How to Create a Safe Cold-Storage Bitcoin CASH Wallet?
hi i know how to create bitcoin wallet safely, but not bitcoin cash! the bitcoin cash reddit has a list of wallets it recommends but no guides. I ordered two Ledger Nano S' but they will take a couple of weeks. I want a place to store my bitcoincash now (via hitbtc.com) and safely. Coinomi, Electron cash or Bitcoin.com wallet? is it the same as electrum a separate offline-PC for generating the seed? Can i sign transanctions offline on the offline-PC? What about the online 'BTC wallet'? safe? sorry for all the questions
Ultimate glossary of crypto currency terms, acronyms and abbreviations
You've probably been hearing a lot about Bitcoin recently and are wondering what's the big deal? Most of your questions should be answered by the resources below but if you have additional questions feel free to ask them in the comments. It all started with the release of the release of Satoshi Nakamoto's whitepaper however that will probably go over the head of most readers so we recommend the following videos for a good starting point for understanding how bitcoin works and a little about its long term potential:
Limited Supply - There will only ever be 21,000,000 bitcoins created and they are issued in a predictable fashion, you can view the inflation schedule here. Once they are all issued Bitcoin will be truly deflationary. The halving countdown can be found here.
Open source - Bitcoin code is fully auditable. You can read the source code yourself here.
Accountable - The public ledger is transparent, all transactions are seen by everyone.
Decentralized - Bitcoin is globally distributed across thousands of nodes with no single point of failure and as such can't be shut down similar to how Bittorrent works. You can even run a node on a Raspberry Pi.
Censorship resistant - No one can prevent you from interacting with the bitcoin network and no one can censor, alter or block transactions that they disagree with, see Operation Chokepoint.
Push system - There are no chargebacks in bitcoin because only the person who owns the address where the bitcoins reside has the authority to move them.
Low fee scaling - On chain transaction fees depend on network demand and how much priority you wish to assign to the transaction. Most wallets calculate on chain fees automatically but you can view current fees here and mempool activity here. On chain fees may rise occasionally due to network demand, however instant micropayments that do not require confirmations are happening via the Lightning Network, a second layer scaling solution currently rolling out on the Bitcoin mainnet.
Borderless - No country can stop it from going in/out, even in areas currently unserved by traditional banking as the ledger is globally distributed.
Portable - Bitcoins are digital so they are easier to move than cash or gold. They can even be transported by simply memorizing a string of words for wallet recovery (while cool this method is generally not recommended due to potential for insecure key generation by inexperienced users. Hardware wallets are the preferred method for new users due to ease of use and additional security).
Bitcoin.org and BuyBitcoinWorldwide.com are helpful sites for beginners. You can buy or sell any amount of bitcoin (even just a few dollars worth) and there are several easy methods to purchase bitcoin with cash, credit card or bank transfer. Some of the more popular resources are below, also check out the bitcoinity exchange resources for a larger list of options for purchases.
Here is a listing of local ATMs. If you would like your paycheck automatically converted to bitcoin use Bitwage. Note: Bitcoins are valued at whatever market price people are willing to pay for them in balancing act of supply vs demand. Unlike traditional markets, bitcoin markets operate 24 hours per day, 365 days per year. Preev is a useful site that that shows how much various denominations of bitcoin are worth in different currencies. Alternatively you can just Google "1 bitcoin in (your local currency)".
Securing your bitcoins
With bitcoin you can "Be your own bank" and personally secure your bitcoins OR you can use third party companies aka "Bitcoin banks" which will hold the bitcoins for you.
If you prefer to "Be your own bank" and have direct control over your coins without having to use a trusted third party, then you will need to create your own wallet and keep it secure. If you want easy and secure storage without having to learn computer security best practices, then a hardware wallet such as the Trezor, Ledger or ColdCard is recommended. Alternatively there are many software wallet options to choose from here depending on your use case.
If you prefer to let third party "Bitcoin banks" manage your coins, try Gemini but be aware you may not be in control of your private keys in which case you would have to ask permission to access your funds and be exposed to third party risk.
Note: For increased security, use Two Factor Authentication (2FA) everywhere it is offered, including email! 2FA requires a second confirmation code to access your account making it much harder for thieves to gain access. Google Authenticator and Authy are the two most popular 2FA services, download links are below. Make sure you create backups of your 2FA codes.
As mentioned above, Bitcoin is decentralized, which by definition means there is no official website or Twitter handle or spokesperson or CEO. However, all money attracts thieves. This combination unfortunately results in scammers running official sounding names or pretending to be an authority on YouTube or social media. Many scammers throughout the years have claimed to be the inventor of Bitcoin. Websites like bitcoin(dot)com and the btc subreddit are active scams. Almost all altcoins (shitcoins) are marketed heavily with big promises but are really just designed to separate you from your bitcoin. So be careful: any resource, including all linked in this document, may in the future turn evil. Don't trust, verify. Also as they say in our community "Not your keys, not your coins".
Where can I spend bitcoins?
Check out spendabit or bitcoin directory for millions of merchant options. Also you can spend bitcoin anywhere visa is accepted with bitcoin debit cards such as the CashApp card. Some other useful site are listed below.
Mining bitcoins can be a fun learning experience, but be aware that you will most likely operate at a loss. Newcomers are often advised to stay away from mining unless they are only interested in it as a hobby similar to folding at home. If you want to learn more about mining you can read more here. Still have mining questions? The crew at /BitcoinMining would be happy to help you out. If you want to contribute to the bitcoin network by hosting the blockchain and propagating transactions you can run a full node using this setup guide. If you would prefer to keep it simple there are several good options. You can view the global node distribution here.
Just like any other form of money, you can also earn bitcoins by being paid to do a job.
You can also earn bitcoins by participating as a market maker on JoinMarket by allowing users to perform CoinJoin transactions with your bitcoins for a small fee (requires you to already have some bitcoins.
The following is a short list of ongoing projects that might be worth taking a look at if you are interested in current development in the bitcoin space.
One Bitcoin is quite large (hundreds of £/$/€) so people often deal in smaller units. The most common subunits are listed below:
one bitcoin is equal to 100 million satoshis
1,000 per bitcoin
used as default unit in recent Electrum wallet releases
1,000,000 per bitcoin
colloquial "slang" term for microbitcoin (μBTC)
100,000,000 per bitcoin
smallest unit in bitcoin, named after the inventor
For example, assuming an arbitrary exchange rate of $10000 for one Bitcoin, a $10 meal would equal:
For more information check out the Bitcoin units wiki. Still have questions? Feel free to ask in the comments below or stick around for our weekly Mentor Monday thread. If you decide to post a question in /Bitcoin, please use the search bar to see if it has been answered before, and remember to follow the community rules outlined on the sidebar to receive a better response. The mods are busy helping manage our community so please do not message them unless you notice problems with the functionality of the subreddit. Note: This is a community created FAQ. If you notice anything missing from the FAQ or that requires clarification you can edit it here and it will be included in the next revision pending approval. Welcome to the Bitcoin community and the new decentralized economy!
There is a constant war being fought between goldbugs, like Peter Schiff, and Bitcoin enthusiasts so I decided to make an outline, with links, comparing and contrasting gold and Bitcoin. I made this in November of 2019 (thus the information therein is based on figures from that time) but, being scatter brained, neglected to post this for the Bitcoin community to see. The yardsticks I used to compare the two assets included the following: shipping/transactions costs, storage costs, censorship factor, settlement time, stock to flow, blockchain vs clearing house, validation, etc. I will also touch on Roosevelt's gold confiscation executive order in 1933, transporting gold during the Spanish Civil War in 1936, and the hypothetical cost for Venezuela to repatriate its gold more recently. I will provide a brief summary first then follow that with the outline I made. This information can be used as a tool for the Bitcoin community to combat some of the silly rhetoric coming from goldbugs such as Peter Schiff and James Rickards. I would like to make it clear, however, that I am not against gold and think that it performed its role as money very well in a technologically inferior era, namely Victorian times but I think Bitcoin performs the functions of money better than gold does in the current environment. I have been looking to make a contribution to the Bitcoin community and I hope this is a useful and educational tool for everyone who reads this. Summary: Shipping/transaction costs: 100 ounces of gold could be shipped for 315 dollars; the comparable dollar value in Bitcoin could be sent for 35 dollars using a non-segwit address. Using historical precendent, it would cost an estimated $32,997,989 to transport $1 billion in gold using the 3.3% fee that the Soviets charged the Spaniards in 1936; a $1 billion Bitcoin transaction moved for $690 last year by comparison. Please note that the only historic example we can provide for moving enormous sums of gold was when the government of Spain transported gold to Moscow during the Spanish Civil War in 1936. More information on this topic will be found in the notes section. Storage costs: 100 ounces of gold would require $451 per year to custody while the equivalent value of Bitcoin in dollar terms could be stored for the cost of a Ledger Nano S, $59.99. $1 billion USD value of gold would cost $2,900,000 per year while an Armory set up that is more secure would run you the cost of a laptop, $200-300. Censorship factor: Gold must pass through a 3rd party whenever it is shipped, whether for a transaction or for personal transportation. Gold will typically have to be declared and a customs duty may be imposed when crossing international borders. The key take-away is gatekeepers (customs) can halt movement of gold thus making transactions difficult. $46,000 of gold was seized in India despite the smugglers hiding it in their rectums. Settlement time: Shipping gold based on 100 ounces takes anywhere from 3-10 days while Bitcoin transactions clear in roughly 10 minutes depending on network congestion and fee size. Historic confiscation: Franklin Roosevelt confiscated and debased the paper value of gold in 1933 with Executive Order 6102. Since gold is physical in nature and value dense, it is often stored in custodial vaults like banks and so forth which act as a honeypot for rapacious governments. Stock to flow: Plan B's stock to flow model has become a favorite on twitter. Stock to flow measures the relationship between the total stock of an asset against the amount that is produced in a given year. Currently gold still has the highest value at 62 while Bitcoin sits at 50 in 2nd place. Bitcoin will overtake gold in 2024 after the next halving. Blockchain vs clearing house: gold payments historically passed through a 3rd party (clearinghouse) in order to be validated while Bitcoin transactions can be self validated through the use of a node. Key Takeaway from above- Bitcoin is vastly superior to gold in terms of cost, speed, and censorship resistance. One could theoretically carry around an enormous sum of Bitcoin on a cold card while the equivalent dollar value of gold would require a wheelbarrow...and create an enormous target on the back of the transporter. With the exception of the stock to flow ratio (which will flip in Bitcoin's favor soon), Bitcoin is superior to gold by all metrics covered. Notes: Shipping/transaction costs Gold 100 oz = 155,500. 