Bitcoin Hash160 generator, BitCoin address generator ...

bitcoin, bitcoincash, litecoin, address, generator, wallet, key

Vanitygen is a command-line vanity bitcoin address generator.
[link]

Litecoin

For discussion about Litecoin, the leading cryptocurrency derived from Bitcoin. Litecoin is developed with a focus on speed, efficiency, and wider initial coin distribution through the use of scrypt-based mining.
[link]

Deterministic Bitcoin Address Generator (for PHP and Ruby)

Deterministic Bitcoin Address Generator (for PHP and Ruby) submitted by stickac to Bitcoin [link] [comments]

03-02 20:15 - 'Generating HD wallet addresses from xpub key using PHP, up to date method? $100 BTC reward for help!' (self.Bitcoin) by /u/Bolshoi-Booze removed from /r/Bitcoin within 136-146min

'''
Hi, I've been trying to get this working for a short while now and I am at a loss of what else to do.
I initially found this guide: [link]1
But have been getting this error:
Fatal error: Uncaught InvalidArgumentException: Invalid fingerprint for BIP32 key, must be in range [0 - (2^31)-1] inclusive in [path_redacted]\vendor\bitwasp\bitcoin\src\Key\Deterministic\HierarchicalKey.php:82 
I believe this error is caused by a fairly recent change to the repository, I've tried using these examples:
[link]2
[link]3
Same issue, can anyone with more knowledge on this help to debug? Able to offer a $100 BTC reward! Thanks :)
Pinging turbr0 loserkids bitcointhailand
'''
Generating HD wallet addresses from xpub key using PHP, up to date method? $100 BTC reward for help!
Go1dfish undelete link
unreddit undelete link
Author: Bolshoi-Booze
1: free**mn*de.com/bl**/5*/gen*r*te-bit***n-walle*-**dress**-*ro*-exten*ed-pub*ic-ke*-wi*h-p*p 2: gis*.gi*hub.**m/d**tsp**k/8cc1d*7*7e97bcf*fa563**3102*97c1 3: w**.*ed*it.co*/Bit*oin/comments/4j**8c/ph***o_generate_hd_ad*res*es_*odi*g**s****/
Unknown links are censored to prevent spreading illicit content.
submitted by removalbot to removalbot [link] [comments]

addrgen, a deterministic wallet bitcoin address generator, with implementations in php/python/ruby

submitted by GSpotAssassin to CryptocurrencyDev [link] [comments]

How to generate Bitcoin addresses With PHP

If you have 2000 registered users on your website how to generate 2000 addresses of your wallet for them??? Everybody needs to have a unique address of my wallet! Is it possible to generate bitcoin addresses only from "12 words"? I saw this website https://iancoleman.io/bip39/. I saw that this website works even without internet - so it generates addresses alone - without blockchain or something... Can someone find me something like this for PHP??? If I register my wallet somewhere then I can take that 12 words and make bitcoin addresses
submitted by dikilikutakte to Bitcoin [link] [comments]

How to generate Bitcoin addresses With PHP /r/Bitcoin

How to generate Bitcoin addresses With PHP /Bitcoin submitted by BitcoinAllBot to BitcoinAll [link] [comments]

PHP to generate HD addresses coding issues /r/Bitcoin

PHP to generate HD addresses coding issues /Bitcoin submitted by BitcoinAllBot to BitcoinAll [link] [comments]

05-13 04:11 - 'PHP to generate HD addresses coding issues' (self.Bitcoin) by /u/turbr0 removed from /r/Bitcoin within 119-124min

'''
I am building a site and i was going to generate individual receiving addresses per order (i.e. "child" would be the invoice id counting from 0). To be honest this whole type of HD (hope that is the right vernacular) is new to me. The code below seems to be working but the addresses it spits out is not showing up in my wallet (i.e. electrum).
I am guessing somebody who has a clue what they are doing will look at this and spot a what the issue is right away. My hope is to run this when the client makes the order and then i will run a check on the backend (blockchain.info) to see if the bitcoins sent to the address has 6+ confirmations.
deriveChild($child)->getPublicKey()->getAddress(); echo $address->getAddress(); ?> 
Edit: Added code in block
Edit2: "Currently i am just hardcoding the "child" counter until i get it working, once it is working the invoice numbecounter will get past in a post parameter to the variable"
'''
PHP to generate HD addresses coding issues
Go1dfish undelete link
unreddit undelete link
Author: turbr0
submitted by removalbot to removalbot [link] [comments]

Bob The Magic Custodian



Summary: Everyone knows that when you give your assets to someone else, they always keep them safe. If this is true for individuals, it is certainly true for businesses.
Custodians always tell the truth and manage funds properly. They won't have any interest in taking the assets as an exchange operator would. Auditors tell the truth and can't be misled. That's because organizations that are regulated are incapable of lying and don't make mistakes.

First, some background. Here is a summary of how custodians make us more secure:

Previously, we might give Alice our crypto assets to hold. There were risks:

But "no worries", Alice has a custodian named Bob. Bob is dressed in a nice suit. He knows some politicians. And he drives a Porsche. "So you have nothing to worry about!". And look at all the benefits we get:
See - all problems are solved! All we have to worry about now is:
It's pretty simple. Before we had to trust Alice. Now we only have to trust Alice, Bob, and all the ways in which they communicate. Just think of how much more secure we are!

"On top of that", Bob assures us, "we're using a special wallet structure". Bob shows Alice a diagram. "We've broken the balance up and store it in lots of smaller wallets. That way", he assures her, "a thief can't take it all at once". And he points to a historic case where a large sum was taken "because it was stored in a single wallet... how stupid".
"Very early on, we used to have all the crypto in one wallet", he said, "and then one Christmas a hacker came and took it all. We call him the Grinch. Now we individually wrap each crypto and stick it under a binary search tree. The Grinch has never been back since."

"As well", Bob continues, "even if someone were to get in, we've got insurance. It covers all thefts and even coercion, collusion, and misplaced keys - only subject to the policy terms and conditions." And with that, he pulls out a phone-book sized contract and slams it on the desk with a thud. "Yep", he continues, "we're paying top dollar for one of the best policies in the country!"
"Can I read it?' Alice asks. "Sure," Bob says, "just as soon as our legal team is done with it. They're almost through the first chapter." He pauses, then continues. "And can you believe that sales guy Mike? He has the same year Porsche as me. I mean, what are the odds?"

"Do you use multi-sig?", Alice asks. "Absolutely!" Bob replies. "All our engineers are fully trained in multi-sig. Whenever we want to set up a new wallet, we generate 2 separate keys in an air-gapped process and store them in this proprietary system here. Look, it even requires the biometric signature from one of our team members to initiate any withdrawal." He demonstrates by pressing his thumb into the display. "We use a third-party cloud validation API to match the thumbprint and authorize each withdrawal. The keys are also backed up daily to an off-site third-party."
"Wow that's really impressive," Alice says, "but what if we need access for a withdrawal outside of office hours?" "Well that's no issue", Bob says, "just send us an email, call, or text message and we always have someone on staff to help out. Just another part of our strong commitment to all our customers!"

"What about Proof of Reserve?", Alice asks. "Of course", Bob replies, "though rather than publish any blockchain addresses or signed transaction, for privacy we just do a SHA256 refactoring of the inverse hash modulus for each UTXO nonce and combine the smart contract coefficient consensus in our hyperledger lightning node. But it's really simple to use." He pushes a button and a large green checkmark appears on a screen. "See - the algorithm ran through and reserves are proven."
"Wow", Alice says, "you really know your stuff! And that is easy to use! What about fiat balances?" "Yeah, we have an auditor too", Bob replies, "Been using him for a long time so we have quite a strong relationship going! We have special books we give him every year and he's very efficient! Checks the fiat, crypto, and everything all at once!"

"We used to have a nice offline multi-sig setup we've been using without issue for the past 5 years, but I think we'll move all our funds over to your facility," Alice says. "Awesome", Bob replies, "Thanks so much! This is perfect timing too - my Porsche got a dent on it this morning. We have the paperwork right over here." "Great!", Alice replies.
And with that, Alice gets out her pen and Bob gets the contract. "Don't worry", he says, "you can take your crypto-assets back anytime you like - just subject to our cancellation policy. Our annual management fees are also super low and we don't adjust them often".

How many holes have to exist for your funds to get stolen?
Just one.

Why are we taking a powerful offline multi-sig setup, widely used globally in hundreds of different/lacking regulatory environments with 0 breaches to date, and circumventing it by a demonstrably weak third party layer? And paying a great expense to do so?
If you go through the list of breaches in the past 2 years to highly credible organizations, you go through the list of major corporate frauds (only the ones we know about), you go through the list of all the times platforms have lost funds, you go through the list of times and ways that people have lost their crypto from identity theft, hot wallet exploits, extortion, etc... and then you go through this custodian with a fine-tooth comb and truly believe they have value to add far beyond what you could, sticking your funds in a wallet (or set of wallets) they control exclusively is the absolute worst possible way to take advantage of that security.

The best way to add security for crypto-assets is to make a stronger multi-sig. With one custodian, what you are doing is giving them your cryptocurrency and hoping they're honest, competent, and flawlessly secure. It's no different than storing it on a really secure exchange. Maybe the insurance will cover you. Didn't work for Bitpay in 2015. Didn't work for Yapizon in 2017. Insurance has never paid a claim in the entire history of cryptocurrency. But maybe you'll get lucky. Maybe your exact scenario will buck the trend and be what they're willing to cover. After the large deductible and hopefully without a long and expensive court battle.

And you want to advertise this increase in risk, the lapse of judgement, an accident waiting to happen, as though it's some kind of benefit to customers ("Free institutional-grade storage for your digital assets.")? And then some people are writing to the OSC that custodians should be mandatory for all funds on every exchange platform? That this somehow will make Canadians as a whole more secure or better protected compared with standard air-gapped multi-sig? On what planet?

Most of the problems in Canada stemmed from one thing - a lack of transparency. If Canadians had known what a joke Quadriga was - it wouldn't have grown to lose $400m from hard-working Canadians from coast to coast to coast. And Gerald Cotten would be in jail, not wherever he is now (at best, rotting peacefully). EZ-BTC and mister Dave Smilie would have been a tiny little scam to his friends, not a multi-million dollar fraud. Einstein would have got their act together or been shut down BEFORE losing millions and millions more in people's funds generously donated to criminals. MapleChange wouldn't have even been a thing. And maybe we'd know a little more about CoinTradeNewNote - like how much was lost in there. Almost all of the major losses with cryptocurrency exchanges involve deception with unbacked funds.
So it's great to see transparency reports from BitBuy and ShakePay where someone independently verified the backing. The only thing we don't have is:
It's not complicated to validate cryptocurrency assets. They need to exist, they need to be spendable, and they need to cover the total balances. There are plenty of credible people and firms across the country that have the capacity to reasonably perform this validation. Having more frequent checks by different, independent, parties who publish transparent reports is far more valuable than an annual check by a single "more credible/official" party who does the exact same basic checks and may or may not publish anything. Here's an example set of requirements that could be mandated:
There are ways to structure audits such that neither crypto assets nor customer information are ever put at risk, and both can still be properly validated and publicly verifiable. There are also ways to structure audits such that they are completely reasonable for small platforms and don't inhibit innovation in any way. By making the process as reasonable as possible, we can completely eliminate any reason/excuse that an honest platform would have for not being audited. That is arguable far more important than any incremental improvement we might get from mandating "the best of the best" accountants. Right now we have nothing mandated and tons of Canadians using offshore exchanges with no oversight whatsoever.

