Armory wallet review 2020 Features & fees Finder.com

The stickied "/r/bitcoin FAQ" thread is now 12 months old and could really do with updating as a lot has changed.

EDIT: Mission Accomplished. Bash has now replaced the old sticky with the one from the wiki which binaryresult was working on, with some updates from this thread. Check it out
Firstly, the majority of it isn't actually FAQs, but a big "dont message the mods" announcement. Regardless, I think it would be better to have some FAQs answered that are more appropriate for now, followed by that mod stuff if necessary.
I know a lot of it is in the sidebar, but most mobile apps don't give that prominence. The stickied post is the main landing page, and it says FAQs on it causing new people to read it. Also, the FAQs on the wiki (from the sidebar) is huge and pretty dense. Not newcomer friendly.
My loose ideas:
(From the sidebar) Bitcoin is the currency of the Internet: a distributed, worldwide, decentralized digital money. Unlike traditional currencies such as dollars, bitcoins are issued and managed without any central authority whatsoever: there is no government, company, or bank in charge of Bitcoin. As such, it is more resistant to wild inflation and corrupt banks. With Bitcoin, you can be your own bank.
Some introductory information
That's what I think would be a good introduction for newcomers at a reasonable length. Put all the modmail stuff afterwards if needed, but this is a friendly intro with real FAQs unlike the current sticky post. What do people think?
submitted by StavromulaDelta to Bitcoin [link] [comments]

PSA to new users of bitcoin (especially if you feel you don't understand bitcoin very well)

This thread on bitcointalk worries me. I suspect a lot of people are buying and have bought something they don't understand, and I'm concerned that thefts are going to increase as a result. If this is you, please read this.
Wallets
To access your bitcoins and transact with the network you're going to use a wallet. This will either be a piece of software you install on your computer or an online wallet service like blockchain.info. The wallet jargon is just a convenient way to refer to what's going on under the hood. Every Bitcoin address has an associated private key, and the private key is really just a string of numbers and letters. You can only spend bitcoins at addresses for which you also have the associated private key. If you happen to find somebody else's private key, then you can import it into other Bitcoin clients or online wallets and then you have the ability to spend any coins associated with that private key's addresses.
Most wallet clients give you the option to encrypt your private key. Please do that. That means you can protect it with a password. You will be asked for this password to create transactions. Your blockchain.info login password serves that purpose, for example.
Passwords
Use strong and unique passwords. That advice applies to your entire online life, really. If you use weak passwords and/or you don't use unique passwords, then you are at risk of somebody guessing your password using a computer designed to make lots of guesses. If your passwords are not unique that gives attackers the opportunity to compromise more than one service. It's best to use a mix of lower case, upper case, numbers, and symbols in your passwords. Your passwords should also be sufficiently long, around 16 characters, for services that you would really hate getting compromised. You should still use unique passwords for services you don't consider critical, but for those services you might not feel it's necessary to use long passwords with a mix of all character types. Of course, this is all up to you.
Passwords managers can help you organize lots of strong, unique passwords. Lastpass is a fantastic password manager. It works across all the major browsers and they even have mobile apps. You create one really, really strong password that you must never forget, and then Lastpass organizes and remembers all of your other passwords for you. Lastpass encrypts all of your data before it's sent to their servers, so they can't see your passwords. If you forget your Lastpass password, then you lose access to passwords stored with them, unless you remember them or have them stored somewhere else.
You can make strong passwords easier to remember by increasing their length with a relatively simple pattern while still using each character type. This is called password padding. Security researcher Steve Gibson explains by comparing two passwords:
Which of the following two passwords is stronger, more secure, and more difficult to crack?
D0g.....................
PrXyc.N(n4k77#L!eVdAfp9
You probably know this is a trick question, but the answer is: Despite the fact that the first password is HUGELY easier to use and more memorable, it is also the stronger of the two! In fact, since it is one character longer and contains uppercase, lowercase, a number and special characters, that first password would take an attacker approximately 95 times longer to find by searching than the second impossible-to-remember-or-type password!"
Strong, unique, but memorable passwords depend on using all character types and adding memorable length. You really should also avoid dictionary words and common modifications of simple dictionary words (e.g. dog, d0g, etc.) Consistent with the advice to use unique passwords, you wouldn't want to use the same padding technique for more than one critical password.
Multi-Factor Authentication
Many online services (e.g. gmail, blockchain.info, MtGox, Lastpass) offer the option to use multi-factor authentication. If this service is offered, you should use it. This means that you need more than your password to log into your account. It can come in the form of a number sent as a text to your phone, a usb key that must be plugged into your computer, or an app like Google Authenticator. When you log into a service for which multi-factor authentication has been activated you will be asked for both your password and an additional pin sent to or derived from a separate device. This offers you some protection from key loggers which an attacker can install on your computer to see everything you type. Even if they discover your password, they will be unable to log in without the additional pin from, say, your phone. A previously used pin will not work, they would need one generated specifically for the most recent attempt to log in.
If the email provider that you use offers multi-factor authentication, and you use that email to register for important services (e.g. online banking, bitcoin wallets, exchanges, etc), then you should definitely enable multi-factor authentication. If an attacker can compromise your email, then they can potentially access lots of websites your registered at, because they can ask the websites to reset your password. Websites typically send a password reset email under the assumption that only you have control of your email. If you don't, an attacker can change the passwords to your web services. By enabling multi-factor authentication on your email, you can significantly decrease the odds of an attacker compromising your email. You should likewise use multi-factor authentication with any password managers you use, if you choose to use one.
This might all seem very inconvenient. However, the security gained far outweighs any convenience lost.
Advanced Bitcoin Wallet Security
The most secure way to safeguard your bitcoin value is to create and keep your private keys on systems that cannot be hacked into. This can be a computer that is setup without ever touching the internet, or paper wallets. A paper wallet is just some text based way to represent your private key. An attacker cannot compromise an offline computer without physical access, and he would additionally need to know the passwords to log onto your offline computer. If you have offline systems such as offline computers or paper or other physical wallets, then obviously the attack vector is basically physical burglary.
The Armory bitcoin client is a client designed to maximize security options. Armory makes it relatively painless to setup an offline wallet. A computer does not need to be connected to the internet to create valid bitcoin private keys with associated bitcoin addresses. That's because their creation is determined by algorithms that can be copied and run on any computer with or without network connections.
With Armory you can setup offline bitcoin wallets. In order to send bitcoins to that wallet you just need to copy an address created on the offline computer. The offline wallet can create what's called a "watching only wallet". This is a wallet you can import into an online installation of Armory on a different networked computer. From the online watching only wallet you can see bitcoins sent to your addresses and you can create unsigned transactions. You can try to broadcast an unsigned transaction, but it will not be confirmed in the blockchain, and is not a valid transaction. In order to send the transaction into the blockchain and have it validated you will need to copy the unsigned transaction to a USB device, import it into the offline Armory wallet, sign the transaction, then copy and move it back to your online Armory wallet. From there, it can be sent and received as a valid bitcoin transaction. In this way it is made practically impossible for a network attack to steal your bitcoins.
It's a good idea to create additional offline backups of your Armory wallets. Armory has a feature to create printable offline backups. These can be used to restore your wallet in the event that your offline computer is destroyed or stolen.
Systems like this are more inconvenient, but offer the highest level of relatively easy to setup security.
Thanks, welcome to bitcoin, and stay safe.
Edited to add a section on advanced wallet security
submitted by therealproudhon to Bitcoin [link] [comments]

Is anyone else freaked out by this whole blocksize debate? Does anyone else find themself often agreeing with *both* sides - depending on whichever argument you happen to be reading at the moment? And do we need some better algorithms and data structures?

