How to Hack someones Bitcoin Wallet or Private keys – Coinjija

Technical: Taproot: Why Activate?

This is a follow-up on https://old.reddit.com/Bitcoin/comments/hqzp14/technical_the_path_to_taproot_activation/
Taproot! Everybody wants it!! But... you might ask yourself: sure, everybody else wants it, but why would I, sovereign Bitcoin HODLer, want it? Surely I can be better than everybody else because I swapped XXX fiat for Bitcoin unlike all those nocoiners?
And it is important for you to know the reasons why you, o sovereign Bitcoiner, would want Taproot activated. After all, your nodes (or the nodes your wallets use, which if you are SPV, you hopefully can pester to your wallet vendoimplementor about) need to be upgraded in order for Taproot activation to actually succeed instead of becoming a hot sticky mess.
First, let's consider some principles of Bitcoin.
I'm sure most of us here would agree that the above are very important principles of Bitcoin and that these are principles we would not be willing to remove. If anything, we would want those principles strengthened (especially the last one, financial privacy, which current Bitcoin is only sporadically strong with: you can get privacy, it just requires effort to do so).
So, how does Taproot affect those principles?

Taproot and Your /Coins

Most HODLers probably HODL their coins in singlesig addresses. Sadly, switching to Taproot would do very little for you (it gives a mild discount at spend time, at the cost of a mild increase in fee at receive time (paid by whoever sends to you, so if it's a self-send from a P2PKH or bech32 address, you pay for this); mostly a wash).
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash, so the Taproot output spends 12 bytes more; spending from a P2WPKH requires revealing a 32-byte public key later, which is not needed with Taproot, and Taproot signatures are about 9 bytes smaller than P2WPKH signatures, but the 32 bytes plus 9 bytes is divided by 4 because of the witness discount, so it saves about 11 bytes; mostly a wash, it increases blockweight by about 1 virtual byte, 4 weight for each Taproot-output-input, compared to P2WPKH-output-input).
However, as your HODLings grow in value, you might start wondering if multisignature k-of-n setups might be better for the security of your savings. And it is in multisignature that Taproot starts to give benefits!
Taproot switches to using Schnorr signing scheme. Schnorr makes key aggregation -- constructing a single public key from multiple public keys -- almost as trivial as adding numbers together. "Almost" because it involves some fairly advanced math instead of simple boring number adding, but hey when was the last time you added up your grocery list prices by hand huh?
With current P2SH and P2WSH multisignature schemes, if you have a 2-of-3 setup, then to spend, you need to provide two different signatures from two different public keys. With Taproot, you can create, using special moon math, a single public key that represents your 2-of-3 setup. Then you just put two of your devices together, have them communicate to each other (this can be done airgapped, in theory, by sending QR codes: the software to do this is not even being built yet, but that's because Taproot hasn't activated yet!), and they will make a single signature to authorize any spend from your 2-of-3 address. That's 73 witness bytes -- 18.25 virtual bytes -- of signatures you save!
And if you decide that your current setup with 1-of-1 P2PKH / P2WPKH addresses is just fine as-is: well, that's the whole point of a softfork: backwards-compatibility; you can receive from Taproot users just fine, and once your wallet is updated for Taproot-sending support, you can send to Taproot users just fine as well!
(P2WPKH and P2WSH -- SegWit v0 -- addresses start with bc1q; Taproot -- SegWit v1 --- addresses start with bc1p, in case you wanted to know the difference; in bech32 q is 0, p is 1)
Now how about HODLers who keep all, or some, of their coins on custodial services? Well, any custodial service worth its salt would be doing at least 2-of-3, or probably something even bigger, like 11-of-15. So your custodial service, if it switched to using Taproot internally, could save a lot more (imagine an 11-of-15 getting reduced from 11 signatures to just 1!), which --- we can only hope! --- should translate to lower fees and better customer service from your custodial service!
So I think we can say, very accurately, that the Bitcoin principle --- that YOU are in control of your money --- can only be helped by Taproot (if you are doing multisignature), and, because P2PKH and P2WPKH remain validly-usable addresses in a Taproot future, will not be harmed by Taproot. Its benefit to this principle might be small (it mostly only benefits multisignature users) but since it has no drawbacks with this (i.e. singlesig users can continue to use P2WPKH and P2PKH still) this is still a nice, tidy win!
(even singlesig users get a minor benefit, in that multisig users will now reduce their blockchain space footprint, so that fees can be kept low for everybody; so for example even if you have your single set of private keys engraved on titanium plates sealed in an airtight box stored in a safe buried in a desert protected by angry nomads riding giant sandworms because you're the frickin' Kwisatz Haderach, you still gain some benefit from Taproot)
And here's the important part: if P2PKH/P2WPKH is working perfectly fine with you and you decide to never use Taproot yourself, Taproot will not affect you detrimentally. First do no harm!

Taproot and Your Contracts

No one is an island, no one lives alone. Give and you shall receive. You know: by trading with other people, you can gain expertise in some obscure little necessity of the world (and greatly increase your productivity in that little field), and then trade the products of your expertise for necessities other people have created, all of you thereby gaining gains from trade.
So, contracts, which are basically enforceable agreements that facilitate trading with people who you do not personally know and therefore might not trust.
Let's start with a simple example. You want to buy some gewgaws from somebody. But you don't know them personally. The seller wants the money, you want their gewgaws, but because of the lack of trust (you don't know them!! what if they're scammers??) neither of you can benefit from gains from trade.
However, suppose both of you know of some entity that both of you trust. That entity can act as a trusted escrow. The entity provides you security: this enables the trade, allowing both of you to get gains from trade.
In Bitcoin-land, this can be implemented as a 2-of-3 multisignature. The three signatories in the multisgnature would be you, the gewgaw seller, and the escrow. You put the payment for the gewgaws into this 2-of-3 multisignature address.
Now, suppose it turns out neither of you are scammers (whaaaat!). You receive the gewgaws just fine and you're willing to pay up for them. Then you and the gewgaw seller just sign a transaction --- you and the gewgaw seller are 2, sufficient to trigger the 2-of-3 --- that spends from the 2-of-3 address to a singlesig the gewgaw seller wants (or whatever address the gewgaw seller wants).
But suppose some problem arises. The seller gave you gawgews instead of gewgaws. Or you decided to keep the gewgaws but not sign the transaction to release the funds to the seller. In either case, the escrow is notified, and if it can sign with you to refund the funds back to you (if the seller was a scammer) or it can sign with the seller to forward the funds to the seller (if you were a scammer).
Taproot helps with this: like mentioned above, it allows multisignature setups to produce only one signature, reducing blockchain space usage, and thus making contracts --- which require multiple people, by definition, you don't make contracts with yourself --- is made cheaper (which we hope enables more of these setups to happen for more gains from trade for everyone, also, moon and lambos).
(technology-wise, it's easier to make an n-of-n than a k-of-n, making a k-of-n would require a complex setup involving a long ritual with many communication rounds between the n participants, but an n-of-n can be done trivially with some moon math. You can, however, make what is effectively a 2-of-3 by using a three-branch SCRIPT: either 2-of-2 of you and seller, OR 2-of-2 of you and escrow, OR 2-of-2 of escrow and seller. Fortunately, Taproot adds a facility to embed a SCRIPT inside a public key, so you can have a 2-of-2 Taprooted address (between you and seller) with a SCRIPT branch that can instead be spent with 2-of-2 (you + escrow) OR 2-of-2 (seller + escrow), which implements the three-branched SCRIPT above. If neither of you are scammers (hopefully the common case) then you both sign using your keys and never have to contact the escrow, since you are just using the escrow public key without coordinating with them (because n-of-n is trivial but k-of-n requires setup with communication rounds), so in the "best case" where both of you are honest traders, you also get a privacy boost, in that the escrow never learns you have been trading on gewgaws, I mean ewww, gawgews are much better than gewgaws and therefore I now judge you for being a gewgaw enthusiast, you filthy gewgawer).

Taproot and Your Contracts, Part 2: Cryptographic Boogaloo

Now suppose you want to buy some data instead of things. For example, maybe you have some closed-source software in trial mode installed, and want to pay the developer for the full version. You want to pay for an activation code.
This can be done, today, by using an HTLC. The developer tells you the hash of the activation code. You pay to an HTLC, paying out to the developer if it reveals the preimage (the activation code), or refunding the money back to you after a pre-agreed timeout. If the developer claims the funds, it has to reveal the preimage, which is the activation code, and you can now activate your software. If the developer does not claim the funds by the timeout, you get refunded.
And you can do that, with HTLCs, today.
Of course, HTLCs do have problems:
Fortunately, with Schnorr (which is enabled by Taproot), we can now use the Scriptless Script constuction by Andrew Poelstra. This Scriptless Script allows a new construction, the PTLC or Pointlocked Timelocked Contract. Instead of hashes and preimages, just replace "hash" with "point" and "preimage" with "scalar".
Or as you might know them: "point" is really "public key" and "scalar" is really a "private key". What a PTLC does is that, given a particular public key, the pointlocked branch can be spent only if the spender reveals the private key of the given public key to you.
Another nice thing with PTLCs is that they are deniable. What appears onchain is just a single 2-of-2 signature between you and the developemanufacturer. It's like a magic trick. This signature has no special watermarks, it's a perfectly normal signature (the pledge). However, from this signature, plus some datta given to you by the developemanufacturer (known as the adaptor signature) you can derive the private key of a particular public key you both agree on (the turn). Anyone scraping the blockchain will just see signatures that look just like every other signature, and as long as nobody manages to hack you and get a copy of the adaptor signature or the private key, they cannot get the private key behind the public key (point) that the pointlocked branch needs (the prestige).
(Just to be clear, the public key you are getting the private key from, is distinct from the public key that the developemanufacturer will use for its funds. The activation key is different from the developer's onchain Bitcoin key, and it is the activation key whose private key you will be learning, not the developer's/manufacturer's onchain Bitcoin key).
So:
Taproot lets PTLCs exist onchain because they enable Schnorr, which is a requirement of PTLCs / Scriptless Script.
(technology-wise, take note that Scriptless Script works only for the "pointlocked" branch of the contract; you need normal Script, or a pre-signed nLockTimed transaction, for the "timelocked" branch. Since Taproot can embed a script, you can have the Taproot pubkey be a 2-of-2 to implement the Scriptless Script "pointlocked" branch, then have a hidden script that lets you recover the funds with an OP_CHECKLOCKTIMEVERIFY after the timeout if the seller does not claim the funds.)

Quantum Quibbles!

Now if you were really paying attention, you might have noticed this parenthetical:
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash...)
So wait, Taproot uses raw 32-byte public keys, and not public key hashes? Isn't that more quantum-vulnerable??
Well, in theory yes. In practice, they probably are not.
It's not that hashes can be broken by quantum computes --- they're still not. Instead, you have to look at how you spend from a P2WPKH/P2PKH pay-to-public-key-hash.
When you spend from a P2PKH / P2WPKH, you have to reveal the public key. Then Bitcoin hashes it and checks if this matches with the public-key-hash, and only then actually validates the signature for that public key.
So an unconfirmed transaction, floating in the mempools of nodes globally, will show, in plain sight for everyone to see, your public key.
(public keys should be public, that's why they're called public keys, LOL)
And if quantum computers are fast enough to be of concern, then they are probably fast enough that, in the several minutes to several hours from broadcast to confirmation, they have already cracked the public key that is openly broadcast with your transaction. The owner of the quantum computer can now replace your unconfirmed transaction with one that pays the funds to itself. Even if you did not opt-in RBF, miners are still incentivized to support RBF on RBF-disabled transactions.
So the extra hash is not as significant a protection against quantum computers as you might think. Instead, the extra hash-and-compare needed is just extra validation effort.
Further, if you have ever, in the past, spent from the address, then there exists already a transaction indelibly stored on the blockchain, openly displaying the public key from which quantum computers can derive the private key. So those are still vulnerable to quantum computers.
For the most part, the cryptographers behind Taproot (and Bitcoin Core) are of the opinion that quantum computers capable of cracking Bitcoin pubkeys are unlikely to appear within a decade or two.
So:
For now, the homomorphic and linear properties of elliptic curve cryptography provide a lot of benefits --- particularly the linearity property is what enables Scriptless Script and simple multisignature (i.e. multisignatures that are just 1 signature onchain). So it might be a good idea to take advantage of them now while we are still fairly safe against quantum computers. It seems likely that quantum-safe signature schemes are nonlinear (thus losing these advantages).