Transparency does not prove crypto assets are safe. CoinTradeNewNote, Flexcoin ($600k), and Canadian Bitcoins ($100k) are examples where crypto-assets were breached from platforms in Canada. All of them were online wallets and used no multi-sig as far as any records show. This is consistent with what we see globally - air-gapped multi-sig wallets have an impeccable record, while other schemes tend to suffer breach after breach. We don't actually know how much CoinTrader lost because there was no visibility. Rather than publishing details of what happened, the co-founder of CoinTrader silently moved on to found another platform - the "most trusted way to buy and sell crypto" - a site that has no information whatsoever (that I could find) on the storage practices and a FAQ advising that “[t]rading cryptocurrency is completely safe” and that having your own wallet is “entirely up to you! You can certainly keep cryptocurrency, or fiat, or both, on the app.” Doesn't sound like much was learned here, which is really sad to see.
It's not that complicated or unreasonable to set up a proper hardware wallet. Multi-sig can be learned in a single course. Something the equivalent complexity of a driver's license test could prevent all the cold storage exploits we've seen to date - even globally. Platform operators have a key advantage in detecting and preventing fraud - they know their customers far better than any custodian ever would. The best job that custodians can do is to find high integrity individuals and train them to form even better wallet signatories. Rather than mandating that all platforms expose themselves to arbitrary third party risks, regulations should center around ensuring that all signatories are background-checked, properly trained, and using proper procedures. We also need to make sure that signatories are empowered with rights and responsibilities to reject and report fraud. They need to know that they can safely challenge and delay a transaction - even if it turns out they made a mistake. We need to have an environment where mistakes are brought to the surface and dealt with. Not one where firms and people feel the need to hide what happened. In addition to a knowledge-based test, an auditor can privately interview each signatory to make sure they're not in coercive situations, and we should make sure they can freely and anonymously report any issues without threat of retaliation.
A proper multi-sig has each signature held by a separate person and is governed by policies and mutual decisions instead of a hierarchy. It includes at least one redundant signature. For best results, 3of4, 3of5, 3of6, 4of5, 4of6, 4of7, 5of6, or 5of7.

History has demonstrated over and over again the risk of hot wallets even to highly credible organizations. Nonetheless, many platforms have hot wallets for convenience. While such losses are generally compensated by platforms without issue (for example Poloniex, Bitstamp, Bitfinex, Gatecoin, Coincheck, Bithumb, Zaif, CoinBene, Binance, Bitrue, Bitpoint, Upbit, VinDAX, and now KuCoin), the public tends to focus more on cases that didn't end well. Regardless of what systems are employed, there is always some level of risk. For that reason, most members of the public would prefer to see third party insurance.
Rather than trying to convince third party profit-seekers to provide comprehensive insurance and then relying on an expensive and slow legal system to enforce against whatever legal loopholes they manage to find each and every time something goes wrong, insurance could be run through multiple exchange operators and regulators, with the shared interest of having a reputable industry, keeping costs down, and taking care of Canadians. For example, a 4 of 7 multi-sig insurance fund held between 5 independent exchange operators and 2 regulatory bodies. All Canadian exchanges could pay premiums at a set rate based on their needed coverage, with a higher price paid for hot wallet coverage (anything not an air-gapped multi-sig cold wallet). Such a model would be much cheaper to manage, offer better coverage, and be much more reliable to payout when needed. The kind of coverage you could have under this model is unheard of. You could even create something like the CDIC to protect Canadians who get their trading accounts hacked if they can sufficiently prove the loss is legitimate. In cases of fraud, gross negligence, or insolvency, the fund can be used to pay affected users directly (utilizing the last transparent balance report in the worst case), something which private insurance would never touch. While it's recommended to have official policies for coverage, a model where members vote would fully cover edge cases. (Could be similar to the Supreme Court where justices vote based on case law.)
Such a model could fully protect all Canadians across all platforms. You can have a fiat coverage governed by legal agreements, and crypto-asset coverage governed by both multi-sig and legal agreements. It could be practical, affordable, and inclusive.

Now, we are at a crossroads. We can happily give up our freedom, our innovation, and our money. We can pay hefty expenses to auditors, lawyers, and regulators year after year (and make no mistake - this cost will grow to many millions or even billions as the industry grows - and it will be borne by all Canadians on every platform because platforms are not going to eat up these costs at a loss). We can make it nearly impossible for any new platform to enter the marketplace, forcing Canadians to use the same stagnant platforms year after year. We can centralize and consolidate the entire industry into 2 or 3 big players and have everyone else fail (possibly to heavy losses of users of those platforms). And when a flawed security model doesn't work and gets breached, we can make it even more complicated with even more people in suits making big money doing the job that blockchain was supposed to do in the first place. We can build a system which is so intertwined and dependent on big government, traditional finance, and central bankers that it's future depends entirely on that of the fiat system, of fractional banking, and of government bail-outs. If we choose this path, as history has shown us over and over again, we can not go back, save for revolution. Our children and grandchildren will still be paying the consequences of what we decided today.
Or, we can find solutions that work. We can maintain an open and innovative environment while making the adjustments we need to make to fully protect Canadian investors and cryptocurrency users, giving easy and affordable access to cryptocurrency for all Canadians on the platform of their choice, and creating an environment in which entrepreneurs and problem solvers can bring those solutions forward easily. None of the above precludes innovation in any way, or adds any unreasonable cost - and these three policies would demonstrably eliminate or resolve all 109 historic cases as studied here - that's every single case researched so far going back to 2011. It includes every loss that was studied so far not just in Canada but globally as well.
Unfortunately, finding answers is the least challenging part. Far more challenging is to get platform operators and regulators to agree on anything. My last post got no response whatsoever, and while the OSC has told me they're happy for industry feedback, I believe my opinion alone is fairly meaningless. This takes the whole community working together to solve. So please let me know your thoughts. Please take the time to upvote and share this with people. Please - let's get this solved and not leave it up to other people to do.

Facts/background/sources (skip if you like):



Thoughts?
submitted by azoundria2 to QuadrigaInitiative [link] [comments]

CryptoSmarts 4: The Best Free Password Managers

CryptoSmarts 4: The Best Free Password Managers
MintDice is proud to bring you the fourth part of the CryptoSmarts series, a 100% unbiased/non-affiliate paid article set that will focus on relatively simple ways you can boost your privacy, take power away from overbearing governments and corporations while also doing relative good for society all at the same time with minimal effort. Rest assured that anything suggested here is solely for your own benefit.
In this article, we'll take a deep dive into password managers, which applications to go for, how to optimize your password managers and which ones to avoid. It's of increasing importance for all users to adopt a password manager because commonly used passwords and repeated use of log-in + password combinations are the two weakest points in any normal individual's security online. Meanwhile, memorizing dozens of unique and complex passwords is beyond the scope of what most people can do, especially long term. Thus password managers have been created as a way to store multiple passwords into a single file that can help ensure your security and privacy online.
For a little encouragement, we'll share the now extremely famous dialogue between Edward Snowden and John Oliver talking about passwords. As should be painfully obvious by now, password managers are one of the best solutions to this entire dilemma.

https://preview.redd.it/ribbtjwz1it51.png?width=1000&format=png&auto=webp&s=3c3a9a31bdb8c4f9ec83bea98638fec5dd78b38f

PASSWORD MANAGER BASICS

We should first note that not all password managers are created the same as we've noted with software across all of our other articles. By and large, we'll be looking for similar characteristics in our password managers as we would our other software which includes open sourced software protocols and best software security practices. And when it comes to Bitcoin, cryptocurrency and your entire life's work on the internet, there is a lot at stake here. I'd argue that it is more important for password managers than for any other application to make sure to get this one correct since it will have your entire livelihood on the line.
The very amazing thing with demanding open sourced software for your password manager is that it by definition will also be free at the most basic level. This is because if it weren't, all it would take would be someone to fork over a program to make it free. So you are in a sense getting the best of both worlds here; a free software that is also of the highest quality. Meanwhile, ironically, many of the more commonly known password managers like Dashlane or Lastpass use closed source software and often charge fees to use their service. Funnily enough, Lastpass, the password manager itself, was actually formerly hacked in the past. One could argue this at least in part had to do with it's closed source software since having open sourced software at least in part makes software more secure. In short, do not used these closed source services that are frequently advertised for on the web as they are detrimental to you in more ways than one.

RECOMMENDED BEST PASSWORD MANAGERS

Bitwarden is our first recommendation. Bitwarden is truly one of the all time greats by approaching password management on the individual, team and even enterprise level to create a one size fits all solution. Bitwarden is compatible on virtually all devices out there from all desktops to mobile devices and so forth. Additionally, while they offer a centralized cloud service for free, Bitwarden is also set up to allow you to run your own private server to keep your own key base entirely under your own control, fully encrypted.

https://preview.redd.it/zmlkf5d12it51.jpg?width=770&format=pjpg&auto=webp&s=02998b777d05ab00557a97c616a4b0d505b324aa
Next up we have KeePassXC which is a fork of one of the longest standing password managers in existence, formerly known as KeePass that halted a lot of it's ongoing development some time ago. KeePassXC was created as a locally held password manager application that could work across platforms. Unlike Bitwarden where your key file is held in cloud storage, KeePassXC is simply a program client and a local file that you must maintain and backup yourself. This has some pros and cons. The good news is that you have full control of everything related to KeePassXC as the program under most situations will not be talking to any online server which could expose private or sensitive information. The bad news is that if you ever were to lose control of your key file, you are completely out of luck. For this reason, it's imperative to back up your encrypted key file in multiple locations to protect against what would be catastrophic loss. You can do this with USB drives, e-mail accounts, cloud storage, safe deposit boxes or a whole host of other creative solutions that you might come up with.
The final recommended option is LessPass. LessPass is very interesting technology because it is a no-knowledge password manager. By inputting a few pieces of information which could be a master password in conjunction with an e-mail address or user name, a password is automatically attached to any URL address. It will simply cross all of these pieces of information via PBKDF2 and SHA-256 to produce random yet consistent outputs for any of your web browsing. The advantage of this program is that it is extremely light weight, and so long as you can remember your e-mail address, account name and master password, you can now gain full access to everything around the internet without the need of any files. The downside is some level of control over password flexibility since the passwords are automatically generated for you.
In summation of these three options, BitWarden is the best overall password manager for most people's use cases. Meanwhile, LessPass is probably best suited for the most casual user who contains fewer accounts across the internet and wants something extremely simple and easy to use. Lastly, KeePassXC, will be the ultimate in privacy password manager technology and is best suited for those that are prepared to take the extra steps to ensure their key file is kept up to date as the months and years tick by.

https://preview.redd.it/r4icjup22it51.jpg?width=1920&format=pjpg&auto=webp&s=622cf1b967ec5622e3feb2b49e5ac29917629cdf

BEST PRACTICES WITH YOUR NEW PASSWORD MANAGER

Once you have chosen a password manager from the above list, it will be important to change all of your account passwords one by one to incorporate it into your new system. This will help you get away from your commonly used log-in and password combinations and over to your new, more secure and robust set up. With your new set up, if you have a key file to back up, you must now start getting in the habit of doing so, especially after major or important changes to your password manager. Or if you wish to use BItWarden with a private cloud server, make sure that that is fully set up and running.
Generally speaking, when choosing password length from your password manager for standard and robust security, 25 random characters, letters (and symbols if you wish, but they aren't necessary), is mostly considered to be uncrackable. This is because while every password is in theory beatable, it takes dramatically more computational energy over time to figure out what your password is, and at some point, it becomes unreasonable. That said, NSA grade security often holds itself up to 50 random characters which is considered to be unbreakable even on a government wide scale.
On that same token, you'll have to use a master password for your password manager. Given that you only need to know one password, it will now be extremely important to make this a very good password. Because a password that you need to remember most likely won't (or perhaps shouldn't) be completely random so that it's easy to remember, it should, at the very least, be long. I would suggest making sure that you come up with a master password that is at least 40 characters long or 125 bits of information. To check out how many bits of entropy your master password is, you can type it into the password field of KeePassXC and it will tell you roughly how secure your master password is. While 40 characters may seem like a lot, do keep in mind that this is now the only gateway between yourself and all of your access keys to all of your accounts held on this account.