45 x 7 = $315 to ship 100 oz gold. https://seekingalpha.com/instablog/839735-katchum/2547831-how-much-does-it-cost-to-ship-silver-and-gold https://www.coininvest.com/en/shipping-prices/ 211 tonnes Venezuela; 3.3% of $10.5 billion = 346,478,880 or 32,997,989/billion usd http://blogs.reuters.com/felix-salmon/2011/08/23/how-to-get-12-billion-of-gold-to-venezuela/ (counter party risk; maduro; quotes from article) Bitcoin 18 bitcoin equivalent value; 35 USD with legacy address https://blockexplorer.com/ https://bitcoinfees.info/ 1 billion; $690 dollars https://arstechnica.com/tech-policy/2019/09/someone-moved-1-billion-in-a-single-bitcoin-transaction/ Storage costs Gold .29% annually; https://sdbullion.com/gold-silver-storage 100 oz – $451/year $1 billion USD value – $2,900,000/year Bitcoin Ledger Nano S - $59.00 (for less bitcoin) https://shop.ledger.com/products/ledger-nano-s/transparent?flow_country=USA&gclid=EAIaIQobChMI3ILV5O-Z5wIVTtbACh1zTAwqEAQYASABEgJ5SPD_BwE Armory - $200-300 cost of laptop for setup https://www.bitcoinarmory.com/ Censorship factor (must pass through 3rd party) Varies by country Gold will typically have to be declared and a customs duty may be imposed Key take-away is gatekeepers (customs) can halt movement of gold thus making transactions difficult $46,000 seized in India https://www.foxnews.com/travel/indian-airport-stops-29-passengers-smuggling-gold-in-their-rectums Settlement time Gold For 100 oz transaction by USPS 3-10 days (must pass through 3rd party) Bitcoin Roughly 10 minutes to be included in next block Historic confiscation-roosevelt 1933 Executive Order 6102 (forced spending, fed could ban cash, go through and get quotes) https://en.wikipedia.org/wiki/Executive_Order_6102 “The stated reason for the order was that hard times had caused "hoarding" of gold, stalling economic growth and making the depression worse” Stock to flow; https://medium.com/@100trillionUSD/modeling-bitcoins-value-with-scarcity-91fa0fc03e25 (explain what it is and use charts in article) Gold; SF of 62 Bitcoin; SF of 25 but will double to 50 after May (and to 100 in four years) Blockchain vs clearing house Transactions can be validated by running a full node vs. third party settlement Validation Gold; https://www.goldismoney2.com/threads/cost-to-assay.6732/ (Read some responses) Bitcoin Cost of electricity to run a full node Breaking down Venezuela conundrum; http://blogs.reuters.com/felix-salmon/2011/08/23/how-to-get-12-billion-of-gold-to-venezuela/ “The last (and only) known case of this kind of quantity of gold being transported across state lines took place almost exactly 75 years ago, in 1936, when the government of Spain removed 560 tons of gold from Madrid to Moscow as the armies of Francisco Franco approached. Most of the gold was exchanged for Russian weaponry, with the Soviet Union keeping 2.1% of the funds in the form of commissions and brokerage, and an additional 1.2% in the form of transport, deposit, melting, and refining expenses.” “Venezuela would need to transport the gold in several trips, traders said, since the high value of gold means it would be impossible to insure a single aircraft carrying 211 tonnes. It could take about 40 shipments to move the gold back to Caracas, traders estimated. “It’s going to be quite a task. Logistically, I’m not sure if the central bank realises the magnitude of the task ahead of them,” said one senior gold banker.” “So maybe Chávez intends to take matters into his own hands, and just sail the booty back to Venezuela on one of his own naval ships. Again, the theft risk is obvious — seamen can be greedy too — and this time there would be no insurance. Chávez is pretty crazy, but I don’t think he’d risk $12 billion that way.” “Which leaves one final alternative. Gold is fungible, and people are actually willing to pay a premium to buy gold which is sitting in the Bank of England’s ultra-secure vaults. So why bother transporting that gold at all? Venezuela could enter into an intercontinental repo transaction, where it sells its gold in the Bank of England to some counterparty, and then promises to buy it all back at a modest discount, on condition that it’s physically delivered to the Venezuelan central bank in Caracas. It would then be up to the counterparty to work out how to get 211 tons of gold to Caracas by a certain date. That gold could be sourced anywhere in the world, and transported in any conceivable manner — being much less predictable and transparent, those shipments would also be much harder to hijack. How much of a discount would a counterparty require to enter into this kind of transaction? Much more than 3.3%, is my guess. And again, it’s not entirely clear who would even be willing to entertain the idea. Glencore, perhaps?” “But here’s one last idea: why doesn’t Chávez crowdsource the problem? He could simply open a gold window at the Banco Central de Venezuela, where anybody at all could deliver standard gold bars. In return, the central bank would transfer to that person an equal number of gold bars in the custody of the Bank of England, plus a modest bounty of say 2% — that’s over $15,000 per 400-ounce bar, at current rates. It would take a little while, but eventually the gold would start trickling in: if you’re willing to pay a constant premium of 2% over the market price for a good, you can be sure that the good in question will ultimately find its way to your door. And the 2% cost of acquiring all that gold would surely be much lower than the cost of insuring and shipping it from England. It would be an elegant market-based solution to an artificial and ideologically-driven problem; I daresay Chávez might even chuckle at the irony of it. He’d just need to watch out for a rise in Andean banditry, as thieves tried to steal the bars on their disparate journeys into Venezuela.”
I setup a offline cold storage wallet and have the 24 word seed. The seed has never touched the internet or a system that's ever touched the internet. I plan on using the public key to send funds to this on a recurring basis by sending bitcoin to a watch only wallet which is generating addresses based on the master public key. My question is, how do I verify that the bitcoin is actually linked to my private 24 word seed other than knowing that it was created in a proper and safe way (offline PC, Tails OS, no networking, opened a pre saved offline version of: https://github.com/iancoleman/bip39 in Tor and created the seed. Is there some air gapped offline way or restoring the 24 word seed and verifying that the Bitcoin is there without exposing any private keys to the internet? Is it safe to just trust the Bitcoin is there because I can SEE it there using my watch only wallet? Thanks!
Edit: Currently writing a new version of this, dont know when it will be done. Edit: Since first post I have updated a few sections with additional information. I recommend reading it all even if it is very long, I might have placed some relevant info in different sections while thinking about what else needed to be added, plenty of steps remains mostly the same except when I comment directly on it. It is not necessary to do 100% security all the time, unless you absolutely need it, combining some high and some lower security ideas for a balance of security and convenience is useful. I will base this mostly on Windows, Linux users probably know this, and I have no idea how apple machines work (tho many things in here are still relevant for other operating systems, as they are just general tips) Disclaimer: There are certainly other steps that can make you more anonymous or safer, however I think for most people this will surfice. Any software I recommend should be independently verified for security, and examples of software are not to be taken as endorsements. I simply use examples and give recommendations when I believe it necessary, or helpful. I will not really differentiate between anonymity and security, they are often the same thing. As such the word security can mean either more anonymous, less vulnerable, or both. -------- Everyday Simple Info Sec:
Password for the device is an obvious one (8+ characters minimum, best if over +12), if there is sensitive information on any of the drives, either encrypt the entire drive or just the sensitive files, and make encrypted backups on a different memory storage device (There many programs to encrypt files and drives I'm sure a search will figure it out)
-There could be a hidden administrator user on your PC, make sure to change its password
Always use the device on a non admin account
a VPN that doesn't log (use with kill switch on, should be enough for everyday stuff, more safe stuff in the high security section) (VPNs that claim they don't log sometimes do, it's bad, but I would like to point out that not using a VPN will always expose your traffic to your ISP and also remove additional encryption. Even if the VPN tracks, there is no downside because your ISP would track anyways, and VPNs can be more anonymous, and also add extra encryption)
disable location tracking (preferably make all your privacy setting to release minimal info, get rid or cortana, change privacy settings in all of your accounts as well, there's no reason why you should allow Facebook to give you target ads. Use the setting they give you.
TOR, Firefox or similar browser, stay the fuck away from Google Chrome.
your preferred search engine should be duckduckgo (other privacy focused search engines exist as well)
use an adblocker that also prevents the adding of tacking cookies
Use pgp with all your friends or messaging services that implemented end to end encryption (Implemented services can still be bypassed, but are way more convenient so for everyday use they should suffice, some examples should be Telegraph, Signal, WhatsApp etc) (more info on pgp in high security section)
(Snapchat msgs, reddit dms, discord msgs, are just a few examples of msgs that are never encrypted) -Any info even send in encrypted msgs (and obviously non encrypted) should still be kept with possible deniability, don't say "I'm gonna do MDMA", say "I'm going out with molly."
use software (like ccleaner) that purges cookies and other data after every use, before shutting down your device
use a virus scanner daily (I like spy bot Search and destroy, many other options also exist)
never use the same password/passphrase twice (I will address what passphrase are below) (Better yet use randomized passwords that are stored in a master key chain, make them as long as possible (tho it is okay to go with the minimum of 12 never go below 7, I recommend 15+ depending on how often you have to manually enter the password instead of copying/pasting it) Don't generate too long keys for things you need to access regularly without copy/paste, except your master key ring)
its ideal to never use the same email or username as well, especially username, email is obviously tricky and also very annoying, but it would be best to always change the email.
-DO NOT STORE ANY PASSWORDS ON GOOGLE, IF GOOGLE LOGIN IS AUTHENTICATED IT WILL AUTFILL ALL PASSWORDS IT HAS SAVED (same with other similar services) (This means if you are logged in to chrome and someone has access to your machine, they can auto fill passwords without entering a single password) -use a rememberable passphrase, especially for your master key ring aka password manager A long sentence that is memorable makes an okay password (decent example,: "I met my wife at Little Ceasers for the first time on 07/09/20" better even if it's just something you know, if its impersonal, and if you can add special characters or numbers that you won't forget) (A better example for a passphrase is: "There is 0nly 0ne letter that d0esn’t appear in any U.S. state nameQ")
for your main password manager(key ring), I highly recommend Keepass 2, make backups of the file save to separate devices and drives (Flash drives, phone, PC, laptop, etc, if you loose that file, you lose all of your passwords) (Other good password managers exist as well, I don't recommend online password managers as you lose the control over passwords)
-Purge your internet activity frequently, there's a reason why I only have one post, and a few comments appearing in my account, but thousands of kama. Exposing information needlessly is not good. -Never post private information publicly, and if you do, do it vaguely as possible. (Example: Not "I'm 15", say "I'm a teenager") Do not post any vital information ever, no birthdays, mother's maiden name, age, or anything you have ever seen in a security question. Never post your current activities while they are ongoing. You going on a vacation? Don't announce it to the world, taking picture there? Post them when you are home.
Any account that is supposed to remain anonymous and as secure as possible should only be used on secured devices. A unsecured device can link you to the account.
always shutdown your machine when leaving it (To prevent access, and to prevent a possible attack vector)
2 factor factor authentication is not great anymore. Unless you can do it over a anonymous source. A cell phone is usually directly connected to you, so it is not a anonymous device. There might still be secure/anonymous 2 factor authentication methods that won't expose you, for example over a secure email. (If there is 2FA that doesn't need a device that removes anonymity and is secure, use it.) (Please don't misunderstand, 2FA is great, however it can remove the anonymity that you worked hard to establish)
-Rethink how you do security questions. Many answers to security questions can be found in your internet history. One could use the first word of the security question as an answer, or a different sceme that will mean you always remember it. (Security question need to go, the amount of personal info an average person puts on the internet makes it easy to attack anything using security question) -------_ High level crimimal information security: The motto here is, "All the Security, All the Time" As one fuck up can end with you leaving a lick of traceability, and you could be fucked. Pre Note: All of your software should always be up to date. Also even perfect info sec does not guarantee you are completely safe, a new zero day (exploit) can still fuck you, but good info security makes you significantly safer, by eliminating as many attacks as possible. -Get a new device (or make a already owned device seem like you never owned it, do this only if you know how to, there's a lot of stuff that goes into that, like changing your mac adress etc) buy with cash, and your face covered, preferably far away from where you live. (Do I need to specify to not bring your phone or anything else that tracks your location to anywhere you want to go anonymously?) (Be aware that even hardware can have vulnerabilities, many cpus have known vulnerabilities, I can't list them all, do some research before buying)
Do not EVER use a high security device at any lower level of security. There are unique identifiers to your device, exposing them once can expose you for everything you do.