Summary

I Wanna Be The Taprooter!

So, do you want to help activate Taproot? Here's what you, mister sovereign Bitcoin HODLer, can do!

But I Hate Taproot!!

That's fine!

Discussions About Taproot Activation

submitted by almkglor to Bitcoin [link] [comments]

The next XVG? Microcap 100x potential actually supported by fundamentals!

What’s up team? I have a hot one for you. XVG returned 12 million percent in 2017 and this one reminds me a lot of it. Here’s why:
Mimblewimble is like Blu-Ray compared to CD-ROM in terms of its ability to compress data on a blockchain. The current BTC chain is 277gb and its capacity is limited because every time you spend a coin, each node needs to validate its history back to when it was mined (this is how double spending is prevented). Mimblewimble is different - all transactions in a block are aggregated and netted out in one giant CoinJoin, and only the current spending needs to be verified. This means that dramatically more transactions can fit into a smaller space, increasing throughput and lowering fees while still retaining the full proof of work game theory of Bitcoin. These blockchains are small enough to run a full node on a cheap smartphone, which enhances the decentralization and censorship resistance of the network.
The biggest benefit, though, is that all transactions are private - the blockchain doesn’t reveal amounts or addresses except to the actual wallet owner. Unlike earlier decoy-based approaches that bloat the chain and can still be data mined (XMR), Mimblewimble leaves no trace in the blockchain, instead storing only the present state of coin ownership.
The first two Mimblewimble coins, Grin and Beam, launched to great fanfare in 2019, quickly reaching over $100m in market cap (since settled down to $22m and $26m respectively). They are good projects but grin has infinite supply and huge never-decreasing emission, and Beam is a corporate moneygrab whose founding investors are counting on you buying for their ROI.
ZEC is valued at $568m today, despite the facts that only 1% of transactions are actually shielded, it has a trusted setup, and generating a confidential transaction takes ~60 seconds on a powerful PC. XMR is a great project but it’s valued at $1.2b (so no 100x) and it uses CryptoNote, which is 2014 tech that relies on a decoy-based approach that could be vulnerable to more powerful computers in the future. Mimblewimble is just a better way to approach privacy because there is simply no data recorded in the blockchain for companies to surveil.
Privacy is not just for darknet markets, porn, money launderers and terrorists. In many countries it’s dangerous to be wealthy, and there are all kinds of problems with having your spending data be out there publicly and permanently for all to see. Namely, companies like Amazon are patenting approaches to identify people with their crypto addresses, “for law enforcement” but also so that, just like credit cards, your spending data can be used to target ads. (A) Coinbase is selling user data to the DEA, IRS, FBI, Secret Service, and who knows who else? (B) What about insurance companies raising your premiums or canceling your policy because they see you buying (legal) cannabis? If your business operates using transparent cryptocurrency, competitors can data mine your customer and supply chain data, and employees can see how much everyone else gets paid. I could go on, but the idea of “I have nothing to hide, so what do I care about privacy?” will increasingly ring hollow as people realize that this money printing will have to be paid by massive tax increases AND that those taxes will be directly debited from their “Central Bank Digital Currency” wallets.
100% privacy for all transactions also eliminates one HUGE problem that people aren’t aware of yet, but they will be: fungibility. Fungibility means that each coin is indistinguishable from any other, just like paper cash. Why is this important? Because of the ever-expanding reach of AML/KYC/KYT (Anti-Money Laundering / Know Your Customer / Know Your Transaction) as regulators cramp down on crypto and banks take over, increasingly coins become “tainted” in various ways. For example, if you withdraw coins to a mixing service like Wasabi or Samourai, you may find your account blocked. (C) The next obvious step is that if you receive coins that these chainalysis services don’t like for whatever reason, you will be completely innocent yet forced to prove that you didn’t know that the coins you bought were up to no good in a past life. 3 days ago, $100k of USDC was frozen. (D) Even smaller coins like LTC now have this problem, because “Chinese Drug Kingpins” used them. (E) I believe that censorable money that can be blocked/frozen isn’t really “your money”.
Epic Cash is a 100% volunteer community project (like XVG and XMR) that had a fair launch in September last year with no ICO and no premine. There are very few projects like this, and it’s a key ingredient in Verge’s success (still at $110m market cap today despite being down 97% since the bubble peak) and why it’s still around. It has a small but super passionate community of “Freemen” who are united by a belief in the sound money economics of Bitcoin Standard emission (21m supply limit and ever-decreasing inflation) and the importance of privacy.
I am super bullish on this coin for the following reasons:
Because it doesn’t have a huge marketing budget in a sea of VC-funded shitcoins, it is as-yet undiscovered, which is why it’s so cheap. There are only 4 Mimblewimble-based currencies on the market: MWC at $162m, BEAM at $26m, GRIN at $22m, and EPIC at $0.4m. This is not financial advice and as always, do your own research, but I’ve been buying this gem for months and will continue to.
This one ticks all the boxes for me, the only real problem is that it’s hard to buy much without causing a huge green candle. Alt season is coming, and coins like this are how your neighbor Chad got his Lambo back in 2017. For 2021, McLaren is a better choice and be sure to pay cash so that it doesn’t get repossessed like Chad!
  1. A https://www.vice.com/en_us/article/d35eax/amazon-bitcoin-patent-data-stream-identify-cryptocurrency-for-law-enforcement-government
  2. B https://decrypt.co/31461/coinbase-wants-to-identify-bitcoin-users-for-dea-irs
  3. C https://www.coindesk.com/binance-blockade-of-wasabi-wallet-could-point-to-a-crypto-crack-up
  4. D https://cointelegraph.com/news/centre-freezes-ethereum-address-holding-100k-usdc
  5. E https://www.coindesk.com/us-treasury-blacklists-bitcoin-litecoin-addresses-of-chinese-drug-kingpins
  6. F https://www.youtube.com/channel/UCWkTxl5Z6DNN0ASMRxSKV5g
  7. G http://epic.tech/whitepaper
  8. H https://medium.com/epic-cash/epic-cash-on-uniswap-22447904d375
  9. I https://epic.tech/wp-content/uploads/2019/09/figure-3.1.jpg
Links:
submitted by pinchegringo to CryptoMoonShots [link] [comments]

[ Bitcoin ] Technical: Taproot: Why Activate?

Topic originally posted in Bitcoin by almkglor [link]
This is a follow-up on https://old.reddit.com/Bitcoin/comments/hqzp14/technical_the_path_to_taproot_activation/
Taproot! Everybody wants it!! But... you might ask yourself: sure, everybody else wants it, but why would I, sovereign Bitcoin HODLer, want it? Surely I can be better than everybody else because I swapped XXX fiat for Bitcoin unlike all those nocoiners?
And it is important for you to know the reasons why you, o sovereign Bitcoiner, would want Taproot activated. After all, your nodes (or the nodes your wallets use, which if you are SPV, you hopefully can pester to your wallet vendoimplementor about) need to be upgraded in order for Taproot activation to actually succeed instead of becoming a hot sticky mess.
First, let's consider some principles of Bitcoin.
I'm sure most of us here would agree that the above are very important principles of Bitcoin and that these are principles we would not be willing to remove. If anything, we would want those principles strengthened (especially the last one, financial privacy, which current Bitcoin is only sporadically strong with: you can get privacy, it just requires effort to do so).
So, how does Taproot affect those principles?

Taproot and Your /Coins

Most HODLers probably HODL their coins in singlesig addresses. Sadly, switching to Taproot would do very little for you (it gives a mild discount at spend time, at the cost of a mild increase in fee at receive time (paid by whoever sends to you, so if it's a self-send from a P2PKH or bech32 address, you pay for this); mostly a wash).
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash, so the Taproot output spends 12 bytes more; spending from a P2WPKH requires revealing a 32-byte public key later, which is not needed with Taproot, and Taproot signatures are about 9 bytes smaller than P2WPKH signatures, but the 32 bytes plus 9 bytes is divided by 4 because of the witness discount, so it saves about 11 bytes; mostly a wash, it increases blockweight by about 1 virtual byte, 4 weight for each Taproot-output-input, compared to P2WPKH-output-input).
However, as your HODLings grow in value, you might start wondering if multisignature k-of-n setups might be better for the security of your savings. And it is in multisignature that Taproot starts to give benefits!
Taproot switches to using Schnorr signing scheme. Schnorr makes key aggregation -- constructing a single public key from multiple public keys -- almost as trivial as adding numbers together. "Almost" because it involves some fairly advanced math instead of simple boring number adding, but hey when was the last time you added up your grocery list prices by hand huh?
With current P2SH and P2WSH multisignature schemes, if you have a 2-of-3 setup, then to spend, you need to provide two different signatures from two different public keys. With Taproot, you can create, using special moon math, a single public key that represents your 2-of-3 setup. Then you just put two of your devices together, have them communicate to each other (this can be done airgapped, in theory, by sending QR codes: the software to do this is not even being built yet, but that's because Taproot hasn't activated yet!), and they will make a single signature to authorize any spend from your 2-of-3 address. That's 73 witness bytes -- 18.25 virtual bytes -- of signatures you save!
And if you decide that your current setup with 1-of-1 P2PKH / P2WPKH addresses is just fine as-is: well, that's the whole point of a softfork: backwards-compatibility; you can receive from Taproot users just fine, and once your wallet is updated for Taproot-sending support, you can send to Taproot users just fine as well!
(P2WPKH and P2WSH -- SegWit v0 -- addresses start with bc1q; Taproot -- SegWit v1 --- addresses start with bc1p, in case you wanted to know the difference; in bech32 q is 0, p is 1)
Now how about HODLers who keep all, or some, of their coins on custodial services? Well, any custodial service worth its salt would be doing at least 2-of-3, or probably something even bigger, like 11-of-15. So your custodial service, if it switched to using Taproot internally, could save a lot more (imagine an 11-of-15 getting reduced from 11 signatures to just 1!), which --- we can only hope! --- should translate to lower fees and better customer service from your custodial service!
So I think we can say, very accurately, that the Bitcoin principle --- that YOU are in control of your money --- can only be helped by Taproot (if you are doing multisignature), and, because P2PKH and P2WPKH remain validly-usable addresses in a Taproot future, will not be harmed by Taproot. Its benefit to this principle might be small (it mostly only benefits multisignature users) but since it has no drawbacks with this (i.e. singlesig users can continue to use P2WPKH and P2PKH still) this is still a nice, tidy win!
(even singlesig users get a minor benefit, in that multisig users will now reduce their blockchain space footprint, so that fees can be kept low for everybody; so for example even if you have your single set of private keys engraved on titanium plates sealed in an airtight box stored in a safe buried in a desert protected by angry nomads riding giant sandworms because you're the frickin' Kwisatz Haderach, you still gain some benefit from Taproot)
And here's the important part: if P2PKH/P2WPKH is working perfectly fine with you and you decide to never use Taproot yourself, Taproot will not affect you detrimentally. First do no harm!