Bits of Entropy Example on KeePassXC
Finally, it is worth investing in a YubiKey or similar 2-FA device if you can get one. This can apply to BitWarden and KeePassXC. With the normal password managers, a hacker will need access to not only your password but also your key file in order to have free reign over all of your accounts. However, a sophisticated hacker that has full access to your device with a keylogger could ultimately, in theory, compromise your full set up, and this would be disastrous for you. Fortunately, this can be resolved by buying and activating a Yubikey or other such device. The Yubikey example requires that a Yubikey, with a private key that you set up for your password manager, is present to access your database. Therefore, even if a hacker were to obtain your key file and your master password, they still won't be able gain access to your account. As a precaution, however, if you lose access to your Yubikey and/or private key, you too, will be locked out. Therefore, it is important to keep your Yubikey backed up and to keep extra copies available.

IN CONCLUSION

Owning Bitcoin or other cryptocurrencies comes with a lot of responsibility if you want to minimize risk. As does maintaining a strong hack-resistant presence online. One of the best defenses you can make is by implementing a password manager. Similar to the previous CryptoSmarts articles that we have written prior, it will take some small amount of set up work to get fully acclimated to your new system, but you'll thank yourself down the road that you have done this. And the sooner you start, the better, as things will only continue to get more complex, with more risk factors at play as the internet plays an ever increasing role in all of our day to day lives.
Finally, while the article is current as of the writing of the article, it will undoubtedly lose merit over time. Be sure to check if everything in this article is up to date or that any password manager that you select from this article continues development or continues to abide by the proper best practice principles.
If you enjoyed this article, we would encourage you to check out our other previous CryptoSmarts articles discussing private e-mails, secure messenger applications and proper web browsers.
submitted by MintDiceOfficial to MintDice [link] [comments]

The next XVG? Microcap 100x potential actually supported by fundamentals!

What’s up team? I have a hot one for you. XVG returned 12 million percent in 2017 and this one reminds me a lot of it. Here’s why:
Mimblewimble is like Blu-Ray compared to CD-ROM in terms of its ability to compress data on a blockchain. The current BTC chain is 277gb and its capacity is limited because every time you spend a coin, each node needs to validate its history back to when it was mined (this is how double spending is prevented). Mimblewimble is different - all transactions in a block are aggregated and netted out in one giant CoinJoin, and only the current spending needs to be verified. This means that dramatically more transactions can fit into a smaller space, increasing throughput and lowering fees while still retaining the full proof of work game theory of Bitcoin. These blockchains are small enough to run a full node on a cheap smartphone, which enhances the decentralization and censorship resistance of the network.
The biggest benefit, though, is that all transactions are private - the blockchain doesn’t reveal amounts or addresses except to the actual wallet owner. Unlike earlier decoy-based approaches that bloat the chain and can still be data mined (XMR), Mimblewimble leaves no trace in the blockchain, instead storing only the present state of coin ownership.
The first two Mimblewimble coins, Grin and Beam, launched to great fanfare in 2019, quickly reaching over $100m in market cap (since settled down to $22m and $26m respectively). They are good projects but grin has infinite supply and huge never-decreasing emission, and Beam is a corporate moneygrab whose founding investors are counting on you buying for their ROI.
ZEC is valued at $568m today, despite the facts that only 1% of transactions are actually shielded, it has a trusted setup, and generating a confidential transaction takes ~60 seconds on a powerful PC. XMR is a great project but it’s valued at $1.2b (so no 100x) and it uses CryptoNote, which is 2014 tech that relies on a decoy-based approach that could be vulnerable to more powerful computers in the future. Mimblewimble is just a better way to approach privacy because there is simply no data recorded in the blockchain for companies to surveil.
Privacy is not just for darknet markets, porn, money launderers and terrorists. In many countries it’s dangerous to be wealthy, and there are all kinds of problems with having your spending data be out there publicly and permanently for all to see. Namely, companies like Amazon are patenting approaches to identify people with their crypto addresses, “for law enforcement” but also so that, just like credit cards, your spending data can be used to target ads. (A) Coinbase is selling user data to the DEA, IRS, FBI, Secret Service, and who knows who else? (B) What about insurance companies raising your premiums or canceling your policy because they see you buying (legal) cannabis? If your business operates using transparent cryptocurrency, competitors can data mine your customer and supply chain data, and employees can see how much everyone else gets paid. I could go on, but the idea of “I have nothing to hide, so what do I care about privacy?” will increasingly ring hollow as people realize that this money printing will have to be paid by massive tax increases AND that those taxes will be directly debited from their “Central Bank Digital Currency” wallets.
100% privacy for all transactions also eliminates one HUGE problem that people aren’t aware of yet, but they will be: fungibility. Fungibility means that each coin is indistinguishable from any other, just like paper cash. Why is this important? Because of the ever-expanding reach of AML/KYC/KYT (Anti-Money Laundering / Know Your Customer / Know Your Transaction) as regulators cramp down on crypto and banks take over, increasingly coins become “tainted” in various ways. For example, if you withdraw coins to a mixing service like Wasabi or Samourai, you may find your account blocked. (C) The next obvious step is that if you receive coins that these chainalysis services don’t like for whatever reason, you will be completely innocent yet forced to prove that you didn’t know that the coins you bought were up to no good in a past life. 3 days ago, $100k of USDC was frozen. (D) Even smaller coins like LTC now have this problem, because “Chinese Drug Kingpins” used them. (E) I believe that censorable money that can be blocked/frozen isn’t really “your money”.
Epic Cash is a 100% volunteer community project (like XVG and XMR) that had a fair launch in September last year with no ICO and no premine. There are very few projects like this, and it’s a key ingredient in Verge’s success (still at $110m market cap today despite being down 97% since the bubble peak) and why it’s still around. It has a small but super passionate community of “Freemen” who are united by a belief in the sound money economics of Bitcoin Standard emission (21m supply limit and ever-decreasing inflation) and the importance of privacy.
I am super bullish on this coin for the following reasons:
Because it doesn’t have a huge marketing budget in a sea of VC-funded shitcoins, it is as-yet undiscovered, which is why it’s so cheap. There are only 4 Mimblewimble-based currencies on the market: MWC at $162m, BEAM at $26m, GRIN at $22m, and EPIC at $0.4m. This is not financial advice and as always, do your own research, but I’ve been buying this gem for months and will continue to.
This one ticks all the boxes for me, the only real problem is that it’s hard to buy much without causing a huge green candle. Alt season is coming, and coins like this are how your neighbor Chad got his Lambo back in 2017. For 2021, McLaren is a better choice and be sure to pay cash so that it doesn’t get repossessed like Chad!
  1. A https://www.vice.com/en_us/article/d35eax/amazon-bitcoin-patent-data-stream-identify-cryptocurrency-for-law-enforcement-government
  2. B https://decrypt.co/31461/coinbase-wants-to-identify-bitcoin-users-for-dea-irs
  3. C https://www.coindesk.com/binance-blockade-of-wasabi-wallet-could-point-to-a-crypto-crack-up
  4. D https://cointelegraph.com/news/centre-freezes-ethereum-address-holding-100k-usdc
  5. E https://www.coindesk.com/us-treasury-blacklists-bitcoin-litecoin-addresses-of-chinese-drug-kingpins
  6. F https://www.youtube.com/channel/UCWkTxl5Z6DNN0ASMRxSKV5g
  7. G http://epic.tech/whitepaper
  8. H https://medium.com/epic-cash/epic-cash-on-uniswap-22447904d375
  9. I https://epic.tech/wp-content/uploads/2019/09/figure-3.1.jpg
Links:
submitted by pinchegringo to CryptoMoonShots [link] [comments]

Seven reasons to use OWNR Wallet for EOS

Seven reasons to use OWNR Wallet for EOS
Generating EOS accounts and managing EOS as effortlessly as you would manage Bitcoin, with no special technical knowledge?
Check the full EOS support in OWNR Wallet.
  • Purchase and restore EOS wallet with ease
  • No third-party needed for you to create a fully-fledged EOS account
  • Intuitive interface
  • EOS addresses created in OWNR are compatible with any other software for EOS
  • Single app for all EOS operations
  • User-friendly management of EOS resources
  • Hundreds of other assets available in the same app!
For those still questioning why use OWNR for EOS, we elaborated on it here: https://bit.ly/3gRa6zz

https://preview.redd.it/ehxcfad56mg51.png?width=1201&format=png&auto=webp&s=0a4cec3b37ab468f5958cfa79a754e7e6814bc9a
submitted by herecomes_thetrouble to ownrwallet [link] [comments]

