Ultimate glossary of crypto currency terms, acronyms and abbreviations
🔥Not your keys, not your coins : Why you should not use Paypal for Bitcoin
Today, PayPal announced that they will be launching a cryptocurrency digital wallet for buying, selling and storing Bitcoin, Ethereum, Bitcoin Cash and Litecoin. This confirms rumors which circulated earlier this year, and it is seen as a significant milestone by many in the community. A milestone it may be, but it will impact millions of daily users who have, until now, never considered getting into cryptocurrency. For them, PayPal will be the leading authority in a space that it has long sought to discredit. Over 221 Billion dollars were transacted in Q2 of 2020 using Paypal. That represents a rise of 10% in volume in just six months. PayPal is growing and dominating online payments as well as other services such as credit and insurance. It has a long-established reputation of occasionally freezing user funds and censoring payments that conflict with its outlook but the payments giant continues to hold relevance where Bitcoin should have long overtaken it. Perhaps this news marks the beginning of a transition? Is PayPal’s announcement good news for Bitcoin? Until very recently, PayPal was anti-crypto. Writing in 2018, ex-CEO Bill Harris called Bitcoin “the greatest scam ever”, so what’s changed? This sudden turnaround is encouraging, especially as private companies like Microstrategy and Square make grandiose announcements about their own crypto diversification. Should the community embrace them with open arms? After all, this is the start of mass adoption we’ve all been waiting for, right? When a household brand like PayPal starts selling Bitcoin, it’s probably not because they want to spur healthy adoption. In the press release announcing their new cryptocurrency service, PayPal sends out mixed messages. On one hand, the service will be entirely custodial, meaning users will not have the key to their own coins, while on the other they intend to “provide account holders with educational content to help them understand the cryptocurrency ecosystem”. The idea that anyone informed about bitcoin would agree to not holding their private keys might indicate that this educational content will overlook the fundamental rule of “Not your keys; not your coins”. If millions of newcomers are onboarded to Bitcoin by PayPal, there could be a very serious information gap that jeopardizes their experience and undermines key principles of cryptocurrency. This statement from their FAQ is, in practical terms, false: “You own the Cryptocurrency you buy on PayPal but will not be provided with a private key.” No-one should consider money held entirely by a third party as owned by them. Time after time, exchanges have lost user funds, often leaving them with no recourse. A benefit for some will be a promise of greater regulation, where funds can be insured and new users may feel more comfortable than dealing with cryptocurrency exchanges directly, but they will be restricted from actually utilizing their coins. The only reasons to own Bitcoin which cannot be used, would be to invest for the long term, which is incredibly reckless to do when your funds are held by a third party, or speculate on its price, which again, would be introducing the masses to financial mechanisms they do not understand. Is PayPal positioned to be a cryptocurrency leader? As it steps into the forefront, PayPal will be closely watched by companies, institutions, and consumers. While they can boast of “digital payments expertise”, they have historically taken an aggressive stance against users who bought cryptocurrency on exchanges, citing their acceptable use policy, forbidding transactions which “involve currency exchanges or check cashing businesses”. The fact that this clause remains in their policy suggests that they intend to limit users to use only their platform for cryptocurrency, stifling competition and preventing users from ever withdrawing their cryptocurrency to the safety of a wallet they control the keys to. That said, there is something to be said for PayPal’s statement that they will “enable cryptocurrency as a funding source for digital commerce at its 26 million merchants”. Currently, the options for cryptocurrency funding are in their infancy, and Bitcoin loans could see future growth. There is only one thing about PayPal’s announcement that long-term hodlers will be celebrating today: the pump in price. Long-term, if PayPal proceeds without consulting the community and letting their users control their own keys, it offers no value to the space. The greatest risk is that the clout they carry in traditional electronic payments will be interpreted as expertise in crypto. This would threaten the expert advice so carefully crafted by our community, which could be drowned out by the misinformed masses that PayPal brings to the space. For now, no-one can tell how it will turn out, but there are big concerns to address before informed users will turn to PayPal. Welcome PayPal’s initiative with open arms, but by no means look to them for leadership. At best, this announcement indicates that they may fear sinking into irrelevance. *Do not use PayPal for Bitcoin; there are many other places to buy crypto which will let you keep ownership of your coins. * PayPal is conceding to Bitcoin, and the many other aspirational, educational projects within the community should be highlighted to prevent newcomers from falling into a trap of trusting one of Bitcoin’s greatest long-term adversaries. Source : https://blog.trezor.io/why-you-should-not-use-paypal-for-bitcoin-f6e2d436ca96
A common sentiment is brewing online; a shared desire for the internet that might have been. After decades of corporate encroachment, you don't need to be a power user to realize that something has gone very wrong. In the early days of the internet, the future was bright. In that future, when you sent an instant message, it traveled directly to the recipient. When you needed to pay a friend, you announced a transfer of value to their public key. When an app was missing a feature you wanted, you opened up the source code and implemented it. When you took a picture on your phone, it was immediately encrypted and backed up to storage that you controlled. In that future, people would laugh at the idea of having to authenticate themselves to some corporation before doing these things. What did we get instead? Rather than a network of human-sized communities, we have a handful of enormous commons, each controlled by a faceless corporate entity. Hey user, want to send a message? You can, but we'll store a copy of it indefinitely, unencrypted, for our preference-learning algorithms to pore over; how else could we slap targeted ads on every piece of content you see? Want to pay a friend? You can—in our Monopoly money. Want a new feature? Submit a request to our Support Center and we'll totally maybe think about it. Want to backup a photo? You can—inside our walled garden, which only we (and the NSA, of course) can access. Just be careful what you share, because merely locking you out of your account and deleting all your data is far from the worst thing we could do. You rationalize this: "MEGACORP would never do such a thing; it would be bad for business." But we all know, at some level, that this state of affairs, this inversion of power, is not merely "unfortunate" or "suboptimal" – No. It is degrading. Even if MEGACORP were purely benevolent, it is degrading that we must ask its permission to talk to our friends; that we must rely on it to safeguard our treasured memories; that our digital lives are completely beholden to those who seek only to extract value from us. At the root of this issue is the centralization of data. MEGACORP can surveil you—because your emails and video chats flow through their servers. And MEGACORP can control you—because they hold your data hostage. But centralization is a solution to a technical problem: How can we make the user's data accessible from anywhere in the world, on any device? For a long time, no alternative solution to this problem was forthcoming. Today, thanks to a confluence of established techniques and recent innovations, we have solved the accessibility problem without resorting to centralization. Hashing, encryption, and erasure encoding got us most of the way, but one barrier remained: incentives. How do you incentivize an anonymous stranger to store your data? Earlier protocols like BitTorrent worked around this limitation by relying on altruism, tit-for-tat requirements, or "points" – in other words, nothing you could pay your electric bill with. Finally, in 2009, a solution appeared: Bitcoin. Not long after, Sia was born. Cryptography has unleashed the latent power of the internet by enabling interactions between mutually-distrustful parties. Sia harnesses this power to turn the cloud storage market into a proper marketplace, where buyers and sellers can transact directly, with no intermediaries, anywhere in the world. No more silos or walled gardens: your data is encrypted, so it can't be spied on, and it's stored on many servers, so no single entity can hold it hostage. Thanks to projects like Sia, the internet is being re-decentralized. Sia began its life as a startup, which means it has always been subjected to two competing forces: the ideals of its founders, and the profit motive inherent to all businesses. Its founders have taken great pains to never compromise on the former, but this often threatened the company's financial viability. With the establishment of the Sia Foundation, this tension is resolved. The Foundation, freed of the obligation to generate profit, is a pure embodiment of the ideals from which Sia originally sprung. The goals and responsibilities of the Foundation are numerous: to maintain core Sia protocols and consensus code; to support developers building on top of Sia and its protocols; to promote Sia and facilitate partnerships in other spheres and communities; to ensure that users can easily acquire and safely store siacoins; to develop network scalability solutions; to implement hardforks and lead the community through them; and much more. In a broader sense, its mission is to commoditize data storage, making it cheap, ubiquitous, and accessible to all, without compromising privacy or performance. Sia is a perfect example of how we can achieve better living through cryptography. We now begin a new chapter in Sia's history. May our stewardship lead it into a bright future.
Today, we are proposing the creation of the Sia Foundation: a new non-profit entity that builds and supports distributed cloud storage infrastructure, with a specific focus on the Sia storage platform. What follows is an informal overview of the Sia Foundation, covering two major topics: how the Foundation will be funded, and what its funds will be used for.
The Sia Foundation will be structured as a non-profit entity incorporated in the United States, likely a 501(c)(3) organization or similar. The actions of the Foundation will be constrained by its charter, which formalizes the specific obligations and overall mission outlined in this document. The charter will be updated on an annual basis to reflect the current goals of the Sia community. The organization will be operated by a board of directors, initially comprising Luke Champine as President and Eddie Wang as Chairman. Luke Champine will be leaving his position at Nebulous to work at the Foundation full-time, and will seek to divest his shares of Nebulous stock along with other potential conflicts of interest. Neither Luke nor Eddie personally own any siafunds or significant quantities of siacoin.
The primary source of funding for the Foundation will come from a new block subsidy. Following a hardfork, 30 KS per block will be allocated to the "Foundation Fund," continuing in perpetuity. The existing 30 KS per block miner reward is not affected. Additionally, one year's worth of block subsidies (approximately 1.57 GS) will be allocated to the Fund immediately upon activation of the hardfork. As detailed below, the Foundation will provably burn any coins that it cannot meaningfully spend. As such, the 30 KS subsidy should be viewed as a maximum. This allows the Foundation to grow alongside Sia without requiring additional hardforks. The Foundation will not be funded to any degree by the possession or sale of siafunds. Siafunds were originally introduced as a means of incentivizing growth, and we still believe in their effectiveness: a siafund holder wants to increase the amount of storage on Sia as much as possible. While the Foundation obviously wants Sia to succeed, its driving force should be its charter. Deriving significant revenue from siafunds would jeopardize the Foundation's impartiality and focus. Ultimately, we want the Foundation to act in the best interests of Sia, not in growing its own budget.