Taproot and Your Contracts

No one is an island, no one lives alone. Give and you shall receive. You know: by trading with other people, you can gain expertise in some obscure little necessity of the world (and greatly increase your productivity in that little field), and then trade the products of your expertise for necessities other people have created, all of you thereby gaining gains from trade.
So, contracts, which are basically enforceable agreements that facilitate trading with people who you do not personally know and therefore might not trust.
Let's start with a simple example. You want to buy some gewgaws from somebody. But you don't know them personally. The seller wants the money, you want their gewgaws, but because of the lack of trust (you don't know them!! what if they're scammers??) neither of you can benefit from gains from trade.
However, suppose both of you know of some entity that both of you trust. That entity can act as a trusted escrow. The entity provides you security: this enables the trade, allowing both of you to get gains from trade.
In Bitcoin-land, this can be implemented as a 2-of-3 multisignature. The three signatories in the multisgnature would be you, the gewgaw seller, and the escrow. You put the payment for the gewgaws into this 2-of-3 multisignature address.
Now, suppose it turns out neither of you are scammers (whaaaat!). You receive the gewgaws just fine and you're willing to pay up for them. Then you and the gewgaw seller just sign a transaction --- you and the gewgaw seller are 2, sufficient to trigger the 2-of-3 --- that spends from the 2-of-3 address to a singlesig the gewgaw seller wants (or whatever address the gewgaw seller wants).
But suppose some problem arises. The seller gave you gawgews instead of gewgaws. Or you decided to keep the gewgaws but not sign the transaction to release the funds to the seller. In either case, the escrow is notified, and if it can sign with you to refund the funds back to you (if the seller was a scammer) or it can sign with the seller to forward the funds to the seller (if you were a scammer).
Taproot helps with this: like mentioned above, it allows multisignature setups to produce only one signature, reducing blockchain space usage, and thus making contracts --- which require multiple people, by definition, you don't make contracts with yourself --- is made cheaper (which we hope enables more of these setups to happen for more gains from trade for everyone, also, moon and lambos).
(technology-wise, it's easier to make an n-of-n than a k-of-n, making a k-of-n would require a complex setup involving a long ritual with many communication rounds between the n participants, but an n-of-n can be done trivially with some moon math. You can, however, make what is effectively a 2-of-3 by using a three-branch SCRIPT: either 2-of-2 of you and seller, OR 2-of-2 of you and escrow, OR 2-of-2 of escrow and seller. Fortunately, Taproot adds a facility to embed a SCRIPT inside a public key, so you can have a 2-of-2 Taprooted address (between you and seller) with a SCRIPT branch that can instead be spent with 2-of-2 (you + escrow) OR 2-of-2 (seller + escrow), which implements the three-branched SCRIPT above. If neither of you are scammers (hopefully the common case) then you both sign using your keys and never have to contact the escrow, since you are just using the escrow public key without coordinating with them (because n-of-n is trivial but k-of-n requires setup with communication rounds), so in the "best case" where both of you are honest traders, you also get a privacy boost, in that the escrow never learns you have been trading on gewgaws, I mean ewww, gawgews are much better than gewgaws and therefore I now judge you for being a gewgaw enthusiast, you filthy gewgawer).

Taproot and Your Contracts, Part 2: Cryptographic Boogaloo

Now suppose you want to buy some data instead of things. For example, maybe you have some closed-source software in trial mode installed, and want to pay the developer for the full version. You want to pay for an activation code.
This can be done, today, by using an HTLC. The developer tells you the hash of the activation code. You pay to an HTLC, paying out to the developer if it reveals the preimage (the activation code), or refunding the money back to you after a pre-agreed timeout. If the developer claims the funds, it has to reveal the preimage, which is the activation code, and you can now activate your software. If the developer does not claim the funds by the timeout, you get refunded.
And you can do that, with HTLCs, today.
Of course, HTLCs do have problems:
Fortunately, with Schnorr (which is enabled by Taproot), we can now use the Scriptless Script constuction by Andrew Poelstra. This Scriptless Script allows a new construction, the PTLC or Pointlocked Timelocked Contract. Instead of hashes and preimages, just replace "hash" with "point" and "preimage" with "scalar".
Or as you might know them: "point" is really "public key" and "scalar" is really a "private key". What a PTLC does is that, given a particular public key, the pointlocked branch can be spent only if the spender reveals the private key of the given private key to you.
Another nice thing with PTLCs is that they are deniable. What appears onchain is just a single 2-of-2 signature between you and the developemanufacturer. It's like a magic trick. This signature has no special watermarks, it's a perfectly normal signature (the pledge). However, from this signature, plus some datta given to you by the developemanufacturer (known as the adaptor signature) you can derive the private key of a particular public key you both agree on (the turn). Anyone scraping the blockchain will just see signatures that look just like every other signature, and as long as nobody manages to hack you and get a copy of the adaptor signature or the private key, they cannot get the private key behind the public key (point) that the pointlocked branch needs (the prestige).
(Just to be clear, the public key you are getting the private key from, is distinct from the public key that the developemanufacturer will use for its funds. The activation key is different from the developer's onchain Bitcoin key, and it is the activation key whose private key you will be learning, not the developer's/manufacturer's onchain Bitcoin key).
So:
Taproot lets PTLCs exist onchain because they enable Schnorr, which is a requirement of PTLCs / Scriptless Script.
(technology-wise, take note that Scriptless Script works only for the "pointlocked" branch of the contract; you need normal Script, or a pre-signed nLockTimed transaction, for the "timelocked" branch. Since Taproot can embed a script, you can have the Taproot pubkey be a 2-of-2 to implement the Scriptless Script "pointlocked" branch, then have a hidden script that lets you recover the funds with an OP_CHECKLOCKTIMEVERIFY after the timeout if the seller does not claim the funds.)

Quantum Quibbles!

Now if you were really paying attention, you might have noticed this parenthetical:
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash...)
So wait, Taproot uses raw 32-byte public keys, and not public key hashes? Isn't that more quantum-vulnerable??
Well, in theory yes. In practice, they probably are not.
It's not that hashes can be broken by quantum computes --- they're still not. Instead, you have to look at how you spend from a P2WPKH/P2PKH pay-to-public-key-hash.
When you spend from a P2PKH / P2WPKH, you have to reveal the public key. Then Bitcoin hashes it and checks if this matches with the public-key-hash, and only then actually validates the signature for that public key.
So an unconfirmed transaction, floating in the mempools of nodes globally, will show, in plain sight for everyone to see, your public key.
(public keys should be public, that's why they're called public keys, LOL)
And if quantum computers are fast enough to be of concern, then they are probably fast enough that, in the several minutes to several hours from broadcast to confirmation, they have already cracked the public key that is openly broadcast with your transaction. The owner of the quantum computer can now replace your unconfirmed transaction with one that pays the funds to itself. Even if you did not opt-in RBF, miners are still incentivized to support RBF on RBF-disabled transactions.
So the extra hash is not as significant a protection against quantum computers as you might think. Instead, the extra hash-and-compare needed is just extra validation effort.
Further, if you have ever, in the past, spent from the address, then there exists already a transaction indelibly stored on the blockchain, openly displaying the public key from which quantum computers can derive the private key. So those are still vulnerable to quantum computers.
For the most part, the cryptographers behind Taproot (and Bitcoin Core) are of the opinion that quantum computers capable of cracking Bitcoin pubkeys are unlikely to appear within a decade or two.
So:
For now, the homomorphic and linear properties of elliptic curve cryptography provide a lot of benefits --- particularly the linearity property is what enables Scriptless Script and simple multisignature (i.e. multisignatures that are just 1 signature onchain). So it might be a good idea to take advantage of them now while we are still fairly safe against quantum computers. It seems likely that quantum-safe signature schemes are nonlinear (thus losing these advantages).

Summary

I Wanna Be The Taprooter!

So, do you want to help activate Taproot? Here's what you, mister sovereign Bitcoin HODLer, can do!

But I Hate Taproot!!

That's fine!

Discussions About Taproot Activation

almkglor your post has been copied because one or more comments in this topic have been removed. This copy will preserve unmoderated topic. If you would like to opt-out, please send a message using [this link].
[deleted comment]
[deleted comment]
[deleted comment]
submitted by anticensor_bot to u/anticensor_bot [link] [comments]

If You're Missing $132,0000 in Bitcoins Please Contact Us

If You're Missing $132,0000 in Bitcoins Please Contact Us submitted by BobsBurgers3Bitcoin to btc [link] [comments]

If free tools aren’t working for you, Talk To Assistant Directly【+1(855) 266-9652】 Poloniex is a US-based digital asset exchange


If free tools aren’t working for you, Talk To Assistant Directly【+1(855) 266-9652】
Poloniex Support Number

Poloniex is a US-based digital asset exchange. It headquarters located in Wilmington, DE, USA. It offering a maximum security and advanced trading features. Trade securely on the world’s most active digital asset exchange. The vast majority of customer deposits are stored offline in air-gapped cold storage. Poloniex only keeps enough online to facilitate active trading. Poloniex greatly minimizes risk and exposure.

Features of Poloniex

Anonymous Accounts
Various payment options
Supports over 90 digital currencies
Low deposit fees
Some common problems of Poloniex, we fix-

Withdrawal confirmation failed
Withdrawal is Awaiting Approval
Unable to deposit the coins.
Unable to setup Two-Factor Authentication.
Coin withdrawal error.
Problem in sign up and create a Poloniex account.
Unable to retrieve the Poloniex account password.
Unable to deposit and withdraw digital currencies.
I lost access to my Two-Factor Authentication device
Two-factor authentication isn’t working.
Unable to restore authenticator app from a 16 digit key backup.
Bitcoins sending issues.
Bitcoins receiving issues.
User blocked issue.
Account hacked problem.
Haven’t received a Withdrawal Confirmation email.
Identity verification for Poloniex registration problem
Wallet balance doesn’t show.
Pros and Cons of Poloniex


Pros

Offers a high-volume margin trading and lending service for major crypto assets.
Supports over 90 popular digital currencies. This is arguably the highest number in the industry.
Provides extremely detailed charts and efficient data-analysis tools.
World’s largest Ethereum exchange by average volume in 2017.
Stop-limit orders to reduce risk.
Its services are accessible from anywhere on the globe.
Charges low deposit and withdrawal fees compared to other exchanges.
Cons

No advanced order types.
Does not accept fiat currency
Customer service leaves a lot to be desired.
Website loads slowly, compared to other cryptocurrency exchange sites.
Was hacked in 2014. However, the exchange fully refunded the affected users.
Requires users to create accounts and verify their identity for high-volume activity.
Private key management is centralized, exposing funds to custodial risks.
Poloniex doesn’t have a technical support number. You can search your problems or issues to their help forum and community sites. You can get an instant customer support by calling customer service phone number USA + UK + HereToHelp for Poloniex. A phone number system with less hold time in comparison to other phone numbers, call us now for live support from your computer.

Technology Is A Hard Nut To Crack- Better Call Us!
submitted by SharpDetail7 to u/SharpDetail7 [link] [comments]

Poloniex Customer Support Number --------*-/-*, Talk To Assistant Directly【+1(855) 266-9652】


If free tools aren’t working for you, Talk To Assistant Directly【+1(855) 266-9652】


Poloniex is a US-based digital asset exchange. It headquarters located in Wilmington, DE, USA. It offering a maximum security and advanced trading features. Trade securely on the world’s most active digital asset exchange. The vast majority of customer deposits are stored offline in air-gapped cold storage. Poloniex only keeps enough online to facilitate active trading. Poloniex greatly minimizes risk and exposure.

Features of Poloniex

Anonymous Accounts
Various payment options
Supports over 90 digital currencies
Low deposit fees
Some common problems of Poloniex, we fix-

Withdrawal confirmation failed
Withdrawal is Awaiting Approval
Unable to deposit the coins.
Unable to setup Two-Factor Authentication.
Coin withdrawal error.
Problem in sign up and create a Poloniex account.
Unable to retrieve the Poloniex account password.
Unable to deposit and withdraw digital currencies.
I lost access to my Two-Factor Authentication device
Two-factor authentication isn’t working.
Unable to restore authenticator app from a 16 digit key backup.
Bitcoins sending issues.
Bitcoins receiving issues.
User blocked issue.
Account hacked problem.
Haven’t received a Withdrawal Confirmation email.
Identity verification for Poloniex registration problem
Wallet balance doesn’t show.
Pros and Cons of Poloniex


Pros

Offers a high-volume margin trading and lending service for major crypto assets.
Supports over 90 popular digital currencies. This is arguably the highest number in the industry.
Provides extremely detailed charts and efficient data-analysis tools.
World’s largest Ethereum exchange by average volume in 2017.
Stop-limit orders to reduce risk.
Its services are accessible from anywhere on the globe.
Charges low deposit and withdrawal fees compared to other exchanges.
Cons

No advanced order types.
Does not accept fiat currency
Customer service leaves a lot to be desired.
Website loads slowly, compared to other cryptocurrency exchange sites.
Was hacked in 2014. However, the exchange fully refunded the affected users.
Requires users to create accounts and verify their identity for high-volume activity.
Private key management is centralized, exposing funds to custodial risks.
Poloniex doesn’t have a technical support number. You can search your problems or issues to their help forum and community sites. You can get an instant customer support by calling customer service phone number USA + UK + HereToHelp for Poloniex. A phone number system with less hold time in comparison to other phone numbers, call us now for live support from your computer.