Why do both sides of the debate seem “right” to me?
I know, I know, a healthy debate is healthy and all - and maybe I'm just not used to the tumult and jostling which would be inevitable in a real live open major debate about something as vital as Bitcoin.
And I really do agree with the starry-eyed idealists who say Bitcoin is vital. Imperfect as it may be, it certainly does seem to represent the first real chance we've had in the past few hundred years to try to steer our civilization and our planet away from the dead-ends and disasters which our government-issued debt-based currencies keep dragging us into.
But this particular debate, about the blocksize, doesn't seem to be getting resolved at all.
Pretty much every time I read one of the long-form major arguments contributed by Bitcoin "thinkers" who I've come to respect over the past few years, this weird thing happens: I usually end up finding myself nodding my head and agreeing with whatever particular piece I'm reading!
But that should be impossible - because a lot of these people vehemently disagree!
So how can both sides sound so convincing to me, simply depending on whichever piece I currently happen to be reading?
Does anyone else feel this way? Or am I just a gullible idiot?
Just Do It?
When you first look at it or hear about it, increasing the size seems almost like a no-brainer: The "big-block" supporters say just increase the blocksize to 20 MB or 8 MB, or do some kind of scheduled or calculated regular increment which tries to take into account the capabilities of the infrastructure and the needs of the users. We do have the bandwidth and the memory to at least increase the blocksize now, they say - and we're probably gonna continue to have more bandwidth and memory in order to be able to keep increasing the blocksize for another couple decades - pretty much like everything else computer-based we've seen over the years (some of this stuff is called by names such as "Moore's Law").
On the other hand, whenever the "small-block" supporters warn about the utter catastrophe that a failed hard-fork would mean, I get totally freaked by their possible doomsday scenarios, which seem totally plausible and terrifying - so I end up feeling that the only way I'd want to go with a hard-fork would be if there was some pre-agreed "triggering" mechanism where the fork itself would only actually "switch on" and take effect provided that some "supermajority" of the network (of who? the miners? the full nodes?) had signaled (presumably via some kind of totally reliable p2p trustless software-based voting system?) that they do indeed "pre-agree" to actually adopt the pre-scheduled fork (and thereby avoid any possibility whatsoever of the precious blockchain somehow tragically splitting into two and pretty much killing this cryptocurrency off in its infancy).
So in this "conservative" scenario, I'm talking about wanting at least 95% pre-adoption agreement - not the mere 75% which I recall some proposals call for, which seems like it could easily lead to a 75/25 blockchain split.
But this time, with this long drawn-out blocksize debate, the core devs, and several other important voices who have become prominent opinion shapers over the past few years, can't seem to come to any real agreement on this.
Weird split among the devs
As far as I can see, there's this weird split: Gavin and Mike seem to be the only people among the devs who really want a major blocksize increase - and all the other devs seem to be vehemently against them.
But then on the other hand, the users seem to be overwhelmingly in favor of a major increase.
And there are meta-questions about governance, about about why this didn't come out as a BIP, and what the availability of Bitcoin XT means.
And today or yesterday there was this really cool big-blockian exponential graph based on doubling the blocksize every two years for twenty years, reminding us of the pure mathematical fact that 210 is indeed about 1000 - but not really addressing any of the game-theoretic points raised by the small-blockians. So a lot of the users seem to like it, but when so few devs say anything positive about it, I worry: is this just yet more exponential chart porn?
On the one hand, Gavin's and Mike's blocksize increase proposal initially seemed like a no-brainer to me.
And on the other hand, all the other devs seem to be against them. Which is weird - not what I'd initially expected at all (but maybe I'm just a fool who's seduced by exponential chart porn?).
Look, I don't mean to be rude to any of the core devs, and I don't want to come off like someone wearing a tinfoil hat - but it has to cross people's minds that the powers that be (the Fed and the other central banks and the governments that use their debt-issued money to run this world into a ditch) could very well be much more scared shitless than they're letting on. If we assume that the powers that be are using their usual playbook and tactics, then it could be worth looking at the book "Confessions of an Economic Hitman" by John Perkins, to get an idea of how they might try to attack Bitcoin. So, what I'm saying is, they do have a track record of sending in "experts" to try to derail projects and keep everyone enslaved to the Creature from Jekyll Island. I'm just saying. So, without getting ad hominem - let's just make sure that our ideas can really stand scrutiny on their own - as Nick Szabo says, we need to make sure there is "more computer science, less noise" in this debate.
When Gavin Andresen first came out with the 20 MB thing - I sat back and tried to imagine if I could download 20 MB in 10 minutes (which seems to be one of the basic mathematical and technological constraints here - right?)
I figured, "Yeah, I could download that" - even with my crappy internet connection.
And I guess the telecoms might be nice enough to continue to double our bandwidth every two years for the next couple decades – if we ask them politely?
On the other hand - I think we should be careful about entrusting the financial freedom of the world into the greedy hands of the telecoms companies - given all their shady shenanigans over the past few years in many countries. After decades of the MPAA and the FBI trying to chip away at BitTorrent, lately PirateBay has been hard to access. I would say it's quite likely that certain persons at institutions like JPMorgan and Goldman Sachs and the Fed might be very, very motivated to see Bitcoin fail - so we shouldn't be too sure about scaling plans which depend on the willingness of companies Verizon and AT&T to double our bandwith every two years.
Maybe the real important hardware buildout challenge for a company like 21 (and its allies such as Qualcomm) to take on now would not be "a miner in every toaster" but rather "Google Fiber Download and Upload Speeds in every Country, including China".
I think I've read all the major stuff on the blocksize debate from Gavin Andresen, Mike Hearn, Greg Maxwell, Peter Todd, Adam Back, and Jeff Garzick and several other major contributors - and, oddly enough, all their arguments seem reasonable - heck even Luke-Jr seems reasonable to me on the blocksize debate, and I always thought he was a whackjob overly influenced by superstition and numerology - and now today I'm reading the article by Bram Cohen - the inventor of BitTorrent - and I find myself agreeing with him too!
I say to myself: What's going on with me? How can I possibly agree with all of these guys, if they all have such vehemently opposing viewpoints?
I mean, think back to the glory days of a couple of years ago, when all we were hearing was how this amazing unprecedented grassroots innovation called Bitcoin was going to benefit everyone from all walks of life, all around the world:
...basically the entire human race transacting everything into the blockchain.
(Although let me say that I think that people's focus on ideas like driverless cabs creating realtime fare markets based on supply and demand seems to be setting our sights a bit low as far as Bitcoin's abilities to correct the financial world's capital-misallocation problems which seem to have been made possible by infinite debt-based fiat. I would have hoped that a Bitcoin-based economy would solve much more noble, much more urgent capital-allocation problems than driverless taxicabs creating fare markets or refrigerators ordering milk on the internet of things. I was thinking more along the lines that Bitcoin would finally strangle dead-end debt-based deadly-toxic energy industries like fossil fuels and let profitable clean energy industries like Thorium LFTRs take over - but that's another topic. :=)
Paradoxes in the blocksize debate
Let me summarize the major paradoxes I see here:
(1) Regarding the people (the majority of the core devs) who are against a blocksize increase: Well, the small-blocks arguments do seem kinda weird, and certainly not very "populist", in the sense that: When on earth have end-users ever heard of a computer technology whose capacity didn't grow pretty much exponentially year-on-year? All the cool new technology we've had - from hard drives to RAM to bandwidth - started out pathetically tiny and grew to unimaginably huge over the past few decades - and all our software has in turn gotten massively powerful and big and complex (sometimes bloated) to take advantage of the enormous new capacity available.
But now suddenly, for the first time in the history of technology, we seem to have a majority of the devs, on a major p2p project - saying: "Let's not scale the system up. It could be dangerous. It might break the whole system (if the hard-fork fails)."
I don't know, maybe I'm missing something here, maybe someone else could enlighten me, but I don't think I've ever seen this sort of thing happen in the last few decades of the history of technology - devs arguing against scaling up p2p technology to take advantage of expected growth in infrastructure capacity.
(2) But... on the other hand... the dire warnings of the small-blockians about what could happen if a hard-fork were to fail - wow, they do seem really dire! And these guys are pretty much all heavyweight, experienced programmers and/or game theorists and/or p2p open-source project managers.
I must say, that nearly all of the long-form arguments I've read - as well as many, many of the shorter comments I've read from many users in the threads, whose names I at least have come to more-or-less recognize over the past few months and years on reddit and bitcointalk - have been amazingly impressive in their ability to analyze all aspects of the lifecycle and management of open-source software projects, bringing up lots of serious points which I could never have come up with, and which seem to come from long experience with programming and project management - as well as dealing with economics and human nature (eg, greed - the game-theory stuff).
So a lot of really smart and experienced people with major expertise in various areas ranging from programming to management to game theory to politics to economics have been making some serious, mature, compelling arguments.
But, as I've been saying, the only problem to me is: in many of these cases, these arguments are vehemently in opposition to each other! So I find myself agreeing with pretty much all of them, one by one - which means the end result is just a giant contradiction.
I mean, today we have Bram Cohen, the inventor of BitTorrent, arguing (quite cogently and convincingly to me), that it would be dangerous to increase the blocksize. And this seems to be a guy who would know a few things about scaling out a massive global p2p network - since the protocol which he invented, BitTorrent, is now apparently responsible for like a third of the traffic on the internet (and this despite the long-term concerted efforts of major evil players such as the MPAA and the FBI to shut the whole thing down).
Was the BitTorrent analogy too "glib"?
By the way - I would like to go on a slight tangent here and say that one of the main reasons why I felt so "comfortable" jumping on the Bitcoin train back a few years ago, when I first heard about it and got into it, was the whole rough analogy I saw with BitTorrent.
I remembered the perhaps paradoxical fact that when a torrent is more popular (eg, a major movie release that just came out last week), then it actually becomes faster to download. More people want it, so more people have a few pieces of it, so more people are able to get it from each other. A kind of self-correcting economic feedback loop, where more demand directly leads to more supply.