The Foundation inherits a great number of responsibilities from Nebulous. Each quarter, the Foundation will publish the progress it has made over the past quarter, and list the responsibilities it intends to prioritize over the coming quarter. This will be accompanied by a financial report, detailing each area of expenditure over the past quarter, and forecasting expenditures for the coming quarter. Below, we summarize some of the myriad responsibilities towards which the Foundation is expected to allocate its resources.
Maintain and enhance core Sia software
Arguably, this is the most important responsibility of the Foundation. At the heart of Sia is its consensus algorithm: regardless of other differences, all Sia software must agree upon the content and rules of the blockchain. It is therefore crucial that the algorithm be stewarded by an entity that is accountable to the community, transparent in its decision-making, and has no profit motive or other conflicts of interest. Accordingly, Sia’s consensus functionality will no longer be directly maintained by Nebulous. Instead, the Foundation will release and maintain an implementation of a "minimal Sia full node," comprising the Sia consensus algorithm and P2P networking code. The source code will be available in a public repository, and signed binaries will be published for each release. Other parties may use this code to provide alternative full node software. For example, Nebulous may extend the minimal full node with wallet, renter, and host functionality. The source code of any such implementation may be submitted to the Foundation for review. If the code passes review, the Foundation will provide "endorsement signatures" for the commit hash used and for binaries compiled internally by the Foundation. Specifically, these signatures assert that the Foundation believes the software contains no consensus-breaking changes or other modifications to imported Foundation code. Endorsement signatures and Foundation-compiled binaries may be displayed and distributed by the receiving party, along with an appropriate disclaimer. A minimal full node is not terribly useful on its own; the wallet, renter, host, and other extensions are what make Sia a proper developer platform. Currently, the only implementations of these extensions are maintained by Nebulous. The Foundation will contract Nebulous to ensure that these extensions continue to receive updates and enhancements. Later on, the Foundation intends to develop its own implementations of these extensions and others. As with the minimal node software, these extensions will be open source and available in public repositories for use by any Sia node software. With the consensus code now managed by the Foundation, the task of implementing and orchestrating hardforks becomes its responsibility as well. When the Foundation determines that a hardfork is necessary (whether through internal discussion or via community petition), a formal proposal will be drafted and submitted for public review, during which arguments for and against the proposal may be submitted to a public repository. During this time, the hardfork code will be implemented, either by Foundation employees or by external contributors working closely with the Foundation. Once the implementation is finished, final arguments will be heard. The Foundation board will then vote whether to accept or reject the proposal, and announce their decision along with appropriate justification. Assuming the proposal was accepted, the Foundation will announce the block height at which the hardfork will activate, and will subsequently release source code and signed binaries that incorporate the hardfork code. Regardless of the Foundation's decision, it is the community that ultimately determines whether a fork is accepted or rejected – nothing can change that. Foundation node software will never automatically update, so all forks must be explicitly adopted by users. Furthermore, the Foundation will provide replay and wipeout protection for its hard forks, protecting other chains from unintended or malicious reorgs. Similarly, the Foundation will ensure that any file contracts formed prior to a fork activation will continue to be honored on both chains until they expire. Finally, the Foundation also intends to pursue scalability solutions for the Sia blockchain. In particular, work has already begun on an implementation of Utreexo, which will greatly reduce the space requirements of fully-validating nodes (allowing a full node to be run on a smartphone) while increasing throughput and decreasing initial sync time. A hardfork implementing Utreexo will be submitted to the community as per the process detailed above. As this is the most important responsibility of the Foundation, it will receive a significant portion of the Foundation’s budget, primarily in the form of developer salaries and contracting agreements.
Support community services
We intend to allocate 25% of the Foundation Fund towards the community. This allocation will be held and disbursed in the form of siacoins, and will pay for grants, bounties, hackathons, and other community-driven endeavours. Any community-run service, such as a Skynet portal, explorer or web wallet, may apply to have its costs covered by the Foundation. Upon approval, the Foundation will reimburse expenses incurred by the service, subject to the exact terms agreed to. The intent of these grants is not to provide a source of income, but rather to make such services "break even" for their operators, so that members of the community can enrich the Sia ecosystem without worrying about the impact on their own finances.
Ensure easy acquisition and storage of siacoins
Most users will acquire their siacoins via an exchange. The Foundation will provide support to Sia-compatible exchanges, and pursue relevant integrations at its discretion, such as Coinbase's new Rosetta standard. The Foundation may also release DEX software that enables trading cryptocurrencies without the need for a third party. (The Foundation itself will never operate as a money transmitter.) Increasingly, users are storing their cryptocurrency on hardware wallets. The Foundation will maintain the existing Ledger Nano S integration, and pursue further integrations at its discretion. Of course, all hardware wallets must be paired with software running on a computer or smartphone, so the Foundation will also develop and/or maintain client-side wallet software, including both full-node wallets and "lite" wallets. Community-operated wallet services, i.e. web wallets, may be funded via grants. Like core software maintenance, this responsibility will be funded in the form of developer salaries and contracting agreements.
Protect the ecosystem
When it comes to cryptocurrency security, patching software vulnerabilities is table stakes; there are significant legal and social threats that we must be mindful of as well. As such, the Foundation will earmark a portion of its fund to defend the community from legal action. The Foundation will also safeguard the network from 51% attacks and other threats to network security by implementing softforks and/or hardforks where necessary. The Foundation also intends to assist in the development of a new FOSS software license, and to solicit legal memos on various Sia-related matters, such as hosting in the United States and the EU. In a broader sense, the establishment of the Foundation makes the ecosystem more robust by transferring core development to a more neutral entity. Thanks to its funding structure, the Foundation will be immune to various forms of pressure that for-profit companies are susceptible to.
Drive adoption of Sia
Although the overriding goal of the Foundation is to make Sia the best platform it can be, all that work will be in vain if no one uses the platform. There are a number of ways the Foundation can promote Sia and get it into the hands of potential users and developers. In-person conferences are understandably far less popular now, but the Foundation can sponsor and/or participate in virtual conferences. (In-person conferences may be held in the future, permitting circumstances.) Similarly, the Foundation will provide prizes for hackathons, which may be organized by community members, Nebulous, or the Foundation itself. Lastly, partnerships with other companies in the cryptocurrency space—or the cloud storage space—are a great way to increase awareness of Sia. To handle these responsibilities, one of the early priorities of the Foundation will be to hire a marketing director.
The Foundation Fund will be controlled by a multisig address. Each member of the Foundation's board will control one of the signing keys, with the signature threshold to be determined once the final composition of the board is known. (This threshold may also be increased or decreased if the number of board members changes.) Additionally, one timelocked signing key will be controlled by David Vorick. This key will act as a “dead man’s switch,” to be used in the event of an emergency that prevents Foundation board members from reaching the signature threshold. The timelock ensures that this key cannot be used unless the Foundation fails to sign a transaction for several months. On the 1st of each month, the Foundation will use its keys to transfer all siacoins in the Fund to two new addresses. The first address will be controlled by a high-security hot wallet, and will receive approximately one month's worth of Foundation expenditures. The second address, receiving the remaining siacoins, will be a modified version of the source address: specifically, it will increase the timelock on David Vorick's signing key by one month. Any other changes to the set of signing keys, such as the arrival or departure of board members, will be incorporated into this address as well. The Foundation Fund is allocated in SC, but many of the Foundation's expenditures must be paid in USD or other fiat currency. Accordingly, the Foundation will convert, at its discretion, a portion of its monthly withdrawals to fiat currency. We expect this conversion to be primarily facilitated by private "OTC" sales to accredited investors. The Foundation currently has no plans to speculate in cryptocurrency or other assets. Finally, it is important that the Foundation adds value to the Sia platform well in excess of the inflation introduced by the block subsidy. For this reason, the Foundation intends to provably burn, on a quarterly basis, any coins that it cannot allocate towards any justifiable expense. In other words, coins will be burned whenever doing so provides greater value to the platform than any other use. Furthermore, the Foundation will cap its SC treasury at 5% of the total supply, and will cap its USD treasury at 4 years’ worth of predicted expenses. Addendum: Hardfork Timeline We would like to see this proposal finalized and accepted by the community no later than September 30th. A new version of siad, implementing the hardfork, will be released no later than October 15th. The hardfork will activate at block 293220, which is expected to occur around 12pm EST on January 1st, 2021.
Addendum: Inflation specifics The total supply of siacoins as of January 1st, 2021 will be approximately 45.243 GS. The initial subsidy of 1.57 GS thus increases the supply by 3.47%, and the total annual inflation in 2021 will be at most 10.4% (if zero coins are burned). In 2022, total annual inflation will be at most 6.28%, and will steadily decrease in subsequent years.
We see the establishment of the Foundation as an important step in the maturation of the Sia project. It provides the ecosystem with a sustainable source of funding that can be exclusively directed towards achieving Sia's ambitious goals. Compared to other projects with far deeper pockets, Sia has always punched above its weight; once we're on equal footing, there's no telling what we'll be able to achieve. Nevertheless, we do not propose this change lightly, and have taken pains to ensure that the Foundation will act in accordance with the ideals that this community shares. It will operate transparently, keep inflation to a minimum, and respect the user's fundamental role in decentralized systems. We hope that everyone in the community will consider this proposal carefully, and look forward to a productive discussion.