Technology Is A Hard Nut To Crack- Better Call Us!
submitted by GlumNewspaper6 to u/GlumNewspaper6 [link] [comments]

Poloniex Customer Support Number - Talk To Assistant Directly【+1(855) 266-9652】


If free tools aren’t working for you, Talk To Assistant Directly【+1(855) 266-9652】


Poloniex is a US-based digital asset exchange. It headquarters located in Wilmington, DE, USA. It offering a maximum security and advanced trading features. Trade securely on the world’s most active digital asset exchange. The vast majority of customer deposits are stored offline in air-gapped cold storage. Poloniex only keeps enough online to facilitate active trading. Poloniex greatly minimizes risk and exposure.

Features of Poloniex

Anonymous Accounts
Various payment options
Supports over 90 digital currencies
Low deposit fees
Some common problems of Poloniex, we fix-

Withdrawal confirmation failed
Withdrawal is Awaiting Approval
Unable to deposit the coins.
Unable to setup Two-Factor Authentication.
Coin withdrawal error.
Problem in sign up and create a Poloniex account.
Unable to retrieve the Poloniex account password.
Unable to deposit and withdraw digital currencies.
I lost access to my Two-Factor Authentication device
Two-factor authentication isn’t working.
Unable to restore authenticator app from a 16 digit key backup.
Bitcoins sending issues.
Bitcoins receiving issues.
User blocked issue.
Account hacked problem.
Haven’t received a Withdrawal Confirmation email.
Identity verification for Poloniex registration problem
Wallet balance doesn’t show.
Pros and Cons of Poloniex


Pros

Offers a high-volume margin trading and lending service for major crypto assets.
Supports over 90 popular digital currencies. This is arguably the highest number in the industry.
Provides extremely detailed charts and efficient data-analysis tools.
World’s largest Ethereum exchange by average volume in 2017.
Stop-limit orders to reduce risk.
Its services are accessible from anywhere on the globe.
Charges low deposit and withdrawal fees compared to other exchanges.
Cons

No advanced order types.
Does not accept fiat currency
Customer service leaves a lot to be desired.
Website loads slowly, compared to other cryptocurrency exchange sites.
Was hacked in 2014. However, the exchange fully refunded the affected users.
Requires users to create accounts and verify their identity for high-volume activity.
Private key management is centralized, exposing funds to custodial risks.
Poloniex doesn’t have a technical support number. You can search your problems or issues to their help forum and community sites. You can get an instant customer support by calling customer service phone number USA + UK + HereToHelp for Poloniex. A phone number system with less hold time in comparison to other phone numbers, call us now for live support from your computer.

Technology Is A Hard Nut To Crack- Better Call Us!
submitted by Guilty_Aardvark to u/Guilty_Aardvark [link] [comments]

Poloniex Customer Support Number Talk To Assistant Directly【+1(855) 266-9652 】


Poloniex
If free tools aren’t working for you, Talk To Assistant Directly【+1(855) 266-9652 】
Description
Poloniex Customer Support Number Talk To Assistant Directly【+1(855) 266-9652 】

Poloniex is a US-based digital asset exchange. It headquarters located in Wilmington, DE, USA. It offering a maximum security and advanced trading features. Trade securely on the world’s most active digital asset exchange. The vast majority of customer deposits are stored offline in air-gapped cold storage. Poloniex only keeps enough online to facilitate active trading. Poloniex greatly minimizes risk and exposure.

Features of Poloniex

Anonymous Accounts
Various payment options
Supports over 90 digital currencies
Low deposit fees
Some common problems of Poloniex, we fix-

Withdrawal confirmation failed
Withdrawal is Awaiting Approval
Unable to deposit the coins.
Unable to setup Two-Factor Authentication.
Coin withdrawal error.
Problem in sign up and create a Poloniex account.
Unable to retrieve the Poloniex account password.
Unable to deposit and withdraw digital currencies.
I lost access to my Two-Factor Authentication device
Two-factor authentication isn’t working.
Unable to restore authenticator app from a 16 digit key backup.
Bitcoins sending issues.
Bitcoins receiving issues.
User blocked issue.
Account hacked problem.
Haven’t received a Withdrawal Confirmation email.
Identity verification for Poloniex registration problem
Wallet balance doesn’t show.
Pros and Cons of Poloniex


Pros

Offers a high-volume margin trading and lending service for major crypto assets.
Supports over 90 popular digital currencies. This is arguably the highest number in the industry.
Provides extremely detailed charts and efficient data-analysis tools.
World’s largest Ethereum exchange by average volume in 2017.
Stop-limit orders to reduce risk.
Its services are accessible from anywhere on the globe.
Charges low deposit and withdrawal fees compared to other exchanges.
Cons

No advanced order types.
Does not accept fiat currency
Customer service leaves a lot to be desired.
Website loads slowly, compared to other cryptocurrency exchange sites.
Was hacked in 2014. However, the exchange fully refunded the affected users.
Requires users to create accounts and verify their identity for high-volume activity.
Private key management is centralized, exposing funds to custodial risks.
Poloniex doesn’t have a technical support number. You can search your problems or issues to their help forum and community sites. You can get an instant customer support by calling customer service phone number USA + UK + HereToHelp for Poloniex. A phone number system with less hold time in comparison to other phone numbers, call us now for live support from your computer.

Technology Is A Hard Nut To Crack- Better Call Us!
submitted by EfficientPhotograph5 to u/EfficientPhotograph5 [link] [comments]

Poloniex is a US-based digital asset exchange. Poloniex only keeps enough online to facilitate active trading. Poloniex greatly minimizes risk and exposure.


If free tools aren’t working for you, Talk To Assistant Directly【+1(855) 266-9652】


Poloniex is a US-based digital asset exchange. It headquarters located in Wilmington, DE, USA. It offering a maximum security and advanced trading features. Trade securely on the world’s most active digital asset exchange. The vast majority of customer deposits are stored offline in air-gapped cold storage. Poloniex only keeps enough online to facilitate active trading. Poloniex greatly minimizes risk and exposure.

Features of Poloniex

Anonymous Accounts
Various payment options
Supports over 90 digital currencies
Low deposit fees
Some common problems of Poloniex, we fix-

Withdrawal confirmation failed
Withdrawal is Awaiting Approval
Unable to deposit the coins.
Unable to setup Two-Factor Authentication.
Coin withdrawal error.
Problem in sign up and create a Poloniex account.
Unable to retrieve the Poloniex account password.
Unable to deposit and withdraw digital currencies.
I lost access to my Two-Factor Authentication device
Two-factor authentication isn’t working.
Unable to restore authenticator app from a 16 digit key backup.
Bitcoins sending issues.
Bitcoins receiving issues.
User blocked issue.
Account hacked problem.
Haven’t received a Withdrawal Confirmation email.
Identity verification for Poloniex registration problem
Wallet balance doesn’t show.
Pros and Cons of Poloniex


Pros

Offers a high-volume margin trading and lending service for major crypto assets.
Supports over 90 popular digital currencies. This is arguably the highest number in the industry.
Provides extremely detailed charts and efficient data-analysis tools.
World’s largest Ethereum exchange by average volume in 2017.
Stop-limit orders to reduce risk.
Its services are accessible from anywhere on the globe.
Charges low deposit and withdrawal fees compared to other exchanges.
Cons

No advanced order types.
Does not accept fiat currency
Customer service leaves a lot to be desired.
Website loads slowly, compared to other cryptocurrency exchange sites.
Was hacked in 2014. However, the exchange fully refunded the affected users.
Requires users to create accounts and verify their identity for high-volume activity.
Private key management is centralized, exposing funds to custodial risks.
Poloniex doesn’t have a technical support number. You can search your problems or issues to their help forum and community sites. You can get an instant customer support by calling customer service phone number USA + UK + HereToHelp for Poloniex. A phone number system with less hold time in comparison to other phone numbers, call us now for live support from your computer.

Technology Is A Hard Nut To Crack- Better Call Us!
submitted by SubjectRelationship5 to u/SubjectRelationship5 [link] [comments]

Poloniex Support Phone Number 【+1(855) 266-9652 】-----^^&^&^&^__)_)_


Poloniex
If free tools aren’t working for you, Talk To Assistant Directly【+1(855) 266-9652 】
Description
Poloniex Customer Support Number Talk To Assistant Directly【+1(855) 266-9652 】

Poloniex is a US-based digital asset exchange. It headquarters located in Wilmington, DE, USA. It offering a maximum security and advanced trading features. Trade securely on the world’s most active digital asset exchange. The vast majority of customer deposits are stored offline in air-gapped cold storage. Poloniex only keeps enough online to facilitate active trading. Poloniex greatly minimizes risk and exposure.

Features of Poloniex

Anonymous Accounts
Various payment options
Supports over 90 digital currencies
Low deposit fees
Some common problems of Poloniex, we fix-

Withdrawal confirmation failed
Withdrawal is Awaiting Approval
Unable to deposit the coins.
Unable to setup Two-Factor Authentication.
Coin withdrawal error.
Problem in sign up and create a Poloniex account.
Unable to retrieve the Poloniex account password.
Unable to deposit and withdraw digital currencies.
I lost access to my Two-Factor Authentication device
Two-factor authentication isn’t working.
Unable to restore authenticator app from a 16 digit key backup.
Bitcoins sending issues.
Bitcoins receiving issues.
User blocked issue.
Account hacked problem.
Haven’t received a Withdrawal Confirmation email.
Identity verification for Poloniex registration problem
Wallet balance doesn’t show.
Pros and Cons of Poloniex


Pros

Offers a high-volume margin trading and lending service for major crypto assets.
Supports over 90 popular digital currencies. This is arguably the highest number in the industry.
Provides extremely detailed charts and efficient data-analysis tools.
World’s largest Ethereum exchange by average volume in 2017.
Stop-limit orders to reduce risk.
Its services are accessible from anywhere on the globe.
Charges low deposit and withdrawal fees compared to other exchanges.
Cons

No advanced order types.
Does not accept fiat currency
Customer service leaves a lot to be desired.
Website loads slowly, compared to other cryptocurrency exchange sites.
Was hacked in 2014. However, the exchange fully refunded the affected users.
Requires users to create accounts and verify their identity for high-volume activity.
Private key management is centralized, exposing funds to custodial risks.
Poloniex doesn’t have a technical support number. You can search your problems or issues to their help forum and community sites. You can get an instant customer support by calling customer service phone number USA + UK + HereToHelp for Poloniex. A phone number system with less hold time in comparison to other phone numbers, call us now for live support from your computer.

Technology Is A Hard Nut To Crack- Better Call Us!
submitted by Even-Initiative to u/Even-Initiative [link] [comments]

Poloniex Customer Support Number Talk To Assistant Directly【+1(855) 266-9652 】Poloniex is a US-based digital asset exchange. It headquarters located in Wilmington, DE, USA.


Poloniex
If free tools aren’t working for you, Talk To Assistant Directly【+1(855) 266-9652 】
Description
Poloniex Customer Support Number Talk To Assistant Directly【+1(855) 266-9652 】

Poloniex is a US-based digital asset exchange. It headquarters located in Wilmington, DE, USA. It offering a maximum security and advanced trading features. Trade securely on the world’s most active digital asset exchange. The vast majority of customer deposits are stored offline in air-gapped cold storage. Poloniex only keeps enough online to facilitate active trading. Poloniex greatly minimizes risk and exposure.