(BitTorrent manages to pull this off by essentially adding a certain structure to the file being shared, so that it's not simply like an append-only list of 1 MB blocks, but rather more like an random-access or indexed array of 1 MB chunks. Say you're downloading a film which is 700 MB. As soon as your "client" program has downloaded a single 1-MB chunk - say chunk #99 - your "client" program instantly turns into a "server" program as well - offering that chunk #99 to other clients. From my simplistic understanding, I believe the Bitcoin protocol does something similar, to provide a p2p architecture. Hence my - perhaps naïve - assumption that Bitcoin already had the right algorithms / architecture / data structure to scale.)
The efficiency of the BitTorrent network seemed to jive with that "network law" (Metcalfe's Law?) about fax machines. This law states that the more fax machines there are, the more valuable the network of fax machines becomes. Or the value of the network grows on the order of the square of the number of nodes.
This is in contrast with other technology like cars, where the more you have, the worse things get. The more cars there are, the more traffic jams you have, so things start going downhill. I guess this is because highway space is limited - after all, we can't pave over the entire countryside, and we never did get those flying cars we were promised, as David Graeber laments in a recent essay in The Baffler magazine :-)
And regarding the "stress test" supposedly happening right now in the middle of this ongoing blocksize debate, I don't know what worries me more: the fact that it apparently is taking only $5,000 to do a simple kind of DoS on the blockchain - or the fact that there are a few rumors swirling around saying that the unknown company doing the stress test shares the same physical mailing address with a "scam" company?
Or maybe we should just be worried that so much of this debate is happening on a handful of forums which are controlled by some guy named theymos who's already engaged in some pretty "contentious" or "controversial" behavior like blowing a million dollars on writing forum software (I guess he never heard that reddit.com software is open-source)?
So I worry that the great promise of "decentralization" might be more fragile than we originally thought.
Scaling
Anyways, back to Metcalfe's Law: with virtual stuff, like torrents and fax machines, the more the merrier. The more people downloading a given movie, the faster it arrives - and the more people own fax machines, the more valuable the overall fax network.
So I kindof (naïvely?) assumed that Bitcoin, being "virtual" and p2p, would somehow scale up the same magical way BitTorrrent did. I just figured that more people using it would somehow automatically make it stronger and faster.
But now a lot of devs have started talking in terms of the old "scarcity" paradigm, talking about blockspace being a "scarce resource" and talking about "fee markets" - which seems kinda scary, and antithetical to much of the earlier rhetoric we heard about Bitcoin (the stuff about supporting our favorite creators with micropayments, and the stuff about Africans using SMS to send around payments).
Look, when some asshole is in line in front of you at the cash register and he's holding up the line so they can run his credit card to buy a bag of Cheeto's, we tend to get pissed off at the guy - clogging up our expensive global electronic payment infrastructure to make a two-dollar purchase. And that's on a fairly efficient centralized system - and presumably after a year or so, VISA and the guy's bank can delete or compress the transaction in their SQL databases.
Now, correct me if I'm wrong, but if some guy buys a coffee on the blockchain, or if somebody pays an online artist $1.99 for their work - then that transaction, a few bytes or so, has to live on the blockchain forever?
Or is there some "pruning" thing that gets rid of it after a while?
And this could lead to another question: Viewed from the perspective of double-entry bookkeeping, is the blockchain "world-wide ledger" more like the "balance sheet" part of accounting, i.e. a snapshot showing current assets and liabilities? Or is it more like the "cash flow" part of accounting, i.e. a journal showing historical revenues and expenses?
When I think of thousands of machines around the globe having to lug around multiple identical copies of a multi-gigabyte file containing some asshole's coffee purchase forever and ever... I feel like I'm ideologically drifting in one direction (where I'd end up also being against really cool stuff like online micropayments and Africans banking via SMS)... so I don't want to go there.
But on the other hand, when really experienced and battle-tested veterans with major experience in the world of open-souce programming and project management (the "small-blockians") warn of the catastrophic consequences of a possible failed hard-fork, I get freaked out and I wonder if Bitcoin really was destined to be a settlement layer for big transactions.
Could the original programmer(s) possibly weigh in?
And I don't mean to appeal to authority - but heck, where the hell is Satoshi Nakamoto in all this? I do understand that he/she/they would want to maintain absolute anonymity - but on the other hand, I assume SN wants Bitcoin to succeed (both for the future of humanity - or at least for all the bitcoins SN allegedly holds :-) - and I understand there is a way that SN can cryptographically sign a message - and I understand that as the original developer of Bitcoin, SN had some very specific opinions about the blocksize... So I'm kinda wondering of Satoshi could weigh in from time to time. Just to help out a bit. I'm not saying "Show us a sign" like a deity or something - but damn it sure would be fascinating and possibly very helpful if Satoshi gave us his/hetheir 2 satoshis worth at this really confusing juncture.
Are we using our capacity wisely?
I'm not a programming or game-theory whiz, I'm just a casual user who has tried to keep up with technology over the years.
It just seems weird to me that here we have this massive supercomputer (500 times more powerful than the all the supercomputers in the world combined) doing fairly straightforward "embarassingly parallel" number-crunching operations to secure a p2p world-wide ledger called the blockchain to keep track of a measly 2.1 quadrillion tokens spread out among a few billion addresses - and a couple of years ago you had people like Rick Falkvinge saying the blockchain would someday be supporting multi-million-dollar letters of credit for international trade and you had people like Andreas Antonopoulos saying the blockchain would someday allow billions of "unbanked" people to send remittances around the village or around the world dirt-cheap - and now suddenly in June 2015 we're talking about blockspace as a "scarce resource" and talking about "fee markets" and partially centralized, corporate-sponsored "Level 2" vaporware like Lightning Network and some mysterious company is "stess testing" or "DoS-ing" the system by throwing away a measly $5,000 and suddenly it sounds like the whole system could eventually head right back into PayPal and Western Union territory again, in terms of expensive fees.
When I got into Bitcoin, I really was heavily influenced by vague analogies with BitTorrent: I figured everyone would just have tiny little like utorrent-type program running on their machine (ie, Bitcoin-QT or Armory or Mycelium etc.).
I figured that just like anyone can host a their own blog or webserver, anyone would be able to host their own bank.
Yeah, Google and and Mozilla and Twitter and Facebook and WhatsApp did come along and build stuff on top of TCP/IP, so I did expect a bunch of companies to build layers on top of the Bitcoin protocol as well. But I still figured the basic unit of bitcoin client software powering the overall system would be small and personal and affordable and p2p - like a bittorrent client - or at the most, like a cheap server hosting a blog or email server.
And I figured there would be a way at the software level, at the architecture level, at the algorithmic level, at the data structure level - to let the thing scale - if not infinitely, at least fairly massively and gracefully - the same way the BitTorrent network has.
Of course, I do also understand that with BitTorrent, you're sharing a read-only object (eg, a movie) - whereas with Bitcoin, you're achieving distributed trustless consensus and appending it to a write-only (or append-only) database.
So I do understand that the problem which BitTorrent solves is much simpler than the problem which Bitcoin sets out to solve.
But still, it seems that there's got to be a way to make this thing scale. It's p2p and it's got 500 times more computing power than all the supercomputers in the world combined - and so many brilliant and motivated and inspired people want this thing to succeed! And Bitcoin could be our civilization's last chance to steer away from the oncoming debt-based ditch of disaster we seem to be driving into!
It just seems that Bitcoin has got to be able to scale somehow - and all these smart people working together should be able to come up with a solution which pretty much everyone can agree - in advance - will work.
Right? Right?
A (probably irrelevant) tangent on algorithms and architecture and data structures
I'll finally weigh with my personal perspective - although I might be biased due to my background (which is more on the theoretical side of computer science).
My own modest - or perhaps radical - suggestion would be to ask whether we're really looking at all the best possible algorithms and architectures and data structures out there.
From this perspective, I sometimes worry that the overwhelming majority of the great minds working on the programming and game-theory stuff might come from a rather specific, shall we say "von Neumann" or "procedural" or "imperative" school of programming (ie, C and Python and Java programmers).
It seems strange to me that such a cutting-edge and important computer project would have so little participation from the great minds at the other end of the spectrum of programming paradigms - namely, the "functional" and "declarative" and "algebraic" (and co-algebraic!) worlds.
For example, I was struck in particular by statements I've seen here and there (which seemed rather hubristic or lackadaisical to me - for something as important as Bitcoin), that the specification of Bitcoin and the blockchain doesn't really exist in any form other than the reference implementation(s) (in procedural languages such as C or Python?).
Curry-Howard anyone?
I mean, many computer scientists are aware of the Curry-Howard isomorophism, which basically says that the relationship between a theorem and its proof is equivalent to the relationship between a specification and its implementation. In other words, there is a long tradition in mathematics (and in computer programming) of:
And it's not exactly "turtles all the way down" either: a specification is generally simple and compact enough that a good programmer can usually simply visually inspect it to determine if it is indeed "correct" - something which is very difficult, if not impossible, to do with a program written in a procedural, implementation-oriented language such as C or Python or Java.
So I worry that we've got this tradition, from the open-source github C/Java programming tradition, of never actually writing our "specification", and only writing the "implementation". In mission-critical military-grade programming projects (which often use languages like Ada or Maude) this is simply not allowed. It would seem that a project as mission-critical as Bitcoin - which could literally be crucial for humanity's continued survival - should also use this kind of military-grade software development approach.
And I'm not saying rewrite the implementations in these kind of theoretical languages. But it might be helpful if the C/Python/Java programmers in the Bitcoin imperative programming world could build some bridges to the Maude/Haskell/ML programmers of the functional and algebraic programming worlds to see if any kind of useful cross-pollination might take place - between specifications and implementations.
For example, the JavaFAN formal analyzer for multi-threaded Java programs (developed using tools based on the Maude language) was applied to the Remote Agent AI program aboard NASA's Deep Space 1 shuttle, written in Java - and it took only a few minutes using formal mathematical reasoning to detect a potential deadlock which would have occurred years later during the space mission when the damn spacecraft was already way out around Pluto.
And "the Maude-NRL (Naval Research Laboratory) Protocol Analyzer (Maude-NPA) is a tool used to provide security proofs of cryptographic protocols and to search for protocol flaws and cryptosystem attacks."