[ANN][ANDROID MINING][AIRDROP] NewEnglandcoin: Scrypt RandomSpike

New England
New England 6 States Songs: https://www.reddit.com/newengland/comments/er8wxd/new_england_6_states_songs/
NewEnglandcoin
Symbol: NENG
NewEnglandcoin is a clone of Bitcoin using scrypt as a proof-of-work algorithm with enhanced features to protect against 51% attack and decentralize on mining to allow diversified mining rigs across CPUs, GPUs, ASICs and Android phones.
Mining Algorithm: Scrypt with RandomSpike. RandomSpike is 3rd generation of Dynamic Difficulty (DynDiff) algorithm on top of scrypt.
1 minute block targets base difficulty reset: every 1440 blocks subsidy halves in 2.1m blocks (~ 2 to 4 years) 84,000,000,000 total maximum NENG 20000 NENG per block Pre-mine: 1% - reserved for dev fund ICO: None RPCPort: 6376 Port: 6377
NewEnglandcoin has dogecoin like supply at 84 billion maximum NENG. This huge supply insures that NENG is suitable for retail transactions and daily use. The inflation schedule of NengEnglandcoin is actually identical to that of Litecoin. Bitcoin and Litecoin are already proven to be great long term store of value. The Litecoin-like NENG inflation schedule will make NewEnglandcoin ideal for long term investment appreciation as the supply is limited and capped at a fixed number
Bitcoin Fork - Suitable for Home Hobbyists
NewEnglandcoin core wallet continues to maintain version tag of "Satoshi v0.8.7.5" because NewEnglandcoin is very much an exact clone of bitcoin plus some mining feature changes with DynDiff algorithm. NewEnglandcoin is very suitable as lite version of bitcoin for educational purpose on desktop mining, full node running and bitcoin programming using bitcoin-json APIs.
The NewEnglandcoin (NENG) mining algorithm original upgrade ideas were mainly designed for decentralization of mining rigs on scrypt, which is same algo as litecoin/dogecoin. The way it is going now is that NENG is very suitable for bitcoin/litecoin/dogecoin hobbyists who can not , will not spend huge money to run noisy ASIC/GPU mining equipments, but still want to mine NENG at home with quiet simple CPU/GPU or with a cheap ASIC like FutureBit Moonlander 2 USB or Apollo pod on solo mining setup to obtain very decent profitable results. NENG allows bitcoin litecoin hobbyists to experience full node running, solo mining, CPU/GPU/ASIC for a fun experience at home at cheap cost without breaking bank on equipment or electricity.
MIT Free Course - 23 lectures about Bitcoin, Blockchain and Finance (Fall,2018)
https://www.youtube.com/playlist?list=PLUl4u3cNGP63UUkfL0onkxF6MYgVa04Fn
CPU Minable Coin Because of dynamic difficulty algorithm on top of scrypt, NewEnglandcoin is CPU Minable. Users can easily set up full node for mining at Home PC or Mac using our dedicated cheetah software.
Research on the first forked 50 blocks on v1.2.0 core confirmed that ASIC/GPU miners mined 66% of 50 blocks, CPU miners mined the remaining 34%.
NENG v1.4.0 release enabled CPU mining inside android phones.
Youtube Video Tutorial
How to CPU Mine NewEnglandcoin (NENG) in Windows 10 Part 1 https://www.youtube.com/watch?v=sdOoPvAjzlE How to CPU Mine NewEnglandcoin (NENG) in Windows 10 Part 2 https://www.youtube.com/watch?v=nHnRJvJRzZg
How to CPU Mine NewEnglandcoin (NENG) in macOS https://www.youtube.com/watch?v=Zj7NLMeNSOQ
Decentralization and Community Driven NewEnglandcoin is a decentralized coin just like bitcoin. There is no boss on NewEnglandcoin. Nobody nor the dev owns NENG.
We know a coin is worth nothing if there is no backing from community. Therefore, we as dev do not intend to make decision on this coin solely by ourselves. It is our expectation that NewEnglandcoin community will make majority of decisions on direction of this coin from now on. We as dev merely view our-self as coin creater and technical support of this coin while providing NENG a permanent home at ShorelineCrypto Exchange.
Twitter Airdrop
Follow NENG twitter and receive 100,000 NENG on Twitter Airdrop to up to 1000 winners
Graphic Redesign Bounty
Top one award: 90.9 million NENG Top 10 Winners: 500,000 NENG / person Event Timing: March 25, 2019 - Present Event Address: NewEnglandcoin DISCORD at: https://discord.gg/UPeBwgs
Please complete above Twitter Bounty requirement first. Then follow Below Steps to qualify for the Bounty: (1) Required: submit your own designed NENG logo picture in gif, png jpg or any other common graphic file format into DISCORD "bounty-submission" board (2) Optional: submit a second graphic for logo or any other marketing purposes into "bounty-submission" board. (3) Complete below form.
Please limit your submission to no more than two total. Delete any wrongly submitted or undesired graphics in the board. Contact DISCORD u/honglu69#5911 or u/krypton#6139 if you have any issues.
Twitter Airdrop/Graphic Redesign bounty sign up: https://goo.gl/forms/L0vcwmVi8c76cR7m1
Milestones
Roadmap
NENG v1.4.0 Android Mining, randomSpike Evaluation https://github.com/ShorelineCrypto/NewEnglandCoin/releases/download/NENG_2020_Q3_report/NENG_2020_Q3_report.pdf
RandomSpike - NENG core v1.3.0 Hardfork Upgrade Proposal https://github.com/ShorelineCrypto/NewEnglandCoin/releases/download/2020Q1_Report/Scrypt_RandomSpike_NENGv1.3.0_Hardfork_Proposal.pdf
NENG Security, Decentralization & Valuation
https://github.com/ShorelineCrypto/NewEnglandCoin/releases/download/2019Q2_report/NENG_Security_Decentralization_Value.pdf
Whitepaper v1.0 https://github.com/ShorelineCrypto/NewEnglandCoin/releases/download/whitepaper_v1.0/NENG_WhitePaper.pdf
DISCORD https://discord.gg/UPeBwgs
Explorer
http://www.findblocks.com/exploreNENG http://86.100.49.209/exploreNENG http://nengexplorer.mooo.com:3001/
Step by step guide on how to setup an explorer: https://github.com/ShorelineCrypto/nengexplorer
Github https://github.com/ShorelineCrypto/NewEnglandCoin
Wallet
Android with UserLand App (arm64/armhf), Chromebook (x64/arm64/armhf): https://github.com/ShorelineCrypto/NewEnglandCoin/releases/tag/v1.4.0.5
Linux Wallet (Ubuntu/Linux Mint, Debian/MX Linux, Arch/Manjaro, Fedora, openSUSE): https://github.com/ShorelineCrypto/NewEnglandCoin/releases/tag/v1.4.0.3
MacOS Wallet (10.11 El Capitan or higher): https://github.com/ShorelineCrypto/NewEnglandCoin/releases/tag/v1.4.0.2
Android with GNUroot on 32 bits old Phones (alpha release) wallet: https://github.com/ShorelineCrypto/NewEnglandCoin/releases/tag/v1.4.0
Windows wallet: https://github.com/ShorelineCrypto/NewEnglandCoin/releases/tag/v1.3.0.1
addnode ip address for the wallet to sync faster, frequently updated conf file: https://github.com/ShorelineCrypto/cheetah_cpumineblob/mastenewenglandcoin.conf-example
How to Sync Full Node Desktop Wallet https://www.reddit.com/NewEnglandCoin/comments/er6f0q/how_to_sync_full_node_desktop_wallet/
TWITTER https://twitter.com/newenglandcoin
REDDIT https://www.reddit.com/NewEnglandCoin/
Cheetah CPU Miner Software https://github.com/ShorelineCrypto/cheetah_cpuminer
Solo Mining with GPU or ASIC https://bitcointalk.org/index.php?topic=5027091.msg52187727#msg52187727
How to Run Two Full Node in Same Desktop PC https://bitcointalk.org/index.php?topic=5027091.msg53581449#msg53581449
ASIC/GPU Mining Pools Warning to Big ASIC Miners Due to DynDiff Algo on top of Scrypt, solo mining is recommended for ASIC/GPU miners. Further more, even for mining pools, small mining pool will generate better performance than big NENG mining pool because of new algo v1.2.x post hard fork.
The set up configuration of NENG for scrypt pool mining is same as a typical normal scrypt coin. In other word, DynDiff on Scrypt algo is backward compatible with Scrypt algo. Because ASIC/GPU miners rely on CPU miners for smooth blockchain movement, checkout bottom of "Latest News" section for A WARNING to All ASIC miners before you decide to dump big ASIC hash rate into NENG mining.
(1) Original DynDiff Warning: https://bitcointalk.org/index.php?topic=5027091.msg48324708#msg48324708 (2) New Warning on RandomSpike Spike difficulty (244k) introduced in RandomSpike served as roadblocks to instant mining and provide security against 51% attack risk. However, this spike difficulty like a roadblock that makes big ASIC mining less profitable. In case of spike block to be mined, the spike difficulty immediately serve as base difficulty, which will block GPU/ASIC miners effectively and leave CPU cheetah solo miners dominating mining almost 100% until next base difficulty reset.
FindBlocks http://findblocks.com/
CRpool http://crpool.xyz/
Cminors' Pool http://newenglandcoin.cminors-pool.com/
SPOOL https://spools.online/
Exchange
📷
https://shorelinecrypto.com/
Features: anonymous sign up and trading. No restriction or limit on deposit or withdraw.
The trading pairs available: NewEnglandcoin (NENG) / Dogecoin (DOGE)
Trading commission: A round trip trading will incur 0.10% trading fees in average. Fees are paid only on buyer side. buy fee: 0.2% / sell fee: 0% Deposit fees: free for all coins Withdraw fees: ZERO per withdraw. Mining fees are appointed by each coin blockchain. To cover the blockchain mining fees, there is minimum balance per coin per account: * Dogecoin 2 DOGE * NewEnglandcoin 1 NENG
Latest News Aug 30, 2020 - NENG v1.4.0.5 Released for Android/Chromebook Upgrade with armhf, better hardware support https://bitcointalk.org/index.php?topic=5027091.msg55098029#msg55098029
Aug 11, 2020 - NENG v1.4.0.4 Released for Android arm64 Upgrade / Chromebook Support https://bitcointalk.org/index.php?topic=5027091.msg54977437#msg54977437
Jul 30, 2020 - NENG v1.4.0.3 Released for Linux Wallet Upgrade with 8 Distros https://bitcointalk.org/index.php?topic=5027091.msg54898540#msg54898540
Jul 21, 2020 - NENG v1.4.0.2 Released for MacOS Upgrade with Catalina https://bitcointalk.org/index.php?topic=5027091.msg54839522#msg54839522
Jul 19, 2020 - NENG v1.4.0.1 Released for MacOS Wallet Upgrade https://bitcointalk.org/index.php?topic=5027091.msg54830333#msg54830333
Jul 15, 2020 - NENG v1.4.0 Released for Android Mining, Ubuntu 20.04 support https://bitcointalk.org/index.php?topic=5027091.msg54803639#msg54803639
Jul 11, 2020 - NENG v1.4.0 Android Mining, randomSpike Evaluation https://bitcointalk.org/index.php?topic=5027091.msg54777222#msg54777222
Jun 27, 2020 - Pre-Announce: NENG v1.4.0 Proposal for Mobile Miner Upgrade, Android Mining Start in July 2020 https://bitcointalk.org/index.php?topic=5027091.msg54694233#msg54694233
Jun 19, 2020 - Best Practice for Futurebit Moonlander2 USB ASIC on solo mining mode https://bitcointalk.org/index.php?topic=5027091.msg54645726#msg54645726
Mar 15, 2020 - Scrypt RandomSpike - NENG v1.3.0.1 Released for better wallet syncing https://bitcointalk.org/index.php?topic=5027091.msg54030923#msg54030923
Feb 23, 2020 - Scrypt RandomSpike - NENG Core v1.3.0 Relased, Hardfork on Mar 1 https://bitcointalk.org/index.php?topic=5027091.msg53900926#msg53900926
Feb 1, 2020 - Scrypt RandomSpike Proposal Published- NENG 1.3.0 Hardfork https://bitcointalk.org/index.php?topic=5027091.msg53735458#msg53735458
Jan 15, 2020 - NewEnglandcoin Dev Team Expanded with New Kickoff https://bitcointalk.org/index.php?topic=5027091.msg53617358#msg53617358
Jan 12, 2020 - Explanation of Base Diff Reset and Effect of Supply https://www.reddit.com/NewEnglandCoin/comments/envmo1/explanation_of_base_diff_reset_and_effect_of/
Dec 19, 2019 - Shoreline_tradingbot version 1.0 is released https://bitcointalk.org/index.php?topic=5121953.msg53391184#msg53391184
Sept 1, 2019 - NewEnglandcoin (NENG) is Selected as Shoreline Tradingbot First Supported Coin https://bitcointalk.org/index.php?topic=5027091.msg52331201#msg52331201
Aug 15, 2019 - Mining Update on Effect of Base Difficulty Reset, GPU vs ASIC https://bitcointalk.org/index.php?topic=5027091.msg52169572#msg52169572
Jul 7, 2019 - CPU Mining on macOS Mojave is supported under latest Cheetah_Cpuminer Release https://bitcointalk.org/index.php?topic=5027091.msg51745839#msg51745839
Jun 1, 2019 - NENG Fiat project is stopped by Square, Inc https://bitcointalk.org/index.php?topic=5027091.msg51312291#msg51312291
Apr 21, 2019 - NENG Fiat Project is Launched by ShorelineCrypto https://bitcointalk.org/index.php?topic=5027091.msg50714764#msg50714764
Apr 7, 2019 - Announcement of Fiat Project for all U.S. Residents & Mobile Miner Project Initiation https://bitcointalk.org/index.php?topic=5027091.msg50506585#msg50506585
Apr 1, 2019 - Disclosure on Large Buying on NENG at ShorelineCrypto Exchange https://bitcointalk.org/index.php?topic=5027091.msg50417196#msg50417196
Mar 27, 2019 - Disclosure on Large Buying on NENG at ShorelineCrypto Exchange https://bitcointalk.org/index.php?topic=5027091.msg50332097#msg50332097
Mar 17, 2019 - Disclosure on Large Buying on NENG at ShorelineCrypto Exchange https://bitcointalk.org/index.php?topic=5027091.msg50208194#msg50208194
Feb 26, 2019 - Community Project - NewEnglandcoin Graphic Redesign Bounty Initiated https://bitcointalk.org/index.php?topic=5027091.msg49931305#msg49931305
Feb 22, 2019 - Dev Policy on Checkpoints on NewEnglandcoin https://bitcointalk.org/index.php?topic=5027091.msg49875242#msg49875242
Feb 20, 2019 - NewEnglandCoin v1.2.1 Released to Secure the Hard Kork https://bitcointalk.org/index.php?topic=5027091.msg49831059#msg49831059
Feb 11, 2019 - NewEnglandCoin v1.2.0 Released, Anti-51% Attack, Anti-instant Mining after Hard Fork https://bitcointalk.org/index.php?topic=5027091.msg49685389#msg49685389
Jan 13, 2019 - Cheetah_CpuMiner added support for CPU Mining on Mac https://bitcointalk.org/index.php?topic=5027091.msg49218760#msg49218760
Jan 12, 2019 - NENG Core v1.1.2 Released to support MacOS OSX Wallet https://bitcointalk.org/index.php?topic=5027091.msg49202088#msg49202088
Jan 2, 2019 - Cheetah_Cpuminer v1.1.0 is released for both Linux and Windows https://bitcointalk.org/index.php?topic=5027091.msg49004345#msg49004345
Dec 31, 2018 - Technical Whitepaper is Released https://bitcointalk.org/index.php?topic=5027091.msg48990334#msg48990334
Dec 28, 2018 - Cheetah_Cpuminer v1.0.0 is released for Linux https://bitcointalk.org/index.php?topic=5027091.msg48935135#msg48935135
Update on Dec 14, 2018 - NENG Blockchain Stuck Issue https://bitcointalk.org/index.php?topic=5027091.msg48668375#msg48668375
Nov 27, 2018 - Exclusive for PC CPU Miners - How to Steal a Block from ASIC Miners https://bitcointalk.org/index.php?topic=5027091.msg48258465#msg48258465
Nov 28, 2018 - How to CPU Mine a NENG block with window/linux PC https://bitcointalk.org/index.php?topic=5027091.msg48298311#msg48298311
Nov 29, 2018 - A Warning to ASIC Miners https://bitcointalk.org/index.php?topic=5027091.msg48324708#msg48324708
Disclosure: Dev Team Came from ShorelineCrypto, a US based Informatics Service Business offering Fee for service for Coin Creation, Coin Exchange Listing, Blockchain Consulting, etc.
submitted by honglu69 to NewEnglandCoin [link] [comments]