Features of Poloniex

Anonymous Accounts
Various payment options
Supports over 90 digital currencies
Low deposit fees
Some common problems of Poloniex, we fix-

Withdrawal confirmation failed
Withdrawal is Awaiting Approval
Unable to deposit the coins.
Unable to setup Two-Factor Authentication.
Coin withdrawal error.
Problem in sign up and create a Poloniex account.
Unable to retrieve the Poloniex account password.
Unable to deposit and withdraw digital currencies.
I lost access to my Two-Factor Authentication device
Two-factor authentication isn’t working.
Unable to restore authenticator app from a 16 digit key backup.
Bitcoins sending issues.
Bitcoins receiving issues.
User blocked issue.
Account hacked problem.
Haven’t received a Withdrawal Confirmation email.
Identity verification for Poloniex registration problem
Wallet balance doesn’t show.
Pros and Cons of Poloniex


Pros

Offers a high-volume margin trading and lending service for major crypto assets.
Supports over 90 popular digital currencies. This is arguably the highest number in the industry.
Provides extremely detailed charts and efficient data-analysis tools.
World’s largest Ethereum exchange by average volume in 2017.
Stop-limit orders to reduce risk.
Its services are accessible from anywhere on the globe.
Charges low deposit and withdrawal fees compared to other exchanges.
Cons

No advanced order types.
Does not accept fiat currency
Customer service leaves a lot to be desired.
Website loads slowly, compared to other cryptocurrency exchange sites.
Was hacked in 2014. However, the exchange fully refunded the affected users.
Requires users to create accounts and verify their identity for high-volume activity.
Private key management is centralized, exposing funds to custodial risks.
Poloniex doesn’t have a technical support number. You can search your problems or issues to their help forum and community sites. You can get an instant customer support by calling customer service phone number USA + UK + HereToHelp for Poloniex. A phone number system with less hold time in comparison to other phone numbers, call us now for live support from your computer.

Technology Is A Hard Nut To Crack- Better Call Us!
submitted by ThinBeginning to u/ThinBeginning [link] [comments]

Poloniex If free tools aren’t working for you, Talk To Assistant Directly【+1(855) 266-9652 】 Description Poloniex Customer Support Number Talk To Assistant Directly【+1(855) 266-9652 】


Poloniex
If free tools aren’t working for you, Talk To Assistant Directly【+1(855) 266-9652 】
Description
Poloniex Customer Support Number Talk To Assistant Directly【+1(855) 266-9652 】

Poloniex is a US-based digital asset exchange. It headquarters located in Wilmington, DE, USA. It offering a maximum security and advanced trading features. Trade securely on the world’s most active digital asset exchange. The vast majority of customer deposits are stored offline in air-gapped cold storage. Poloniex only keeps enough online to facilitate active trading. Poloniex greatly minimizes risk and exposure.

Features of Poloniex

Anonymous Accounts
Various payment options
Supports over 90 digital currencies
Low deposit fees
Some common problems of Poloniex, we fix-

Withdrawal confirmation failed
Withdrawal is Awaiting Approval
Unable to deposit the coins.
Unable to setup Two-Factor Authentication.
Coin withdrawal error.
Problem in sign up and create a Poloniex account.
Unable to retrieve the Poloniex account password.
Unable to deposit and withdraw digital currencies.
I lost access to my Two-Factor Authentication device
Two-factor authentication isn’t working.
Unable to restore authenticator app from a 16 digit key backup.
Bitcoins sending issues.
Bitcoins receiving issues.
User blocked issue.
Account hacked problem.
Haven’t received a Withdrawal Confirmation email.
Identity verification for Poloniex registration problem
Wallet balance doesn’t show.
Pros and Cons of Poloniex


Pros

Offers a high-volume margin trading and lending service for major crypto assets.
Supports over 90 popular digital currencies. This is arguably the highest number in the industry.
Provides extremely detailed charts and efficient data-analysis tools.
World’s largest Ethereum exchange by average volume in 2017.
Stop-limit orders to reduce risk.
Its services are accessible from anywhere on the globe.
Charges low deposit and withdrawal fees compared to other exchanges.
Cons

No advanced order types.
Does not accept fiat currency
Customer service leaves a lot to be desired.
Website loads slowly, compared to other cryptocurrency exchange sites.
Was hacked in 2014. However, the exchange fully refunded the affected users.
Requires users to create accounts and verify their identity for high-volume activity.
Private key management is centralized, exposing funds to custodial risks.
Poloniex doesn’t have a technical support number. You can search your problems or issues to their help forum and community sites. You can get an instant customer support by calling customer service phone number USA + UK + HereToHelp for Poloniex. A phone number system with less hold time in comparison to other phone numbers, call us now for live support from your computer.

Technology Is A Hard Nut To Crack- Better Call Us!
submitted by coinbasesupportnsd to u/coinbasesupportnsd [link] [comments]

poloniex Customer Support Number --------【+1(855) 266-9652 】 -----&^^&6


Poloniex
If free tools aren’t working for you, Talk To Assistant Directly【+1(855) 266-9652 】
Description
Poloniex Customer Support Number Talk To Assistant Directly【+1(855) 266-9652 】

Poloniex is a US-based digital asset exchange. It headquarters located in Wilmington, DE, USA. It offering a maximum security and advanced trading features. Trade securely on the world’s most active digital asset exchange. The vast majority of customer deposits are stored offline in air-gapped cold storage. Poloniex only keeps enough online to facilitate active trading. Poloniex greatly minimizes risk and exposure.

Features of Poloniex

Anonymous Accounts
Various payment options
Supports over 90 digital currencies
Low deposit fees
Some common problems of Poloniex, we fix-

Withdrawal confirmation failed
Withdrawal is Awaiting Approval
Unable to deposit the coins.
Unable to setup Two-Factor Authentication.
Coin withdrawal error.
Problem in sign up and create a Poloniex account.
Unable to retrieve the Poloniex account password.
Unable to deposit and withdraw digital currencies.
I lost access to my Two-Factor Authentication device
Two-factor authentication isn’t working.
Unable to restore authenticator app from a 16 digit key backup.
Bitcoins sending issues.
Bitcoins receiving issues.
User blocked issue.
Account hacked problem.
Haven’t received a Withdrawal Confirmation email.
Identity verification for Poloniex registration problem
Wallet balance doesn’t show.
Pros and Cons of Poloniex


Pros

Offers a high-volume margin trading and lending service for major crypto assets.
Supports over 90 popular digital currencies. This is arguably the highest number in the industry.
Provides extremely detailed charts and efficient data-analysis tools.
World’s largest Ethereum exchange by average volume in 2017.
Stop-limit orders to reduce risk.
Its services are accessible from anywhere on the globe.
Charges low deposit and withdrawal fees compared to other exchanges.
Cons

No advanced order types.
Does not accept fiat currency
Customer service leaves a lot to be desired.
Website loads slowly, compared to other cryptocurrency exchange sites.
Was hacked in 2014. However, the exchange fully refunded the affected users.
Requires users to create accounts and verify their identity for high-volume activity.
Private key management is centralized, exposing funds to custodial risks.
Poloniex doesn’t have a technical support number. You can search your problems or issues to their help forum and community sites. You can get an instant customer support by calling customer service phone number USA + UK + HereToHelp for Poloniex. A phone number system with less hold time in comparison to other phone numbers, call us now for live support from your computer.

Technology Is A Hard Nut To Crack- Better Call Us!
submitted by supportnumberw to u/supportnumberw [link] [comments]

A Hefty Apology..

First, I'd like to apologies for how long this is going to be, but I believe context is everything.
I'd like to apologize to the Nano community. Since before the re brand I've always cracked jokes about the project, primarily because I can't stand moonbois.. but I digress.
I guess you could say I was early on the Bitcoin chain. I was blown away by the white paper and mined coins before ASICs we're even a discussion. Never got rid of them or anything, just thought it was an amazing concept to me since I had been repeatedly jacked around by a few banks. However, as a recurring theme life happened and I fell out of it completely. A few years went by when someone brought it up to me and when I asked how much it was worth, I almost had a heart attack. Probably shouldn't have spilled beer on the laptop holding my address and key. It didn't even cross my mind when I threw it out..
So I was back, other projects were on the come up and I took interest. Thought they were great, still do.. But I couldn't wrap my head around a lot of it. I'm familiar with code like I am around the block of an engine, but I'm not a mechanic. I couldn't fathom having to use a calculator to figure out how much gas I needed to send 100 coins of X. Thought I did it right and boom... Dust. The rage. Made some good strides and learned from previous mistakes, but I was still somewhat upset with decisions made within these projects. Who would think that was okay? Life happened again and I dropped out for quite awhile again to return back to a colleague at work mentioning BTC at around 9K. I quietly (I don't mention to many people about how involved I've been) checked out my addresses and was blown away. So I was back.
Yeah I made gains (lost a lot too), but I was already well on my way in life and career and didn't need the rocket in some dream of a lambo (Masi's are better). I just wanted all of this to work. Again, it seemed like it was too hard to do anything, move things around... Dust here, dust there.. None the less, I learned more. Taught myself some code just so I could understand the githubs.. No desire to code, just wanted to learn. The dream I saw a few years ago was growing and I felt optimistic. Stuck around for a long run and then life happened again.
Came back at probably the best time in late summer 2017. You want to talk about diversification... I just (today) burned a stack of papers with private keys written down to projects I forgot even existed. The mayhem! Anyway, won some lost some yeah yeah everyone has those stories....
I was still frustrated because that image I had in my head when I was a bit younger was not really fulfilled. Man, these moonbois, let me tell you. At the time and shortly after cracking jokes and having fun was basically my MO (I'm very sarcastic, still am). But yet again, life happened and I let everything just sit where the chips were.. With the exception of those burned out GPUs and the S9's. They went into the trash.
Life gave me a nice little easy path more recently and I've been poking my head around again. The moonboi epidemic is definitely at an ATH. But where the hell was this image I had years back and now and why did it seem like it died? Too many scams? Too many hacks? Too much smoke and mirrors? The founding idea is/was so perfect?
But I wanted that image. The past couple weeks I've been being my sarcastic ass and ripping a bit on Nano. I saw an actual well thought out post on Reddit and thought “Alright, that's pretty well said. Let me hear this out.” So I took a look. Thought it was better put together than other projects so I lurked around.
Today in the daily general I asked for a laymen's approach. I didn't need it, but I wanted to see what would be thrown at me. I was impressed. I saw on another thread about Natrium and a faucet... DAMN, that was fast. Alright I thought, let's dabble. So I did what I always do.. Took a little BTC to the exchange, picked up some nano, set up the ledger and mobile app and tested some stuff out.
Do you know the feeling after everything I just said to send 10 Nano from the exchange (including fee) to a mobile wallet, to the ledger, back to the mobile wallet and then back to the exchange and in the end... still have 10 Nano? In under less than I don't even know.. as fast as I could copy and paste it?!
I called for my wife took her phone and sent myself 10 Nano back and forth. Man am I an asshole. I'm not “In” so to speak, because honestly, at this point. I don't care about prices. I just want to use the shit. Life happens, I want to be able to continue down life and use this shit. The last time I actually used BTC for anything was in 2014.
BTC is digital gold for me.. Yeah, Yeah, Yeah... Sounds like some WSJ headline, I know. But it's been a good hedge against inflation for what's it worth. But during that second to last time I was back.. the Tx fees were unbelievable. Store of value, all the way, buying a snickers bar? No thanks mate.
I'm actually late to meet a friend at the bar for our weekly pint, was gonna just send this, but he's a moonboi. One sec. Lol --- 45 min later --- Alright, at the pub. Got him to download Natrium. We're now gonna just buy eac hother drinks for the next few hours.
I have some questions regarding decentralization.. bottle necking, spam transactions, but I can ask them in discord I guess. My only fear is that this could be replicated by Chase/BofA etc, but then again, I kind of left them years ago for a reason.
I'm sorry, okay. I'm sorry I was a sarcastic asshole. This is by far the closest thing I've wanted in a very long time. Send 1 Nano.. Get 1 Nano. Who would have thought. I'm going back to darts, but before I go...
- Can someone send me something on how to set up a node? Walk through maybe?
- Mods should pin this. I don't care about worthless internet points. Truth is I'm on my 9th or 10th Reddit account. So, I'll retire this one as soon as I hit send. But I think there is a valuable lesson from my time in this crazy town.
I'm not getting rid of my BTC and “going all in for the moonbois”. But I'll definitely be using my Nano. Whenever or wherever I can.
Thank you.
submitted by zBeale to nanocurrency [link] [comments]

A friendly reminder about where crypto is going next...