These are open-source formal reasoning tools developed by DARPA and used by NASA and the US Navy to ensure that program implementations satisfy their specifications. It would be great if some of the people involved in these kinds of projects could contribute to help ensure the security and scalability of Bitcoin.
But there is a wide abyss between the kinds of programmers who use languages like Maude and the kinds of programmers who use languages like C/Python/Java - and it can be really hard to get the two worlds to meet. There is a bit of rapprochement between these language communities in languages which might be considered as being somewhere in the middle, such as Haskell and ML. I just worry that Bitcoin might be turning into being an exclusively C/Python/Java project (with the algorithms and practitioners traditionally of that community), when it could be more advantageous if it also had some people from the functional and algebraic-specification and program-verification community involved as well. The thing is, though: the theoretical practitioners are big on "semantics" - I've heard them say stuff like "Yes but a C / C++ program has no easily identifiable semantics". So to get them involved, you really have to first be able to talk about what your program does (specification) - before proceeding to describe how it does it (implementation). And writing high-level specifications is typically very hard using the syntax and semantics of languages like C and Java and Python - whereas specs are fairly easy to write in Maude - and not only that, they're executable, and you state and verify properties about them - which provides for the kind of debate Nick Szabo was advocating ("more computer science, less noise").
Imagine if we had an executable algebraic specification of Bitcoin in Maude, where we could formally reason about and verify certain crucial game-theoretical properties - rather than merely hand-waving and arguing and deploying and praying.
And so in the theoretical programming community you've got major research on various logics such as Girard's Linear Logic (which is resource-conscious) and Bruni and Montanari's Tile Logic (which enables "pasting" bigger systems together from smaller ones in space and time), and executable algebraic specification languages such as Meseguer's Maude (which would be perfect for game theory modeling, with its functional modules for specifying the deterministic parts of systems and its system modules for specifiying non-deterministic parts of systems, and its parameterized skeletons for sketching out the typical architectures of mobile systems, and its formal reasoning and verification tools and libraries which have been specifically applied to testing and breaking - and fixing - cryptographic protocols).
And somewhat closer to the practical hands-on world, you've got stuff like Google's MapReduce and lots of Big Data database languages developed by Google as well. And yet here we are with a mempool growing dangerously big for RAM on a single machine, and a 20-GB append-only list as our database - and not much debate on practical results from Google's Big Data databases.
(And by the way: maybe I'm totally ignorant for asking this, but I'll ask anyways: why the hell does the mempool have to stay in RAM? Couldn't it work just as well if it were stored temporarily on the hard drive?)
And you've got CalvinDB out of Yale which apparently provides an ACID layer on top of a massively distributed database.
Look, I'm just an armchair follower cheering on these projects. I can barely manage to write a query in SQL, or read through a C or Python or Java program. But I would argue two points here: (1) these languages may be too low-level and "non-formal" for writing and modeling and formally reasoning about and proving properties of mission-critical specifications - and (2) there seem to be some Big Data tools already deployed by institutions such as Google and Yale which support global petabyte-size databases on commodity boxes with nice properties such as near-real-time and ACID - and I sometimes worry that the "core devs" might be failing to review the literature (and reach out to fellow programmers) out there to see if there might be some formal program-verification and practical Big Data tools out there which could be applied to coming up with rock-solid, 100% consensus proposals to handle an issue such as blocksize scaling, which seems to have become much more intractable than many people might have expected.
I mean, the protocol solved the hard stuff: the elliptical-curve stuff and the Byzantine General stuff. How the heck can we be falling down on the comparatively "easier" stuff - like scaling the blocksize?
It just seems like defeatism to say "Well, the blockchain is already 20-30 GB and it's gonna be 20-30 TB ten years from now - and we need 10 Mbs bandwidth now and 10,000 Mbs bandwidth 20 years from - assuming the evil Verizon and AT&T actually give us that - so let's just become a settlement platform and give up on buying coffee or banking the unbanked or doing micropayments, and let's push all that stuff into some corporate-controlled vaporware without even a whitepaper yet."
So you've got Peter Todd doing some possibly brilliant theorizing and extrapolating on the idea of "treechains" - there is a Let's Talk Bitcoin podcast from about a year ago where he sketches the rough outlines of this idea out in a very inspiring, high-level way - although the specifics have yet to be hammered out. And we've got Blockstream also doing some hopeful hand-waving about the Lightning Network.
Things like Peter Todd's treechains - which may be similar to the spark in some devs' eyes called Lightning Network - are examples of the kind of algorithm or architecture which might manage to harness the massive computing power of miners and nodes in such a way that certain kinds of massive and graceful scaling become possible.
It just seems like a kindof tiny dev community working on this stuff.
Being a C or Python or Java programmer should not be a pre-req to being able to help contribute to the specification (and formal reasoning and program verification) for Bitcoin and the blockchain.
XML and UML are crap modeling and specification languages, and C and Java and Python are even worse (as specification languages - although as implementation languages, they are of course fine).
But there are serious modeling and specification languages out there, and they could be very helpful at times like this - where what we're dealing with is questions of modeling and specification (ie, "needs and requirements").
One just doesn't often see the practical, hands-on world of open-source github implementation-level programmers and the academic, theoretical world of specification-level programmers meeting very often. I wish there were some way to get these two worlds to collaborate on Bitcoin.
Maybe a good first step to reach out to the theoretical people would be to provide a modular executable algebraic specification of the Bitcoin protocol in a recognized, military/NASA-grade specification language such as Maude - because that's something the theoretical community can actually wrap their heads around, whereas it's very hard to get them to pay attention to something written only as a C / Python / Java implementation (without an accompanying specification in a formal language).
They can't check whether the program does what it's supposed to do - if you don't provide a formal mathematical definition of what the program is supposed to do.
Specification : Implementation :: Theorem : Proof
You have to remember: the theoretical community is very aware of the Curry-Howard isomorphism. Just like it would be hard to get a mathematician's attention by merely showing them a proof without telling also telling them what theorem the proof is proving - by the same token, it's hard to get the attention of a theoretical computer scientist by merely showing them an implementation without showing them the specification that it implements.
Bitcoin is currently confronted with a mathematical or "computer science" problem: how to secure the network while getting high enough transactional throughput, while staying within the limited RAM, bandwidth and hard drive space limitations of current and future infrastructure.
The problem only becomes a political and economic problem if we give up on trying to solve it as a mathematical and "theoretical computer science" problem.
There should be a plethora of whitepapers out now proposing algorithmic solutions to these scaling issues. Remember, all we have to do is apply the Byzantine General consensus-reaching procedure to a worldwide database which shuffles 2.1 quadrillion tokens among a few billion addresses. The 21 company has emphatically pointed out that racing to compute a hash to add a block is an "embarrassingly parallel" problem - very easy to decompose among cheap, fault-prone, commodity boxes, and recompose into an overall solution - along the lines of Google's highly successful MapReduce.
I guess what I'm really saying is (and I don't mean to be rude here), is that C and Python and Java programmers might not be the best qualified people to develop and formally prove the correctness of (note I do not say: "test", I say "formally prove the correctness of") these kinds of algorithms.
I really believe in the importance of getting the algorithms and architectures right - look at Google Search itself, it uses some pretty brilliant algorithms and architectures (eg, MapReduce, Paxos) which enable it to achieve amazing performance - on pretty crappy commodity hardware. And look at BitTorrent, which is truly p2p, where more demand leads to more supply.
So, in this vein, I will close this lengthy rant with an oddly specific link - which may or may not be able to make some interesting contributions to finding suitable algorithms, architectures and data structures which might help Bitcoin scale massively. I have no idea if this link could be helpful - but given the near-total lack of people from the Haskell and ML and functional worlds in these Bitcoin specification debates, I thought I'd be remiss if I didn't throw this out - just in case there might be something here which could help us channel the massive computing power of the Bitcoin network in such a way as to enable us simply sidestep this kind of desperate debate where both sides seem right because the other side seems wrong.
https://personal.cis.strath.ac.uk/neil.ghani/papers/ghani-calco07
The above paper is about "higher dimensional trees". It uses a bit of category theory (not a whole lot) and a bit of Haskell (again not a lot - just a simple data structure called a Rose tree, which has a wikipedia page) to develop a very expressive and efficient data structure which generalizes from lists to trees to higher dimensions.
I have no idea if this kind of data structure could be applicable to the current scaling mess we apparently are getting bogged down in - I don't have the game-theory skills to figure it out.
I just thought that since the blockchain is like a list, and since there are some tree-like structures which have been grafted on for efficiency (eg Merkle trees) and since many of the futuristic scaling proposals seem to also involve generalizing from list-like structures (eg, the blockchain) to tree-like structures (eg, side-chains and tree-chains)... well, who knows, there might be some nugget of algorithmic or architectural or data-structure inspiration there.
So... TL;DR:
(1) I'm freaked out that this blocksize debate has splintered the community so badly and dragged on so long, with no resolution in sight, and both sides seeming so right (because the other side seems so wrong).
(2) I think Bitcoin could gain immensely by using high-level formal, algebraic and co-algebraic program specification and verification languages (such as Maude including Maude-NPA, Mobile Maude parameterized skeletons, etc.) to specify (and possibly also, to some degree, verify) what Bitcoin does - before translating to low-level implementation languages such as C and Python and Java saying how Bitcoin does it. This would help to communicate and reason about programs with much more mathematical certitude - and possibly obviate the need for many political and economic tradeoffs which currently seem dismally inevitable - and possibly widen the collaboration on this project.
(3) I wonder if there are some Big Data approaches out there (eg, along the lines of Google's MapReduce and BigTable, or Yale's CalvinDB), which could be implemented to allow Bitcoin to scale massively and painlessly - and to satisfy all stakeholders, ranging from millionaires to micropayments, coffee drinkers to the great "unbanked".
submitted by BeYourOwnBank to Bitcoin [link] [comments]