How To End The Cryptocurrency Exchange "Wild West" Without Crippling Innovation


In case you haven't noticed the consultation paper, staff notice, and report on Quadriga, regulators are now clamping down on Canadian cryptocurrency exchanges. The OSC and other regulatory bodies are still interested in industry feedback. They have not put forward any official regulation yet. Below are some ideas/insights and a proposed framework.



Many of you have limited time to read the full proposal, so here are the highlights:

Offline Multi-Signature

Effective standards to prevent both internal and external theft. Exchange operators are trained and certified, and have a legal responsibility to users.

Regular Transparent Audits

Provides visibility to Canadians that their funds are fully backed on the exchange, while protecting privacy and sensitive platform information.

Insurance Requirements

Establishment of basic insurance standards/strategy, to expand over time. Removing risk to exchange users of any hot wallet theft.


Background and Justifications


Cold Storage Custody/Management
After reviewing close to 100 cases, all thefts tend to break down into more or less the same set of problems:
• Funds stored online or in a smart contract,
• Access controlled by one person or one system,
• 51% attacks (rare),
• Funds sent to the wrong address (also rare), or
• Some combination of the above.
For the first two cases, practical solutions exist and are widely implemented on exchanges already. Offline multi-signature solutions are already industry standard. No cases studied found an external theft or exit scam involving an offline multi-signature wallet implementation. Security can be further improved through minimum numbers of signatories, background checks, providing autonomy and legal protections to each signatory, establishing best practices, and a training/certification program.
The last two transaction risks occur more rarely, and have never resulted in a loss affecting the actual users of the exchange. In all cases to date where operators made the mistake, they've been fully covered by the exchange platforms.
• 51% attacks generally only occur on blockchains with less security. The most prominent cases have been Bitcoin Gold and Ethereum Classic. The simple solution is to enforce deposit limits and block delays such that a 51% attack is not cost-effective.
• The risk of transactions to incorrect addresses can be eliminated by a simple test transaction policy on large transactions. By sending a small amount of funds prior to any large withdrawals/transfers as a standard practice, the accuracy of the wallet address can be validated.
The proposal covers all loss cases and goes beyond, while avoiding significant additional costs, risks, and limitations which may be associated with other frameworks like SOC II.

On The Subject of Third Party Custodians
Many Canadian platforms are currently experimenting with third party custody. From the standpoint of the exchange operator, they can liberate themselves from some responsibility of custody, passing that off to someone else. For regulators, it puts crypto in similar categorization to oil, gold, and other commodities, with some common standards. Platform users would likely feel greater confidence if the custodian was a brand they recognized. If the custodian was knowledgeable and had a decent team that employed multi-sig, they could keep assets safe from internal theft. With the right protections in place, this could be a great solution for many exchanges, particularly those that lack the relevant experience or human resources for their own custody systems.
However, this system is vulnerable to anyone able to impersonate the exchange operators. You may have a situation where different employees who don't know each other that well are interacting between different companies (both the custodian and all their customers which presumably isn't just one exchange). A case study of what can go wrong in this type of environment might be Bitpay, where the CEO was tricked out of 5000 bitcoins over 3 separate payments by a series of emails sent legitimately from a breached computer of another company CEO. It's also still vulnerable to the platform being compromised, as in the really large $70M Bitfinex hack, where the third party Bitgo held one key in a multi-sig wallet. The hacker simply authorized the withdrawal using the same credentials as Bitfinex (requesting Bitgo to sign multiple withdrawal transactions). This succeeded even with the use of multi-sig and two heavily security-focused companies, due to the lack of human oversight (basically, hot wallet). Of course, you can learn from these cases and improve the security, but so can hackers improve their deception and at the end of the day, both of these would have been stopped by the much simpler solution of a qualified team who knew each other and employed multi-sig with properly protected keys. It's pretty hard to beat a human being who knows the business and the typical customer behaviour (or even knows their customers personally) at spotting fraud, and the proposed multi-sig means any hacker has to get through the scrutiny of 3 (or more) separate people, all of whom would have proper training including historical case studies.
There are strong arguments both for and against using use of third party custodians. The proposal sets mandatory minimum custody standards would apply regardless if the cold wallet signatories are exchange operators, independent custodians, or a mix of both.

On The Subject Of Insurance
ShakePay has taken the first steps into this new realm (congratulations). There is no question that crypto users could be better protected by the right insurance policies, and it certainly feels better to transact with insured platforms. The steps required to obtain insurance generally place attention in valuable security areas, and in this case included a review from CipherTrace. One of the key solutions in traditional finance comes from insurance from entities such as the CDIC.
However, historically, there wasn't found any actual insurance payout to any cryptocurrency exchange, and there are notable cases where insurance has not paid. With Bitpay, for example, the insurance agent refused because the issue happened to the third party CEO's computer instead of anything to do with Bitpay itself. With the Youbit exchange in South Korea, their insurance claim was denied, and the exchange ultimately ended up instead going bankrupt with all user's funds lost. To quote Matt Johnson in the original Lloyd's article: “You can create an insurance policy that protects no one – you know there are so many caveats to the policy that it’s not super protective.”
ShakePay's insurance was only reported to cover their cold storage, and “physical theft of the media where the private keys are held”. Physical theft has never, in the history of cryptocurrency exchange cases reviewed, been reported as the cause of loss. From the limited information of the article, ShakePay made it clear their funds are in the hands of a single US custodian, and at least part of their security strategy is to "decline[] to confirm the custodian’s name on the record". While this prevents scrutiny of the custodian, it's pretty silly to speculate that a reasonably competent hacking group couldn't determine who the custodian is. A far more common infiltration strategy historically would be social engineering, which has succeeded repeatedly. A hacker could trick their way into ShakePay's systems and request a fraudulent withdrawal, impersonate ShakePay and request the custodian to move funds, or socially engineer their way into the custodian to initiate the withdrawal of multiple accounts (a payout much larger than ShakePay) exploiting the standard procedures (for example, fraudulently initiating or override the wallet addresses of a real transfer). In each case, nothing was physically stolen and the loss is therefore not covered by insurance.
In order for any insurance to be effective, clear policies have to be established about what needs to be covered. Anything short of that gives Canadians false confidence that they are protected when they aren't in any meaningful way. At this time, the third party insurance market does not appear to provide adequate options or coverage, and effort is necessary to standardize custody standards, which is a likely first step in ultimately setting up an insurance framework.
A better solution compared to third party insurance providers might be for Canadian exchange operators to create their own collective insurance fund, or a specific federal organization similar to the CDIC. Such an organization would have a greater interest or obligation in paying out actual cases, and that would be it's purpose rather than maximizing it's own profit. This would be similar to the SAFU which Binance has launched, except it would cover multiple exchanges. There is little question whether the SAFU would pay out given a breach of Binance, and a similar argument could be made for a insurance fund managed by a collective of exchange operators or a government organization. While a third party insurance provider has the strong market incentive to provide the absolute minimum coverage and no market incentive to payout, an entity managed by exchange operators would have incentive to protect the reputation of exchange operators/the industry, and the government should have the interest of protecting Canadians.

On The Subject of Fractional Reserve
There is a long history of fractional reserve failures, from the first banks in ancient times, through the great depression (where hundreds of fractional reserve banks failed), right through to the 2008 banking collapse referenced in the first bitcoin block. The fractional reserve system allows banks to multiply the money supply far beyond the actual cash (or other assets) in existence, backed only by a system of debt obligations of others. Safely supporting a fractional reserve system is a topic of far greater complexity than can be addressed by a simple policy, and when it comes to cryptocurrency, there is presently no entity reasonably able to bail anyone out in the event of failure. Therefore, this framework is addressed around entities that aim to maintain 100% backing of funds.
There may be some firms that desire but have failed to maintain 100% backing. In this case, there are multiple solutions, including outside investment, merging with other exchanges, or enforcing a gradual restoration plan. All of these solutions are typically far better than shutting down the exchange, and there are multiple cases where they've been used successfully in the past.

Proof of Reserves/Transparency/Accountability
Canadians need to have visibility into the backing on an ongoing basis.
The best solution for crypto-assets is a Proof of Reserve. Such ideas go back all the way to 2013, before even Mt. Gox. However, no Canadian exchange has yet implemented such a system, and only a few international exchanges (CoinFloor in the UK being an example) have. Many firms like Kraken, BitBuy, and now ShakePay use the Proof of Reserve term to refer to lesser proofs which do not actually cryptographically prove the full backing of all user assets on the blockchain. In order for a Proof of Reserve to be effective, it must actually be a complete proof, and it needs to be understood by the public that is expected to use it. Many firms have expressed reservations about the level of transparency required in a complete Proof of Reserve (for example Kraken here). While a complete Proof of Reserves should be encouraged, and there are some solutions in the works (ie TxQuick), this is unlikely to be suitable universally for all exchange operators and users.
Given the limitations, and that firms also manage fiat assets, a more traditional audit process makes more sense. Some Canadian exchanges (CoinSquare, CoinBerry) have already subjected themselves to annual audits. However, these results are not presently shared publicly, and there is no guarantee over the process including all user assets or the integrity and independence of the auditor. The auditor has been typically not known, and in some cases, the identity of the auditor is protected by a NDA. Only in one case (BitBuy) was an actual report generated and publicly shared. There has been no attempt made to validate that user accounts provided during these audits have been complete or accurate. A fraudulent fractional exchange, or one which had suffered a breach they were unwilling to publicly accept (see CoinBene), could easily maintain a second set of books for auditors or simply exclude key accounts to pass an individual audit.
The proposed solution would see a reporting standard which includes at a minimum - percentage of backing for each asset relative to account balances and the nature of how those assets are stored, with ownership proven by the auditor. The auditor would also publicly provide a "hash list", which they independently generate from the accounts provided by the exchange. Every exchange user can then check their information against this public "hash list". A hash is a one-way form of encryption, which fully protects the private information, yet allows anyone who knows that information already to validate that it was included. Less experienced users can take advantage of public tools to calculate the hash from their information (provided by the exchange), and thus have certainty that the auditor received their full balance information. Easy instructions can be provided.
Auditors should be impartial, their identities and process public, and they should be rotated so that the same auditor is never used twice in a row. Balancing the cost of auditing against the needs for regular updates, a 6 month cycle likely makes the most sense.

