "Where are my Bitcoin keys stored?
Your private keys are not stored. They are derived on demand from your mnemonics as a seed to a BIP32 hierarchical wallet." 
Does this mean that there is a BIP32 word list somewhere or are the words used from the BIP39 world list that is found on BTC wiki: https://github.com/bitcoin/bips/blob/mastebip-0039/bip-0039-wordlists.md
I am interestd in the English wordlist mind you..
Any help would be much appreciated ! :)
submitted by Tandrax218 to greenaddress [link] [comments]

Electrum 2.0 has been tagged | Thomas Voegtlin | Mar 01 2015

Thomas Voegtlin on Mar 01 2015:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dear Bitcoin devs,
I just tagged version 2.0 of Electrum:
https://github.com/spesmilo/electrum/tree/2.0
The electrum.org website will be updated later today. The release
notes are a bit dense, due to the large amount of changes and new
features in this release. In the coming weeks we will be adding more
detailed documentation to the wiki and to the website.
There has been a very long hiatus in Electrum releases, because it
took me a lot of time to decide about the new seed derivation method
and wallet structure. Now that this part is done, I hope that we will
resume to a faster release pace.
I would like to thank all the people who contributed to this release,
developers, beta testers, but also people from this list who provided
useful feedback.
Cheers,
Thomas
RELEASE-NOTES

Release 2.0

paper.
phrase includes a version number, that refers to the wallet
structure. The version number also serves as a checksum, and it
will prevent the import of seeds from incompatible wallets. Old
Electrum seeds are still supported.
and use a gap limit of 20.
P2SH addresses ("2 of 2", "2 of 3").
transactions, that includes the BIP32 master public key and
derivation needed to sign inputs. Serialized transactions can be
sent to cosigners or to cold storage using QR codes (using Andreas
Schildbach's base 43 idea).
"2 of 3" multisig wallets and Google Authenticator. Note that
wallets protected by this service can be deterministically restored
from seed, without Trustedcoin's server.
wallets, to send and receive partially signed transactions.
window that pops up if you click on the QR code
outputs, and raw hexadecimal scripts.
start the daemon if it is not already running, and the GUI will
connect to it. The daemon can serve several clients. It times out
if no client uses if for more than 5 minutes.
keys. A watching-only wallet is created by entering a list of
addresses in the wizard dialog.
wallet files cannot be read by older versions of Electrum. Old
wallet files will be converted to the new format; this operation
may take some time, because public keys will be derived for each
address of your wallet.
the command line:
encrypt
decrypt
stable. Another script was added to Android, called Authenticator,
that works completely offline: it reads an unsigned transaction
shown as QR code, signs it and shows the result as a QR code.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBAgAGBQJU8y7fAAoJECvVgkt/lHDm78oP/2uIqCyOwLsAJGkAI3CPFxtw
WssFJlnCnFiA4tPv5pd7HdOgxQkTaPbUHftexfdd/lpfmFvxZVoHcA/32IIKFH63
BU2bnEyYOaW1A4XfNDQH6VG7eT2er1HOlHCtIgzRl0KJNmVggU6DnXnHkUs1PVvg
pyEIR7Xv3GiK7rcS4qCS/9COroqQGFOXJAiLnOaQP5KszT1bMUdoL7mBPTfavnla
LM+2MgKJOWv+JpHQCDp3XwAXX62LLsS2BjdK1Jt6OpGA6IuVQGBSaTIn5K81S+Yh
M6RDKbP3kObYQ+bzLvtWrzgUD3sdht/V8L5ZPS3+Jibvmhae2zRrm/YpJZ77Yjd4
7QliCFGH0+Gwle72yOempFGWULwq7p6yo4dVZXpj1G3XmbZXuvFg4jYeC/usCx+T
kQgMBPWME2m80fCzhJew1pRChSs/lzVreB0Lh6Tm/5Pibmy721J4oUr6oLkaR9Uy
NMrYqnSy0+tCEOXHrpCYhqogyzzdjOlv0gWKqB2uSkO5TkEHv2eyHeiZttAn11qO
sb85q/k0kYQBZZEvKJ9022eyKHjejDhQjKsCVIHhb81BJ1QYnZFIxBiKkVMxf0u5
sT2TTi18eOrYCUGD2WJ+ALyI1zN1sHO0/sn5+XzlC0jg+1KUXoo0j8NYnzmHb0Yx
5lbdlcaw0Uo7iWkFdMYT
=IGGP
-----END PGP SIGNATURE-----
original: http://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-March/007620.html
submitted by bitcoin-devlist-bot to bitcoin_devlist [link] [comments]

Why aren't the BIP38 words easy to visualize and memorize?