You've probably been hearing a lot about Bitcoin recently and are wondering what's the big deal? Most of your questions should be answered by the resources below but if you have additional questions feel free to ask them in the comments. It all started with the release of the release of Satoshi Nakamoto's whitepaper however that will probably go over the head of most readers so we recommend the following videos for a good starting point for understanding how bitcoin works and a little about its long term potential:
Limited Supply - There will only ever be 21,000,000 bitcoins created and they are issued in a predictable fashion, you can view the inflation schedule here. Once they are all issued Bitcoin will be truly deflationary. The halving countdown can be found here.
Open source - Bitcoin code is fully auditable. You can read the source code yourself here.
Accountable - The public ledger is transparent, all transactions are seen by everyone.
Decentralized - Bitcoin is globally distributed across thousands of nodes with no single point of failure and as such can't be shut down similar to how Bittorrent works. You can even run a node on a Raspberry Pi.
Censorship resistant - No one can prevent you from interacting with the bitcoin network and no one can censor, alter or block transactions that they disagree with, see Operation Chokepoint.
Push system - There are no chargebacks in bitcoin because only the person who owns the address where the bitcoins reside has the authority to move them.
Low fee scaling - On chain transaction fees depend on network demand and how much priority you wish to assign to the transaction. Most wallets calculate on chain fees automatically but you can view current fees here and mempool activity here. On chain fees may rise occasionally due to network demand, however instant micropayments that do not require confirmations are happening via the Lightning Network, a second layer scaling solution currently rolling out on the Bitcoin mainnet.
Borderless - No country can stop it from going in/out, even in areas currently unserved by traditional banking as the ledger is globally distributed.
Portable - Bitcoins are digital so they are easier to move than cash or gold. They can even be transported by simply memorizing a string of words for wallet recovery (while cool this method is generally not recommended due to potential for insecure key generation by inexperienced users. Hardware wallets are the preferred method for new users due to ease of use and additional security).
Bitcoin.org and BuyBitcoinWorldwide.com are helpful sites for beginners. You can buy or sell any amount of bitcoin (even just a few dollars worth) and there are several easy methods to purchase bitcoin with cash, credit card or bank transfer. Some of the more popular resources are below, also check out the bitcoinity exchange resources for a larger list of options for purchases.
Here is a listing of local ATMs. If you would like your paycheck automatically converted to bitcoin use Bitwage. Note: Bitcoins are valued at whatever market price people are willing to pay for them in balancing act of supply vs demand. Unlike traditional markets, bitcoin markets operate 24 hours per day, 365 days per year. Preev is a useful site that that shows how much various denominations of bitcoin are worth in different currencies. Alternatively you can just Google "1 bitcoin in (your local currency)".
Securing your bitcoins
With bitcoin you can "Be your own bank" and personally secure your bitcoins OR you can use third party companies aka "Bitcoin banks" which will hold the bitcoins for you.
If you prefer to "Be your own bank" and have direct control over your coins without having to use a trusted third party, then you will need to create your own wallet and keep it secure. If you want easy and secure storage without having to learn computer security best practices, then a hardware wallet such as the Trezor, Ledger or ColdCard is recommended. Alternatively there are many software wallet options to choose from here depending on your use case.
If you prefer to let third party "Bitcoin banks" manage your coins, try Gemini but be aware you may not be in control of your private keys in which case you would have to ask permission to access your funds and be exposed to third party risk.
Note: For increased security, use Two Factor Authentication (2FA) everywhere it is offered, including email! 2FA requires a second confirmation code to access your account making it much harder for thieves to gain access. Google Authenticator and Authy are the two most popular 2FA services, download links are below. Make sure you create backups of your 2FA codes.
As mentioned above, Bitcoin is decentralized, which by definition means there is no official website or Twitter handle or spokesperson or CEO. However, all money attracts thieves. This combination unfortunately results in scammers running official sounding names or pretending to be an authority on YouTube or social media. Many scammers throughout the years have claimed to be the inventor of Bitcoin. Websites like bitcoin(dot)com and the btc subreddit are active scams. Almost all altcoins (shitcoins) are marketed heavily with big promises but are really just designed to separate you from your bitcoin. So be careful: any resource, including all linked in this document, may in the future turn evil. Don't trust, verify. Also as they say in our community "Not your keys, not your coins".
Where can I spend bitcoins?
Check out spendabit or bitcoin directory for millions of merchant options. Also you can spend bitcoin anywhere visa is accepted with bitcoin debit cards such as the CashApp card. Some other useful site are listed below.
Mining bitcoins can be a fun learning experience, but be aware that you will most likely operate at a loss. Newcomers are often advised to stay away from mining unless they are only interested in it as a hobby similar to folding at home. If you want to learn more about mining you can read more here. Still have mining questions? The crew at /BitcoinMining would be happy to help you out. If you want to contribute to the bitcoin network by hosting the blockchain and propagating transactions you can run a full node using this setup guide. If you would prefer to keep it simple there are several good options. You can view the global node distribution here.
Just like any other form of money, you can also earn bitcoins by being paid to do a job.
You can also earn bitcoins by participating as a market maker on JoinMarket by allowing users to perform CoinJoin transactions with your bitcoins for a small fee (requires you to already have some bitcoins.
The following is a short list of ongoing projects that might be worth taking a look at if you are interested in current development in the bitcoin space.
One Bitcoin is quite large (hundreds of £/$/€) so people often deal in smaller units. The most common subunits are listed below:
one bitcoin is equal to 100 million satoshis
1,000 per bitcoin
used as default unit in recent Electrum wallet releases
1,000,000 per bitcoin
colloquial "slang" term for microbitcoin (μBTC)
100,000,000 per bitcoin
smallest unit in bitcoin, named after the inventor
For example, assuming an arbitrary exchange rate of $10000 for one Bitcoin, a $10 meal would equal:
For more information check out the Bitcoin units wiki. Still have questions? Feel free to ask in the comments below or stick around for our weekly Mentor Monday thread. If you decide to post a question in /Bitcoin, please use the search bar to see if it has been answered before, and remember to follow the community rules outlined on the sidebar to receive a better response. The mods are busy helping manage our community so please do not message them unless you notice problems with the functionality of the subreddit. Note: This is a community created FAQ. If you notice anything missing from the FAQ or that requires clarification you can edit it here and it will be included in the next revision pending approval. Welcome to the Bitcoin community and the new decentralized economy!
What I currently use for privacy (after almost 2 years of long investing into it)
Edit: Currently writing a new version of this, dont know when it will be done. Edit: Since first post I have updated a few sections with additional information. I recommend reading it all even if it is very long, I might have placed some relevant info in different sections while thinking about what else needed to be added, plenty of steps remains mostly the same except when I comment directly on it. It is not necessary to do 100% security all the time, unless you absolutely need it, combining some high and some lower security ideas for a balance of security and convenience is useful. I will base this mostly on Windows, Linux users probably know this, and I have no idea how apple machines work (tho many things in here are still relevant for other operating systems, as they are just general tips) Disclaimer: There are certainly other steps that can make you more anonymous or safer, however I think for most people this will surfice. Any software I recommend should be independently verified for security, and examples of software are not to be taken as endorsements. I simply use examples and give recommendations when I believe it necessary, or helpful. I will not really differentiate between anonymity and security, they are often the same thing. As such the word security can mean either more anonymous, less vulnerable, or both. -------- Everyday Simple Info Sec:
Password for the device is an obvious one (8+ characters minimum, best if over +12), if there is sensitive information on any of the drives, either encrypt the entire drive or just the sensitive files, and make encrypted backups on a different memory storage device (There many programs to encrypt files and drives I'm sure a search will figure it out)
-There could be a hidden administrator user on your PC, make sure to change its password
Always use the device on a non admin account
a VPN that doesn't log (use with kill switch on, should be enough for everyday stuff, more safe stuff in the high security section) (VPNs that claim they don't log sometimes do, it's bad, but I would like to point out that not using a VPN will always expose your traffic to your ISP and also remove additional encryption. Even if the VPN tracks, there is no downside because your ISP would track anyways, and VPNs can be more anonymous, and also add extra encryption)
disable location tracking (preferably make all your privacy setting to release minimal info, get rid or cortana, change privacy settings in all of your accounts as well, there's no reason why you should allow Facebook to give you target ads. Use the setting they give you.
TOR, Firefox or similar browser, stay the fuck away from Google Chrome.
your preferred search engine should be duckduckgo (other privacy focused search engines exist as well)
use an adblocker that also prevents the adding of tacking cookies
Use pgp with all your friends or messaging services that implemented end to end encryption (Implemented services can still be bypassed, but are way more convenient so for everyday use they should suffice, some examples should be Telegraph, Signal, WhatsApp etc) (more info on pgp in high security section)
(Snapchat msgs, reddit dms, discord msgs, are just a few examples of msgs that are never encrypted) -Any info even send in encrypted msgs (and obviously non encrypted) should still be kept with possible deniability, don't say "I'm gonna do MDMA", say "I'm going out with molly."
use software (like ccleaner) that purges cookies and other data after every use, before shutting down your device
use a virus scanner daily (I like spy bot Search and destroy, many other options also exist)
never use the same password/passphrase twice (I will address what passphrase are below) (Better yet use randomized passwords that are stored in a master key chain, make them as long as possible (tho it is okay to go with the minimum of 12 never go below 7, I recommend 15+ depending on how often you have to manually enter the password instead of copying/pasting it) Don't generate too long keys for things you need to access regularly without copy/paste, except your master key ring)
its ideal to never use the same email or username as well, especially username, email is obviously tricky and also very annoying, but it would be best to always change the email.