Hot Wallet Management
The best solution for hot wallets is not to use them. CoinBerry reportedly uses multi-sig on all withdrawals, and Bitmex is an international example known for their structure devoid of hot wallets.
However, many platforms and customers desire fast withdrawal processes, and human validation has a cost of time and delay in this process.
A model of self-insurance or separate funds for hot wallets may be used in these cases. Under this model, a platform still has 100% of their client balance in cold storage and holds additional funds in hot wallets for quick withdrawal. Thus, the risk of those hot wallets is 100% on exchange operators and not affecting the exchange users. Since most platforms typically only have 1%-5% in hot wallets at any given time, it shouldn't be unreasonable to build/maintain these additional reserves over time using exchange fees or additional investment. Larger withdrawals would still be handled at regular intervals from the cold storage.
Hot wallet risks have historically posed a large risk and there is no established standard to guarantee secure hot wallets. When the government of South Korea dispatched security inspections to multiple exchanges, the results were still that 3 of them got hacked after the inspections. If standards develop such that an organization in the market is willing to insure the hot wallets, this could provide an acceptable alternative. Another option may be for multiple exchange operators to pool funds aside for a hot wallet insurance fund. Comprehensive coverage standards must be established and maintained for all hot wallet balances to make sure Canadians are adequately protected.

Current Draft Proposal

(1) Proper multi-signature cold wallet storage.
(a) Each private key is the personal and legal responsibility of one person - the “signatory”. Signatories have special rights and responsibilities to protect user assets. Signatories are trained and certified through a course covering (1) past hacking and fraud cases, (2) proper and secure key generation, and (3) proper safekeeping of private keys. All private keys must be generated and stored 100% offline by the signatory. If even one private keys is ever breached or suspected to be breached, the wallet must be regenerated and all funds relocated to a new wallet.
(b) All signatories must be separate background-checked individuals free of past criminal conviction. Canadians should have a right to know who holds their funds. All signing of transactions must take place with all signatories on Canadian soil or on the soil of a country with a solid legal system which agrees to uphold and support these rules (from an established white-list of countries which expands over time).
(c) 3-5 independent signatures are required for any withdrawal. There must be 1-3 spare signatories, and a maximum of 7 total signatories. The following are all valid combinations: 3of4, 3of5, 3of6, 4of5, 4of6, 4of7, 5of6, or 5of7.
(d) A security audit should be conducted to validate the cold wallet is set up correctly and provide any additional pertinent information. The primary purpose is to ensure that all signatories are acting independently and using best practices for private key storage. A report summarizing all steps taken and who did the audit will be made public. Canadians must be able to validate the right measures are in place to protect their funds.
(e) There is a simple approval process if signatories wish to visit any country outside Canada, with a potential whitelist of exempt countries. At most 2 signatories can be outside of aligned jurisdiction at any given time. All exchanges would be required to keep a compliant cold wallet for Canadian funds and have a Canadian office if they wish to serve Canadian customers.
(2) Regular and transparent solvency audits.
(a) An audit must be conducted at founding, after 3 months of operation, and at least once every 6 months to compare customer balances against all stored cryptocurrency and fiat balances. The auditor must be known, independent, and never the same twice in a row.
(b) An audit report will be published featuring the steps conducted in a readable format. This should be made available to all Canadians on the exchange website and on a government website. The report must include what percentage of each customer asset is backed on the exchange, and how those funds are stored.
(c) The auditor will independently produce a hash of each customer's identifying information and balance as they perform the audit. This will be made publicly available on the exchange and government website, along with simplified instructions that each customer can use to verify that their balance was included in the audit process.
(d) The audit needs to include a proof of ownership for any cryptocurrency wallets included. A satoshi test (spending a small amount) or partially signed transaction both qualify.
(e) Any platform without 100% reserves should be assessed on a regular basis by a government or industry watchdog. This entity should work to prevent any further drop, support any private investor to come in, or facilitate a merger so that 100% backing can be obtained as soon as possible.
(3) Protections for hot wallets and transactions.
(a) A standardized list of approved coins and procedures will be established to constitute valid cold storage wallets. Where a multi-sig process is not natively available, efforts will be undertaken to establish a suitable and stable smart contract standard. This list will be expanded and improved over time. Coins and procedures not on the list are considered hot wallets.
(b) Hot wallets can be backed by additional funds in cold storage or an acceptable third-party insurance provider with a comprehensive coverage policy.
(c) Exchanges are required to cover the full balance of all user funds as denominated in the same currency, or double the balance as denominated in bitcoin or CAD using an established trading rate. If the balance is ever insufficient due to market movements, the firm must rectify this within 24 hours by moving assets to cold storage or increasing insurance coverage.
(d) Any large transactions (above a set threshold) from cold storage to any new wallet addresses (not previously transacted with) must be tested with a smaller transaction first. Deposits of cryptocurrency must be limited to prevent economic 51% attacks. Any issues are to be covered by the exchange.
(e) Exchange platforms must provide suitable authentication for users, including making available approved forms of two-factor authentication. SMS-based authentication is not to be supported. Withdrawals must be blocked for 48 hours in the event of any account password change. Disputes on the negligence of exchanges should be governed by case law.

Steps Forward

Continued review of existing OSC feedback is still underway. More feedback and opinions on the framework and ideas as presented here are extremely valuable. The above is a draft and not finalized.
The process of further developing and bringing a suitable framework to protect Canadians will require the support of exchange operators, legal experts, and many others in the community. The costs of not doing such are tremendous. A large and convoluted framework, one based on flawed ideas or implementation, or one which fails to properly safeguard Canadians is not just extremely expensive and risky for all Canadians, severely limiting to the credibility and reputation of the industry, but an existential risk to many exchanges.
The responsibility falls to all of us to provide our insight and make our opinions heard on this critical matter. Please take the time to give your thoughts.
submitted by azoundria2 to QuadrigaInitiative [link] [comments]

The Privacy Coin Guide Part 1

As interest picks up in crypto again, I want to share this post I made on privacy coins again to just give the basics of their evolution. This is only part 1, and parts 2 and 3 are not available in this format, but this part is informative and basic.
If you’re looking for a quick and easy way to assess what the best privacy coin in the current space is, which has the best features, or which is most likely to give high returns, then this is not that guide. My goal is to give you the power to make your own decisions, to clearly state my biases, and educate. I really wanted to understand this niche of the crypto-space due to my background and current loyalties[1], and grasp the nuances of the features, origins and timelines of technologies used in privacy coins, while not being anything close to a developer myself. This is going to be a 3-part series, starting with an overview and basic review of the technology, then looking at its implications, and ending with why I like a specific project. It might be mildly interesting or delightfully educational. Cryptocurrencies are young and existing privacy coins are deploying technology that is a work in progress. This series assumes a basic understanding of how blockchains work, specifically as used in cryptocurrencies. If you don’t have that understanding, might I suggest that you get it? [2],[3],[4] Because cryptocurrencies have a long way to go before reaching their end-game: when the world relies on the technology without understanding it. So, shall we do a deep dive into the privacy coin space?

FIRST THERE WAS BITCOIN

Cryptocurrencies allow you to tokenize value and track its exchange between hands over time, with transaction information verified by a distributed network of users. The most famous version of a cryptocurrency in use is Bitcoin, defined as peer-to-peer electronic cash. [5] Posted anonymously in 2008, the whitepaper seemed to be in direct response to the global financial meltdown and public distrust of the conventional banking and financing systems. Although cryptographic techniques are used in Bitcoin to ensure that (i) only the owner of a specific wallet has the authority to spend funds from that wallet, (ii) the public address is linked but cannot be traced by a third party to the private address (iii) the information is stored via cryptographic hashing in a merkle tree structure to ensure data integrity, the actual transaction information is publicly visible on the blockchain and can be traced back to the individual through chain analysis.[6] This has raised fears of possible financial censorship or the metaphorical tainting of money due to its origination point, as demonstrated in the Silk Road marketplace disaster.[7] This can happen because fiat money is usually exchanged for cryptocurrency at some point, as crypto-enthusiasts are born in the real world and inevitably cash out. There are already chain analysis firms and software that are increasingly efficient at tracking transactions on the Bitcoin blockchain.[8] This lack of privacy is one of the limitations of Bitcoin that has resulted in the creation of altcoins that experiment with the different features a cryptocurrency can have. Privacy coins are figuring out how to introduce privacy in addition to the payment network. The goal is to make the cryptocurrency fungible, each unit able to be exchanged for equal value without knowledge of its transaction history – like cash, while being publicly verifiable on a decentralized network. In other words, anyone can add the math up without being able to see the full details. Some privacy solutions and protocols have popped up as a result:

CRYPTONOTE – RING SIGNATURES AND STEALTH ADDRESSES

Used in: Monero and Particl as its successor RING-CT, Bytecoin
In December 2012, CryptoNote introduced the use of ring signatures and stealth addresses (along with other notable features such as its own codebase) to improve cryptocurrency privacy.[9] An updated CryptoNote version 2 came in October 2013 [10](though there is some dispute over this timeline [11]), also authored under the name Nicolas van Saberhagen. Ring signatures hide sender information by having the sender sign a transaction using a signature that could belong to multiple users. This makes a transaction untraceable. Stealth addresses allow a receiver to give a single address which generates a different public address for funds to be received at each time funds are sent to it. That makes a transaction unlinkable. In terms of privacy, CryptoNote gave us a protocol for untraceable and unlinkable transactions. The first implementation of CryptoNote technology was Bytecoin in March 2014 (timeline disputed [12]), which spawned many children (forks) in subsequent years, a notable example being Monero, based on CryptoNote v2 in April 2014.
RING SIGNATURES and STEALTH ADDRESSES

PROS

– Provides sender and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume
-Does not hide transaction information if not combined with another protocol.