Trying to restore paper wallet

In 2014 I paid back to my sister 40 usd using my bitcoins (0.0665 BTC). Now the amount is worth ~500 usd.
We generated a paper wallet. I have the paper but I don't know how to restore it as this was done 3 years ago.
It's a list of 34 words with odd ones such as "mazzone" and "parana".
There is another line with something to seem to be a passpharse.
I think I used www.bitaddress.org or Armory but I tried both without success. I also tried with Electrum and Mycelium without luck.
Any idea how to restore this paper wallet?
Thanks!
Update:
When I was almost giving up I googled "mnemonic wallet" and found the Understanding mnemonics and the Blockchain Wallet blog post. Followed the link recover your wallet which brought me to an "legacy wallet recovery mnemonic" recovery page. I entered the 34 words and I was able to login to blockchain.info.
Huge thanks to cantonbecker for his insight. By clarifying that it was a "mnemonic recovery seed" I was able to find the link in Google.
Lessons learned:
  1. If you use a mnemonic recovery seed write down the damn app/platform that you used.
  2. Probably it's a good idea to backup the private key instead of using a seed.
  3. Keep backups in different formats. 3 copies rule is a good rule of thumb (local copy and 2 remote).
submitted by sanbor to Bitcoin [link] [comments]

Simplex safe to use?