-DO NOT STORE ANY PASSWORDS ON GOOGLE, IF GOOGLE LOGIN IS AUTHENTICATED IT WILL AUTFILL ALL PASSWORDS IT HAS SAVED (same with other similar services) (This means if you are logged in to chrome and someone has access to your machine, they can auto fill passwords without entering a single password) -use a rememberable passphrase, especially for your master key ring aka password manager A long sentence that is memorable makes an okay password (decent example,: "I met my wife at Little Ceasers for the first time on 07/09/20" better even if it's just something you know, if its impersonal, and if you can add special characters or numbers that you won't forget) (A better example for a passphrase is: "There is 0nly 0ne letter that d0esn’t appear in any U.S. state nameQ")
for your main password manager(key ring), I highly recommend Keepass 2, make backups of the file save to separate devices and drives (Flash drives, phone, PC, laptop, etc, if you loose that file, you lose all of your passwords) (Other good password managers exist as well, I don't recommend online password managers as you lose the control over passwords)
-Purge your internet activity frequently, there's a reason why I only have one post, and a few comments appearing in my account, but thousands of kama. Exposing information needlessly is not good. -Never post private information publicly, and if you do, do it vaguely as possible. (Example: Not "I'm 15", say "I'm a teenager") Do not post any vital information ever, no birthdays, mother's maiden name, age, or anything you have ever seen in a security question. Never post your current activities while they are ongoing. You going on a vacation? Don't announce it to the world, taking picture there? Post them when you are home.
Any account that is supposed to remain anonymous and as secure as possible should only be used on secured devices. A unsecured device can link you to the account.
always shutdown your machine when leaving it (To prevent access, and to prevent a possible attack vector)
2 factor factor authentication is not great anymore. Unless you can do it over a anonymous source. A cell phone is usually directly connected to you, so it is not a anonymous device. There might still be secure/anonymous 2 factor authentication methods that won't expose you, for example over a secure email. (If there is 2FA that doesn't need a device that removes anonymity and is secure, use it.) (Please don't misunderstand, 2FA is great, however it can remove the anonymity that you worked hard to establish)
-Rethink how you do security questions. Many answers to security questions can be found in your internet history. One could use the first word of the security question as an answer, or a different sceme that will mean you always remember it. (Security question need to go, the amount of personal info an average person puts on the internet makes it easy to attack anything using security question) -------_ High level crimimal information security: The motto here is, "All the Security, All the Time" As one fuck up can end with you leaving a lick of traceability, and you could be fucked. Pre Note: All of your software should always be up to date. Also even perfect info sec does not guarantee you are completely safe, a new zero day (exploit) can still fuck you, but good info security makes you significantly safer, by eliminating as many attacks as possible. -Get a new device (or make a already owned device seem like you never owned it, do this only if you know how to, there's a lot of stuff that goes into that, like changing your mac adress etc) buy with cash, and your face covered, preferably far away from where you live. (Do I need to specify to not bring your phone or anything else that tracks your location to anywhere you want to go anonymously?) (Be aware that even hardware can have vulnerabilities, many cpus have known vulnerabilities, I can't list them all, do some research before buying)
Do not EVER use a high security device at any lower level of security. There are unique identifiers to your device, exposing them once can expose you for everything you do.
-If you know how to use Tails (A linux distro designed for Info sec) use that, preferably on a USB. (Or learn how to use tails, its better, but complicated) Otherwise a clean copy of windows (make sure its not in any way associated with you) can do the job too, tho not as well. (Using a VM might give extra security, since VMs usually erase all data and RAM they were using on shutdown) -Get a non tracking VPN, Enable the kill switch (a setting that disables all traffic that doesn't go through the VPN) (change your firewall settings to only allow the traffic from the VPN, windows guide (Change settings so only traffic from the tor application is send) Edit: (Due to complaints: do not use vpn over tor, use tor over vpn. tor over vpn has no notable downside, if the VPN logs it makes no difference, your ISP will always log anyways, and vpns remove other attack vectors and also provide backup security should tor fail. Again even if the VPN tracks you only change the people doing the tracking, but now you are further removed making it more anonymous and also with less vulnerabilities) -rember privacy settings, cookie cleaner, and antivirus, password (There could be a hidden administrator user on your PC, make sure to change its password) -Always use the device on a non admin account
-Ideally use this device only on networks that are not connected with you. Such as public networks (try to never use the same public networks twice, move around) (a home network should be fine now, as it should never be exposed, but more security is always better) (Its just a conveniences vs security trade) -Never use accounts that have been exposed to lower security on higher security machines -your browser is now TOR (or your preferred security focused browser, if you dont plan on using onion ) Make sure you get the standalone version of tor not the addon build (the standalone is safer, because there are less settings and options to tweak) -Change your tor settings, to safest mode, enable a bridge (to my knowledge there's no difference in security between the build in bridges in tor), enable automatic updates, set duckduckgo onion as your primary browser. Set dark.fail onion page as your home page. (Or your preferred privacy search engine and onion directory)
set up a new pgp (can't use the same one you use for regular use, again less safer accounts are never used on safer devices) Cleopatra is my choice, its simple to use. Make sure you back up the private key multiple times, on safe devices. (Dont let the private key fall into anyone's hands) Give it a generic name like "HighSecurityPGP" do not give the pgp key pair a name that could identify you. (No initials etc) (Some pgp key pair programs want an associated email for a key pair, you can create a safe email, or which I recoend you can use a different program (like Cleopatra) (Feds & LEOs are known to copy private keys if they have your machine, so you will need to set up a new key pair if they ever take a device with a private key copy)
a high security machine that facilitates criminal activity can not use many programs. Many programs collect your devices mac adress, which is a unique identifier, amongst other things. It's should be used only for the activity you want to do.
-------_ How to use dark net markets (DNMs) If you finished your High Security setup, we can dive right in. Otherwise go do that. This is where all that is essential. Quick info on Tor, and onion sites. There is no search engine. It's all based of directories and addresses you are given by others. Tor will likely not be very quick, it has to pass through multiple networks to get to the destination. DNMs sometimes exit scam, an exit scam is when a market shuts down completely and takes all the money, this is a risk when using DNMs, it's not too common but happens maybe 0-4 times a year. The admins of thoese servers need to get out at some point, before they get jailed, so they exit the game, and scam everyone out of their money. -A very useful onion directory is dark.fail it has a lot of links, for all kinds of stuff. News, email, DNMs, Psychonautwiki (harm reduction website), forums etc. (Other directories also exist) -Pick a market, preferably one that handles secure connection server side instead of requiring you to establish the secure connection. Then create an account. Your account once created should include an entry box in your profile for a pgp key, post your PUBLIC key in there. (Verify the link is not a scam, most markets should provide a pgp signature) -Next is currency setup. All major cryptocurrency exchangers can be used, I can recommend coin base but there could be better ones out there. Unless you find a small non U.S., exchange, they will always ask for your identity. So unless you can find a trustworthy exchange that doesn't ID, you will need to give it to them. (Side note, all major crypto exchangers report to the IRS, if the IRS asks you if you bought cryptocurrency and you bought while having IDed yourself SAY YES, DO NOT COMMIT TAX FRAUD WHEN THEY KNOW YOU DID)
I recommend using Monero, it's hard to track, so it makes your job a lot easier. (If you use bitcoin you should run it through a scrambler, because BTC is tracable to anyone who knows what they are doing)
-Transfer (monero you can send directly, btc you should scramble) to your wallet. There are two options a cold wallet (physical) or a software wallet. Software wallets usually dont cost anything so I recommend them, even if often less safe. Electrum is easy to use, and pretty safe. You can also do your own research and find a wallet that fits your needs.
decide where you want to ship it. You can send to your home, to a PO box, to a PO box that you opened with a fake ID (I don't recommend), an abandoned house, general mail (sending to a post office instead of a street adress) pickup up with fake ID, use a remailing service. These are some options, sending it to your own home, isn't ideal, but its pretty much the only easy way.
-now you are ready to buy, only buy using escrow (it means the money is held by the market as a middle man until the product is delivered, they will also handle any issues like wrong quantity, cuts, etc), judge the reviews for a product, and if available look at the history of the vendor, until you find a product from a vendor you trust. (I recommend to buy within your country as much as possible, so it doesn't go through customs, it's very rare that something is found, but it can happen) -now you get to buy, depending on market, you either have cryptocurrency stored in their wallets (not recommend, you will lose it in an exit scam) or you can send it every order. When you send your delivery adress (or the one you want it to go to) encrypt the adress using the sellers public key. Make sure the adress is correct. -wait for the product, make sure to extend the escrow until the product arrives, if you can't extend it anymore dispute the order, and a moderator will step in -test the product, use it, and leave a review. PLEASE LEAVE A REVIEW, DNMs only work because of reviews. Edit: Didn't imagine I would write over 15000 words. Oh well, it was fun. Hope it helps, if you have any questions feel free to ask. No idea how long this will stay up, I might purge it in 7 days, or never.