Memorizing your 12-word recovery phrase is not a bad idea, in case something happens to your backups. Of course, you should have multiple backups, but being able to remember the recovery phrase is useful. And there are various techniques to memorize lists of words easily.
And thankfully, most of the BIP39 words can be visualized. But some are rather abstract; examples:
ability, hybrid, inform, item, keen, usage, utility, venture
And others are too close together, e.g. "fun" and "funny", despite BIP39 claiming that an ideal wordlist should avoid similar words:
How were these words chosen, and was ease of memorization a criterion? If not, why not?
submitted by bastelian to Bitcoin [link] [comments]

BIP44 settings for SegWit addresses

I am finally trying to setup a SegWit address for my Ledger Nano S to start converting. I always like to independently generate the key pairs in an offline computer to ensure I can recover them correctly and the addresses match the Nano. Unfortunately, I cannot figure out how to do using a BIP44 mnemonic code converter. Bitcoin segwit does not seem to be a separate coin type, but do I need to use a seperate "account" or "purpose" as defined on the github wiki?
Also, I am using this mnemonic code coverter. It does not have that many coins and I would have to edit the source code to support this. Is there something better out there?
submitted by CryptoQnt to Bitcoin [link] [comments]

Bitcoin Mnemonic: Best Explanation?

I understand that the 12 word bitcoin mnemonic is completely secure - that even if someone decided to spin up a huge army of Amazon EC2 instances and set them to work guessing mnemonics, trying to "recover" random wallets by brute forcing the system, they would expend much more on their effort than they would manage to steal. But unlike cracking a password, where you have to combine it with the correct username, this effort - like an attack on brain wallets longer used since they are insecure, could be brute forced and I presume that eventually with enough computing power, wallets would be recovered.
I'd like to know if there is a great explanation of this technology available, and if not, why?
Perhaps users of bitcoin wallets, when asked to entrust their balances in a few words, have some level of doubt that this is "good enough" for them to secure their bitcoins with, and makes them question the security of the system more than they need to.
What would be really great would be a high quality animated video, with references and mathematical proofs, posted on YouTube, that you could refer people to who are not technically or mathematically minded, to set their minds at ease.
Because I do think, as adoption outside of the extremely tech literate grows, this question will come up more and more.
Sorry I'm not posting this video myself, I'm not a great animator and don't know others who are. I also don't understand all the facts behind this.
Perhaps, in leiu of such a video, others could write competing "best explanations for the layman" of this backup tool, and together we could form a really fantastic explanation.
Here are some resources on the subject: https://www.reddit.com/Bitcoin/comments/2twczy/how_are_mnemonic_words_secure_only_12_words/ https://blog.blockchain.com/.../understanding-mnemonics-and-the-blockchain-wallet/ http://bitcoin.stackexchange.com/questions/30879/pros-cons-limitations-of-mnemonic-phrases-bip39 http://www.explainxkcd.com/wiki/index.php/936#Explanation
People do know that computers are very fast, and the thought of their backup phrase needing to withstand an attack from a supercomputer, or some unknown entity called "hackers" that are out there on the Internet, breaking into things, the better we can explain how insanely well protected they are by mathematics, the better. And maybe, some people would like the option to encrypt their mnemonic with a password of their own choosing - they just might believe by securing it with 1023albertstreetGod, like they do their bank account, will make this OK.
Lastly, where are people advised to keep their mnemonic passphrases? Not everyone has a safe. They shouldn't be written down in Google Keep, or saved in an e-mail. Maybe they can write them down in the back of their diary, but what if their house burns down? Personally, mine is buried in the ground. I couldn't think of a fireproof solution (my flat burned down a few years ago, this is a real problem). Some people live in areas that might flood, though, or just not feel like buying a small gardening trowel.
There are reasons people would rather trust their money to a bank - the bank guarantee that you can show up, and show them your ID, and get access to your money. And that if your money is stolen by hackers, you'll get a refund. We can secure our own money, but it's new to us, having something we can't just buy an insurance policy for, or give to a third party to look after for us, these aren't things a lot of people are used to dealing with themselves.
Custodial accounts are not the answer, as BitFinex and countless other custodial accounts at exchanges demonstrate (some people would have trusted that because BitFinex had "upgraded" their security with BitGo, their funds were maybe safer there than in their own hands). I appreciate that it was BitFinex's setup, not BitGo, that was at fault here, but the point stands - who knows what security some third party are using, better to have trustworthy ways of securing your money aside custodial control. Trezor is great, but still has a backup mnemonic incase your house burns to the ground (or something much less likely).
EDIT: Andreas Antonopolous on some of what I wrote here: "Welcome. I’d like to know your take on brain wallets. Most consider brain wallet bad for newbies. Do you think it’s good for cold storage when applied by hardcore bitcoiners? Say, to mix the private key in the password-generation phrases to get a secured address. By the way, I personally use this method for most of my own bitcoins, is it ok? Many thx.
No, I think it is a terrible idea to try to make your own brainwallet or try to make complex security solutions if you are not an expert. Even for an expert, the best security is standardized, peer-reviewed, well-tested security. For cold storage I use BIP39 mnemonic phrases and standardized BIP32/BIP44 wallets built on top of those. I do not try to invent my own and I do not use brainwallets." Source: https://docs.google.com/document/d/1BEqEhxJjN05HgAZ_OYvVUJ6kxDvEDxGebLvea7XqP-c/edit?ts=57958319&pref=2&pli=1
submitted by jj8091 to Bitcoin [link] [comments]