I am very new to Bitcoin, just set up a wallet on my desktop with armory and one on my phone with mycelium. Just started looking at options to buying coins... And it is overwhelming!
I like the idea of bitsquare.io, but have to get some coins elsewhere first. Through the mycelium app I hit the buy/sell button, then credit card, and it redirects you to simplex where you can just enter how much you want to buy. The minimum is $50, and while I definitely will buy more I wanted to make sure this was an established vendor.
submitted by vicariouscheese to BitcoinBeginners [link] [comments]

A suggestion for reducing the size of the UTXO database | Jim Phillips | May 09 2015

Jim Phillips on May 09 2015:
Forgive me if this idea has been suggested before, but I made this
suggestion on reddit and I got some feedback recommending I also bring it
to this list -- so here goes.
I wonder if there isn't perhaps a simpler way of dealing with UTXO growth.
What if, rather than deal with the issue at the protocol level, we deal
with it at the source of the problem -- the wallets. Right now, the typical
wallet selects only the minimum number of unspent outputs when building a
transaction. The goal is to keep the transaction size to a minimum so that
the fee stays low. Consequently, lots of unspent outputs just don't get
used, and are left lying around until some point in the future.
What if we started designing wallets to consolidate unspent outputs? When
selecting unspent outputs for a transaction, rather than choosing just the
minimum number from a particular address, why not select them ALL? Take all
of the UTXOs from a particular address or wallet, send however much needs
to be spent to the payee, and send the rest back to the same address or a
change address as a single output? Through this method, we should wind up
shrinking the UTXO database over time rather than growing it with each
transaction. Obviously, as Bitcoin gains wider adoption, the UTXO database
will grow, simply because there are 7 billion people in the world, and
eventually a good percentage of them will have one or more wallets with
spendable bitcoin. But this idea could limit the growth at least.
The vast majority of users are running one of a handful of different wallet
apps: Core, Electrum; Armory; Mycelium; Breadwallet; Coinbase; Circle;
Blockchain.info; and maybe a few others. The developers of all these
wallets have a vested interest in the continued usefulness of Bitcoin, and
so should not be opposed to changing their UTXO selection algorithms to one
that reduces the UTXO database instead of growing it.
From the miners perspective, even though these types of transactions would
be larger, the fee could stay low. Miners actually benefit from them in
that it reduces the amount of storage they need to dedicate to holding the
UTXO. So miners are incentivized to mine these types of transactions with a
higher priority despite a low fee.
Relays could also get in on the action and enforce this type of behavior by
refusing to relay or deprioritizing the relay of transactions that don't
use all of the available UTXOs from the addresses used as inputs. Relays
are not only the ones who benefit the most from a reduction of the UTXO
database, they're also in the best position to promote good behavior.

James G. Phillips IV
<https://plus.google.com0/113107039501292625391/posts>
*"Don't bunt. Aim out of the ball park. Aim for the company of immortals."
-- David Ogilvy*
*This message was created with 100% recycled electrons. Please think twice
before printing.*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150509/ca3f5937/attachment.html>
original: http://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-May/008045.html
submitted by bitcoin-devlist-bot to bitcoin_devlist [link] [comments]

Best online wallet

What's the best online wallet app that is secure and has a lot of functionality. I do not want a computer based app like Armory or Bitcoin core as they need to download the entire Bitcoin blockchain which fills up my hard drive. I like the idea of Blockchain as they keep your private key outside of their server. However, I have heard news about Blockchain having security and technical issues.
So which online Bitcoin wallet app is best for my application?
submitted by 12860682321 to Bitcoin [link] [comments]

[uncensored-r/Bitcoin] I'm attempting to return stolen bitcoin and warning soon to be victims

The following post by MrBeanCoin is being replicated because the post has been silently removed.
The original post can be found(in censored form) at this link:
np.reddit.com/ Bitcoin/comments/7lnsdx
The original post's content was as follows:
Hello!
My name is MrBeanCoin (Not a obvious throw away! Of course not!). I'm my professional life I am a Malware Analyst, Pen Tester, and Engineer. However when im not working my eyes have been glued to the BTC charts, kicking myself for spending my BTC back when times were rough. But enough about me, lets get to the point.
 
Since the rise in price and popularity of Crypto's, Malware Authors have been leaving Ransomware, Botnets, and Spam in droves to create very simple Bitcoin and Altcoin stealing Malware, in a attempt to make the most money quicker, and separate good people like yourself from your coins. Miners have also reached unbelievable heights (Surpassing even when BTC first came out), and they make sure not to use safe settings, and a lot have been causing hardware damage. The spike has been so large that this week, the GTX 1080 i have in my Cuckoo Server (Automated Malware Analysis Platform) burned out from the constant throttling up and down.
 
So obviously, with my job, i have been having to deal with these fuckers and their shitty coded applications a lot. Some go as far as ripping your wallets from your machine and uploading them to a C2 server, but the absolute most common way people are losing bitcoins by the THOUSANDS is by the most simplest application i have ever seen. It simply lays low on the machine, and when it detects a BTC Address on the clipboard, it replaces the address you copied, with the Malware Authors. I know, right? At first i thought it would never be effective. However, so many newcomers are coming on the scene, it is paying off big. Nearly every wallet i have seen had at least 1 Million USD in it or more..... From a damn copy and paste switch. The worst part is, most people's security protection will not help them here, because the application does not look Malicious! All it is, is 3 lines of code changing the clipboard. Whats wrong with that? Well in this case, everything is. Please Please be on the look out for these. They make me so angry.. Other common ones are applications that try to pass as a update to , Bitcoin Duplicators (Ya...), Bitcoin Accelerators (I get this one, Noobs aren't getting why the TX's are fucking around), Fake Miners (If no one has heard of it, DONT USE IT), and Fake Wallets. I can go into these later if people are interested.
 
Anyways, I was looking at a sample today, and noticed this was one of the braver ones that scoop up the whole Wallet.Dat (Or similar) file, and kick it off to their servers. It does this for nearly 25 popular clients, even one called Armory which i thought was ironic.
 
This sample is hitting people through fake ad's to update their miners when visiting Crypto Sites, and more commonly, through email they are somehow getting for many exchange users. The emails claim either that they found your wallet publicly online! And that you should verify right away that it is actually yours. Its conveniently named "Wallet.dat .exe" with the spaces allowing the exe to hide in some email clients. When downloading and running, of course, you are infected. Other emails include free books on Crypto Currency that have a surprise for you inside! And Insider Information that you could use on a up coming pump and dump!
 
I loaded it into a IDA on a VM, and noticed that it wasn't sending the wallets to a domain, but rather a IP, and not only that, but what looked like a residential ISP IP. I allowed it to send up my fake wallets so i could get the scheme of the HTTP POST, and then started investigating the server. The guy receives loads of wallets a day, but he also runs a small botnet, proxy server, and password unhashing service on the same server. What was weird is i didn't see any templates, control panels, or mail for a web hosting company, which i normally see right away. I was starting to think this guy was actually dumb enough to use some server sitting at his house for this shit.
 