-If you know how to use Tails (A linux distro designed for Info sec) use that, preferably on a USB. (Or learn how to use tails, its better, but complicated) Otherwise a clean copy of windows (make sure its not in any way associated with you) can do the job too, tho not as well. (Using a VM might give extra security, since VMs usually erase all data and RAM they were using on shutdown) -Get a non tracking VPN, Enable the kill switch (a setting that disables all traffic that doesn't go through the VPN) (change your firewall settings to only allow the traffic from the VPN, windows guide (Change settings so only traffic from the tor application is send) Edit: (Due to complaints: do not use vpn over tor, use tor over vpn. tor over vpn has no notable downside, if the VPN logs it makes no difference, your ISP will always log anyways, and vpns remove other attack vectors and also provide backup security should tor fail. Again even if the VPN tracks you only change the people doing the tracking, but now you are further removed making it more anonymous and also with less vulnerabilities) -rember privacy settings, cookie cleaner, and antivirus, password (There could be a hidden administrator user on your PC, make sure to change its password) -Always use the device on a non admin account
-Ideally use this device only on networks that are not connected with you. Such as public networks (try to never use the same public networks twice, move around) (a home network should be fine now, as it should never be exposed, but more security is always better) (Its just a conveniences vs security trade) -Never use accounts that have been exposed to lower security on higher security machines -your browser is now TOR (or your preferred security focused browser, if you dont plan on using onion ) Make sure you get the standalone version of tor not the addon build (the standalone is safer, because there are less settings and options to tweak) -Change your tor settings, to safest mode, enable a bridge (to my knowledge there's no difference in security between the build in bridges in tor), enable automatic updates, set duckduckgo onion as your primary browser. Set dark.fail onion page as your home page. (Or your preferred privacy search engine and onion directory)
set up a new pgp (can't use the same one you use for regular use, again less safer accounts are never used on safer devices) Cleopatra is my choice, its simple to use. Make sure you back up the private key multiple times, on safe devices. (Dont let the private key fall into anyone's hands) Give it a generic name like "HighSecurityPGP" do not give the pgp key pair a name that could identify you. (No initials etc) (Some pgp key pair programs want an associated email for a key pair, you can create a safe email, or which I recoend you can use a different program (like Cleopatra) (Feds & LEOs are known to copy private keys if they have your machine, so you will need to set up a new key pair if they ever take a device with a private key copy)
a high security machine that facilitates criminal activity can not use many programs. Many programs collect your devices mac adress, which is a unique identifier, amongst other things. It's should be used only for the activity you want to do.
-------_ How to use dark net markets (DNMs) If you finished your High Security setup, we can dive right in. Otherwise go do that. This is where all that is essential. Quick info on Tor, and onion sites. There is no search engine. It's all based of directories and addresses you are given by others. Tor will likely not be very quick, it has to pass through multiple networks to get to the destination. DNMs sometimes exit scam, an exit scam is when a market shuts down completely and takes all the money, this is a risk when using DNMs, it's not too common but happens maybe 0-4 times a year. The admins of thoese servers need to get out at some point, before they get jailed, so they exit the game, and scam everyone out of their money. -A very useful onion directory is dark.fail it has a lot of links, for all kinds of stuff. News, email, DNMs, Psychonautwiki (harm reduction website), forums etc. (Other directories also exist) -Pick a market, preferably one that handles secure connection server side instead of requiring you to establish the secure connection. Then create an account. Your account once created should include an entry box in your profile for a pgp key, post your PUBLIC key in there. (Verify the link is not a scam, most markets should provide a pgp signature) -Next is currency setup. All major cryptocurrency exchangers can be used, I can recommend coin base but there could be better ones out there. Unless you find a small non U.S., exchange, they will always ask for your identity. So unless you can find a trustworthy exchange that doesn't ID, you will need to give it to them. (Side note, all major crypto exchangers report to the IRS, if the IRS asks you if you bought cryptocurrency and you bought while having IDed yourself SAY YES, DO NOT COMMIT TAX FRAUD WHEN THEY KNOW YOU DID)
I recommend using Monero, it's hard to track, so it makes your job a lot easier. (If you use bitcoin you should run it through a scrambler, because BTC is tracable to anyone who knows what they are doing)
-Transfer (monero you can send directly, btc you should scramble) to your wallet. There are two options a cold wallet (physical) or a software wallet. Software wallets usually dont cost anything so I recommend them, even if often less safe. Electrum is easy to use, and pretty safe. You can also do your own research and find a wallet that fits your needs.
decide where you want to ship it. You can send to your home, to a PO box, to a PO box that you opened with a fake ID (I don't recommend), an abandoned house, general mail (sending to a post office instead of a street adress) pickup up with fake ID, use a remailing service. These are some options, sending it to your own home, isn't ideal, but its pretty much the only easy way.
-now you are ready to buy, only buy using escrow (it means the money is held by the market as a middle man until the product is delivered, they will also handle any issues like wrong quantity, cuts, etc), judge the reviews for a product, and if available look at the history of the vendor, until you find a product from a vendor you trust. (I recommend to buy within your country as much as possible, so it doesn't go through customs, it's very rare that something is found, but it can happen) -now you get to buy, depending on market, you either have cryptocurrency stored in their wallets (not recommend, you will lose it in an exit scam) or you can send it every order. When you send your delivery adress (or the one you want it to go to) encrypt the adress using the sellers public key. Make sure the adress is correct. -wait for the product, make sure to extend the escrow until the product arrives, if you can't extend it anymore dispute the order, and a moderator will step in -test the product, use it, and leave a review. PLEASE LEAVE A REVIEW, DNMs only work because of reviews. Edit: Didn't imagine I would write over 15000 words. Oh well, it was fun. Hope it helps, if you have any questions feel free to ask. No idea how long this will stay up, I might purge it in 7 days, or never.
I setup a offline cold storage wallet and have the 24 word seed. The seed has never touched the internet or a system that's ever touched the internet. I plan on using the public key to send funds to this on a recurring basis by sending bitcoin to a watch only wallet which is generating addresses based on the master public key. My question is, how do I verify that the bitcoin is actually linked to my private 24 word seed other than knowing that it was created in a proper and safe way (offline PC, Tails OS, no networking, opened a pre saved offline version of: https://github.com/iancoleman/bip39 in Tor and created the seed. Is there some air gapped offline way or restoring the 24 word seed and verifying that the Bitcoin is there without exposing any private keys to the internet? Is it safe to just trust the Bitcoin is there because I can SEE it there using my watch only wallet? Thanks!
I've seen previous posts on longterm cold storage recommending the Tordl Wallet Protocols (https://github.com/fresheneesz/TordlWalletProtocols) and while they do look good they're quite complicated. So I want to ask, what's the general consensus for the best method for longterm cold storage? So far it seems that several multisig wallets is the general view, but from my research it seems like that introduces various undesirable complexities (eg. how would someone non-technical restore the wallets in an emergency?). Would you have to create all the wallets using offline hardware (eg. several Coldcards?) Glacier, Yeti? All these seem a bit too complicated compared to how things used to be https://en.bitcoin.it/wiki/Links_to_Storage_Methods#Cold_Storage_Methods eg. an encrypted paper wallet or a split wallet using Shamir's Secret Sharing, which apparently isn't recommended any more for some reason. Any advice?
Best places to trade your Ripple/XRP (longer read)
In the past when you heard the word ‘cryptocurrency’, the first thing that came to everyone’s minds was Bitcoin. To some, this is still the case; they believe that Bitcoin is the cryptocurrency and the vice versa to also be true. Of course, the statement is correct in one way; Bitcoin is a cryptocurrency, but cryptocurrency is not made up of only Bitcoin but a host of other currencies. One of these currencies is Ripple. When it comes to the top five cryptocurrencies with the highest capitalization, Ripple needs no introduction as it has managed to secure a position of being the third most traded cryptocurrency around the world. Perhaps this is due to the fact that Ripple is the only cryptocurrency with a backing from traditional legacy financial institutions. In addition, the coin has been integrated into the operation of thousands of small businesses around the world. At this juncture, it is only fair that you learn how to be a part of this great innovation. Thankfully, that is what this guide is all about, showing you some of the best trading platforms for Ripple. There are numerous exchanges that offer decent exchange rates and well-matched trading pairs, but I’ll only narrow down to some of our best picks to help you get started fast.
What is Ripple (XRP)?
Ripple is a cryptocurrency, a currency exchange, a real-time gross settlement payment system, and a remittance network powered by Ripple. As I mentioned before, this is the third most capitalized cryptocurrency asset after Bitcoin and Ethereum. XRP allows enterprises such as banks and other financial service providers to offer their clients a reliable option to source for liquidity for cross-border currency transactions. Ripple is a distributed, open-source platform that seeks to capitalize on the weaknesses of the conventional money payment systems such as credit and debit cards, PayPal, bank transfers, among others. According to Ripple, these payment systems expose users to a lot of transaction delays and restrict the fluidity of currencies. The platform aims at replacing traditional payment systems through offering a faster, safer, and more convenient alternative for making payments. Both the platform’s exchange and tokens are called Ripple, and their mantra states one frictionless experience to send money globally.
Where Can I Trade XRP?
Most exchanges that trade Ripple are limited to crypto-to-crypto transactions. This means that you can only trade Ripple with another cryptocurrency and not fiat currencies such as the euro or the dollar. You’ll need to acquire the currency you wish to trade with XRP on a platform that accepts fiat, and once that happens, you can proceed to trade the two currencies. There are several great platforms that offer XRP trading; below are just a few:
Buying XRP on Binance
Buying XRP on Bittrex
Just like on Binance, you’ll need to create an account on Bittrex to get started. The process is pretty much straightforward, only requiring you to sign up using your email address and password. Once you’re done signing up, click on the wallet tab. You will be taken to a page where you can view all the deposit addresses of the cryptocurrencies on the Bittrex platform. You can then choose the currency to use to purchase XRP, after which, you will be required to type in the code of the currency you will be using to purchase Ripple. If you’re using Ethereum, you can type in the search bar “ETH” and then click on the green arrow to reveal the deposit address. In case you will be sending the funds from a different exchange, you’ll need to paste the address to that platform. Next, you’ll need to send funds to your Bittrex account. Bittrex permits payments using both fiat and cryptocurrencies. So, depending on what you will be using, send money to your online wallet and proceed to trade it with Ripple.