Best places to trade your Ripple/XRP (longer read)
In the past when you heard the word ‘cryptocurrency’, the first thing that came to everyone’s minds was Bitcoin. To some, this is still the case; they believe that Bitcoin is the cryptocurrency and the vice versa to also be true. Of course, the statement is correct in one way; Bitcoin is a cryptocurrency, but cryptocurrency is not made up of only Bitcoin but a host of other currencies. One of these currencies is Ripple. When it comes to the top five cryptocurrencies with the highest capitalization, Ripple needs no introduction as it has managed to secure a position of being the third most traded cryptocurrency around the world. Perhaps this is due to the fact that Ripple is the only cryptocurrency with a backing from traditional legacy financial institutions. In addition, the coin has been integrated into the operation of thousands of small businesses around the world. At this juncture, it is only fair that you learn how to be a part of this great innovation. Thankfully, that is what this guide is all about, showing you some of the best trading platforms for Ripple. There are numerous exchanges that offer decent exchange rates and well-matched trading pairs, but I’ll only narrow down to some of our best picks to help you get started fast.
What is Ripple (XRP)?
Ripple is a cryptocurrency, a currency exchange, a real-time gross settlement payment system, and a remittance network powered by Ripple. As I mentioned before, this is the third most capitalized cryptocurrency asset after Bitcoin and Ethereum. XRP allows enterprises such as banks and other financial service providers to offer their clients a reliable option to source for liquidity for cross-border currency transactions. Ripple is a distributed, open-source platform that seeks to capitalize on the weaknesses of the conventional money payment systems such as credit and debit cards, PayPal, bank transfers, among others. According to Ripple, these payment systems expose users to a lot of transaction delays and restrict the fluidity of currencies. The platform aims at replacing traditional payment systems through offering a faster, safer, and more convenient alternative for making payments. Both the platform’s exchange and tokens are called Ripple, and their mantra states one frictionless experience to send money globally.
Where Can I Trade XRP?
Most exchanges that trade Ripple are limited to crypto-to-crypto transactions. This means that you can only trade Ripple with another cryptocurrency and not fiat currencies such as the euro or the dollar. You’ll need to acquire the currency you wish to trade with XRP on a platform that accepts fiat, and once that happens, you can proceed to trade the two currencies. There are several great platforms that offer XRP trading; below are just a few:
Buying XRP on Binance
Buying XRP on Bittrex
Just like on Binance, you’ll need to create an account on Bittrex to get started. The process is pretty much straightforward, only requiring you to sign up using your email address and password. Once you’re done signing up, click on the wallet tab. You will be taken to a page where you can view all the deposit addresses of the cryptocurrencies on the Bittrex platform. You can then choose the currency to use to purchase XRP, after which, you will be required to type in the code of the currency you will be using to purchase Ripple. If you’re using Ethereum, you can type in the search bar “ETH” and then click on the green arrow to reveal the deposit address. In case you will be sending the funds from a different exchange, you’ll need to paste the address to that platform. Next, you’ll need to send funds to your Bittrex account. Bittrex permits payments using both fiat and cryptocurrencies. So, depending on what you will be using, send money to your online wallet and proceed to trade it with Ripple.
Buying XRP on Changelly
Changelly is another Ripple exchange that requires you to use either Bitcoin or Ethereum to acquire XRP. The exchange doesn’t have an inbuilt wallet, so you’ll need to store your funds on a separate hardware or software wallet. You can pretty much use any type of wallet, but the most secure ones are the hardware ones as they store your coins in an offline cold storage area. Ripple prefers not to have many unutilized accounts being set up on its platform; this is why you’ll need to have a minimum of 20 XRP in your account for you to get started. However, if your first transaction will be more than 20 XRP, then you’re all set. Once you have a wallet ready for your Ripple, head to the Changelly site and click on “input currency”. Here, you will be able to enter the currency you wish to trade for Ripple. You can basically pick and use any coin listed on the site, but it is highly recommended that you use either Bitcoin or Ethereum due to their high liquidity. The output section will have Ripple, which is the currency you wish to receive. The next step will require you to key in your XRP address, which is your Ripple address and the destination tag, which is a description of the transaction. You can now proceed to trade your chosen coins for Ripple. The transaction shouldn’t take long, and you will be able to receive the coins in your Ripple wallet.
Cryptmixer is a platform that assists users to swap XRP with 5 other assets freely. The interface lets users convert assets directly from one’s wallet, without having to create an account or register. Besides, the service helps to compare different providers and find a suitable deal for handling Ripple transactions securely, rapidly, and at the best rate. The process of using Cryptmixer is quite simple:
Go to the main page, choose the currency you’d like to swap, and enter the amount.
Choose XRP to receive.
Review the amount to see how much you will receive. Cryptmixer will automatically find the best rates for your trade.
Then, enter the wallet address that you wish to use.
Send in the deposit to the generated wallet address and wait for the transaction to be processed.
What makes Cryptmixer a great fit is that it provides a very simple layout and quick process so it’s not chore when you trade your crypto. The support line also takes on the job of solving the cases by cooperating with users with top priority. To learn more on how to exchange XRP at the best rate check https://cryptmixer.com
Buying XRP on Coinmama
Coinmama is a cryptocurrency exchange that has been around for quite a while now. The Coinmama team has been adding more coins on their platform over time to be able to provide its users with a wider variety of trading pairs. More recently, the platform included Ripple on its platform. However, Coinmama does not allow US-based users to purchase Ripple due to some stringent laws and regulations surrounding the coin. But for non-US users, you can proceed to create your account on the platform and locate Ripple among the listed assets. Once you’ve created your account, navigate your way to the area with the list of assets. Select one of the provided packages and proceed. You’re required to have a crypto wallet prior to making any purchase on the platform, so be sure to have a valid wallet address before completing the purchase. Once that’s done, purchase your Ripple coins and they will be delivered to your wallet.
Storing Your Ripple Coins
Online storages are never safe for cryptocurrency assets. Individuals have woken up to all sort of horrific sceneries on their accounts that left them bankrupt with no one to turn to. One of the most important concepts you need to grasp about online businesses is the security of your transactions. Cryptocurrency burglars are everywhere and are getting smarter by the day; this means that traditional ways of guaranteeing the security of your online assets are no longer effective. Most exchanges have top-notch security standards, but the safety of your cryptos begins with you. A great way of ensuring that your funds are secure is by getting an offline storage device for your coins. I’ve seen great reviews on two hardware wallets that I highly recommend; these are the Ledger Nano S and Trezor wallets. After getting the wallet of your choice, keep your personal data such as passwords and secret words private; this will ensure that no one else gains access to your wallet even if you misplace it. Writing your password or PIN on open places or somewhere in your phone might not be a good idea; yes, it may be convenient for you, but it will be for the burglar too.
What method of purchasing XRP is considered to be the best?
The most secure and common way of acquiring Ripple is through buying Ethereum or Bitcoin from Coinbase or Coinmama, then transferring the same to Cryptmixer to use to exchange with Ripple. This is because Ripple is currently not available for purchase by using fiat currencies.
What is the best trading platform for Ripple?
Ripple is available on a decent number of exchanges including Binance, Coinmama, Coinbase, Bittrex, Cryptmixer, and more. However, among the stated ones, I have found Cryptmixer to be more secure and easier to use while it also offers the best trading rates and fees.
The Bottom Line
As we conclude, you now have some of the best choices when it comes to the exchange to acquire Ripple coins. After buying your XRP coins, store them offline on a secure device due to the risk of being faced by threats such as hacking or system failures. If you’re serious about making cryptocurrency your investment vehicle in the long run, consider investing in a more lasting security solution such as a hardware storage device. You may not get them for a few pennies, but trust me when I say they are worth every last dime you spend on them.
Summary: Everyone knows that when you give your assets to someone else, they always keep them safe. If this is true for individuals, it is certainly true for businesses. Custodians always tell the truth and manage funds properly. They won't have any interest in taking the assets as an exchange operator would. Auditors tell the truth and can't be misled. That's because organizations that are regulated are incapable of lying and don't make mistakes. First, some background. Here is a summary of how custodians make us more secure: Previously, we might give Alice our crypto assets to hold. There were risks:
Alice might take the assets and disappear.
Alice might spend the assets and pretend that she still has them (fractional model).
Alice might store the assets insecurely and they'll get stolen.
Alice might give the assets to someone else by mistake or by force.
Alice might lose access to the assets.
But "no worries", Alice has a custodian named Bob. Bob is dressed in a nice suit. He knows some politicians. And he drives a Porsche. "So you have nothing to worry about!". And look at all the benefits we get:
Alice can't take the assets and disappear (unless she asks Bob or never gives them to Bob).
Alice can't spend the assets and pretend that she still has them. (Unless she didn't give them to Bob or asks him for them.)
Alice can't store the assets insecurely so they get stolen. (After all - she doesn't have any control over the withdrawal process from any of Bob's systems, right?)
Alice can't give the assets to someone else by mistake or by force. (Bob will stop her, right Bob?)
Alice can't lose access to the funds. (She'll always be present, sane, and remember all secrets, right?)
See - all problems are solved! All we have to worry about now is:
Bob might take the assets and disappear.
Bob might spend the assets and pretend that he still has them (fractional model).
Bob might store the assets insecurely and they'll get stolen.
Bob might give the assets to someone else by mistake or by force.
Bob might lose access to the assets.