On further investigation of the client code talking to the server, i noticed he had a exploitable vulnerability in the way he uploaded files to the server. This allowed me to send up a payload with my wallet that later became my backdoor and reverse shell into his server. He was running a older kernel, so i was able to also exploit my way to root, and at this point i had full control over the server.
 
After further investigation, it was clear that indeed he IS running this out of his house. I somehow got lucky and out of 350 proxy servers, i managed to hop on his main node. Which he is a idiot anyways for accepting connections from anything but his proxies on this machine, or even using a home machine! Don't worry, i will be handing the needed information over to the feds for this little prick.
 
Now to my main point. It's obvious i must stay anonymous in this whole ordeal because, even though this dude is a POS, some people still might not be okay with what i did. And i also would like to keep my job haha. But seeing as i had full access, and this guy was dealing with BTC, this was a first for me. Most take overs i have done before, never had the actual wallets on the server. I really want to warn the victims he has FRESH wallets for ( IT COULD BE YOU! ), and also attempt to recover some BTC in the criminals wallets back to some, most likely worried sick, people.
 
I'm posting this today not only for the hope that if someone did notice Malware stole their coins, they can contact me and see if we can verify it was him, BUT ALSO in hopes that maybe any of you here would have any ideas on how i could go about finding these people, and then verifying its actually their BTC? I really can't think of any sure fire way accepting hoping people contact me and can match up the exact Transaction ID, Date, and Amount that was stolen from them. Please let me know your ideas.
 
I also want to finish this with a small list of FRESH VICTIMS that will most likely be getting hit very soon if they do not make a different wallet ASAP. I have hindered his processing further, but this doesn't help for already uploaded wallets. If these machine names match yours, PLEASE MAKE A NEW WALLET RIGHT AWAY: (Format is _.dat )
   
  • BitcoinQT_PC-4A095E27CB
  • BitcoinQT_KRK8HCPUDQP-PC
  • BitcoinQT_DESKTOP-MD6CE0T
  • BitcoinQT_EEW8HH-PC
  • BitcoinQT_JCNHJN8XRO0-PC
  • BitcoinQT_L1MKEWAMYWOT-PC
  • BitcoinQT_QBEY678-PC
  • BitcoinQT_DESKTOP-AJMCAK1
  • BitcoinQT_I3HOM1VJGV2Y-PC
  • BitcoinQT_DESKTOP-GKAN490
  • BitcoinQT_SMQYPJPO-PC
   
This is just a small list i could make tonight, i will hopefully be able to recover more and get more people switched to new wallets.
Thank you for your time.
submitted by censorship_notifier to noncensored_bitcoin [link] [comments]

12-23 11:03 - 'I'm attempting to return stolen bitcoin and warning soon to be victims' (self.Bitcoin) by /u/MrBeanCoin removed from /r/Bitcoin within 89-99min

'''
Hello!
My name is MrBeanCoin (Not a obvious throw away! Of course not!). I'm my professional life I am a Malware Analyst, Pen Tester, and Engineer. However when im not working my eyes have been glued to the BTC charts, kicking myself for spending my BTC back when times were rough. But enough about me, lets get to the point.
 
Since the rise in price and popularity of Crypto's, Malware Authors have been leaving Ransomware, Botnets, and Spam in droves to create very simple Bitcoin and Altcoin stealing Malware, in a attempt to make the most money quicker, and separate good people like yourself from your coins. Miners have also reached unbelievable heights (Surpassing even when BTC first came out), and they make sure not to use safe settings, and a lot have been causing hardware damage. The spike has been so large that this week, the GTX 1080 i have in my Cuckoo Server (Automated Malware Analysis Platform) burned out from the constant throttling up and down.
 
So obviously, with my job, i have been having to deal with these fuckers and their shitty coded applications a lot. Some go as far as ripping your wallets from your machine and uploading them to a C2 server, but the absolute most common way people are losing bitcoins by the THOUSANDS is by the most simplest application i have ever seen. It simply lays low on the machine, and when it detects a BTC Address on the clipboard, it replaces the address you copied, with the Malware Authors. I know, right? At first i thought it would never be effective. However, so many newcomers are coming on the scene, it is paying off big. Nearly every wallet i have seen had at least 1 Million USD in it or more..... From a damn copy and paste switch. The worst part is, most people's security protection will not help them here, because the application does not look Malicious! All it is, is 3 lines of code changing the clipboard. Whats wrong with that? Well in this case, everything is. Please Please be on the look out for these. They make me so angry.. Other common ones are applications that try to pass as a update to , Bitcoin Duplicators (Ya...), Bitcoin Accelerators (I get this one, Noobs aren't getting why the TX's are fucking around), Fake Miners (If no one has heard of it, DONT USE IT), and Fake Wallets. I can go into these later if people are interested.
 
Anyways, I was looking at a sample today, and noticed this was one of the braver ones that scoop up the whole Wallet.Dat (Or similar) file, and kick it off to their servers. It does this for nearly 25 popular clients, even one called Armory which i thought was ironic.
 
This sample is hitting people through fake ad's to update their miners when visiting Crypto Sites, and more commonly, through email they are somehow getting for many exchange users. The emails claim either that they found your wallet publicly online! And that you should verify right away that it is actually yours. Its conveniently named "Wallet.dat .exe" with the spaces allowing the exe to hide in some email clients. When downloading and running, of course, you are infected. Other emails include free books on Crypto Currency that have a surprise for you inside! And Insider Information that you could use on a up coming pump and dump!
 
I loaded it into a IDA on a VM, and noticed that it wasn't sending the wallets to a domain, but rather a IP, and not only that, but what looked like a residential ISP IP. I allowed it to send up my fake wallets so i could get the scheme of the HTTP POST, and then started investigating the server. The guy receives loads of wallets a day, but he also runs a small botnet, proxy server, and password unhashing service on the same server. What was weird is i didn't see any templates, control panels, or mail for a web hosting company, which i normally see right away. I was starting to think this guy was actually dumb enough to use some server sitting at his house for this shit.
 
On further investigation of the client code talking to the server, i noticed he had a exploitable vulnerability in the way he uploaded files to the server. This allowed me to send up a payload with my wallet that later became my backdoor and reverse shell into his server. He was running a older kernel, so i was able to also exploit my way to root, and at this point i had full control over the server.
 
After further investigation, it was clear that indeed he IS running this out of his house. I somehow got lucky and out of 350 proxy servers, i managed to hop on his main node. Which he is a idiot anyways for accepting connections from anything but his proxies on this machine, or even using a home machine! Don't worry, i will be handing the needed information over to the feds for this little prick.
 
Now to my main point. It's obvious i must stay anonymous in this whole ordeal because, even though this dude is a POS, some people still might not be okay with what i did. And i also would like to keep my job haha. But seeing as i had full access, and this guy was dealing with BTC, this was a first for me. Most take overs i have done before, never had the actual wallets on the server. I really want to warn the victims he has FRESH wallets for ( IT COULD BE YOU! ), and also attempt to recover some BTC in the criminals wallets back to some, most likely worried sick, people.
 
I'm posting this today not only for the hope that if someone did notice Malware stole their coins, they can contact me and see if we can verify it was him, BUT ALSO in hopes that maybe any of you here would have any ideas on how i could go about finding these people, and then verifying its actually their BTC? I really can't think of any sure fire way accepting hoping people contact me and can match up the exact Transaction ID, Date, and Amount that was stolen from them. Please let me know your ideas.
 