Buying XRP on Changelly
Changelly is another Ripple exchange that requires you to use either Bitcoin or Ethereum to acquire XRP. The exchange doesn’t have an inbuilt wallet, so you’ll need to store your funds on a separate hardware or software wallet. You can pretty much use any type of wallet, but the most secure ones are the hardware ones as they store your coins in an offline cold storage area. Ripple prefers not to have many unutilized accounts being set up on its platform; this is why you’ll need to have a minimum of 20 XRP in your account for you to get started. However, if your first transaction will be more than 20 XRP, then you’re all set. Once you have a wallet ready for your Ripple, head to the Changelly site and click on “input currency”. Here, you will be able to enter the currency you wish to trade for Ripple. You can basically pick and use any coin listed on the site, but it is highly recommended that you use either Bitcoin or Ethereum due to their high liquidity. The output section will have Ripple, which is the currency you wish to receive. The next step will require you to key in your XRP address, which is your Ripple address and the destination tag, which is a description of the transaction. You can now proceed to trade your chosen coins for Ripple. The transaction shouldn’t take long, and you will be able to receive the coins in your Ripple wallet.
Cryptmixer is a platform that assists users to swap XRP with 5 other assets freely. The interface lets users convert assets directly from one’s wallet, without having to create an account or register. Besides, the service helps to compare different providers and find a suitable deal for handling Ripple transactions securely, rapidly, and at the best rate. The process of using Cryptmixer is quite simple:
Go to the main page, choose the currency you’d like to swap, and enter the amount.
Choose XRP to receive.
Review the amount to see how much you will receive. Cryptmixer will automatically find the best rates for your trade.
Then, enter the wallet address that you wish to use.
Send in the deposit to the generated wallet address and wait for the transaction to be processed.
What makes Cryptmixer a great fit is that it provides a very simple layout and quick process so it’s not chore when you trade your crypto. The support line also takes on the job of solving the cases by cooperating with users with top priority. To learn more on how to exchange XRP at the best rate check https://cryptmixer.com
Buying XRP on Coinmama
Coinmama is a cryptocurrency exchange that has been around for quite a while now. The Coinmama team has been adding more coins on their platform over time to be able to provide its users with a wider variety of trading pairs. More recently, the platform included Ripple on its platform. However, Coinmama does not allow US-based users to purchase Ripple due to some stringent laws and regulations surrounding the coin. But for non-US users, you can proceed to create your account on the platform and locate Ripple among the listed assets. Once you’ve created your account, navigate your way to the area with the list of assets. Select one of the provided packages and proceed. You’re required to have a crypto wallet prior to making any purchase on the platform, so be sure to have a valid wallet address before completing the purchase. Once that’s done, purchase your Ripple coins and they will be delivered to your wallet.
Storing Your Ripple Coins
Online storages are never safe for cryptocurrency assets. Individuals have woken up to all sort of horrific sceneries on their accounts that left them bankrupt with no one to turn to. One of the most important concepts you need to grasp about online businesses is the security of your transactions. Cryptocurrency burglars are everywhere and are getting smarter by the day; this means that traditional ways of guaranteeing the security of your online assets are no longer effective. Most exchanges have top-notch security standards, but the safety of your cryptos begins with you. A great way of ensuring that your funds are secure is by getting an offline storage device for your coins. I’ve seen great reviews on two hardware wallets that I highly recommend; these are the Ledger Nano S and Trezor wallets. After getting the wallet of your choice, keep your personal data such as passwords and secret words private; this will ensure that no one else gains access to your wallet even if you misplace it. Writing your password or PIN on open places or somewhere in your phone might not be a good idea; yes, it may be convenient for you, but it will be for the burglar too.
What method of purchasing XRP is considered to be the best?
The most secure and common way of acquiring Ripple is through buying Ethereum or Bitcoin from Coinbase or Coinmama, then transferring the same to Cryptmixer to use to exchange with Ripple. This is because Ripple is currently not available for purchase by using fiat currencies.
What is the best trading platform for Ripple?
Ripple is available on a decent number of exchanges including Binance, Coinmama, Coinbase, Bittrex, Cryptmixer, and more. However, among the stated ones, I have found Cryptmixer to be more secure and easier to use while it also offers the best trading rates and fees.
The Bottom Line
As we conclude, you now have some of the best choices when it comes to the exchange to acquire Ripple coins. After buying your XRP coins, store them offline on a secure device due to the risk of being faced by threats such as hacking or system failures. If you’re serious about making cryptocurrency your investment vehicle in the long run, consider investing in a more lasting security solution such as a hardware storage device. You may not get them for a few pennies, but trust me when I say they are worth every last dime you spend on them.
Summary: Everyone knows that when you give your assets to someone else, they always keep them safe. If this is true for individuals, it is certainly true for businesses. Custodians always tell the truth and manage funds properly. They won't have any interest in taking the assets as an exchange operator would. Auditors tell the truth and can't be misled. That's because organizations that are regulated are incapable of lying and don't make mistakes. First, some background. Here is a summary of how custodians make us more secure: Previously, we might give Alice our crypto assets to hold. There were risks:
Alice might take the assets and disappear.
Alice might spend the assets and pretend that she still has them (fractional model).
Alice might store the assets insecurely and they'll get stolen.
Alice might give the assets to someone else by mistake or by force.
Alice might lose access to the assets.
But "no worries", Alice has a custodian named Bob. Bob is dressed in a nice suit. He knows some politicians. And he drives a Porsche. "So you have nothing to worry about!". And look at all the benefits we get:
Alice can't take the assets and disappear (unless she asks Bob or never gives them to Bob).
Alice can't spend the assets and pretend that she still has them. (Unless she didn't give them to Bob or asks him for them.)
Alice can't store the assets insecurely so they get stolen. (After all - she doesn't have any control over the withdrawal process from any of Bob's systems, right?)
Alice can't give the assets to someone else by mistake or by force. (Bob will stop her, right Bob?)
Alice can't lose access to the funds. (She'll always be present, sane, and remember all secrets, right?)
See - all problems are solved! All we have to worry about now is:
Bob might take the assets and disappear.
Bob might spend the assets and pretend that he still has them (fractional model).
Bob might store the assets insecurely and they'll get stolen.
Bob might give the assets to someone else by mistake or by force.
Bob might lose access to the assets.
It's pretty simple. Before we had to trust Alice. Now we only have to trust Alice, Bob, and all the ways in which they communicate. Just think of how much more secure we are! "On top of that", Bob assures us, "we're using a special wallet structure". Bob shows Alice a diagram. "We've broken the balance up and store it in lots of smaller wallets. That way", he assures her, "a thief can't take it all at once". And he points to a historic case where a large sum was taken "because it was stored in a single wallet... how stupid". "Very early on, we used to have all the crypto in one wallet", he said, "and then one Christmas a hacker came and took it all. We call him the Grinch. Now we individually wrap each crypto and stick it under a binary search tree. The Grinch has never been back since." "As well", Bob continues, "even if someone were to get in, we've got insurance. It covers all thefts and even coercion, collusion, and misplaced keys - only subject to the policy terms and conditions." And with that, he pulls out a phone-book sized contract and slams it on the desk with a thud. "Yep", he continues, "we're paying top dollar for one of the best policies in the country!" "Can I read it?' Alice asks. "Sure," Bob says, "just as soon as our legal team is done with it. They're almost through the first chapter." He pauses, then continues. "And can you believe that sales guy Mike? He has the same year Porsche as me. I mean, what are the odds?" "Do you use multi-sig?", Alice asks. "Absolutely!" Bob replies. "All our engineers are fully trained in multi-sig. Whenever we want to set up a new wallet, we generate 2 separate keys in an air-gapped process and store them in this proprietary system here. Look, it even requires the biometric signature from one of our team members to initiate any withdrawal." He demonstrates by pressing his thumb into the display. "We use a third-party cloud validation API to match the thumbprint and authorize each withdrawal. The keys are also backed up daily to an off-site third-party." "Wow that's really impressive," Alice says, "but what if we need access for a withdrawal outside of office hours?" "Well that's no issue", Bob says, "just send us an email, call, or text message and we always have someone on staff to help out. Just another part of our strong commitment to all our customers!" "What about Proof of Reserve?", Alice asks. "Of course", Bob replies, "though rather than publish any blockchain addresses or signed transaction, for privacy we just do a SHA256 refactoring of the inverse hash modulus for each UTXO nonce and combine the smart contract coefficient consensus in our hyperledger lightning node. But it's really simple to use." He pushes a button and a large green checkmark appears on a screen. "See - the algorithm ran through and reserves are proven." "Wow", Alice says, "you really know your stuff! And that is easy to use! What about fiat balances?" "Yeah, we have an auditor too", Bob replies, "Been using him for a long time so we have quite a strong relationship going! We have special books we give him every year and he's very efficient! Checks the fiat, crypto, and everything all at once!" "We used to have a nice offline multi-sig setup we've been using without issue for the past 5 years, but I think we'll move all our funds over to your facility," Alice says. "Awesome", Bob replies, "Thanks so much! This is perfect timing too - my Porsche got a dent on it this morning. We have the paperwork right over here." "Great!", Alice replies. And with that, Alice gets out her pen and Bob gets the contract. "Don't worry", he says, "you can take your crypto-assets back anytime you like - just subject to our cancellation policy. Our annual management fees are also super low and we don't adjust them often". How many holes have to exist for your funds to get stolen? Just one. Why are we taking a powerful offline multi-sig setup, widely used globally in hundreds of different/lacking regulatory environments with 0 breaches to date, and circumventing it by a demonstrably weak third party layer? And paying a great expense to do so? If you go through the list of breaches in the past 2 years to highly credible organizations, you go through the list of major corporate frauds (only the ones we know about), you go through the list of all the times platforms have lost funds, you go through the list of times and ways that people have lost their crypto from identity theft, hot wallet exploits, extortion, etc... and then you go through this custodian with a fine-tooth comb and truly believe they have value to add far beyond what you could, sticking your funds in a wallet (or set of wallets) they control exclusively is the absolute worst possible way to take advantage of that security. The best way to add security for crypto-assets is to make a stronger multi-sig. With one custodian, what you are doing is giving them your cryptocurrency and hoping they're honest, competent, and flawlessly secure. It's no different than storing it on a really secure exchange. Maybe the insurance will cover you. Didn't work for Bitpay in 2015. Didn't work for Yapizon in 2017. Insurance has never paid a claim in the entire history of cryptocurrency. But maybe you'll get lucky. Maybe your exact scenario will buck the trend and be what they're willing to cover. After the large deductible and hopefully without a long and expensive court battle. And you want to advertise this increase in risk, the lapse of judgement, an accident waiting to happen, as though it's some kind of benefit to customers ("Free institutional-grade storage for your digital assets.")? And then some people are writing to the OSC that custodians should be mandatory for all funds on every exchange platform? That this somehow will make Canadians as a whole more secure or better protected compared with standard air-gapped multi-sig? On what planet? Most of the problems in Canada stemmed from one thing - a lack of transparency. If Canadians had known what a joke Quadriga was - it wouldn't have grown to lose $400m from hard-working Canadians from coast to coast to coast. And Gerald Cotten would be in jail, not wherever he is now (at best, rotting peacefully). EZ-BTC and mister Dave Smilie would have been a tiny little scam to his friends, not a multi-million dollar fraud. Einstein would have got their act together or been shut down BEFORE losing millions and millions more in people's funds generously donated to criminals. MapleChange wouldn't have even been a thing. And maybe we'd know a little more about CoinTradeNewNote - like how much was lost in there. Almost all of the major losses with cryptocurrency exchanges involve deception with unbacked funds. So it's great to see transparency reports from BitBuy and ShakePay where someone independently verified the backing. The only thing we don't have is:
ANY CERTAINTY BALANCES WEREN'T EXCLUDED. Quadriga's largest account was $70m. 80% of funds are in 20% of accounts (Pareto principle). All it takes is excluding a few really large accounts - and nobody's the wiser. A fractional platform can easily pass any audit this way.