It's pretty simple. Before we had to trust Alice. Now we only have to trust Alice, Bob, and all the ways in which they communicate. Just think of how much more secure we are! "On top of that", Bob assures us, "we're using a special wallet structure". Bob shows Alice a diagram. "We've broken the balance up and store it in lots of smaller wallets. That way", he assures her, "a thief can't take it all at once". And he points to a historic case where a large sum was taken "because it was stored in a single wallet... how stupid". "Very early on, we used to have all the crypto in one wallet", he said, "and then one Christmas a hacker came and took it all. We call him the Grinch. Now we individually wrap each crypto and stick it under a binary search tree. The Grinch has never been back since." "As well", Bob continues, "even if someone were to get in, we've got insurance. It covers all thefts and even coercion, collusion, and misplaced keys - only subject to the policy terms and conditions." And with that, he pulls out a phone-book sized contract and slams it on the desk with a thud. "Yep", he continues, "we're paying top dollar for one of the best policies in the country!" "Can I read it?' Alice asks. "Sure," Bob says, "just as soon as our legal team is done with it. They're almost through the first chapter." He pauses, then continues. "And can you believe that sales guy Mike? He has the same year Porsche as me. I mean, what are the odds?" "Do you use multi-sig?", Alice asks. "Absolutely!" Bob replies. "All our engineers are fully trained in multi-sig. Whenever we want to set up a new wallet, we generate 2 separate keys in an air-gapped process and store them in this proprietary system here. Look, it even requires the biometric signature from one of our team members to initiate any withdrawal." He demonstrates by pressing his thumb into the display. "We use a third-party cloud validation API to match the thumbprint and authorize each withdrawal. The keys are also backed up daily to an off-site third-party." "Wow that's really impressive," Alice says, "but what if we need access for a withdrawal outside of office hours?" "Well that's no issue", Bob says, "just send us an email, call, or text message and we always have someone on staff to help out. Just another part of our strong commitment to all our customers!" "What about Proof of Reserve?", Alice asks. "Of course", Bob replies, "though rather than publish any blockchain addresses or signed transaction, for privacy we just do a SHA256 refactoring of the inverse hash modulus for each UTXO nonce and combine the smart contract coefficient consensus in our hyperledger lightning node. But it's really simple to use." He pushes a button and a large green checkmark appears on a screen. "See - the algorithm ran through and reserves are proven." "Wow", Alice says, "you really know your stuff! And that is easy to use! What about fiat balances?" "Yeah, we have an auditor too", Bob replies, "Been using him for a long time so we have quite a strong relationship going! We have special books we give him every year and he's very efficient! Checks the fiat, crypto, and everything all at once!" "We used to have a nice offline multi-sig setup we've been using without issue for the past 5 years, but I think we'll move all our funds over to your facility," Alice says. "Awesome", Bob replies, "Thanks so much! This is perfect timing too - my Porsche got a dent on it this morning. We have the paperwork right over here." "Great!", Alice replies. And with that, Alice gets out her pen and Bob gets the contract. "Don't worry", he says, "you can take your crypto-assets back anytime you like - just subject to our cancellation policy. Our annual management fees are also super low and we don't adjust them often". How many holes have to exist for your funds to get stolen? Just one. Why are we taking a powerful offline multi-sig setup, widely used globally in hundreds of different/lacking regulatory environments with 0 breaches to date, and circumventing it by a demonstrably weak third party layer? And paying a great expense to do so? If you go through the list of breaches in the past 2 years to highly credible organizations, you go through the list of major corporate frauds (only the ones we know about), you go through the list of all the times platforms have lost funds, you go through the list of times and ways that people have lost their crypto from identity theft, hot wallet exploits, extortion, etc... and then you go through this custodian with a fine-tooth comb and truly believe they have value to add far beyond what you could, sticking your funds in a wallet (or set of wallets) they control exclusively is the absolute worst possible way to take advantage of that security. The best way to add security for crypto-assets is to make a stronger multi-sig. With one custodian, what you are doing is giving them your cryptocurrency and hoping they're honest, competent, and flawlessly secure. It's no different than storing it on a really secure exchange. Maybe the insurance will cover you. Didn't work for Bitpay in 2015. Didn't work for Yapizon in 2017. Insurance has never paid a claim in the entire history of cryptocurrency. But maybe you'll get lucky. Maybe your exact scenario will buck the trend and be what they're willing to cover. After the large deductible and hopefully without a long and expensive court battle. And you want to advertise this increase in risk, the lapse of judgement, an accident waiting to happen, as though it's some kind of benefit to customers ("Free institutional-grade storage for your digital assets.")? And then some people are writing to the OSC that custodians should be mandatory for all funds on every exchange platform? That this somehow will make Canadians as a whole more secure or better protected compared with standard air-gapped multi-sig? On what planet? Most of the problems in Canada stemmed from one thing - a lack of transparency. If Canadians had known what a joke Quadriga was - it wouldn't have grown to lose $400m from hard-working Canadians from coast to coast to coast. And Gerald Cotten would be in jail, not wherever he is now (at best, rotting peacefully). EZ-BTC and mister Dave Smilie would have been a tiny little scam to his friends, not a multi-million dollar fraud. Einstein would have got their act together or been shut down BEFORE losing millions and millions more in people's funds generously donated to criminals. MapleChange wouldn't have even been a thing. And maybe we'd know a little more about CoinTradeNewNote - like how much was lost in there. Almost all of the major losses with cryptocurrency exchanges involve deception with unbacked funds. So it's great to see transparency reports from BitBuy and ShakePay where someone independently verified the backing. The only thing we don't have is:
ANY CERTAINTY BALANCES WEREN'T EXCLUDED. Quadriga's largest account was $70m. 80% of funds are in 20% of accounts (Pareto principle). All it takes is excluding a few really large accounts - and nobody's the wiser. A fractional platform can easily pass any audit this way.
ANY VISIBILITY WHATSOEVER INTO THE CUSTODIANS. BitBuy put out their report before moving all the funds to their custodian and ShakePay apparently can't even tell us who the custodian is. That's pretty important considering that basically all of the funds are now stored there.
ANY IDEA ABOUT THE OTHER EXCHANGES. In order for this to be effective, it has to be the norm. It needs to be "unusual" not to know. If obscurity is the norm, then it's super easy for people like Gerald Cotten and Dave Smilie to blend right in.
It's not complicated to validate cryptocurrency assets. They need to exist, they need to be spendable, and they need to cover the total balances. There are plenty of credible people and firms across the country that have the capacity to reasonably perform this validation. Having more frequent checks by different, independent, parties who publish transparent reports is far more valuable than an annual check by a single "more credible/official" party who does the exact same basic checks and may or may not publish anything. Here's an example set of requirements that could be mandated:
First report within 1 month of launching, another within 3 months, and further reports at minimum every 6 months thereafter.
No auditor can be repeated within a 12 month period.
All reports must be public, identifying the auditor and the full methodology used.
All auditors must be independent of the firm being audited with no conflict of interest.
Reports must include the percentage of each asset backed, and how it's backed.
The auditor publishes a hash list, which lists a hash of each customer's information and balances that were included. Hash is one-way encryption so privacy is fully preserved. Every customer can use this to have 100% confidence they were included.
If we want more extensive requirements on audits, these should scale upward based on the total assets at risk on the platform, and whether the platform has loaned their assets out.
There are ways to structure audits such that neither crypto assets nor customer information are ever put at risk, and both can still be properly validated and publicly verifiable. There are also ways to structure audits such that they are completely reasonable for small platforms and don't inhibit innovation in any way. By making the process as reasonable as possible, we can completely eliminate any reason/excuse that an honest platform would have for not being audited. That is arguable far more important than any incremental improvement we might get from mandating "the best of the best" accountants. Right now we have nothing mandated and tons of Canadians using offshore exchanges with no oversight whatsoever. Transparency does not prove crypto assets are safe. CoinTradeNewNote, Flexcoin ($600k), and Canadian Bitcoins ($100k) are examples where crypto-assets were breached from platforms in Canada. All of them were online wallets and used no multi-sig as far as any records show. This is consistent with what we see globally - air-gapped multi-sig wallets have an impeccable record, while other schemes tend to suffer breach after breach. We don't actually know how much CoinTrader lost because there was no visibility. Rather than publishing details of what happened, the co-founder of CoinTrader silently moved on to found another platform - the "most trusted way to buy and sell crypto" - a site that has no information whatsoever (that I could find) on the storage practices and a FAQ advising that “[t]rading cryptocurrency is completely safe” and that having your own wallet is “entirely up to you! You can certainly keep cryptocurrency, or fiat, or both, on the app.” Doesn't sound like much was learned here, which is really sad to see. It's not that complicated or unreasonable to set up a proper hardware wallet. Multi-sig can be learned in a single course. Something the equivalent complexity of a driver's license test could prevent all the cold storage exploits we've seen to date - even globally. Platform operators have a key advantage in detecting and preventing fraud - they know their customers far better than any custodian ever would. The best job that custodians can do is to find high integrity individuals and train them to form even better wallet signatories. Rather than mandating that all platforms expose themselves to arbitrary third party risks, regulations should center around ensuring that all signatories are background-checked, properly trained, and using proper procedures. We also need to make sure that signatories are empowered with rights and responsibilities to reject and report fraud. They need to know that they can safely challenge and delay a transaction - even if it turns out they made a mistake. We need to have an environment where mistakes are brought to the surface and dealt with. Not one where firms and people feel the need to hide what happened. In addition to a knowledge-based test, an auditor can privately interview each signatory to make sure they're not in coercive situations, and we should make sure they can freely and anonymously report any issues without threat of retaliation. A proper multi-sig has each signature held by a separate person and is governed by policies and mutual decisions instead of a hierarchy. It includes at least one redundant signature. For best results, 3of4, 3of5, 3of6, 4of5, 4of6, 4of7, 5of6, or 5of7. History has demonstrated over and over again the risk of hot wallets even to highly credible organizations. Nonetheless, many platforms have hot wallets for convenience. While such losses are generally compensated by platforms without issue (for example Poloniex, Bitstamp, Bitfinex, Gatecoin, Coincheck, Bithumb, Zaif, CoinBene, Binance, Bitrue, Bitpoint, Upbit, VinDAX, and