As everyone can hopefully plainly see by now, the groundwork is currently being laid for institutional money to finally enter the crypto market.
I’m not talking about big money individuals or private investors or the like; I’m talking about banks, large corporations/companies, and BIG funds (like pension funds and such).
You see, BIG money like that didn’t have a legitimate way to enter the market. Sure dark pools and buying OTC was possible, but these ways weren’t established enough for BIG institutional money to jump in yet.
Not only that, but BIG money needs to make sure the lifeguards (the SEC and other major govts) are going to let everyone swim and have fun for a bit.
And they will, as evidenced by all the big moves that are happening (Gemini’s exchange patent, Coinbase institutional investing, Kraken registering with the SEC, Goldman Sachs entering into crypto, yadda yadda yadda). These things wouldn’t be happening if those players didn’t already know what the lifeguards will say (and have already started hinting at).
So here’s what’s going to happen: BIG money is going to get in, the price is going to jump from that. The plebs will then FOMO in/back in causing the price to rise more. Then banks and more big funds are going to start offering the average joe the chance to invest in in crypto through them so they don’t have to use an app or manage any keys or worry about any of that “tech stuff” like storing keys and what not.
And that’s going to kick the price up even more.
You see gents, $8400 seems like a lot for one bitcoin, but in reality, when you factor in what is going to happen when BIG money pours in and sparks the next bull run, $8400 ain’t nuffin.
Why do you think all these big names keep throwing out ridiculously high predictions for what bitcoin can reach? $50k, $100k, $1mil...
It’s not just because they want to create hype. It’s because if you know how to do the math, those numbers are not only completely realistic but likely.
Finally, you need to understand this: there won’t be any specific events or news or partnerships that spark the next bull run (I’m looking at you, consensus mongerers). The next bull run is going to happen when you least expect it, when everything is quiet, when everyone thinks nothing is going on...THAT is when you’ll see the price start to rise.
And you’ll be waiting for it to come down and correct, but it won’t....and before you know it, it’s going to take everyone by storm, the likes of which they would have never imagined. It’ll be one which comes out of nowhere and swallows up everyone’s bearish predictions and spits them out all mangled and chewed up. It’s coming....slowly but surely, there’s a good storm coming.
So kick back, relax, crack open a brewski, and build your portfolios while the price is still ripe gents, because when you least expect it, shits gonna get real. And if you’re prepared for it, you’re going to get richer than you ever thought.
submitted by jp4ragon to CryptoCurrency [link] [comments]

For all the hate on Bitcoin surrounding exchange hacks. Let's add this for a little perspective on how secure banks really are. This should not be allowed to happen.

For all the hate on Bitcoin surrounding exchange hacks. Let's add this for a little perspective on how secure banks really are. This should not be allowed to happen. submitted by N0TaDoctor to Bitcoin [link] [comments]

The best Tezos Wallets

The best Tezos Wallets
Tezos is a decentralized blockchain that simplifies formal verification, a method that mathematically proves the accuracy of the code controlling transactions. The Tezos blockchain has its own cryptocurrency called Tezos (XTZ), a cryptocurrency with two main functions – a self-administration system and the ability to form launch contracts using its own programming language – Michelson.
If you decide to convert your fiat savings into Tezos or exchange other cryptocurrencies for XTZ, you may have to make a choice among reliable wallets for this. In this article we will look into the best Tezos Wallets so that can help you understand them better.

Hardware Wallets

Hardware wallets are not liable to spam, viruses, phishing attacks, or malicious of the system. Moreover, they provide a high degree of protection to the private keys. Below is the list of hardware wallets that can be used for XTZ.
https://preview.redd.it/j79t9vbgeth31.jpg?width=800&format=pjpg&auto=webp&s=d828387479fc4a2efed4fc857eb9bdf03f9878e9
  • Ledger Nano S
Nano S is a hard wallet from the product line of Ledger, a French manufacturer company. As all other Ledger products, Nano S traditionally looks like a USB flash drive. But this time, you will need to use the USB cable that comes with the wallet to connect to a computer. Ledger Nano S has a chip that is similar with chips on bank cards or biometric passports. Your private key is stored in an isolated environment and is effectively protected. Ledger Nano S also has a screen on it where you can see each transaction made. In case you lose your Nano S wallet, the account can be easily restored on any other Ledger device. Ledger Nano S supports over 20 cryptocurrencies including Tezos (XTZ).
  • Trezor Model T
Trezor T is the flagship model from the well-known Czech manufacturer SatoshiLabs. Model T has a color Touch-Screen display, an SD port and a quantity of supported coins – XTZ is among those coins. When Trezor T is not connected to the computer, it turns off and disconnects from the Internet. Thus, user funds are stored on the device beyond the reach of attackers. Trezor hardware case is ultrasonically soldered, making it difficult to be restored after being damaged.

Web Wallets

Web wallets can be a simple way to get started investing in cryptocurrency. All web wallets can be used right from a browser without the need of downloading software. Beyond that, many of web wallets offer free mobile apps.
  • TezBox Wallet
TezBox was the first GUI released for Tezos. The wallet was developed by the Tezos community and released during the ICO period. TezBox is available for web, desktop and mobile wallets with its user-friendly interface. Users may be assured that all private keys will be stored on their devices safely due to the secured wallet interface. TexBox is the first wallet integrated with hardware wallets Trezor and Ledger Nano S that gives it the increased security.

https://preview.redd.it/zmnx9fwpeth31.png?width=1696&format=png&auto=webp&s=d926f570fb736dd6fcd338fae270cdcfebad9654
  • Guarda Wallet
Guarda Wallet is available as a Web, Mobile and Desktop Wallet and a Chrome extension. It supports more than 40 coins and 10,000 tokens as well as XTZ. The web wallet enables to access cryptocurrency from any modern browser, the website itself looks presentable and made convenient to use. Using the mobile wallet, you can create a new wallet or import an existing one. Besides the common functions such as storage, deposit/withdrawal of cryptocurrency, users can instantly buy the exact amount of cryptocurrency using a bank card or exchange coins and tokens.
  • Magnum Wallet
While Magnum is a multi-asset wallet, one of the best known assets it supports is Tezos (XTZ). Being a light wallet, you do not need to download the full blockchain of any of the cryptocurrencies it works with. The wallet does not keep users’ personal information. As Magnum is a web wallet, it has the extra benefit of being available for nearly any platform, easy of access from any kind of device with an internet browser. Magnum wallet also supports Ledger devices so those can be easily linked to the app.

Mobile Wallets

Mobile wallets are used on your smartphone via an app. Similar to Apple or Google Pay, you can use mobile wallets when shopping in physical shops as cryptocurrencies become more popular and acceptable. Mobile wallets may be safer compared to online wallets and also be easy to use on the go.
  • Trust Wallet
Trust is a wallet for tokens of ERC20 standard, tooled for mobile devices. It offers simple installation and affordable feature set, that does not require additional user skills and abilities. Trust Wallet and Binance are working on new features, including market monitoring, user networks, test networks, and deep integration with the Binance infrastructure. Trust Wallet already supports Tezos as well as other digital currencies.
https://preview.redd.it/ckrma5aueth31.png?width=1400&format=png&auto=webp&s=f37213bf83c82028b97837545536c353664a8368
  • AirGap Wallet
AirGap is a wallet, that allows you to keep your cryptocurrency securely on your mobile. AirGap is a system with two device access: you can use your old mobile device as a hardware wallet using the AirGap Vault app to keep the private key there; while your working smartphone will have the wallet itself. The connection occurs with QR codes, this ensures a genuine one-way communication between AirGap Wallet and AirGap Vault. This implies that no private information ever leaves the air-gapped old phone. Besides Tezos, AirGap supports diverse amount of cryptocurrencies.
  • Tezos.Blue Wallet
In spite of being a lightweight wallet, Tezos.Blue does not scant on security or its features. It is an original app and that is why it gets strong protection straight from the operating system. Using the Tezos.Blue you will have actual updates from the network for a truly live operational comfort. Tezos.Blue is also available in a desktop version. Tezos.Blue is also available in a desktop version.

Desktop Wallets

Desktop wallet can be downloaded and installed on a computer. Desktop wallets may be safer if your computer is not, or more preferably, has never used the Internet connection. Desktop Wallets are perfect for storing large amounts of crypto that you don’t want to use on an everyday basis.
  • Atomic Wallet
Atomic is a convenient, easy to use and safe cryptocurrency wallet, that receives the preferences of many users around the world. It is a decentralized multicurrency wallet that is known in the crypto community for supporting more than 500 cryptocurrencies including Tezos. The primary goal of Atomic Wallet is not just to store cryptocurrency, but also to create a strong ecosystem with many functions.

https://preview.redd.it/apv4gpe0fth31.png?width=1686&format=png&auto=webp&s=dc5602c0eda220594b427c0b42923b8bacd727ae
  • Atomix HD Tezos Wallet
HD wallets (hierarchical deterministic wallet) are the wallets that use a single 12 or 18-word mnemonic phrase that is used to identify following addresses and private keys in a wallet software. Atomix is HD wallet that supports Tezos, it merges benefits of decentralized and centralized exchanges. With Atomix, all private keys are kept encoded on the computer. No identity verification or registration is required to use the wallet.
  • Simplestaking
Simplestaking is Tezos focused wallet being a web app and desktop app with support for hardware wallet Trezor Model T. The wallet is developed using NgRx state management and Angular framework.
  • Galleon Tezos Wallet (Tezori)
Galleon is a smart open source wallet for XTZ that supports both hardware and software wallets on Windows, Linux and Mac. It was developed by Cryptonomic and funded by the Tezos Foundation.
  • Tezos CLI Wallet
The Tezos CLI wallet can be used by those users who have some coding understanding while it requires the use of command lines. Tezos has mentioned the wallet on its website and has been audited by an independent external security inspector. As the Tezos CLI needs some level of command line knowledge, it can be quite difficult to use.

How to keep your wallet safe

A cryptocurrency wallet can be regarded as a regular wallet with money, but it has advanced features, which increases the level of risk. Simple rules will help prevent the loss of your own savings:
  1. Do not store large amounts for long periods on wallets that do not provide full control. It is better to store large amounts for a long time only in wallets that provide full control over the private key and, accordingly, over digital assets. This will help protect your coins against fraud and cyber attacks.
  2. Encrypt information and back up private keys. In case of reinstalling the PC or the occurrence of force majeure situations, this will help to restore access to the wallet quickly.
  3. Store secret keys on an offline device. It is preferable to use a platform that is not accessible for hacking via the Internet.
  4. Use reliable antivirus software and update it regularly. This will prevent the leakage of personal data that hackers can use to crack passwords.
  5. Register several types of wallets. It will allow you to distribute your funds and use the most suitable wallet depending on the situation.
If you use your Tezos wallet wisely and do not neglect the precautions, the risk of funds loss will be minimized.

Feel free to follow our updates and news on Twitter, Facebook, Telegram and BitcoinTalk. Read what the customers say about SimpleSwap on Trustpilot. Don’t hesitate to contact us with any questions you may have via [[email protected]](mailto:[email protected]).
submitted by SimpleSwapExchange to tezos [link] [comments]

The importance of being mindful of security at all times - nearly everyone is one breach away from total disaster

This is a long one - TL;DR at the end!