ANY VISIBILITY WHATSOEVER INTO THE CUSTODIANS. BitBuy put out their report before moving all the funds to their custodian and ShakePay apparently can't even tell us who the custodian is. That's pretty important considering that basically all of the funds are now stored there.
ANY IDEA ABOUT THE OTHER EXCHANGES. In order for this to be effective, it has to be the norm. It needs to be "unusual" not to know. If obscurity is the norm, then it's super easy for people like Gerald Cotten and Dave Smilie to blend right in.
It's not complicated to validate cryptocurrency assets. They need to exist, they need to be spendable, and they need to cover the total balances. There are plenty of credible people and firms across the country that have the capacity to reasonably perform this validation. Having more frequent checks by different, independent, parties who publish transparent reports is far more valuable than an annual check by a single "more credible/official" party who does the exact same basic checks and may or may not publish anything. Here's an example set of requirements that could be mandated:
First report within 1 month of launching, another within 3 months, and further reports at minimum every 6 months thereafter.
No auditor can be repeated within a 12 month period.
All reports must be public, identifying the auditor and the full methodology used.
All auditors must be independent of the firm being audited with no conflict of interest.
Reports must include the percentage of each asset backed, and how it's backed.
The auditor publishes a hash list, which lists a hash of each customer's information and balances that were included. Hash is one-way encryption so privacy is fully preserved. Every customer can use this to have 100% confidence they were included.
If we want more extensive requirements on audits, these should scale upward based on the total assets at risk on the platform, and whether the platform has loaned their assets out.
There are ways to structure audits such that neither crypto assets nor customer information are ever put at risk, and both can still be properly validated and publicly verifiable. There are also ways to structure audits such that they are completely reasonable for small platforms and don't inhibit innovation in any way. By making the process as reasonable as possible, we can completely eliminate any reason/excuse that an honest platform would have for not being audited. That is arguable far more important than any incremental improvement we might get from mandating "the best of the best" accountants. Right now we have nothing mandated and tons of Canadians using offshore exchanges with no oversight whatsoever. Transparency does not prove crypto assets are safe. CoinTradeNewNote, Flexcoin ($600k), and Canadian Bitcoins ($100k) are examples where crypto-assets were breached from platforms in Canada. All of them were online wallets and used no multi-sig as far as any records show. This is consistent with what we see globally - air-gapped multi-sig wallets have an impeccable record, while other schemes tend to suffer breach after breach. We don't actually know how much CoinTrader lost because there was no visibility. Rather than publishing details of what happened, the co-founder of CoinTrader silently moved on to found another platform - the "most trusted way to buy and sell crypto" - a site that has no information whatsoever (that I could find) on the storage practices and a FAQ advising that “[t]rading cryptocurrency is completely safe” and that having your own wallet is “entirely up to you! You can certainly keep cryptocurrency, or fiat, or both, on the app.” Doesn't sound like much was learned here, which is really sad to see. It's not that complicated or unreasonable to set up a proper hardware wallet. Multi-sig can be learned in a single course. Something the equivalent complexity of a driver's license test could prevent all the cold storage exploits we've seen to date - even globally. Platform operators have a key advantage in detecting and preventing fraud - they know their customers far better than any custodian ever would. The best job that custodians can do is to find high integrity individuals and train them to form even better wallet signatories. Rather than mandating that all platforms expose themselves to arbitrary third party risks, regulations should center around ensuring that all signatories are background-checked, properly trained, and using proper procedures. We also need to make sure that signatories are empowered with rights and responsibilities to reject and report fraud. They need to know that they can safely challenge and delay a transaction - even if it turns out they made a mistake. We need to have an environment where mistakes are brought to the surface and dealt with. Not one where firms and people feel the need to hide what happened. In addition to a knowledge-based test, an auditor can privately interview each signatory to make sure they're not in coercive situations, and we should make sure they can freely and anonymously report any issues without threat of retaliation. A proper multi-sig has each signature held by a separate person and is governed by policies and mutual decisions instead of a hierarchy. It includes at least one redundant signature. For best results, 3of4, 3of5, 3of6, 4of5, 4of6, 4of7, 5of6, or 5of7. History has demonstrated over and over again the risk of hot wallets even to highly credible organizations. Nonetheless, many platforms have hot wallets for convenience. While such losses are generally compensated by platforms without issue (for example Poloniex, Bitstamp, Bitfinex, Gatecoin, Coincheck, Bithumb, Zaif, CoinBene, Binance, Bitrue, Bitpoint, Upbit, VinDAX, and now KuCoin), the public tends to focus more on cases that didn't end well. Regardless of what systems are employed, there is always some level of risk. For that reason, most members of the public would prefer to see third party insurance. Rather than trying to convince third party profit-seekers to provide comprehensive insurance and then relying on an expensive and slow legal system to enforce against whatever legal loopholes they manage to find each and every time something goes wrong, insurance could be run through multiple exchange operators and regulators, with the shared interest of having a reputable industry, keeping costs down, and taking care of Canadians. For example, a 4 of 7 multi-sig insurance fund held between 5 independent exchange operators and 2 regulatory bodies. All Canadian exchanges could pay premiums at a set rate based on their needed coverage, with a higher price paid for hot wallet coverage (anything not an air-gapped multi-sig cold wallet). Such a model would be much cheaper to manage, offer better coverage, and be much more reliable to payout when needed. The kind of coverage you could have under this model is unheard of. You could even create something like the CDIC to protect Canadians who get their trading accounts hacked if they can sufficiently prove the loss is legitimate. In cases of fraud, gross negligence, or insolvency, the fund can be used to pay affected users directly (utilizing the last transparent balance report in the worst case), something which private insurance would never touch. While it's recommended to have official policies for coverage, a model where members vote would fully cover edge cases. (Could be similar to the Supreme Court where justices vote based on case law.) Such a model could fully protect all Canadians across all platforms. You can have a fiat coverage governed by legal agreements, and crypto-asset coverage governed by both multi-sig and legal agreements. It could be practical, affordable, and inclusive. Now, we are at a crossroads. We can happily give up our freedom, our innovation, and our money. We can pay hefty expenses to auditors, lawyers, and regulators year after year (and make no mistake - this cost will grow to many millions or even billions as the industry grows - and it will be borne by all Canadians on every platform because platforms are not going to eat up these costs at a loss). We can make it nearly impossible for any new platform to enter the marketplace, forcing Canadians to use the same stagnant platforms year after year. We can centralize and consolidate the entire industry into 2 or 3 big players and have everyone else fail (possibly to heavy losses of users of those platforms). And when a flawed security model doesn't work and gets breached, we can make it even more complicated with even more people in suits making big money doing the job that blockchain was supposed to do in the first place. We can build a system which is so intertwined and dependent on big government, traditional finance, and central bankers that it's future depends entirely on that of the fiat system, of fractional banking, and of government bail-outs. If we choose this path, as history has shown us over and over again, we can not go back, save for revolution. Our children and grandchildren will still be paying the consequences of what we decided today. Or, we can find solutions that work. We can maintain an open and innovative environment while making the adjustments we need to make to fully protect Canadian investors and cryptocurrency users, giving easy and affordable access to cryptocurrency for all Canadians on the platform of their choice, and creating an environment in which entrepreneurs and problem solvers can bring those solutions forward easily. None of the above precludes innovation in any way, or adds any unreasonable cost - and these three policies would demonstrably eliminate or resolve all 109 historic cases as studied here - that's every single case researched so far going back to 2011. It includes every loss that was studied so far not just in Canada but globally as well. Unfortunately, finding answers is the least challenging part. Far more challenging is to get platform operators and regulators to agree on anything. My last post got no response whatsoever, and while the OSC has told me they're happy for industry feedback, I believe my opinion alone is fairly meaningless. This takes the whole community working together to solve. So please let me know your thoughts. Please take the time to upvote and share this with people. Please - let's get this solved and not leave it up to other people to do. Facts/background/sources (skip if you like):
The inspiration for the paragraph about splitting wallets was an actual quote from a Canadian company providing custodial services in response to the OSC consultation paper: "We believe that it will be in the in best interests of investors to prohibit pooled crypto assets or ‘floats’. Most Platforms pool assets, citing reasons of practicality and expense. The recent hack of the world’s largest Platform – Binance – demonstrates the vulnerability of participants’ assets when such concessions are made. In this instance, the Platform’s entire hot wallet of Bitcoins, worth over $40 million, was stolen, facilitated in part by the pooling of client crypto assets." "the maintenance of participants (and Platform) crypto assets across multiple wallets distributes the related risk and responsibility of security - reducing the amount of insurance coverage required and making insurance coverage more readily obtainable". For the record, their reply also said nothing whatsoever about multi-sig or offline storage.
In addition to the fact that the $40m hack represented only one "hot wallet" of Binance, and they actually had the vast majority of assets in other wallets (including mostly cold wallets), multiple real cases have clearly demonstrated that risk is still present with multiple wallets. Bitfinex, VinDAX, Bithumb, Altsbit, BitPoint, Cryptopia, and just recently KuCoin all had multiple wallets breached all at the same time, and may represent a significantly larger impact on customers than the Binance breach which was fully covered by Binance. To represent that simply having multiple separate wallets under the same security scheme is a comprehensive way to reduce risk is just not true.
Private insurance has historically never covered a single loss in the cryptocurrency space (at least, not one that I was able to find), and there are notable cases where massive losses were not covered by insurance. Bitpay in 2015 and Yapizon in 2017 both had insurance policies that didn't pay out during the breach, even after a lengthly court process. The same insurance that ShakePay is presently using (and announced to much fanfare) was describe by their CEO himself as covering “physical theft of the media where the private keys are held,” which is something that has never historically happened. As was said with regard to the same policy in 2018 - “I don’t find it surprising that Lloyd’s is in this space,” said Johnson, adding that to his mind the challenge for everybody is figuring out how to structure these policies so that they are actually protective. “You can create an insurance policy that protects no one – you know there are so many caveats to the policy that it’s not super protective.”
The most profitable policy for a private insurance company is one with the most expensive premiums that they never have to pay a claim on. They have no inherent incentive to take care of people who lost funds. It's "cheaper" to take the reputational hit and fight the claim in court. The more money at stake, the more the insurance provider is incentivized to avoid payout. They're not going to insure the assets unless they have reasonable certainty to make a profit by doing so, and they're not going to pay out a massive sum unless it's legally forced. Private insurance is always structured to be maximally profitable to the insurance provider.
The circumvention of multi-sig was a key factor in the massive Bitfinex hack of over $60m of bitcoin, which today still sits being slowly used and is worth over $3b. While Bitfinex used a qualified custodian Bitgo, which was and still is active and one of the industry leaders of custodians, and they set up 2 of 3 multi-sig wallets, the entire system was routed through Bitfinex, such that Bitfinex customers could initiate the withdrawals in a "hot" fashion. This feature was also a hit with the hacker. The multi-sig was fully circumvented.