now KuCoin), the public tends to focus more on cases that didn't end well. Regardless of what systems are employed, there is always some level of risk. For that reason, most members of the public would prefer to see third party insurance. Rather than trying to convince third party profit-seekers to provide comprehensive insurance and then relying on an expensive and slow legal system to enforce against whatever legal loopholes they manage to find each and every time something goes wrong, insurance could be run through multiple exchange operators and regulators, with the shared interest of having a reputable industry, keeping costs down, and taking care of Canadians. For example, a 4 of 7 multi-sig insurance fund held between 5 independent exchange operators and 2 regulatory bodies. All Canadian exchanges could pay premiums at a set rate based on their needed coverage, with a higher price paid for hot wallet coverage (anything not an air-gapped multi-sig cold wallet). Such a model would be much cheaper to manage, offer better coverage, and be much more reliable to payout when needed. The kind of coverage you could have under this model is unheard of. You could even create something like the CDIC to protect Canadians who get their trading accounts hacked if they can sufficiently prove the loss is legitimate. In cases of fraud, gross negligence, or insolvency, the fund can be used to pay affected users directly (utilizing the last transparent balance report in the worst case), something which private insurance would never touch. While it's recommended to have official policies for coverage, a model where members vote would fully cover edge cases. (Could be similar to the Supreme Court where justices vote based on case law.) Such a model could fully protect all Canadians across all platforms. You can have a fiat coverage governed by legal agreements, and crypto-asset coverage governed by both multi-sig and legal agreements. It could be practical, affordable, and inclusive. Now, we are at a crossroads. We can happily give up our freedom, our innovation, and our money. We can pay hefty expenses to auditors, lawyers, and regulators year after year (and make no mistake - this cost will grow to many millions or even billions as the industry grows - and it will be borne by all Canadians on every platform because platforms are not going to eat up these costs at a loss). We can make it nearly impossible for any new platform to enter the marketplace, forcing Canadians to use the same stagnant platforms year after year. We can centralize and consolidate the entire industry into 2 or 3 big players and have everyone else fail (possibly to heavy losses of users of those platforms). And when a flawed security model doesn't work and gets breached, we can make it even more complicated with even more people in suits making big money doing the job that blockchain was supposed to do in the first place. We can build a system which is so intertwined and dependent on big government, traditional finance, and central bankers that it's future depends entirely on that of the fiat system, of fractional banking, and of government bail-outs. If we choose this path, as history has shown us over and over again, we can not go back, save for revolution. Our children and grandchildren will still be paying the consequences of what we decided today. Or, we can find solutions that work. We can maintain an open and innovative environment while making the adjustments we need to make to fully protect Canadian investors and cryptocurrency users, giving easy and affordable access to cryptocurrency for all Canadians on the platform of their choice, and creating an environment in which entrepreneurs and problem solvers can bring those solutions forward easily. None of the above precludes innovation in any way, or adds any unreasonable cost - and these three policies would demonstrably eliminate or resolve all 109 historic cases as studied here - that's every single case researched so far going back to 2011. It includes every loss that was studied so far not just in Canada but globally as well. Unfortunately, finding answers is the least challenging part. Far more challenging is to get platform operators and regulators to agree on anything. My last post got no response whatsoever, and while the OSC has told me they're happy for industry feedback, I believe my opinion alone is fairly meaningless. This takes the whole community working together to solve. So please let me know your thoughts. Please take the time to upvote and share this with people. Please - let's get this solved and not leave it up to other people to do. Facts/background/sources (skip if you like):
The inspiration for the paragraph about splitting wallets was an actual quote from a Canadian company providing custodial services in response to the OSC consultation paper: "We believe that it will be in the in best interests of investors to prohibit pooled crypto assets or ‘floats’. Most Platforms pool assets, citing reasons of practicality and expense. The recent hack of the world’s largest Platform – Binance – demonstrates the vulnerability of participants’ assets when such concessions are made. In this instance, the Platform’s entire hot wallet of Bitcoins, worth over $40 million, was stolen, facilitated in part by the pooling of client crypto assets." "the maintenance of participants (and Platform) crypto assets across multiple wallets distributes the related risk and responsibility of security - reducing the amount of insurance coverage required and making insurance coverage more readily obtainable". For the record, their reply also said nothing whatsoever about multi-sig or offline storage.
In addition to the fact that the $40m hack represented only one "hot wallet" of Binance, and they actually had the vast majority of assets in other wallets (including mostly cold wallets), multiple real cases have clearly demonstrated that risk is still present with multiple wallets. Bitfinex, VinDAX, Bithumb, Altsbit, BitPoint, Cryptopia, and just recently KuCoin all had multiple wallets breached all at the same time, and may represent a significantly larger impact on customers than the Binance breach which was fully covered by Binance. To represent that simply having multiple separate wallets under the same security scheme is a comprehensive way to reduce risk is just not true.
Private insurance has historically never covered a single loss in the cryptocurrency space (at least, not one that I was able to find), and there are notable cases where massive losses were not covered by insurance. Bitpay in 2015 and Yapizon in 2017 both had insurance policies that didn't pay out during the breach, even after a lengthly court process. The same insurance that ShakePay is presently using (and announced to much fanfare) was describe by their CEO himself as covering “physical theft of the media where the private keys are held,” which is something that has never historically happened. As was said with regard to the same policy in 2018 - “I don’t find it surprising that Lloyd’s is in this space,” said Johnson, adding that to his mind the challenge for everybody is figuring out how to structure these policies so that they are actually protective. “You can create an insurance policy that protects no one – you know there are so many caveats to the policy that it’s not super protective.”
The most profitable policy for a private insurance company is one with the most expensive premiums that they never have to pay a claim on. They have no inherent incentive to take care of people who lost funds. It's "cheaper" to take the reputational hit and fight the claim in court. The more money at stake, the more the insurance provider is incentivized to avoid payout. They're not going to insure the assets unless they have reasonable certainty to make a profit by doing so, and they're not going to pay out a massive sum unless it's legally forced. Private insurance is always structured to be maximally profitable to the insurance provider.
The circumvention of multi-sig was a key factor in the massive Bitfinex hack of over $60m of bitcoin, which today still sits being slowly used and is worth over $3b. While Bitfinex used a qualified custodian Bitgo, which was and still is active and one of the industry leaders of custodians, and they set up 2 of 3 multi-sig wallets, the entire system was routed through Bitfinex, such that Bitfinex customers could initiate the withdrawals in a "hot" fashion. This feature was also a hit with the hacker. The multi-sig was fully circumvented.
Bitpay in 2015 was another example of a breach that stole 5,000 bitcoins. This happened not through the exploit of any system in Bitpay, but because the CEO of a company they worked with got their computer hacked and the hackers were able to request multiple bitcoin purchases, which Bitpay honoured because they came from the customer's computer legitimately. Impersonation is a very common tactic used by fraudsters, and methods get more extreme all the time.
A notable case in Canada was the Canadian Bitcoins exploit. Funds were stored on a server in a Rogers Data Center, and the attendee was successfully convinced to reboot the server "in safe mode" with a simple phone call, thus bypassing the extensive security and enabling the theft.
The very nature of custodians circumvents multi-sig. This is because custodians are not just having to secure the assets against some sort of physical breach but against any form of social engineering, modification of orders, fraudulent withdrawal attempts, etc... If the security practices of signatories in a multi-sig arrangement are such that the breach risk of one signatory is 1 in 100, the requirement of 3 independent signatures makes the risk of theft 1 in 1,000,000. Since hackers tend to exploit the weakest link, a comparable custodian has to make the entry and exit points of their platform 10,000 times more secure than one of those signatories to provide equivalent protection. And if the signatories beef up their security by only 10x, the risk is now 1 in 1,000,000,000. The custodian has to be 1,000,000 times more secure. The larger and more complex a system is, the more potential vulnerabilities exist in it, and the fewer people can understand how the system works when performing upgrades. Even if a system is completely secure today, one has to also consider how that system might evolve over time or work with different members.
By contrast, offline multi-signature solutions have an extremely solid record, and in the entire history of cryptocurrency exchange incidents which I've studied (listed here), there has only been one incident (796 exchange in 2015) involving an offline multi-signature wallet. It happened because the customer's bitcoin address was modified by hackers, and the amount that was stolen ($230k) was immediately covered by the exchange operators. Basically, the platform operators were tricked into sending a legitimate withdrawal request to the wrong address because hackers exploited their platform to change that address. Such an issue would not be prevented in any way by the use of a custodian, as that custodian has no oversight whatsoever to the exchange platform. It's practical for all exchange operators to test large withdrawal transactions as a general policy, regardless of what model is used, and general best practice is to diagnose and fix such an exploit as soon as it occurs.
False promises on the backing of funds played a huge role in the downfall of Quadriga, and it's been exposed over and over again (MyCoin, PlusToken, Bitsane, Bitmarket, EZBTC, IDAX). Even today, customers have extremely limited certainty on whether their funds in exchanges are actually being backed or how they're being backed. While this issue is not unique to cryptocurrency exchanges, the complexity of the technology and the lack of any regulation or standards makes problems more widespread, and there is no "central bank" to come to the rescue as in the 2008 financial crisis or during the great depression when "9,000 banks failed".
In addition to fraudulent operations, the industry is full of cases where operators have suffered breaches and not reported them. Most recently, Einstein was the largest case in Canada, where ongoing breaches and fraud were perpetrated against the platform for multiple years and nobody found out until the platform collapsed completely. While fraud and breaches suck to deal with, they suck even more when not dealt with. Lack of visibility played a role in the largest downfalls of Mt. Gox, Cryptsy, and Bitgrail. In some cases, platforms are alleged to have suffered a hack and keep operating without admitting it at all, such as CoinBene.