COINJOIN

Used in: Dash
Bitcoin developer Gregory Maxwell proposed a set of solutions to bring privacy to Bitcoin and cryptocurrencies, the first being CoinJoin (January 28 – Aug 22, 2013).[13],[14] CoinJoin (sometimes called CoinSwap) allows multiple users to combine their transactions into a single transaction, by receiving inputs from multiple users, and then sending their outputs to the multiple users, irrespective of who in the group the inputs came from. So, the receiver will get whatever output amount they were supposed to, but it cannot be directly traced to its origination input. Similar proposals include Coinshuffle in 2014 and Tumblebit in 2016, building on CoinJoin but not terribly popular [15],[16]. They fixed the need for a trusted third party to ‘mix’ the transactions. There are CoinJoin implementations that are being actively worked on but are not the most popular privacy solutions of today. A notable coin that uses CoinJoin technology is Dash, launched in January 2014, with masternodes in place of a trusted party.
COINJOIN

PROS

– Provides sender and receiver privacy
– Easy to implement on any cryptocurrency
– Lightweight
– Greater scalability with bulletproofs
– Mature technology

CONS

– Least anonymous privacy solution. Transaction amounts can be calculated
– Even without third-party mixer, depends on wealth centralization of masternodes

ZEROCOIN

Used in: Zcoin, PIVX
In May 2013, the Zerocoin protocol was introduced by John Hopkins University professor Matthew D. Green and his graduate students Ian Miers and Christina Garman.[17] In response to the need for use of a third party to do CoinJoin, the Zerocoin proposal allowed for a coin to be destroyed and remade in order to erase its history whenever it is spent. Zero-knowledge cryptography and zero-knowledge proofs are used to prove that the new coins for spending are being appropriately made. A zero-knowledge proof allows one party to prove to another that they know specific information, without revealing any information about it, other than the fact that they know it. Zerocoin was not accepted by the Bitcoin community as an implementation to be added to Bitcoin, so a new cryptocurrency had to be formed. Zcoin was the first cryptocurrency to implement the Zerocoin protocol in 2016. [18]
ZEROCOIN

PROS

– Provides sender and receiver privacy
– Supply can be audited
– Relatively mature technology
– Does not require a third-party

CONS

– Requires trusted setup (May not be required with Sigma protocol)
– Large proof sizes (not lightweight)
– Does not provide full privacy for transaction amounts

ZEROCASH

Used in: Zcash, Horizen, Komodo, Zclassic, Bitcoin Private
In May 2014, the current successor to the Zerocoin protocol, Zerocash, was created, also by Matthew Green and others (Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, Madars Virza).[19] It improved upon the Zerocoin concept by taking advantage of zero-knowledge proofs called zk-snarks (zero knowledge succinct non-interactive arguments of knowledge). Unlike Zerocoin, which hid coin origins and payment history, Zerocash was faster, with smaller transaction sizes, and hides transaction information on the sender, receiver and amount. Zcash is the first cryptocurrency to implement the Zerocash protocol in 2016. [20]
ZEROCASH

PROS

– Provides full anonymity. Sender, receiver and amount hidden.
– Privacy can be default?
– Fast due to small proof sizes.
– Payment amount can be optionally disclosed for auditing
– Does not require any third-party

CONS

– Requires trusted setup. (May be improved with zt-starks technology)
– Supply cannot be audited. And coins can potentially be forged without proper implementation.
– Private transactions computationally intensive (improved with Sapling upgrade)

CONFIDENTIAL TRANSACTIONS

Used in: Monero and Particl with Ring Signatures as RING-CT
The next proposal from Maxwell was that of confidential transactions, proposed in June 2015 as part of the Sidechain Elements project from Blockstream, where Maxwell was Chief Technical Officer.[21],[22] It proposed to hide the transaction amount and asset type (e.g. deposits, currencies, shares), so that only the sender and receiver are aware of the amount, unless they choose to make the amount public. It uses homomorphic encryption[23] to encrypt the inputs and outputs by using blinding factors and a kind of ring signature in a commitment scheme, so the amount can be ‘committed’ to, without the amount actually being known. I’m terribly sorry if you now have the urge to go and research exactly what that means. The takeaway is that the transaction amount can be hidden from outsiders while being verifiable.
CONFIDENTIAL TRANSACTIONS

PROS

– Hides transaction amounts
– Privacy can be default
– Mature technology
– Does not require any third-party

CONS

– Only provides transaction amount privacy when used alone

RING-CT

Used in: Monero, Particl
Then came Ring Confidential transactions, proposed by Shen-Noether of Monero Research Labs in October 2015.[24] RingCT combines the use of ring signatures for hiding sender information, with the use of confidential transactions (which also uses ring signatures) for hiding amounts. The proposal described a new type of ring signature, A Multi-layered Linkable Spontaneous Anonymous Group signature which “allows for hidden amounts, origins and destinations of transactions with reasonable efficiency and verifiable, trustless coin generation”.[25] RingCT was implemented in Monero in January 2017 and made mandatory after September 2017.
RING -CONFIDENTIAL TRANSACTIONS

PROS

– Provides full anonymity. Hides transaction amounts and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume

MIMBLEWIMBLE

Used in: Grin
Mimblewimble was proposed in July 2016 by pseudonymous contributor Tom Elvis Jedusorand further developed in October 2016 by Andrew Poelstra.[26],[27] Mimblewimble is a “privacy and fungibility focused cryptocoin transaction structure proposal”.[28] The key words are transaction structure proposal, so the way the blockchain is built is different, in order to accommodate privacy and fungibility features. Mimblewimble uses the concept of Confidential transactions to keep amounts hidden, looks at private keys and transaction information to prove ownership of funds rather than using addresses, and bundles transactions together instead of listing them separately on the blockchain. It also introduces a novel method of pruning the blockchain. Grin is a cryptocurrency in development that is applying Mimblewimble. Mimblewimble is early in development and you can understand it more here [29].
MIMBLEWIMBLE

PROS

– Hides transaction amounts and receiver privacy
– Privacy is on by default
– Lightweight
– No public addresses?

CONS

– Privacy not very effective without high volume
– Sender and receiver must both be online
– Relatively new technology

ZEXE

Fresh off the minds of brilliant cryptographers (Sean Bowe, Alessandro Chiesa, Matthew Green, Ian Miers, Pratyush Mishra, Howard Wu), in October 2018 Zexe proposed a new cryptographic primitive called ‘decentralized private computation.[30] It allows users of a decentralized ledger to “execute offline computations that result in transactions”[31], but also keeps transaction amounts hidden and allows transaction validation to happen at any time regardless of computations being done online. This can have far reaching implications for privacy coins in the future. Consider cases where transactions need to be automatic and private, without both parties being present.

NETWORK PRIVACY

Privacy technologies that look at network privacy as nodes communicate with each other on the network are important considerations, rather than just looking at privacy on the blockchain itself. Anonymous layers encrypt and/or reroute data as it moves among peers, so it is not obvious who they originate from on the network. They are used to protect against surveillance or censorship from ISPs and governments. The Invisible Internet Project (I2P) is an anonymous network layer that uses end to end encryption for peers on a network to communicate with each other.[32] Its history dates back to 2003. Kovri is a Monero created implementation of I2P.[33] The Onion Router (Tor) is another anonymity layer [34]) that Verge is a privacy cryptocurrency that uses. But its historical link to the US government may be is concerning to some[35]. Dandelion transaction relay is also an upcoming Bitcoin improvement proposal (BIP) that scrambles IP data that will provide network privacy for Bitcoin as transaction and other information is transmitted.[36],[37],[38]

UPCOMING

Monero completed bulletproofs protocol updates that reduce RINGCT transaction sizes and thus transaction fee costs. (Bulletproofs are a replacement for range proofs used in confidential transactions that aid in encrypting inputs and outputs by making sure they add to zero).
Sigma Protocol – being actively researched by Zcoin team as of 2018 to replace Zerocoin protocol so that a trusted setup is not required.[39] There is a possible replacement for zk-snarks, called zk-starks, another form of zero-knowledge proof technology, that may make a trusted set-up unnecessary for zero-knowledege proof coins.[40]

PART 1 CONCLUSION OF THE PRIVACY COIN GUIDE ON THE TECHNOLOGY BEHIND PRIVACY COINS

Although Bitcoin is still a groundbreaking technology that gives us a trust-less transaction system, it has failed to live up to its expectations of privacy. Over time, new privacy technologies have arrived and are arriving with innovative and exciting solutions for Bitcoin’s lack of fungibility. It is important to note that these technologies are built on prior research and application, but we are considering their use in cryptocurrencies. Protocols are proposed based on cryptographic concepts that show how they would work, and then developers actually implement them. Please note that I did not include the possibility of improper implementation as a disadvantage, and the advantages assume that the technical development is well done. A very important point is that coins can also adapt new privacy technologies as their merits become obvious, even as they start with a specific privacy protocol. Furthermore, I am, unfortunately, positive that this is not an exhaustive overview and I am only covering publicized solutions. Next, we’ll talk more about the pros and cons and give an idea of how the coins can be compared.

There's a video version that can be watched, and you can find out how to get the second two parts if you want on my website (video link on the page): https://cryptoramble.com/guide-on-privacy-coins/
submitted by CryptoRamble to ethereum [link] [comments]

The Privacy Coin Guide Part 1

As interest picks up in crypto again, I want to share this post I made on privacy coins again to just give the basics of their evolution. This is only part 1, and parts 2 and 3 are not available in this format, but this part is informative and basic.
If you’re looking for a quick and easy way to assess what the best privacy coin in the current space is, which has the best features, or which is most likely to give high returns, then this is not that guide. My goal is to give you the power to make your own decisions, to clearly state my biases, and educate. I really wanted to understand this niche of the crypto-space due to my background and current loyalties[1], and grasp the nuances of the features, origins and timelines of technologies used in privacy coins, while not being anything close to a developer myself. This is going to be a 3-part series, starting with an overview and basic review of the technology, then looking at its implications, and ending with why I like a specific project. It might be mildly interesting or delightfully educational. Cryptocurrencies are young and existing privacy coins are deploying technology that is a work in progress. This series assumes a basic understanding of how blockchains work, specifically as used in cryptocurrencies. If you don’t have that understanding, might I suggest that you get it? [2],[3],[4] Because cryptocurrencies have a long way to go before reaching their end-game: when the world relies on the technology without understanding it. So, shall we do a deep dive into the privacy coin space?

FIRST THERE WAS BITCOIN

Cryptocurrencies allow you to tokenize value and track its exchange between hands over time, with transaction information verified by a distributed network of users. The most famous version of a cryptocurrency in use is Bitcoin, defined as peer-to-peer electronic cash. [5] Posted anonymously in 2008, the whitepaper seemed to be in direct response to the global financial meltdown and public distrust of the conventional banking and financing systems. Although cryptographic techniques are used in Bitcoin to ensure that (i) only the owner of a specific wallet has the authority to spend funds from that wallet, (ii) the public address is linked but cannot be traced by a third party to the private address (iii) the information is stored via cryptographic hashing in a merkle tree structure to ensure data integrity, the actual transaction information is publicly visible on the blockchain and can be traced back to the individual through chain analysis.[6] This has raised fears of possible financial censorship or the metaphorical tainting of money due to its origination point, as demonstrated in the Silk Road marketplace disaster.[7] This can happen because fiat money is usually exchanged for cryptocurrency at some point, as crypto-enthusiasts are born in the real world and inevitably cash out. There are already chain analysis firms and software that are increasingly efficient at tracking transactions on the Bitcoin blockchain.[8] This lack of privacy is one of the limitations of Bitcoin that has resulted in the creation of altcoins that experiment with the different features a cryptocurrency can have. Privacy coins are figuring out how to introduce privacy in addition to the payment network. The goal is to make the cryptocurrency fungible, each unit able to be exchanged for equal value without knowledge of its transaction history – like cash, while being publicly verifiable on a decentralized network. In other words, anyone can add the math up without being able to see the full details. Some privacy solutions and protocols have popped up as a result:

CRYPTONOTE – RING SIGNATURES AND STEALTH ADDRESSES

Used in: Monero and Particl as its successor RING-CT, Bytecoin
In December 2012, CryptoNote introduced the use of ring signatures and stealth addresses (along with other notable features such as its own codebase) to improve cryptocurrency privacy.[9] An updated CryptoNote version 2 came in October 2013 [10](though there is some dispute over this timeline [11]), also authored under the name Nicolas van Saberhagen. Ring signatures hide sender information by having the sender sign a transaction using a signature that could belong to multiple users. This makes a transaction untraceable. Stealth addresses allow a receiver to give a single address which generates a different public address for funds to be received at each time funds are sent to it. That makes a transaction unlinkable. In terms of privacy, CryptoNote gave us a protocol for untraceable and unlinkable transactions. The first implementation of CryptoNote technology was Bytecoin in March 2014 (timeline disputed [12]), which spawned many children (forks) in subsequent years, a notable example being Monero, based on CryptoNote v2 in April 2014.
RING SIGNATURES and STEALTH ADDRESSES

PROS

– Provides sender and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume
-Does not hide transaction information if not combined with another protocol.