Claiming DOTs with an Ethereum address generated using an old mnemonic phrase ✍️ Wie funktionieren kryptographische Signaturen? Bitcoin Transaktionen erklärt. Building on Bitcoin - Libbitcoin Hierarchical Deterministic Wallets (HD) - BIP32 generating master xprv xpub from seed BIP39 basics: generating mnemonic and seed from entropy (bitcoin python)

From Bitcoin Wiki. Jump to: navigation, search. This page describes a BIP (Bitcoin Improvement Proposal). Please see BIP 2 for more information about BIPs and creating them. Please do not just create a wiki page. Please do not modify this page. This is a mirror of the BIP from the source Git repository here. BIP: 39 Layer: Applications Title: Mnemonic code for generating deterministic keys ... Bitcoin Core (früher Bitcoin-Qt) ist der dritte Bitcoin-Client, der von Wladimir J. van der Laan auf der Grundlage des ursprünglichen Referenzcodes von Satoshi Nakamoto entwickelt wurde. Seit Version 0.5 ist es mit Bitcoind gebündelt. Bitcoin-Qt wurde seit Version 0.9.0 in Bitcoin Core umbenannt. Bitcoin Core ist ein vollwertiger Client, der die Basis des Netzwerks bildet. BIP39 Mnemonic phrase is a list of words that store all the information needed for the recovery of a Bitcoin wallet.Usually, a wallet generates a mnemonic backup phrase by itself, so that the user could write it down on paper. If the user’s computer is broken or its hard disk is damaged, he will be able to upload the same wallet and use the paper backup copy to get his Bitcoins back. You can enter an existing BIP39 mnemonic, or generate a new random one. Typing your own twelve words will probably not work how you expect, since the words require a particular structure (the last word contains a checksum). For more info see the BIP39 spec. Generate a random mnemonic: GENERATE. words, or enter your own below. Mnemonics with less than 12 words have low entropy and may be ... From Bitcoin Wiki. Jump to: navigation, search. A seed phrase, seed recovery phrase or backup seed phrase is a list of words which store all the information needed to recover Bitcoin funds on-chain. Wallet software will typically generate a seed phrase and instruct the user to write it down on paper. If the user's computer breaks or their hard drive becomes corrupted, they can download the ...

[index] [13579] [18759] [17306] [26753] [50898] [40232] [50461] [46330] [19196] [15220]

Claiming DOTs with an Ethereum address generated using an old mnemonic phrase

Global Crisis Meets Macro & The Future of Crypto (w/ Raoul Pal & Dan Morehead) - Duration: 1:03:30. Real Vision Finance 95,264 views Domingão do Bitcão, Analise de Bitcoin e Criptomoedas AO VIVO Augusto Backes 189 watching Live now Blockchain tutorial 28: Bitcoin Improvement Proposal 39 (BIP-39) mnemonic words - Duration: 17:45. Continuation of bitcoin python series, this time I'm generating master extended private (xprv) and master extended public (xpub) keys using python3. I am going through the implementation of BIP32 ... This process is no longer widely supported and is incompatible with the current BIP39 standard, so we go through the process of recovering those accounts in this video. Brain Wallet explainer ... Außerdem geht es darum wie Signaturen bei Bitcoin auf der untersten Ebene der Transaktionen benutzt werden um diese abzusichern. 😞 Errata: 256 Bit entspricht einer 1 mit 77 Nullen nicht 99.

#