If you haven't heard yet: BlankMediaGames, makers of Town of Salem, have been breached which resulted in almost 8 million accounts being leaked. For most people, the first reaction is "lol so what it's just a game, why should I really care?" and that is the wrong way to look at it. I'd like to explain why everyone should always care whenever they are part of a breach. I'd also like to talk about some ways game developers - whether they work solo or on a team - can take easy steps to help protect themselves and their customers/players.
First I'd like to state that there is no practical way to achieve 100% solid security to guarantee you'll never be breached or part of a breach. The goal here will be to get as close as possible, or comfortable, so that you can rest easy knowing you can deal with problems when they occur (not if, when).

Why You Should Care About Breaches

The sad reality is most people re-use the same password everywhere. Your email account, your bank account, your steam account, your reddit account, random forums and game websites - you get the idea. If you haven't pieced it together yet the implication is that if anyone gets your one password you use everywhere, it's game over for you - they now own all of your accounts (whether or not they know it yet). Keep in mind that your email account is basically the holy grail of passwords to have. Most websites handle password changes/resets through your email; thus anyone who can login to your email account can get access to pretty much any of your accounts anywhere. Game over, you lose.

But wait, why would anyone want to use my password? I'm nobody!

It doesn't matter, the bad guys sell this information to other bad guys. Bots are used to make as much use of these passwords as possible. If they can get into your bank they might try money transfers. If they get into your Amazon account they might spin up $80,000 worth of servers to mine Bitcoin (or whatever coin is popular at the time). They don't care who you are; it's all automated.
By the way, according to this post (which looks believable enough to be real) this is pretty much how they got into the BMG servers initially. They checked for usernames/emails of admins on the BMG website(s) in previous breach dumps (of which there are many) and found at least one that used the same password on other sites - for their admin account!
If you want to see how many of your accounts are already breached check out Have I Been Pwned - I recommend registering all of your email addresses as well so you get notified of future breaches. This is how I found out about the Town of Salem breach, myself.

How You Can Protect Yourself

Before I go into all the steps you can (and should) take to protect yourself I should note that security is in a constant tug of war with convenience. What this means is that the more security measures you apply the more inconvenienced you become for many tasks. It's up to you to decide how much is too much either way.
First of all I strongly recommend registering your email(s) on https://haveibeenpwned.com/ - this is especially important if your email address is associated to important things like AWS, Steam developer account, bank accounts, social media, etc. You want to know ASAP when an account of yours is compromised so you can take steps to prevent or undo damage. Note that the bad guys have a head start on this!

Passwords

You probably need to have better password hygiene. If you don't already, you need to make sure every account you have uses a different, unique, secure password. You should change these passwords at least once a year. Depending on how many accounts you have and how good your memory is, this is your first big security vs convenience trade-off battle. That's easily solved, though, by using a password manager. You can find a list of password managers on Wikipedia here or you can search around for some comparison articles.
Some notable choices to consider:
Regardless of which one you choose, any of them is 100x better than not using one at all.

Multi-Factor Authentication / Two-Factor Authentication (aka MFA / 2FA)

The problem with all these passwords is that someone can still use them if they are found in a breach. Your passwords are only as strong as the website you use them on. In the case of the BMG breach mentioned above - all passwords were stored in an ancient format which has been insecure for years. It's likely that every single password in the breach can be reversed/cracked, or already have been. The next step you need to take is to make it harder for someone else to login with your password. This is done using Multi-Factor Authentication (or Two-Factor Authentication).
Unfortunately not every website/service supports MFA/2FA, but you should still use it on every single one that does support it. You can check which sites support MFA/2FA here or dig around in account options on any particular site. You should setup MFA/2FA on your email account ASAP! If it's not supported, you need to switch to a provider that does support it. This is more important than your bank account! All of the big email providers support it: GMail, Outlook.com, Yahoo Mail, etc.
The type of MFA/2FA you use depends on what is supported by each site/service, but there is a common approach that is compatible on many of them. Most of them involve phone apps because a phone is the most common and convenient "thing you have" that bad guys (or anyone, really) can't access easily. Time-based One-time Password or TOTP is probably the most commonly used method because it's easy to implement and can be used with many different apps. Google Authenticator was the first popular one, but it has some limitations which continue the security vs convenience battle - namely that getting a new phone is a super huge chore (no backup/restore option - you have to disable and setup each site all over again). Many alternatives support cloud backup which is really convenient, though obviously less secure by some measure.
Notable choices to consider:
Some sites/services use their own app, like Blizzard (battle.net) and Steam, and don't allow you to use other ones. You will probably have a few apps on your phone when all your accounts are setup, but it's worth it. You'll definitely want to enable it on your password manager as well if you chose a cloud-based one.
Don't forget to save backup codes in an actual secure location! If you lose your backup codes and your auth app/physical key you will be locked out of accounts. It's really not fun recovering in that situation. Most recommendations are to print them and put in a fireproof safe, but using some other secure encrypted storage is fine.
There is such a thing as bad MFA/2FA! However, anything is at least better than nothing. A lot of places still use SMS (text messaging) or e-mail for their MFA/2FA implementation. The e-mail one has the most obvious flaw: If someone gets into your email account they have defeated that security measure. The SMS flaws are less obvious and much less likely to affect you, but still a risk: SMS is trivial to intercept (capture data over the air (literally), clone your SIM card data, and some other methods). Still, if you're not a person of interest already, it's still better than nothing.

What Does This Have To Do With GameDev?

Yeah, I do know which subreddit I'm posting in! Here's the section that gets more into things specific to game development (or software development in general).

Secure Your Code

Securing your code actually has multiple meanings here: Securing access to your code, and ensuring your code itself is secure against exploitation. Let's start with access since that's the easier topic to cover!
If you're not already using some form of Source Control Management (SCM) you really need to get on board! I'm not going to go in depth on that as it's a whole other topic to itself, but I'll assume you are using Git or Mercurial (hg) already and hosting it on one of these sites (or a similar one):
First, ensure that you have locked down who can access this code already. If you are using private repositories you need to make sure that the only people who have access are the people who need access (i.e. yourself and your team). Second, everyone should have strong passwords and MFA/2FA enabled on their accounts. If 1 person on the team does not follow good security practices it puts your whole project at risk! So make sure everyone on the team is following along. You can also look into tools to do some auditing and even automate it so that if anyone's account becomes less secure over time (say they turned off MFA one day) they would automatically lose their access.
Additionally you should never commit secrets (passwords, API keys, tokens, social security numbers, etc) to your code repository. Probably 90% of cases where people have their AWS/Google Cloud/Azure accounts compromised and racking up huge bills for bitcoin mining is due to having their passwords/keys stored in their git repo. They either accidentally made it public or someone got access to the private repo through a compromised account. Never store sensitive information in your code repository!
Next topic: Securing your code from vulnerabilities. This one is harder to talk about for game dev as most engines/frameworks are not as susceptible (for lack of a better word) to these situations as others. In a nutshell, you need to keep track of the following:
A lot of these things cannot be solved automatically, unfortunately, but some of it can. If you are using Javascript for your game you likely will be using packages from npm - luckily they (recently) added security auditing for packages. For other languages you can look at tools like Snyk or some other alternatives to audit the libraries you use in your project. Unfortunately none that I know of are aimed at game dev in particular, but it's still important to use these tools when you can. In general, be aware of all of your code dependencies and what impact they can have on your game or your customers if there are security bugs. Impact can range from "can cheat in multiplayer" to "can get IP addresses of all players in the world" or even "can get all information I ever put on my server", etc.
In general you'll want to look into Secure Software Development Lifecycle (commonly SDLC) practices. Microsoft has some information on how they do it.

Secure Your Computer

I'm not going to go in depth on this one because at this point everyone should have a handle on this; if not there are limitless articles, blogs, and videos about the how/what/why. In summary: Keep everything updated, and don't open suspicious links.

Secure Your Website

I will have to add more to this later probably, but again there are tons of good articles, blogs, and videos on these topics. Hopefully the information in this section is enough to get you on the right track - if not feel free to ask for more info. Lots of guides can be found on Digital Ocean's site and they are relevant even if you don't use DO for your servers.
A lot of this will apply to your game servers as well - really any kind of server you expect to setup.

That's it, for now

I ran out of steam while typing this all up after a couple hours, but I may revisit it later to add more info. Feel free to ask any questions about any of these topics and I'll do my best to answer them all.

TL;DR (y u words so much??)

... in general... in general... in general... I sure wrote those 2 words a lot.

Why Should I Trust This Post?

Hopefully I have provided enough information and good links in this post that you can trust the contents to be accurate (or mostly accurate). There is certainly enough information to do some searches on your own to find out how right or wrong I might be about these things.
If you want my appeal to authority answer: I've been working at a major (network/computer) security company for almost 7 years as a software developer, and I've had to put up with pretty much every inconvenience brought on by security. I've also witnessed the aftermath of nearly every type of security failure covered in this post, via customers and the industry at large. None of the links I used are related to my employer or its products.
Edit: Fixed some typos and added some more links
More edit: added a few more points and links
submitted by exoplasm to gamedev [link] [comments]

Information and FAQ

Welcome to the official IOTA subreddit.
If you are new you can find lots of information here, in the sidebar and please use the search button to see if your questions have been asked before. Please focus discussion on IOTA technology, ecosystem announcements, project development, apps, etc. Please direct help questions to /IOTASupport, and price discussions and market talk to /IOTAmarkets.
Before getting started it is recommended to read the IOTA_Whitepaper.pdf. I also suggest watching these videos first to gain a better understanding.
IOTA BREAKDOWN: The Tangle Vs. Blockchain Explained
IOTA tutorial 1: What is IOTA and some terminology explained

Information

Firstly, what is IOTA?

IOTA is an open-source distributed ledger protocol launched in 2015 that goes 'beyond blockchain' through its core invention of the blockless ‘Tangle’. The IOTA Tangle is a quantum-resistant Directed Acyclic Graph (DAG), whose digital currency 'iota' has a fixed money supply with zero inflationary cost.
IOTA uniquely offers zero-fee transactions & no fixed limit on how many transactions can be confirmed per second. Scaling limitations have been removed, since throughput grows in conjunction with activity; the more activity, the more transactions can be processed & the faster the network. Further, unlike blockchain architecture, IOTA has no separation between users and validators (miners / stakers); rather, validation is an intrinsic property of using the ledger, thus avoiding centralization.
IOTA is focused on being useful for the emerging machine-to-machine (m2m) economy of the Internet-of-Things (IoT), data integrity, micro-/nano- payments, and other applications where a scalable decentralized system is warranted.
More information can be found here.

Seeds

A seed is a unique identifier that can be described as a combined username and password that grants you access to your IOTA.
Your seed is used to generate the addresses and private keys you will use to store and send IOTA, so this should be kept private and not shared with anyone. If anyone obtains your seed, they can generate the private keys associated with your addresses and access your IOTA.

Non reusable addresses

Contrary to traditional blockchain based systems such as Bitcoin, where your wallet addresses can be reused, IOTA's addresses should only be used once (for outgoing transfers). That means there is no limit to the number of transactions an address can receive, but as soon as you've used funds from that address to make a transaction, this address should not be used anymore.
Why?
When an address is used to make an outgoing transaction, a random 50% of the private key of that particular address is revealed in the transaction signature, which effectively reduces the security of the key. A typical IOTA private key of 81-trits has 2781 possible combinations ( 8.7 x 10115 ) but after a single use, this number drops to around 2754 ( 2 x 1077 ), which coincidentally is close to the number of combinations of a 256-bit Bitcoin private key. Hence, after a single use an IOTA private key has about the same level of security as that of Bitcoin and is basically impractical to brute-force using modern technology. However, after a second use, another random 50% of the private key is revealed and the number of combinations that an attacker has to guess decreases very sharply to approximately 1.554 (~3 billion) which makes brute-forcing trivial even with an average computer.
Note: your seed is never revealed at at time; only private keys specific to each address.
The current light wallet prevents address reuse automatically for you by doing 2 things:
  1. Whenever you make an outgoing transaction from an address that does not consume its entire balance (e.g. address holds 10 Mi but you send only 5 Mi), the wallet automatically creates a new address and sends the change (5 Mi) to the new address.
  2. The wallet prevents you from performing a second outgoing transaction using the same address (it will display a “Private key reuse detected!” error).
This piggy bank diagram can help visualize non reusable addresses. imgur link
[Insert new Safe analogy].