COINJOIN

Used in: Dash
Bitcoin developer Gregory Maxwell proposed a set of solutions to bring privacy to Bitcoin and cryptocurrencies, the first being CoinJoin (January 28 – Aug 22, 2013).[13],[14] CoinJoin (sometimes called CoinSwap) allows multiple users to combine their transactions into a single transaction, by receiving inputs from multiple users, and then sending their outputs to the multiple users, irrespective of who in the group the inputs came from. So, the receiver will get whatever output amount they were supposed to, but it cannot be directly traced to its origination input. Similar proposals include Coinshuffle in 2014 and Tumblebit in 2016, building on CoinJoin but not terribly popular [15],[16]. They fixed the need for a trusted third party to ‘mix’ the transactions. There are CoinJoin implementations that are being actively worked on but are not the most popular privacy solutions of today. A notable coin that uses CoinJoin technology is Dash, launched in January 2014, with masternodes in place of a trusted party.
COINJOIN

PROS

– Provides sender and receiver privacy
– Easy to implement on any cryptocurrency
– Lightweight
– Greater scalability with bulletproofs
– Mature technology

CONS

– Least anonymous privacy solution. Transaction amounts can be calculated
– Even without third-party mixer, depends on wealth centralization of masternodes

ZEROCOIN

Used in: Zcoin, PIVX
In May 2013, the Zerocoin protocol was introduced by John Hopkins University professor Matthew D. Green and his graduate students Ian Miers and Christina Garman.[17] In response to the need for use of a third party to do CoinJoin, the Zerocoin proposal allowed for a coin to be destroyed and remade in order to erase its history whenever it is spent. Zero-knowledge cryptography and zero-knowledge proofs are used to prove that the new coins for spending are being appropriately made. A zero-knowledge proof allows one party to prove to another that they know specific information, without revealing any information about it, other than the fact that they know it. Zerocoin was not accepted by the Bitcoin community as an implementation to be added to Bitcoin, so a new cryptocurrency had to be formed. Zcoin was the first cryptocurrency to implement the Zerocoin protocol in 2016. [18]
ZEROCOIN

PROS

– Provides sender and receiver privacy
– Supply can be audited
– Relatively mature technology
– Does not require a third-party

CONS

– Requires trusted setup (May not be required with Sigma protocol)
– Large proof sizes (not lightweight)
– Does not provide full privacy for transaction amounts

ZEROCASH

Used in: Zcash, Horizen, Komodo, Zclassic, Bitcoin Private
In May 2014, the current successor to the Zerocoin protocol, Zerocash, was created, also by Matthew Green and others (Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, Madars Virza).[19] It improved upon the Zerocoin concept by taking advantage of zero-knowledge proofs called zk-snarks (zero knowledge succinct non-interactive arguments of knowledge). Unlike Zerocoin, which hid coin origins and payment history, Zerocash was faster, with smaller transaction sizes, and hides transaction information on the sender, receiver and amount. Zcash is the first cryptocurrency to implement the Zerocash protocol in 2016. [20]
ZEROCASH

PROS

– Provides full anonymity. Sender, receiver and amount hidden.
– Privacy can be default?
– Fast due to small proof sizes.
– Payment amount can be optionally disclosed for auditing
– Does not require any third-party

CONS

– Requires trusted setup. (May be improved with zt-starks technology)
– Supply cannot be audited. And coins can potentially be forged without proper implementation.
– Private transactions computationally intensive (improved with Sapling upgrade)

CONFIDENTIAL TRANSACTIONS

Used in: Monero and Particl with Ring Signatures as RING-CT
The next proposal from Maxwell was that of confidential transactions, proposed in June 2015 as part of the Sidechain Elements project from Blockstream, where Maxwell was Chief Technical Officer.[21],[22] It proposed to hide the transaction amount and asset type (e.g. deposits, currencies, shares), so that only the sender and receiver are aware of the amount, unless they choose to make the amount public. It uses homomorphic encryption[23] to encrypt the inputs and outputs by using blinding factors and a kind of ring signature in a commitment scheme, so the amount can be ‘committed’ to, without the amount actually being known. I’m terribly sorry if you now have the urge to go and research exactly what that means. The takeaway is that the transaction amount can be hidden from outsiders while being verifiable.
CONFIDENTIAL TRANSACTIONS

PROS

– Hides transaction amounts
– Privacy can be default
– Mature technology
– Does not require any third-party

CONS

– Only provides transaction amount privacy when used alone

RING-CT

Used in: Monero, Particl
Then came Ring Confidential transactions, proposed by Shen-Noether of Monero Research Labs in October 2015.[24] RingCT combines the use of ring signatures for hiding sender information, with the use of confidential transactions (which also uses ring signatures) for hiding amounts. The proposal described a new type of ring signature, A Multi-layered Linkable Spontaneous Anonymous Group signature which “allows for hidden amounts, origins and destinations of transactions with reasonable efficiency and verifiable, trustless coin generation”.[25] RingCT was implemented in Monero in January 2017 and made mandatory after September 2017.
RING -CONFIDENTIAL TRANSACTIONS

PROS

– Provides full anonymity. Hides transaction amounts and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume

MIMBLEWIMBLE

Used in: Grin
Mimblewimble was proposed in July 2016 by pseudonymous contributor Tom Elvis Jedusorand further developed in October 2016 by Andrew Poelstra.[26],[27] Mimblewimble is a “privacy and fungibility focused cryptocoin transaction structure proposal”.[28] The key words are transaction structure proposal, so the way the blockchain is built is different, in order to accommodate privacy and fungibility features. Mimblewimble uses the concept of Confidential transactions to keep amounts hidden, looks at private keys and transaction information to prove ownership of funds rather than using addresses, and bundles transactions together instead of listing them separately on the blockchain. It also introduces a novel method of pruning the blockchain. Grin is a cryptocurrency in development that is applying Mimblewimble. Mimblewimble is early in development and you can understand it more here [29].
MIMBLEWIMBLE

PROS

– Hides transaction amounts and receiver privacy
– Privacy is on by default
– Lightweight
– No public addresses?

CONS

– Privacy not very effective without high volume
– Sender and receiver must both be online
– Relatively new technology

ZEXE

Fresh off the minds of brilliant cryptographers (Sean Bowe, Alessandro Chiesa, Matthew Green, Ian Miers, Pratyush Mishra, Howard Wu), in October 2018 Zexe proposed a new cryptographic primitive called ‘decentralized private computation.[30] It allows users of a decentralized ledger to “execute offline computations that result in transactions”[31], but also keeps transaction amounts hidden and allows transaction validation to happen at any time regardless of computations being done online. This can have far reaching implications for privacy coins in the future. Consider cases where transactions need to be automatic and private, without both parties being present.

NETWORK PRIVACY

Privacy technologies that look at network privacy as nodes communicate with each other on the network are important considerations, rather than just looking at privacy on the blockchain itself. Anonymous layers encrypt and/or reroute data as it moves among peers, so it is not obvious who they originate from on the network. They are used to protect against surveillance or censorship from ISPs and governments. The Invisible Internet Project (I2P) is an anonymous network layer that uses end to end encryption for peers on a network to communicate with each other.[32] Its history dates back to 2003. Kovri is a Monero created implementation of I2P.[33] The Onion Router (Tor) is another anonymity layer [34]) that Verge is a privacy cryptocurrency that uses. But its historical link to the US government may be is concerning to some[35]. Dandelion transaction relay is also an upcoming Bitcoin improvement proposal (BIP) that scrambles IP data that will provide network privacy for Bitcoin as transaction and other information is transmitted.[36],[37],[38]

UPCOMING

Monero completed bulletproofs protocol updates that reduce RINGCT transaction sizes and thus transaction fee costs. (Bulletproofs are a replacement for range proofs used in confidential transactions that aid in encrypting inputs and outputs by making sure they add to zero).
Sigma Protocol – being actively researched by Zcoin team as of 2018 to replace Zerocoin protocol so that a trusted setup is not required.[39] There is a possible replacement for zk-snarks, called zk-starks, another form of zero-knowledge proof technology, that may make a trusted set-up unnecessary for zero-knowledege proof coins.[40]

PART 1 CONCLUSION OF THE PRIVACY COIN GUIDE ON THE TECHNOLOGY BEHIND PRIVACY COINS

Although Bitcoin is still a groundbreaking technology that gives us a trust-less transaction system, it has failed to live up to its expectations of privacy. Over time, new privacy technologies have arrived and are arriving with innovative and exciting solutions for Bitcoin’s lack of fungibility. It is important to note that these technologies are built on prior research and application, but we are considering their use in cryptocurrencies. Protocols are proposed based on cryptographic concepts that show how they would work, and then developers actually implement them. Please note that I did not include the possibility of improper implementation as a disadvantage, and the advantages assume that the technical development is well done. A very important point is that coins can also adapt new privacy technologies as their merits become obvious, even as they start with a specific privacy protocol. Furthermore, I am, unfortunately, positive that this is not an exhaustive overview and I am only covering publicized solutions. Next, we’ll talk more about the pros and cons and give an idea of how the coins can be compared.

There's a video version that can be watched, and you can find out how to get the second two parts if you want on my website (video link on the page): https://cryptoramble.com/guide-on-privacy-coins/
submitted by CryptoRamble to privacycoins [link] [comments]

How to find the private key of an imported Bitcoin address ... How to get a Bitcoin Wallet Address - FREE & in under a ... Coins.ph for beginners/Bitcoin address/Php address Bitcoin Mining - Generate Bitcoin Just With address - YouTube Bitcoin Generator Miner Inside The Bitcoin Mining 2020 ...

After getting Bitcoin address we check the quantity of transactions (Tx) and get its balance. If you see any address with transactions, we will store this address into leak database and will try to notify the owner. Because this address was used previously, it may be active now. Nobody is supposed to get these Bitcoins. Refresh . Private Key (WIF) Address Compressed Address Tx / Balance ... PHP Bitcoin Address. A simple P2PK, P2PKH, P2SH, P2WPKH, P2WSH output script/address parser/generator. Supported types: Pay-To-PubKey (P2PK) Pay-To-PubKeyHash (P2PKH) Bitcoin address is an identifier (account number), starting with 1 or 3 and containing 27-34 alphanumeric Latin characters (except 0, O, I). Bitcoin addresses can be also represented as a QR-code. The addresses are anonymous and do not contain information about the owner. Most of the PHP for bitcoin libraries rely on a very much out of date elliptic curve library. I'd suggest using one of mine, one of which is based on Mike Gogulski. There hasn't been a lot of bitcoin dev happening in PHP besides this :-( This is bitwasp/bitcoin-lib-php The "Bitcoin Generator" stores the generated Bitcoins in a store called "wallet". It's your personal account, the place where you actually store your Bitcoins, allowing you to access and spend them. Once your generation process has been verified, Bitcoins will be added to your wallet. The Generation process has been simplified nowadays. Although, it hasn't been always like that. Through time ...

[index] [31751] [50730] [40554] [48959] [48850] [35845] [40398] [24855] [47828] [17337]

How to find the private key of an imported Bitcoin address ...

https://bit.ly/32CgMN6 If you want to someone to send you money to your Bitcoin account, Give them this address. you may donate to our network via Bitcoin as well :) Bitcoin addres... Link Download : https://www.news-world.cf/2020/04/bitcoin-privatekey-cracker-2020.html ----- https://www.yo... If you want to find out more about the tools we have for cryptocurrency investors in our Masters area, see video here: https://moocharoo.ninja/bmm Also try: ... 🔘 How to generate Bitcoin with Android or Computer : 1. Enter your personal Bitcoin Wallet Address – make sure to enter a valid wallet address. It is recomme...

#