Bitpay in 2015 was another example of a breach that stole 5,000 bitcoins. This happened not through the exploit of any system in Bitpay, but because the CEO of a company they worked with got their computer hacked and the hackers were able to request multiple bitcoin purchases, which Bitpay honoured because they came from the customer's computer legitimately. Impersonation is a very common tactic used by fraudsters, and methods get more extreme all the time.
A notable case in Canada was the Canadian Bitcoins exploit. Funds were stored on a server in a Rogers Data Center, and the attendee was successfully convinced to reboot the server "in safe mode" with a simple phone call, thus bypassing the extensive security and enabling the theft.
The very nature of custodians circumvents multi-sig. This is because custodians are not just having to secure the assets against some sort of physical breach but against any form of social engineering, modification of orders, fraudulent withdrawal attempts, etc... If the security practices of signatories in a multi-sig arrangement are such that the breach risk of one signatory is 1 in 100, the requirement of 3 independent signatures makes the risk of theft 1 in 1,000,000. Since hackers tend to exploit the weakest link, a comparable custodian has to make the entry and exit points of their platform 10,000 times more secure than one of those signatories to provide equivalent protection. And if the signatories beef up their security by only 10x, the risk is now 1 in 1,000,000,000. The custodian has to be 1,000,000 times more secure. The larger and more complex a system is, the more potential vulnerabilities exist in it, and the fewer people can understand how the system works when performing upgrades. Even if a system is completely secure today, one has to also consider how that system might evolve over time or work with different members.
By contrast, offline multi-signature solutions have an extremely solid record, and in the entire history of cryptocurrency exchange incidents which I've studied (listed here), there has only been one incident (796 exchange in 2015) involving an offline multi-signature wallet. It happened because the customer's bitcoin address was modified by hackers, and the amount that was stolen ($230k) was immediately covered by the exchange operators. Basically, the platform operators were tricked into sending a legitimate withdrawal request to the wrong address because hackers exploited their platform to change that address. Such an issue would not be prevented in any way by the use of a custodian, as that custodian has no oversight whatsoever to the exchange platform. It's practical for all exchange operators to test large withdrawal transactions as a general policy, regardless of what model is used, and general best practice is to diagnose and fix such an exploit as soon as it occurs.
False promises on the backing of funds played a huge role in the downfall of Quadriga, and it's been exposed over and over again (MyCoin, PlusToken, Bitsane, Bitmarket, EZBTC, IDAX). Even today, customers have extremely limited certainty on whether their funds in exchanges are actually being backed or how they're being backed. While this issue is not unique to cryptocurrency exchanges, the complexity of the technology and the lack of any regulation or standards makes problems more widespread, and there is no "central bank" to come to the rescue as in the 2008 financial crisis or during the great depression when "9,000 banks failed".
In addition to fraudulent operations, the industry is full of cases where operators have suffered breaches and not reported them. Most recently, Einstein was the largest case in Canada, where ongoing breaches and fraud were perpetrated against the platform for multiple years and nobody found out until the platform collapsed completely. While fraud and breaches suck to deal with, they suck even more when not dealt with. Lack of visibility played a role in the largest downfalls of Mt. Gox, Cryptsy, and Bitgrail. In some cases, platforms are alleged to have suffered a hack and keep operating without admitting it at all, such as CoinBene.
It surprises some to learn that a cryptographic solution has already existed since 2013, and gained widespread support in 2014 after Mt. Gox. Proof of Reserves is a full cryptographic proof that allows any customer using an exchange to have complete certainty that their crypto-assets are fully backed by the platform in real-time. This is accomplished by proving that assets exist on the blockchain, are spendable, and fully cover customer deposits. It does not prove safety of assets or backing of fiat assets.
If we didn't care about privacy at all, a platform could publish their wallet addresses, sign a partial transaction, and put the full list of customer information and balances out publicly. Customers can each check that they are on the list, that the balances are accurate, that the total adds up, and that it's backed and spendable on the blockchain. Platforms who exclude any customer take a risk because that customer can easily check and see they were excluded. So together with all customers checking, this forms a full proof of backing of all crypto assets.
However, obviously customers care about their private information being published. Therefore, a hash of the information can be provided instead. Hash is one-way encryption. The hash allows the customer to validate inclusion (by hashing their own known information), while anyone looking at the list of hashes cannot determine the private information of any other user. All other parts of the scheme remain fully intact. A model like this is in use on the exchange CoinFloor in the UK.
A Merkle tree can provide even greater privacy. Instead of a list of balances, the balances are arranged into a binary tree. A customer starts from their node, and works their way to the top of the tree. For example, they know they have 5 BTC, they plus 1 other customer hold 7 BTC, they plus 2-3 other customers hold 17 BTC, etc... until they reach the root where all the BTC are represented. Thus, there is no way to find the balances of other individual customers aside from one unidentified customer in this case.
Proposals such as this had the backing of leaders in the community including Nic Carter, Greg Maxwell, and Zak Wilcox. Substantial and significant effort started back in 2013, with massive popularity in 2014. But what became of that effort? Very little. Exchange operators continue to refuse to give visibility. Despite the fact this information can often be obtained through trivial blockchain analysis, no Canadian platform has ever provided any wallet addresses publicly. As described by the CEO of Newton "For us to implement some kind of realtime Proof of Reserves solution, which I'm not opposed to, it would have to ... Preserve our users' privacy, as well as our own. Some kind of zero-knowledge proof". Kraken describes here in more detail why they haven't implemented such a scheme. According to professor Eli Ben-Sasson, when he spoke with exchanges, none were interested in implementing Proof of Reserves.
And yet, Kraken's places their reasoning on a page called "Proof of Reserves". More recently, both BitBuy and ShakePay have released reports titled "Proof of Reserves and Security Audit". Both reports contain disclaimers against being audits. Both reports trust the customer list provided by the platform, leaving the open possibility that multiple large accounts could have been excluded from the process. Proof of Reserves is a blockchain validation where customers see the wallets on the blockchain. The report from Kraken is 5 years old, but they leave it described as though it was just done a few weeks ago. And look at what they expect customers to do for validation. When firms represent something being "Proof of Reserve" when it's not, this is like a farmer growing fruit with pesticides and selling it in a farmers market as organic produce - except that these are people's hard-earned life savings at risk here. Platforms are misrepresenting the level of visibility in place and deceiving the public by their misuse of this term. They haven't proven anything.
Fraud isn't a problem that is unique to cryptocurrency. Fraud happens all the time. Enron, WorldCom, Nortel, Bear Stearns, Wells Fargo, Moser Baer, Wirecard, Bre-X, and Nicola are just some of the cases where frauds became large enough to become a big deal (and there are so many countless others). These all happened on 100% reversible assets despite regulations being in place. In many of these cases, the problems happened due to the over-complexity of the financial instruments. For example, Enron had "complex financial statements [which] were confusing to shareholders and analysts", creating "off-balance-sheet vehicles, complex financing structures, and deals so bewildering that few people could understand them". In cryptocurrency, we are often combining complex financial products with complex technologies and verification processes. We are naïve if we think problems like this won't happen. It is awkward and uncomfortable for many people to admit that they don't know how something works. If we want "money of the people" to work, the solutions have to be simple enough that "the people" can understand them, not so confusing that financial professionals and technology experts struggle to use or understand them.
For those who question the extent to which an organization can fool their way into a security consultancy role, HB Gary should be a great example to look at. Prior to trying to out anonymous, HB Gary was being actively hired by multiple US government agencies and others in the private sector (with glowing testimonials). The published articles and hosted professional security conferences. One should also look at this list of data breaches from the past 2 years. Many of them are large corporations, government entities, and technology companies. These are the ones we know about. Undoubtedly, there are many more that we do not know about. If HB Gary hadn't been "outted" by anonymous, would we have known they were insecure? If the same breach had happened outside of the public spotlight, would it even have been reported? Or would HB Gary have just deleted the Twitter posts, brought their site back up, done a couple patches, and kept on operating as though nothing had happened?
In the case of Quadriga, the facts are clear. Despite past experience with platforms such as MapleChange in Canada and others around the world, no guidance or even the most basic of a framework was put in place by regulators. By not clarifying any sort of legal framework, regulators enabled a situation where a platform could be run by former criminal Mike Dhanini/Omar Patryn, and where funds could be held fully unchecked by one person. At the same time, the lack of regulation deterred legitimate entities from running competing platforms and Quadriga was granted a money services business license for multiple years of operation, which gave the firm the appearance of legitimacy. Regulators did little to protect Canadians despite Quadriga failing to file taxes from 2016 onward. The entire administrative team had resigned and this was public knowledge. Many people had suspicions of what was going on, including Ryan Mueller, who forwarded complaints to the authorities. These were ignored, giving Gerald Cotten the opportunity to escape without justice.
There are multiple issues with the SOC II model including the prohibitive cost (you have to find a third party accounting firm and the prices are not even listed publicly on any sites), the requirement of operating for a year (impossible for new platforms), and lack of any public visibility (SOC II are private reports that aren't shared outside the people in suits).
Securities frameworks are expensive. Sarbanes-Oxley is estimated to cost $5.1 million USD/yr for the average Fortune 500 company in the United States. Since "Fortune 500" represents the top 500 companies, that means well over $2.55 billion USD (~$3.4 billion CAD) is going to people in suits. Isn't the problem of trust and verification the exact problem that the blockchain is supposed to solve?
To use Quadriga as justification for why custodians or SOC II or other advanced schemes are needed for platforms is rather silly, when any framework or visibility at all, or even the most basic of storage policies, would have prevented the whole thing. It's just an embarrassment.
We are now seeing regulators take strong action. CoinSquare in Canada with multi-million dollar fines. BitMex from the US, criminal charges and arrests. OkEx, with full disregard of withdrawals and no communication. Who's next?
We have a unique window today where we can solve these problems, and not permanently destroy innovation with unreasonable expectations, but we need to act quickly. This is a unique historic time that will never come again.