I also want to finish this with a small list of FRESH VICTIMS that will most likely be getting hit very soon if they do not make a different wallet ASAP. I have hindered his processing further, but this doesn't help for already uploaded wallets. If these machine names match yours, PLEASE MAKE A NEW WALLET RIGHT AWAY: (Format is _.dat )
   
  • BitcoinQT_PC-4A095E27CB
  • BitcoinQT_KRK8HCPUDQP-PC
  • BitcoinQT_DESKTOP-MD6CE0T
  • BitcoinQT_EEW8HH-PC
  • BitcoinQT_JCNHJN8XRO0-PC
  • BitcoinQT_L1MKEWAMYWOT-PC
  • BitcoinQT_QBEY678-PC
  • BitcoinQT_DESKTOP-AJMCAK1
  • BitcoinQT_I3HOM1VJGV2Y-PC
  • BitcoinQT_DESKTOP-GKAN490
  • BitcoinQT_SMQYPJPO-PC
   
This is just a small list i could make tonight, i will hopefully be able to recover more and get more people switched to new wallets.
Thank you for your time.
'''
I'm attempting to return stolen bitcoin and warning soon to be victims
Go1dfish undelete link
unreddit undelete link
Author: MrBeanCoin
submitted by removalbot to removalbot [link] [comments]

Bitcoind.exe in Armory crashes

Hi All,
Running Windows 8 64-bit, Armory v0.9.32-beta-85959b20d8, Core Bitcoin v0.10.2.
Armory loads up just fine, and using Process Explorer (Sysinternals tool), I am able to see ArmoryQT.exe as the parent thread with bitcoind.exe as one child thread (which has a conhost.exe child thread) and another child thread for guardian.exe (which also has a conhost.exe child thread) This is how it looks:
Now, as soon as I load Armory, the wallet consistency check passes and then it's stuck in "Initializing Bitcoin Engine" with no progress at all (just the rotating grey/green wheel) - then about 15 minutes later, I'll notice that the bitcoind.exe process and its child disappear. Guardian.exe is still running though.
Now, when I disabled Armory from controlling bitcoin, I can load Bitcoin-Qt.exe no problems, it syncs with the blockchain no issues, and Armory will phase in and out of being connected. Which is totally weird....like the rpc connection somehow gets lost and reconnects at random times. But, even when Armory shows it's connected, and Bitcoin-Qt.exe shows that's it's fully synced with the blockchain, it doesn't update any transaction info in Armory at all. Now, I can see in the blockchain that my last few transactions already have 38 confirmations, but Armory still shows that there are 0 confirmations and that the transaction hasn't hit the blockchain yet. Obviously this isn't true.
So, I turn to y'all for some help and guidance....I've scoured their forums, and I've tried all the suggestions, so I'm turning now to the trusted reddit community for some insight and help.
Any ideas?! I mean, I could probably just backup my wallet, uninstall both armory and bitcoin, then do a clean install, then wait a month for the blockchain to sync, but I'd prefer to have to avoid this if that's AT ALL possible.
Also, not sure if this is relevant, but even though the blockchain is synced, shortly before bitcoind.exe goes out of commission (only when run through Armory, bitcoin never crashes when loaded separately) the cpu % for that process spikes to about 45-70% for a few minutes, which sounds like it's processing headers and what not, and then just poops out.
I have a quad-core AMD A6-3600 - not the BEST but not the worst either....
Ok, help....please....
EDIT: formatting
submitted by shayaknyc to Bitcoin [link] [comments]

How can I export encrypted private keys from my cold wallet that are easy to import?

I set up a cold wallet using the reference client on an offline machine. All of the sites I read recommended simply backing up the encrypted wallet.dat file, which I did. I did a test run with 0.01 BTC and tried to recover it and it was a nightmare.
I have to do crazy things to restore using the bitcoin-qt or bitcoind client (i.e. move my old wallet.dat, then copy that one over and re-index, which on my old laptop takes literally days).
I then tried using pywallet with the correct passphrase. It dumps a thousand lines of crap along with some "Wallet data not recognized:" errors, and I assumed it wasn't working. I opened it in an editor and cut all the error lines out, and finally got it to import into blockchain.info that way, but it had 300 addresses, even though only 1 was ever used. I suppose this was my fault, I had no idea the default wallet.dat would contain so many addresses (this was all from the offline wallet that I never made a single transaction from).
What I need is something my mom can do. I'm looking for something like the encrypted backup from blockchain.info which is simple ascii text with a password. My goal is to stick this on a usb drive along with a note explaining what to do and put it in a safe deposit box. It needs to be simple enough for my mom to access if something were to happen to me (she's reasonably computer literate, but isn't going to be going and digging around moving hidden files from place to place on her computer). I'd also like the key to be encrypted so that I can make a few copies of the USB key and leave them various places. In the safe deposit box I'll also include a scrap of paper with the password, but otherwise I'll just remember the password so I can recover the coins myself in case the offline computer I'm using craps out.
Any suggestions? Sorry for the semi-rant. I really wouldn't consider myself a beginner, this is just the kind of absurdly difficult thing that scares people away. I suppose I could have used armory or something like that, but I want to understand what I'm doing and not trust any app provided by a company to do my backups.
submitted by bradfordmaster to BitcoinBeginners [link] [comments]

Noob's Guide To Bitcoin Mining - Super Easy & Simple - YouTube SimpleFxOnline Trade Ideas - YouTube MIT Bitcoin Expo 2014 Earn Free Bitcoin And Cryptocurrency Watching Videos! (Free BTC) How Does Bitcoin Work? - YouTube

please help, I transferred bitcoin from another wallet on Paxful to my wallet on Armory, however the BTC never arrived in my Armory wallet. It was confirmed to be sent by Paxful. In the bottom right corner of Armory it does say "offline". I have internet connection, any ideas? Thanks. Armory Bitcoin Wallet Review - Play Game Earn Bitcoin Armory Bitcoin Wallet Review Bitcoin Miner Model S9 Bitcoin Casino 2017 Usa Digital money that’s instant, private, and free from bank fees. Download our official wallet app and start using Bitcoin today. Read news, start mining, and buy BTC or BCH. Ares Armor, home of the 80 percent lower receiver. Here you will find products to legally make your own weapon; whether it be an billet, forged, polymer80 lower. An 80% AR-15, 80% AR-10, or 80% 1911. Innovative deployment gear, custom nylon, kydex and combat armor. Contact us with any questions. Made in America. Speaking as another wallet developer, this comes as very sad news. I've always respected Armory as an industrial strength solution for large scale enterprises to rely on for their Bitcoin needs. To Alan, and your team, I'd like to say thank you for all that you've done within the Bitcoin space. You have been a beacon and for the moment that ...

[index] [33115] [8108] [42351] [32873] [41310] [26628] [51410] [50056] [21209] [42705]

Noob's Guide To Bitcoin Mining - Super Easy & Simple - YouTube

How to double your stimulus check by investing it with these top 3 investments My Stock Portfolio: https://www.patreon.com/andreijikh Get 1 Free Stock on... How to Buy & Sell Bitcoin with Cash App Get Cash App: http://cash.me/app/LWJTDBF (Use this link and we both get $5 free cash) Cash App by Square is a top app... Thanks to Away for sponsoring this video! Go to https://www.awaytravel.com/techquickie and use promo code techquickie to get $20 off your next order! Bitcoin... MIT Bitcoin Expo was held on May 3rd, 2014, with speakers from the Bitcoin Foundation, Circle Internet Financial, Armory Technologies, and more. See more at ... I made an app and some python scripts that allow one to use Armory offline without moving transaction content back and forth with USB keys. This makes it so you can have an offline wallet in ...

#