It surprises some to learn that a cryptographic solution has already existed since 2013, and gained widespread support in 2014 after Mt. Gox. Proof of Reserves is a full cryptographic proof that allows any customer using an exchange to have complete certainty that their crypto-assets are fully backed by the platform in real-time. This is accomplished by proving that assets exist on the blockchain, are spendable, and fully cover customer deposits. It does not prove safety of assets or backing of fiat assets.
If we didn't care about privacy at all, a platform could publish their wallet addresses, sign a partial transaction, and put the full list of customer information and balances out publicly. Customers can each check that they are on the list, that the balances are accurate, that the total adds up, and that it's backed and spendable on the blockchain. Platforms who exclude any customer take a risk because that customer can easily check and see they were excluded. So together with all customers checking, this forms a full proof of backing of all crypto assets.
However, obviously customers care about their private information being published. Therefore, a hash of the information can be provided instead. Hash is one-way encryption. The hash allows the customer to validate inclusion (by hashing their own known information), while anyone looking at the list of hashes cannot determine the private information of any other user. All other parts of the scheme remain fully intact. A model like this is in use on the exchange CoinFloor in the UK.
A Merkle tree can provide even greater privacy. Instead of a list of balances, the balances are arranged into a binary tree. A customer starts from their node, and works their way to the top of the tree. For example, they know they have 5 BTC, they plus 1 other customer hold 7 BTC, they plus 2-3 other customers hold 17 BTC, etc... until they reach the root where all the BTC are represented. Thus, there is no way to find the balances of other individual customers aside from one unidentified customer in this case.
Proposals such as this had the backing of leaders in the community including Nic Carter, Greg Maxwell, and Zak Wilcox. Substantial and significant effort started back in 2013, with massive popularity in 2014. But what became of that effort? Very little. Exchange operators continue to refuse to give visibility. Despite the fact this information can often be obtained through trivial blockchain analysis, no Canadian platform has ever provided any wallet addresses publicly. As described by the CEO of Newton "For us to implement some kind of realtime Proof of Reserves solution, which I'm not opposed to, it would have to ... Preserve our users' privacy, as well as our own. Some kind of zero-knowledge proof". Kraken describes here in more detail why they haven't implemented such a scheme. According to professor Eli Ben-Sasson, when he spoke with exchanges, none were interested in implementing Proof of Reserves.
And yet, Kraken's places their reasoning on a page called "Proof of Reserves". More recently, both BitBuy and ShakePay have released reports titled "Proof of Reserves and Security Audit". Both reports contain disclaimers against being audits. Both reports trust the customer list provided by the platform, leaving the open possibility that multiple large accounts could have been excluded from the process. Proof of Reserves is a blockchain validation where customers see the wallets on the blockchain. The report from Kraken is 5 years old, but they leave it described as though it was just done a few weeks ago. And look at what they expect customers to do for validation. When firms represent something being "Proof of Reserve" when it's not, this is like a farmer growing fruit with pesticides and selling it in a farmers market as organic produce - except that these are people's hard-earned life savings at risk here. Platforms are misrepresenting the level of visibility in place and deceiving the public by their misuse of this term. They haven't proven anything.
Fraud isn't a problem that is unique to cryptocurrency. Fraud happens all the time. Enron, WorldCom, Nortel, Bear Stearns, Wells Fargo, Moser Baer, Wirecard, Bre-X, and Nicola are just some of the cases where frauds became large enough to become a big deal (and there are so many countless others). These all happened on 100% reversible assets despite regulations being in place. In many of these cases, the problems happened due to the over-complexity of the financial instruments. For example, Enron had "complex financial statements [which] were confusing to shareholders and analysts", creating "off-balance-sheet vehicles, complex financing structures, and deals so bewildering that few people could understand them". In cryptocurrency, we are often combining complex financial products with complex technologies and verification processes. We are naïve if we think problems like this won't happen. It is awkward and uncomfortable for many people to admit that they don't know how something works. If we want "money of the people" to work, the solutions have to be simple enough that "the people" can understand them, not so confusing that financial professionals and technology experts struggle to use or understand them.
For those who question the extent to which an organization can fool their way into a security consultancy role, HB Gary should be a great example to look at. Prior to trying to out anonymous, HB Gary was being actively hired by multiple US government agencies and others in the private sector (with glowing testimonials). The published articles and hosted professional security conferences. One should also look at this list of data breaches from the past 2 years. Many of them are large corporations, government entities, and technology companies. These are the ones we know about. Undoubtedly, there are many more that we do not know about. If HB Gary hadn't been "outted" by anonymous, would we have known they were insecure? If the same breach had happened outside of the public spotlight, would it even have been reported? Or would HB Gary have just deleted the Twitter posts, brought their site back up, done a couple patches, and kept on operating as though nothing had happened?
In the case of Quadriga, the facts are clear. Despite past experience with platforms such as MapleChange in Canada and others around the world, no guidance or even the most basic of a framework was put in place by regulators. By not clarifying any sort of legal framework, regulators enabled a situation where a platform could be run by former criminal Mike Dhanini/Omar Patryn, and where funds could be held fully unchecked by one person. At the same time, the lack of regulation deterred legitimate entities from running competing platforms and Quadriga was granted a money services business license for multiple years of operation, which gave the firm the appearance of legitimacy. Regulators did little to protect Canadians despite Quadriga failing to file taxes from 2016 onward. The entire administrative team had resigned and this was public knowledge. Many people had suspicions of what was going on, including Ryan Mueller, who forwarded complaints to the authorities. These were ignored, giving Gerald Cotten the opportunity to escape without justice.
There are multiple issues with the SOC II model including the prohibitive cost (you have to find a third party accounting firm and the prices are not even listed publicly on any sites), the requirement of operating for a year (impossible for new platforms), and lack of any public visibility (SOC II are private reports that aren't shared outside the people in suits).
Securities frameworks are expensive. Sarbanes-Oxley is estimated to cost $5.1 million USD/yr for the average Fortune 500 company in the United States. Since "Fortune 500" represents the top 500 companies, that means well over $2.55 billion USD (~$3.4 billion CAD) is going to people in suits. Isn't the problem of trust and verification the exact problem that the blockchain is supposed to solve?
To use Quadriga as justification for why custodians or SOC II or other advanced schemes are needed for platforms is rather silly, when any framework or visibility at all, or even the most basic of storage policies, would have prevented the whole thing. It's just an embarrassment.
We are now seeing regulators take strong action. CoinSquare in Canada with multi-million dollar fines. BitMex from the US, criminal charges and arrests. OkEx, with full disregard of withdrawals and no communication. Who's next?
We have a unique window today where we can solve these problems, and not permanently destroy innovation with unreasonable expectations, but we need to act quickly. This is a unique historic time that will never come again.
Bitamp is an easy-to-use, client-side, open-source Bitcoin wallet. Connect with the blockchain to send and receive Bitcoin from anywhere, or any device, instantly. Create Wallet. Generate your own personal Bitcoin wallet. Receive coins to any of your public addresses (1..) (3..) (bc1..) and connect yourself to the blockchain. Get started . Login. Use your Bitamp generated seed to access your ... Armory is an open source wallet (released under the GNU AGPLv3) for producing and keeping Bitcoin private keys on your computer. It enhances security by providing users with cold storage and multi-signature support capabilities. With Armory, you can set up a wallet on a computer that is completely offline; you'll use the watch-only feature for observing your Bitcoin details on the internet ... BitcoinOfficial.org is a simple and free Bitcoin wallet online. We created a Bitcoin Official wallet in accordance with the principles laid down by Satoshi Nakamoto, the creator of Bitcoin: The funds are safe and under your complete control. Light bitcoin wallet, download is not necessary. Open access to private keys and full control over the commission. Free anonymous Bitcoin Wallet without ... Die Bitcoin-Software ist zu 100% Open Source. Das bedeutet, dass grundsätzlich jeder ohne Kosten im Bitcoin-Netzwerk als sog. „Miner“ agieren kann. Doch Achtung: Das an sich kostenlose Handelssystem darf natürlich nicht mit den daraus geschöpften Bitcoins selbst verwechselt werden. Verschiedene Währungen. Auch wenn im Bereich der Kryptowährungen fast immer nur über Bitcoins ... Bitcoin Armory claims to be the only open source wallet with cold storage and multi-signature support. This is a nice feature allowing you to access your assets even when you're not connected to the internet. 2013: Windows, Mac, Ubuntu: 2600: 4.83k: 0: 2: Wasabi: Wasabi is a desktop open source, non-custodial wallet focused on privacy. It uses ...
How to create a Bitcoin Wallet-(CryptoCurrency-Bitcoin ...
How to create a unhackable bitcoin wallet at home no programming skills required - Duration: 7 ... First look at the Bitcoin source code - Duration: 13:58. Bitcoin Daytrader 18,319 views. 13:58 ... Blockchain.info - How to open a Bitcoin wallet to receive Bitcoin from Btcexpress. Category People & Blogs; Source videos View attributions; Show more Show less. Loading... Autoplay When autoplay ... In this video I show you how to open a bitcoin wallet and explain how you can utilise bitcoin by using a growing number of bitcoin debit cards . This is one of a string of videos that I am making ... 🔴LIVE Cardano Summit 2020 Charles Hoskinson Opening Keynote: Shelley Edition Cardano Foundation [LIVE] 17,882 watching Live now 2020 Bitcoin Halving (Halvening) - WCN - Part 5 - Adam Back ... In this video, you'll learn how to get your first Bitcoin Wallet, so you have a way to store your Bitcoins. Free Video Reveals: How To Earn 3.24 BTC In 51 Da...