When we are faced with a new technology, we often look for analogies to understand and describe it. To bridge the knowledge gap, we seek analogies from the universe concepts familiar to us. In our search for the right analogies, we often risk misunderstanding this new technology. Blockchain technology has introduced a paradigm shift in the way we organize ourselves to generate, account for, transfer and store value. Yet, we are still in early stages of understanding its importance. In this post I will try to shed light on the top 5 major misconceptions about digital assets and about the open blockchain—a technology that underlies them. 1.Blockchain, not bitcoin This misconception stems from failing to realize why blockchain exists in the first place. In essence, blockchain is a shared ledger designed to function in an extremely hostile, open environment. It derives its value from the security of its tamper-proof records. In the blockchain networks powered by proof-of-work (PoW) algorithms, that security is achieved by miners competing to solve a computationally intensive puzzle. The miners do this with the expectation of receiving a digital token as a reward. This digital token can be freely redeemed for fiat currency to cover their operating costs and generate profits. These open systems are designed in such a way that value of their token ultimately dictates the level of security of their network. When we decouple the concept of blockchain from its underlying token, it simply wipes out most, if not the entire, value proposition the blockchain as a concept. Implementing blockchain as a token-less system of recordkeeping within a single company is perhaps the prime example of this misconception. Such an endeavor fails to use one of the most valuable properties of the open blockchain. Implementing a blockchain solution in such settings may even be counter-productive especially when better alternatives exist, in the form of databases with proper access control. Blockchain could be useful in a commercial setting where a consortium of companies decides to use a single ledger to keep track of important transactions. An example of such transactions could be shares of companies that are traded on Wall Street millions of times each day. These transactions are reconciled periodically between the financial institutions by a trusted third-party entity, which could be ultimately replaced by a blockchain-based protocol at a fraction of their cost. That said, these systems may never become as secure and tamper-proof as the open blockchain as the security of the network depends on the number of its minestaking nodes. 2.Exchange Hacks = Digital Assets Are Not Secure Centralized digital asset exchanges are popular avenues for exchanging digital assets for currencies such as USD or other digital assets. However, their design creates a system of incentives for external or internal actors to compromise them. When we hear about exchange hacks in the digital asset space, it almost always involves compromising the security of an entity that operates within the traditional server-client architecture. However, the mainstream consciousness conflates the digital exchange security with that of technology that underlies digital assets. Holding a digital asset in a cold storage is extremely secure. Holding it in an exchange is not. 3.Blockchain has low TPS, hence it will never compete with or replace traditional financial infrastructure Traditional financial systems process a vast number transactions every day. This transaction processing capacity is called throughput and is measured by a metric called transactions per second (TPS). Payment networks such as Visa claim to process up to 56,000 TPS, while traditional exchanges are likely to have much higher capacity to process transactions to accommodate high-frequency trading. Today, the Bitcoin network processes around 4-5 transactions per second while the second largest digital asset network—Ethereum processes around 15. If we compare the current state of the blockchain technology to the demands of the global financial industry, it is easy to see why such claims could be justified. However, this is a myopic view of this new technology, very much akin to the way Kodak dismissed digital cameras as a potential threat to its business model. It failed to recognize (i) the speed at which digital cameras would develop and (ii) the fundamental shift the digital cameras introduced in the way we take and store pictures, despite being the company that invented digital cameras in 1975. As the history shows, that was Kodak’s grave mistake. It is hard to ignore the historical parallels here. The digital asset space is evolving fast. The next-generation networks, which operate under the proof-of-stake consensus mechanism, preserve the securities of proof-of-work, but do away with its capacity limitations. A notable example of that is Cardano. These new networks also represent a shift in the global economic paradigm that many do not seem to notice. 4.Digital Assets Have No Intrinsic Value The concept of intrinsic value, or lack thereof, is often used to describe digital assets as a purely speculative asset class. While this may apply, with some justification, to digital assets which only claim to function as money, such claims fail to capture the wider nature of platform-based digital assets, which derive their value from the direct use of their networks. In digital asset platforms like Cardano or Algorand, the native token gives the holder the right to participate in the consensus of the network through the process of staking. The consensus mechanism secures the network, maintains the decentralized ledger, enables participation in the governance of the network and can sustain myriads of decentralized applications with real-world utilities. Put simply, digital tokens may derive their value from the economic activity that takes place on their networks. The economic activity on such networks, in turn depends on the security of the network, its technical capabilities, its transaction fees and the real-world utility of decentralized applications that reside on them. In that respect, they can be thought of as a new kind of financial instrument. The kind that seamlessly combines the properties of currencies, commodities, and shares of ownership into a single digital token. These new instruments require that we develop and apply new analytical frameworks to value them, much like the concepts of equities and derivatives did when they first emerged as new financial instruments. 5.Developed Economies Do Not Need Blockchain Technology Because They Have Well-Established Financial/Commercial Solutions. While it is easy to see how the blockchain technology could unlock a lot of value in the emerging markets, the idea that developed economies do not benefit from this technology is short-sighted. It is akin to saying that cell phones are a great technology for emerging markets, but developed markets already have land lines, hence do not need them. In a similar vein, we could argue that developed countries do not need internet because most of what internet could do already exists in analog form. We have to realize that (i) at its core, blockchain is a paradigm-shifting infrastructure/technology and (ii) despite its nascent stage, blockchain is extremely cost-effective… To a degree that it has the capacity to fundamentally disrupt a slew economic sectors out of existence, from banking to real estate, and create new ones. When we accept this eventuality, we will have to face some uncomfortable truths that many sectors will not exist in their current form or entirely disappear. Currently these sectors provide economic value, employment and generate taxes. If some blockchain-based solution is to replace them in 3-5 years, where would that value migrate? Losing them to open blockchain networks would not be acceptable politically or economically for many developed countries. One way out of this could be for developed countries to invest in national networks, allowing them to reap the benefits of this new technology, while retaining value from economic activity of their citizens and companies within their jurisdictions. Another, more realistic way, would be to invest heavily into friendly legal frameworks that would encourage both individuals and companies that would ultimately develop or maintain open blockchain protocols migrate to these jurisdictions, drawing in talent, capital and innovation. One thing is becoming increasingly clear: we can no longer ignore the elephant in the room. Much like digital cameras and internet itself, blockchain is unstoppable. If you like this article and would like to have access to our in-depth research in the future, please consider staking with skylight pool (tickers SKY and SKY2). We are working hard to create a suitable space on pooltool.io to disseminate our research to our verified stakeholders. Connect with us: Twitter: u/RealSaidov TG: u/SkyLightPool Website: skylightpool.com
Bitcoin is popular across due to its robust technologies as well as substantial market value. It has the potential to ensure huge and more profits compared to other currencies. As it controls the market, other currencies get affected when Bitcoin experiences any price fluctuations. Bitcoin is a preferred choice for most traders and investors in the currency industry. The reliability makes it a perfect choice for online and offline stores to use it as a payment method. Many show interest in Bitcoin. However, common people have a limited idea about it. They do not know where to buy it and how to use it while buying a commodity. In this article, we are going to answer all your queries related to Bitcoin. Keep reading to know how to be benefited from Bitcoin.
How to Buy Bitcoin
1. Start with a Wallet
You will need a wallet to store Bitcoin. You can link your wallet with leather wallets that you use for fiat currency. It can also house Bitcoin. When it comes to wallets, you will find many options to choose from. Some of them are introduced by popular developers and other leading names in the industry. You can operate a wallet offline and online. You will have to research on available wallets to choose the best one to store your Bitcoin.
Things to Consider While Choosing A Wallet
Ease of Use: Make sure that the wallet is easy to use. A simple layout and easy-to-use features will enable you to open an account without any additional help. Otherwise, you might find it hard to operate your wallet. Go with the easy one as you are a beginner. While buying a wallet, you will have to enter some personal details that include your name, phone number, and email address. After entering your details, you will have to secure your wallet with a strong password and then complete the verification. If you want more protection, you can go with offline cold storage. However, you might need to offer some additional information for the cold storage.
Superior Security: While choosing a wallet, you will have to ensure that it has robust security features in addition to a strong password. Some reliable and reputed wallets offer the best security with two-step verification and advanced encryption key to protect accounts from a cyber hack.
2. Find A Reliable Bitcoin Trader
Choose a secure and easy-to-use wallet and then look for a trustworthy and reputed Bitcoin trader. While choosing a trader, your focus should be on the legit and trusted trader to make your first purchase safe and hassle-free. You can consider a peer-to-peer platform or online exchanger. These two are different and work in specific and different ways. You need to open an account on the platform you find worth investing in. Here are a few things you need to go through while opening an account on any of the above two platforms:
Visit their website and click on the sign in or register button.
Enter all the required data that includes your name, phone no, and email ID.
Create a strong, secure, and secret password.
The last step is verification. The website might ask for documents during the verification.
After going through all these steps, you can have your account. Next, you will have to choose a payment method that you will use for the transactions.
Peer-to-Peer Vs Exchange Platforms
With exchanges, you can sell or buy Bitcoins on market trends. The exchange platform is considered easy for beginners. It will pair you with sellers mostly one with the lowest offer. You can pair with multiple sellers or one seller. You will have the freedom to choose the best seller depending on availability. The peer-to-peer platform will not allow users to trade or exchange Bitcoin. The sellers and buyers will come together on the site to plan trades. You can consider trading both offline and online.
How to Choose the Payment Mode
You can expect different types of payment options regardless of the platform you prefer. Peer-to-peer and exchange platforms support flexible payment methods. You can use your credit or debit card for deposits. Some other options are e-wallets and PayPal. You can use any of them to purchase Bitcoin. While choosing any of these two platforms, you will have to ensure that they offer many deposit options. By doing so, you can find the most suitable deposit option. All the payment options are not the same. The speed of the delivery and time will vary depending on the deposit option. So, make sure that you are choosing an option that ensures fast withdrawal and deposits. A few platforms are known for offering direct wire transfer. The wire transfer will ensure fast deposits and withdrawals. You can choose any option depending on your convenience. If you are using your e-wallet or card for deposits, you should consider other payment modes instead of direct wire transfer.
Buy & Store Bitcoin
You need to place an order on exchange platforms to buy Bitcoin. Once you place the order, it will move into booking. The booked order will be paired with the involved sellers to find the most affordable rate. The Bitcoin will be reflected in your account immediately after completing the transaction. As Bitcoin will show on your exchange account, you will have to transfer it from the platform into your wallet that you have created much before.
Plan the Next Step
The crypto industry is volatile. So, you will have to act smart to make money from the volatile market condition. The price might drop and rise suddenly. Before planning any investment, you should understand the market condition. You should observe the market and research the trades before purchasing Bitcoin. If you find the market condition unfavorable, you can store the Bitcoin and use it when the market condition indicates a profit. However, it is suggested to use the Bitcoin immediately to complete a transaction or place a trade.
In the current condition, a few crypto ATMs allow traders to trade their fiat for Bitcoin directly. But these ATMs are limited and not available in all the locations. So, you will have to consider other reliable methods to avoid fraud. Enhanced security is a must in the currency trade.
Hello. I use the Wasabi app with the Coldcard MK3 cold wallet connection. Left Bitcoin for storage in the wallet. Recently I wanted to make a Deposit to my wallet, but I discovered that there is a missing amount of Bitcoin on my balance. There is also a transfer to an address unknown to me. I did not make this transfer and did not confirm it. I want to find out how I lost my Bitcoin Or what vulnerability I have. When creating a wallet and installing the app, I followed all the security instructions, as well as used virus protection tools on my computer and used genuine original software.
Hello. I use the Electrum app with the Coldcard MK3 cold wallet connection. Left Bitcoin for storage in the wallet. Recently I wanted to make a Deposit to my wallet, but I discovered that there is a missing amount of Bitcoin on my balance. There is also a transfer to an address unknown to me. I did not make this transfer and did not confirm it. I want to find out how I lost my Bitcoin Or what vulnerability I have. When creating a wallet and installing the app, I followed all the security instructions, as well as used virus protection tools on my computer and used genuine original software.
On my ledger when I create an address and send something the address, next time I create one with the receive button it's a new one. I'm not entirely sure but that's how it seemed to me so far. Now I know it's possible to send bitcoin to the same address as many times as you want. But I also think there's a reason why ledger creates a new one every time. Why is that? I'm about to migrate my bitcoin to my new cold storage. Ledger nano s to x. I don't like sending my whole stash all at once. It's so stressful. So what I want to do is sending a small test amount first, see if it shows up on the new account and then send the rest. Is it completely safe to make send both transactions to the same address? Because when I send the small amount and then clicked receive again on my old nano s then a different address would show up.