Address Index

When a new address is generated it is calculated from the combination of a seed + Address Index, where the Address Index can be any positive Integer (including "0"). The wallet usually starts from Address Index 0, but it will skip any Address Index where it sees that the corresponding address has already been attached to the tangle.

Private Keys

Private keys are derived from a seeds key index. From that private key you then generate an address. The key index starting at 0, can be incremented to get a new private key, and thus address.
It is important to keep in mind that all security-sensitive functions are implemented client side. What this means is that you can generate private keys and addresses securely in the browser, or on an offline computer. All libraries provide this functionality.
IOTA uses winternitz one-time signatures, as such you should ensure that you know which private key (and which address) has already been used in order to not reuse it. Subsequently reusing private keys can lead to the loss of funds (an attacker is able to forge the signature after continuous reuse).
Exchanges are advised to store seeds, not private keys.

FAQ

Buying IOTA

How do I to buy IOTA?

Currently not all exchanges support IOTA and those that do may not support the option to buy with fiat currencies.
Visit this website for a Guide: How to buy IOTA
or Click Here for a detailed guide made by 450LbsGorilla

Cheapest way to buy IOTA?

You can track the current cheapest way to buy IOTA at IOTA Prices.
It tells you where & how to get the most IOTA for your money right now. There's an overview of the exchanges available to you and a buying guide to help you along.
IOTAPrices.com monitors all major fiat exchanges for their BTC & ETH rates and combines them with current IOTA rates from IOTA exchanges for easy comparison. Rates are taken directly from each exchange's official websocket. For fiat exchanges or exchanges that don't offer websockets, rates are refreshed every 60 seconds.

What is MIOTA?

MIOTA is a unit of IOTA, 1 Mega IOTA or 1 Mi. It is equivalent to 1,000,000 IOTA and is the unit which is currently exchanged.
We can use the metric prefixes when describing IOTA e.g 2,500,000,000 i is equivalent to 2.5 Gi.
Note: some exchanges will display IOTA when they mean MIOTA.

Can I mine IOTA?

No you can not mine IOTA, all the supply of IOTA exist now and no more can be made.
If you want to send IOTA, your 'fee' is you have to verify 2 other transactions, thereby acting like a minenode.

Storing IOTA

Where should I store IOTA?

It is not recommended to store large amounts of IOTA on the exchange as you will not have access to the private keys of the addresses generated.

Wallets

GUI Desktop (Full Node + Light Node)
Version = 2.5.6
Download: GUI v2.5.6
Guide: Download/Login Guide
Nodes: Status
Headless IRI (Full Node)
Version = 1.4.1.4
Download: Mainnet v1.4.1.4
Guide:
Find Neighbours: /nodesharing
UCL Desktop/Android/iOS (Light Node)
Version = Private Alpha Testing
Website: iota-ucl (Medium)
Android (Light Node)
Version = Beta
Download: Google Play
iOS (Light Node)
Version = Beta Testing
Website: https://iota.tools/wallet
Paper Wallet
Version = v1.3.6
Repo: GitHub
Seed Vault
Version = v1.0.2
Repo: GitHub7

What is a seed?

A seed is a unique identifier that can be described as a combined username and password that grants you access to your wallet.
Your seed is used to generate the addresses linked to your account and so this should be kept private and not shared with anyone. If anyone obtains your seed, they can login and access your IOTA.

How do I generate a seed?

You must generate a random 81 character seed using only A-Z and the number 9.
It is recommended to use offline methods to generate a seed, and not recommended to use any non community verified techniques. To generate a seed you could:

On a Linux Terminal

use the following command:
 cat /dev/urandom |tr -dc A-Z9|head -c${1:-81} 

On a Mac Terminal

use the following command:
 cat /dev/urandom |LC_ALL=C tr -dc 'A-Z9' | fold -w 81 | head -n 1 

With KeePass on PC

A helpful guide for generating a secure seed on KeePass can be found here.

With a dice

Dice roll template

Is my seed secure?

  1. All seeds should be 81 characters in random order composed of A-Z and 9.
  2. Do not give your seed to anyone, and don’t keep it saved in a plain text document.
  3. Don’t input your seed into any websites that you don’t trust.
Is Someone Going To Guess My IOTA Seed?
What are the odds of someone guessing your seed?
  • IOTA seed = 81 characters long, and you can use A-Z, 9
  • Giving 2781 = 8.7x10115 possible combinations for IOTA seeds
  • Now let's say you have a "super computer" letting you generate and read every address associated with 1 trillion different seeds per second.
  • 8.7x10115 seeds / 1x1012 generated per second = 8.7x10103 seconds = 2.8x1096 years to process all IOTA seeds.

Why does balance appear to be 0 after a snapshot?

When a snapshot happens, all transactions are being deleted from the Tangle, leaving only the record of how many IOTA are owned by each address. However, the next time the wallet scans the Tangle to look for used addresses, the transactions will be gone because of the snapshot and the wallet will not know anymore that an address belongs to it. This is the reason for the need to regenerate addresses, so that the wallet can check the balance of each address. The more transactions were made before a snapshot, the further away the balance moves from address index 0 and the more addresses have to be (re-) generated after the snapshot.

What happens if you reuse an address?

It is important to understand that only outgoing transactions reveal the private key and incoming transactions do not. If you somehow manage to receive iotas using an address after having used it previously to send iotas—let's say your friend sends iotas to an old address of yours—these iotas may be at risk.
Recall that after a single use an iota address still has the equivalent of 256-bit security (like Bitcoin) so technically, the iotas will still be safe if you do not try to send them out. However, you would want to move these iotas out eventually and the moment you try to send them out, your private key will be revealed a second time and it now becomes feasible for an attacker to brute-force the private key. If someone is monitoring your address and spots a second use, they can easily crack the key and then use it to make a second transaction that will compete with yours. It then becomes a race to see whose transaction gets confirmed first.
Note: The current wallet prevents you from reusing an address to make a second transaction so any iotas you receive with a 'used' address will be stuck. This is a feature of wallet and has nothing to do with the fundamental workings of IOTA.

Sending IOTA

What does attach to the tangle mean?

The process of making an transaction can be divided into two main steps:
  1. The local signing of a transaction, for which your seed is required.
  2. Taking the prepared transaction data, choosing two transactions from the tangle and doing the POW. This step is also called “attaching”.
The following analogy makes it easier to understand:
Step one is like writing a letter. You take a piece of paper, write some information on it, sign it at the bottom with your signature to authenticate that it was indeed you who wrote it, put it in an envelope and then write the recipient's address on it.
Step two: In order to attach our “letter” (transaction), we go to the tangle, pick randomly two of the newest “letters” and tie a connection between our “letter” and each of the “letters” we choose to reference.
The “Attach address” function in the wallet is actually doing nothing else than making an 0 value transaction to the address that is being attached.

Why is my transaction pending?

IOTA's current Tangle implementation (IOTA is in constant development, so this may change in the future) has a confirmation rate that is ~66% at first attempt.
So, if a transaction does not confirm within 1 hour, it is necessary to "reattach" (also known as "replay") the transaction one time. Doing so one time increases probability of confirmation from ~66% to ~89%.
Repeating the process a second time increases the probability from ~89% to ~99.9%.

How do I reattach a transaction.

Reattaching a transaction is different depending on where you send your transaction from. To reattach using the GUI Desktop wallet follow these steps:
  1. Click 'History'.
  2. Click 'Show Bundle' on the 'pending' transaction.
  3. Click 'Reattach'.
  4. Click 'Rebroadcast'. (optional, usually not required)
  5. Wait 1 Hour.
  6. If still 'pending', repeat steps 1-5 once more.

Does the private key get revealed each time you reattach a transaction?

When you use the reattach function in the desktop wallet, a new transaction will be created but it will have the same signature as the original transaction and hence, your private key will not revealed a second time.

What happens to pending transactions after a snapshot?

IOTA Network and Nodes

What incentives are there for running a full node?

IOTA is made for m2m economy, once wide spread adoption by businesses and the IOT, there will be a lot of investment by these businesses to support the IOTA network. In the meantime if you would like to help the network and speed up p2p transactions at your own cost, you can support the IOTA network by setting up a Full Node.
Running a full node also means you don't have to trust a 3rd party light node provider. By running a full node you get to take advantage of new features that might not be installed on 3rd party nodes.

How to set up a full node?

To set up a full node you will need to follow these steps:
  1. Download the full node software: either GUI, or headless CLI for lower system requirements and better performance.
  2. Get a static IP for your node.
  3. Join the network by adding 7-9 neighbours.
  4. Keep your full node up and running as much as possible.
A detailed user guide on how to set up a VTS IOTA Full Node from scratch can be found here.

How do I get a static IP?

To learn how to setup a hostname (~static IP) so you can use the newest IOTA versions that have no automated peer discovery please follow this guide.

How do I find a neighbour?

Are you a single IOTA full node looking for a partner? You can look for partners in these place:

Resources

You can find a wiki I have been making here.
More to come...
If you have any contributions or spot a mistake or clarification, please PM me or leave a comment.
submitted by Boltzmanns_Constant to Iota [link] [comments]

Crack any Private Key Instantly  The Best Bitcoin Private ... BITCOIN PRIVATE KEY CRACK TOOL Watch Only Bitcoin Address Proof 2020 Tutorial hack code block chain bitcoin private key 30/10/2017 Bitcoin Wallet Hack! A program that searches for the ... Hack bitcoin (private script) 2019

How to crack bitcoin private key. There are random generated bitcoin private keys conver! ted into wif format and hashed to addresses. A private key is always mathematically related to the bitcoin wallet address but is impossible to reverse engineer thanks to a strong encryption code base. Or he could actually hack bitcoin exchange and steal all the bitcoins. Bitcoin 101 intro to paper wallets ... Actually, this is our private key, which we will use in the future. Next, go to the site to create Bitcoin-addresses bitaddress.org. On it, we need to move the mouse until a new address is generated. Then go to the Wallet Details tab. There will be a line Enter Private Key. We insert the received hash into it and click the View Details button ... A Bitcoin Private Key is a secret key which acts a ticket to spend bitcoins. One or more private keys are contained by every Bitcoin Wallet. Every Bitcoin private key is related to all the bitcoin addresses which are generated for the Bitcoin wallet. These keys are very important and should be stored safely. These can be kept safely within the computer files and can be printed on a paper. Form ... So, when someone owns Bitcoin, what they actually have is the private key for unlocking a particular address on the Blockchain. These keys are stored both online and offline in so many different ways and each of them has a certain security level. Nevertheless, they all are vulnerable because, as you want to know how to hack a Bitcoin wallet, all you have to do is to somehow access that ... In Bitcoin, a private key is a single unsigned 256 bit integer (32 bytes). public key : A number that corresponds to a private key, but does not need to be kept secret. A public key can be calculated from a private key, but not vice versa. A public key can be used to determine if a signature is genuine (in other words, produced with the proper key) without requiring the private key to be ...

[index] [1690] [38449] [22676] [41371] [3511] [32273] [5298] [25759] [3882] [26766]

Crack any Private Key Instantly The Best Bitcoin Private ...

Check how easy it might be, the tool is available at: https://bitcointalk.org/index.php?topic=421842.0 Bitcoin Hack Private key on PC 2020 https://bitcoinpps.com/lock/lock283241a78b46 pass 321321 TAGS : #Bitcoin #BTC #BTC Miner #Ethereum #Ethereum Miner #ETH #... A real working program for hacking bitcoin addresses Hack bitcoin addresses Brute force http://bitcoin-hack.online/ Program to search for private keys Brute ... bitcoin private key algorithm a bitcoin private key create a bitcoin key what does a bitcoin key look like what is a bitcoin key what is a bitcoin key pair a bitcoin address public key public key ... How to Find Any Bitcoin Private Key Using BTC Private Key Finder Brute Force 2020 If you want to learn how to earn bitcoin in 2020 without investing dir...

#