The fee schedule below provides the applicable rate based on the account's 30-Day Volume and if the order is a maker or taker. Bittrex Global Fee30 Day Volume (USD)MakerTaker$0k - $50k0.2%0.2%$50k - $1M0.12%0.18%$1M - $10M0.05%0.15%$10M - $60M0.02%0.1%$60M+0%0.08%>$100MContact TAM representative Trading expenses are incurred when an order is prepared by means of the Bittrex worldwide matching engine. While an order is being executed, the purchaser and the vendor are charged a rate primarily based on the order’s amount. The fee charged by Bittrex exchange is calculated by the formula amount * buy rate * fee. There aren't any charges for placing an order which is not being executed so far. Any portion of an unfinished order will be refunded completely upon order cancelation. Prices vary depending on the currency pair, monthly trade volume, and whether the order is a maker or taker. Bittrex reserves the right to alternate fee quotes at any time, including offering various discounts and incentive packages.
Your buying and selling volume affects the fee you pay for every order. Our expenses are built to encourage customers who ensure liquidity in the Bittrex crypto exchange markets. Your buying and selling charges are reduced according to your trade volume for the last 30 years in dollars. Bittrex calculates the 30-day value every day, updating every account's volume calculation and buying and selling charge between of 12:30 AM UTC and 01:30 AM UTC every day. You can check your monthly trade volume by logging in and opening Account > My Activity. https://preview.redd.it/n1djh2ob4zh51.jpg?width=974&format=pjpg&auto=webp&s=2eebb9c9ac63de207c4dd2e49bc45aeb53a8dec8
6. Withdrawing Funds
Withdrawing any type of funds is likewise simple. You can profit by buying and selling Bitcoin, Ether, or any other cryptocurrency. You determine the crypto address—to which the amount will be credited—and the transaction amount. The withdrawal fee will be automatically calculated and shown right away. After confirming the transaction, the finances will be sent to the specified addresses and all that you need to do is to wait for the community to confirm the transaction. If the 2FA is enabled, then the user receives a special code (via SMS or application) to confirm the withdrawal.
7. How to Trade on Bittrex Global
Currency selling and buying transactions are performed using the Sell and Buy buttons, accordingly. To begin with, the dealer selects a currency pair and sees a graph of the rate dynamics and different values for the pair. Below the chart, there is a section with orders where the user can buy or sell a virtual asset. To create an order, you just need to specify the order type, price, and quantity. And do not forget about the 0.25% trade fee whatever the quantity. For optimum profit, stay with liquid assets as they can be quickly sold at a near-market rate effective at the time of the transaction. Bittrex offers no referral program; so buying and selling crypto is the easiest way to earn. https://preview.redd.it/hopm6fih4zh51.jpg?width=1302&format=pjpg&auto=webp&s=68c0aaae86f64c3e6b9d351c3df2a9c331f94038
Bittrex helps you alternate Limit and Stop-Limit orders. A limit order or a simple limit order is performed when the asset fee reaches—or even exceeds—the price the trader seeks. To execute such an order, it is required that there's a counter market order on the platform that has the identical fee as the limit order.
Differences between Limit Order and Stop Limit Order
A stop limit order is a mixture of a stop limit order and a limit order. In such an application, charges are indicated—a stop charge and the limit.
Let’s discuss how you could trade conveniently with our service. The key features include a user-friendly interface and precise currency pair statistics (timeframe graphs, network data, trade volumes, and so forth). The platform’s top-notch advantage is handy, easy-to-analyze, customizable charts. There is also a column for quick switching between currency pairs and an order panel beneath the fee chart. Such an all-encompassing visual solution helps compare orders efficiently and in one place. You can use the terminal in a day or night mode; when in the night mode, the icon in the upper-right corner changes and notice the Bittrex trading terminal in night mode is displayed. The main menu consists of 4 sections: Markets, Orders, Wallets, Settings. Markets are the trade section. Bittrex allows handling over 270 currency pairs. Orders. To see all open orders, go to Orders → Open. To see completed orders, go to Orders → Completed. Wallets. The Wallets tab displays many wallets for all cryptocurrencies supported by the exchange and the current balance of each of them. After refilling the balance or creating a buy or sale order, you will see all actions in the section. Bittrex allows creating a separate wallet for every coin. Additionally, you can see how the coin price has changed, in terms of percentage, throughout the day. Here’s what you can also do with your wallets:
Hide zero balances: hide currencies with zero balance
Green and red arrows: replenish balance/withdraw funds
Find: search for a cryptocurrency
The Settings section helps manage your account, verification, 2FA, password modification, API connection, and many more.
How to Sell
The process of selling crypto assets follows the same algorithm. The only difference is that after choosing the exchange direction, you need to initiate a Sell order. All the rest is similar: you select the order type, specify the quantity and price, and click Sell *Currency Name* (Sell Bitcoin in our case). If you scroll the screen, the entire history of trades and orders will be displayed below.
LONG and SHORT
You can make a long deal or a short deal. Your choice depends on whether you expect an asset to fall or rise in price. Long positions are a classic trading method. It concerns purchasing an asset to profit when its value increases. Long positions are carried out through any brokers and do not require a margin account. In this case, the trader’s account must have enough funds to cover the transaction. Losses in a long position are considered to be limited; no matter when the trade starts, the price will not fall below zero with all possible errors. Short positions, in contrast, are used to profit from a falling market. A trader buys a financial instrument from a broker and sells it. After the price reaches the target level, the trader buys back the assets or buys them to pay off the initial debt to the broker. A short position yields profit if the price falls, and it is considered unprofitable the price matches the asset value. Performing a short order requires a margin account as a trader borrows valuable assets from a broker to complete a transaction. Long transactions help gain from market growth; short from a market decline.
Trade via API
Bittrex also supports algorithmic trading through extensive APIs (application programming interface), which allows you to automate the trading process using third-party services. To create an API key, the user must enable the two-factor authentication 2FA, verify their account, and log in to the site within 3 minutes. If all the requirements of the system are fulfilled, you can proceed to generate the API key. Log in to your Bittrex account, click Settings. Find API Keys. Click Add new key (Create a new key). Toggle on / off settings for READ INFO, TRADE, or WITHDRAW, depending on what functionality you want to use for our API key. Click Save and enter the 2FA code from the authenticator → Confirm. The secret key will be displayed only once and will disappear after the page is refreshed. Make sure you saved it! To delete an API key, click X in the right corner for the key that you want to delete, then click Save, enter the 2FA code from the authenticator and click Confirm.
Bittrex Bot, a Trader’s Assistant
Robotized programs that appeared sometimes after the appearance of cryptocurrency exchanges save users from monotonous work and allow automating the trading process. Bots for trading digital money work like all the other bots: they perform mechanical trading according to the preset parameters. Currently, one of Bittrex’s most popular trading bots is Bittrex Flash Crash Buyer Bot that helps traders profit from altcoin volatility without missing the right moment. The program monitors all the market changes in the market every second; also, it even can place an order in advance. The Bittrex bot can handle a stop loss—to sell a certain amount of currency when the rate changes in a favorable direction and reaches a certain level.
8. Secure Platform
Bittrex Global employs the most reliable and effective security technologies available. There are many cases of theft, fraud. It is no coincidence that the currency is compared to the Wild West, especially if we compare the 1800s when cowboys rushed to the West Coast of America to earn and start something new in a place that had no rules. Cryptocurrency is still wild. One can earn and lose money fast. But Bittrex has a substantial security policy thanks to the team’s huge experience in security and development for companies such as Microsoft, Amazon, Qualys, and Blackberry. The system employs an elastic, multi-stage holding strategy to ensure that the majority of funds are kept in cold storage for extra safety. Bittrex Global also enables the two-factor authentication for all users and provides a host of additional security features to provide multiple layers of protection. Bittrex cold wallet: https://bitinfocharts.com/en/bitcoin/address/385cR5DM96n1HvBDMzLHPYcw89fZAXULJP
Bittrex Global is a reliable and advanced platform for trading digital assets with a respected reputation, long history, and active market presence and development nowadays. The exchange is eligible to be used globally, including the US and its territories. The legal component of Bittrex Global is one of the most legitimate among numerous crypto-asset exchanges. The Bittrex team has had great ambitions and managed to deliver promises and more. The exchange staff comprises forward-thinking and exceptional individuals whose success is recognized in the traditional business and blockchain sector. Bittrex's purpose is to be the driving force in the blockchain revolution, expanding the application, importance, and accessibility of this game-changing technology worldwide. The exchange fosters new and innovative blockchain and related projects that could potentially change the way money and assets are managed globally. Alongside innovation, safety will always be the main priority of the company. The platform utilizes the most reliable and effective practices and available technologies to protect user accounts. Bittrex customers have always primarily been those who appreciate the highest degree of security. Because of the way the Bittrex trading platform is designed, it can easily scale to always provide instant order execution for any number of new customers. Bittrex supports algorithmic trading and empowers its customers with extensive APIs for more automated and profitable trading. One of the common features which is not available on the exchange is margin trading. No leverage used however adds up to the exchange's stability and prevents fast money seekers and risky traders from entering the exchange. Bittrex is a force of the blockchain revolution and an important entity of the emerging sector. The full version First part Second part
In this guide you'll learn how to boot Bitkey to create a 'cold storage' offline Bitcoin wallet, which is never directly connected to the internet. This protects it both from online hackers and ... You can use Tails to create a bitcoin seed in cold storage. This seed will be created in a machine with no connection to the internet. In this guide I use a virtual machine, but you can use a real machine running Tails in a DVD. Before booting Tails do the following: Disconnect every device connected to your computer, leaving only the mouse. (e.g: printer, external hard drive, usb sticks and ... If you care about security and don't feel like buying Trezor, you may want to keep your bitcoins in an offline wallet also known as cold storage.. Cold storage is a wallet that isn't connected to any network thus it's not vulnerable to online attacks.It can only be accessed physically which makes it very secure.. To set up one, you need an (old) computer and a wallet software that is able to ... Users can lose bitcoin and other cryptocurrency tokens as a result of theft, computer failure, loss of access keys and more. Cold storage (or offline wallets) is one of the safest methods for ... Cold storage, also known as a cold storage wallet, is the opposite of a hot wallet where your Bitcoin is kept online. Since Bitcoin is a digital asset, keeping them online increases your risk or attack surface for having your bitcoin stolen when kept online using a custodial service. By keeping your bitcoin in cold storage, your attack surface is greatly diminished.
Bitcoin Cold Storage Part 2: Building a Cold Storage Netbook with Electrum
The following is a tutorial about creating a 99.9% secure paper wallet for storing your Bitcoins in cold storage. Link to Ubuntu download: http://www.ubuntu.... In part 2 we built a cold storage system with an inexpensive netbook. In part 3 we learn how to use it. We'll step through an entire transaction as well as point out a few more security tips. How to create a Ripple XRP Cold Storage Wallet Andre Ventura. Loading... Unsubscribe from Andre Ventura? ... Bitcoin Explained Simply for Dummies - Duration: 12:49. 99Bitcoins 531,395 views. 12:49 ... I created this video with the YouTube Video Editor (https://www.youtube.com/editor) How to Create a Bitcoin Cold Storage Wallet Using Electrum - Duration: 35:15. Rex Kneisley 6,532 views. 35:15. OBS Studio Tutorial (Make Your Streams Look Pro) - Duration: 17:49. ...