Transactions — Bitcoin

How to get the raw transaction in hex format? /r/Bitcoin

How to get the raw transaction in hex format? /Bitcoin submitted by BitcoinAllBot to BitcoinAll [link] [comments]

NEAR PROJECT REPORT

NEAR PROJECT REPORT
Author: Gamals Ahmed, CoinEx Business Ambassador
https://preview.redd.it/xbnvecjn71t51.png?width=1164&format=png&auto=webp&s=acfd141ead035ee156f218eec9fc41288142a922

ABSTRACT

The effects of the web by a number of companies have seduced a large number of users as these companies keep their data to prevent them from searching for alternatives. Likewise, these huge platforms have attracted applications to build their highest ecosystems before either severing access or actively opposing their interests when the applications became so successful. As a result, these walled gardens have effectively hindered innovation and monopolized large sections of the web. After the emergence of blockchain technology and decentralized cryptocurrencies, the need for applications to support decentralization has emerged. Several blockchain-based companies, applications and platforms have appeared in decentralization. In this research report, we will explain the approach adopted by the NEAR decentralization platform in designing and implementing the basic technology for its system. Near is a basic platform for cloud computing and decentralized storage managed by the community, designed to enable the open web for the future. On this web, everything can be created from new currencies to new applications to new industries, opening the door to an entirely new future.

1. INTRODUCTION

The richness of the web is increasing day by day with the combined efforts of millions of people who have benefited from “innovation without permission” as content and applications are created without asking anyone. this lack of freedom of data has led to an environment hostile to the interests of its participants. And as we explained in the summary previously, web hosting companies have hindered innovation and greatly monopolized the web.
In the future, we can fix this by using new technologies to re-enable the permissionless innovation of the past in a way, which creates a more open web where users are free and applications are supportive rather than adversarial to their interests.
Decentralization emerged after the global financial crisis in 2008, which created fundamental problems of confidence in the heavily indebted banking system. Then the decentralized financial sector based on Blockchain technology has emerged since 2009.
Decentralized Blockchain technology has made it easy for decentralized digital currencies like Bitcoin to exchange billions of dollars in peer-to-peer transfers for a fraction of the price of a traditional banking system. This technology allows participants in the over $ 50 billion virtual goods economy to track, own and trade in these commodities without permission. It allows real-world goods to cross into the digital domain, with verified ownership and tracking just like that of the digital.
By default, the Internet where freedom of data enables innovation will lead to the development of a new form of software development. On this web, developers can quickly create applications from open state components and boost their efforts by using new business models that are enabled from within the program itself rather than relying on parasitic relationships with their users. This not only accelerates the creation of applications that have a more honest and cooperative relationship with its users, but also allows the emergence of completely new business built on them.
To enable these new applications and the open web, it needs the appropriate infrastructure. The new web platform cannot be controlled by a single entity and its use is not limited due to insufficient scalability. It should be decentralized in design like the web itself and supported by a community of distributors widely so that the value they store cannot be monitored, modified or removed without permission from the users who store this value on their behalf.
A new decentralization technology (Blockchain), which has facilitated decentralized digital currencies like Bitcoin, has made billions of dollars in peer-to-peer transfers at a fraction of the price of the traditional banking system. This technology allows participants in the $ 50 billion + virtual goods economy to track, own and trade in these goods without permission. It allows real-world goods to cross into the digital domain, with verified ownership and tracking just like that of the digital.
Although the cost of storing data or performing a calculation on the Ethereum blockchain is thousands and millions of times higher than the cost of performing the same functionality on Amazon Web Services. A developer can always create a “central” app or even a central currency for a fraction of the cost of doing the same on a decentralized platform because a decentralized platform, by definition, will have many iterations in its operations and storage.
Bitcoin can be thought of as the first, very basic, version of this global community-run cloud, though it is primarily used only to store and move the Bitcoin digital currency.
Ethereum is the second and slightly more sophisticated version, which expanded the basic principles of Bitcoin to create a more general computing and storage platform, though it is a raw technology, which hasn’t achieved meaningful mainstream adoption.

1.1 WHY IS IT IMPORTANT TO PAY THE EXTRA COST TO SUPPORT DECENTRALIZATION?

Because some elements of value, for example bits representing digital currency ownership, personal identity, or asset notes, are very sensitive. While in the central system, the following players can change the value of any credits they come into direct contact with:
  1. The developer who controls the release or update of the application’s code
  2. The platform where the data is stored
  3. The servers which run the application’s code
Even if none of these players intend to operate with bad faith, the actions of governments, police forces and hackers can easily turn their hands against their users and censor, modify or steal the balances they are supposed to protect.
A typical user will trust a typical centralized application, despite its potential vulnerabilities, with everyday data and computation. Typically, only banks and governments are trusted sufficiently to maintain custody of the most sensitive information — balances of wealth and identity. But these entities are also subject to the very human forces of hubris, corruption and theft.
Especially after the 2008 global financial crisis, which demonstrated the fundamental problems of confidence in a highly indebted banking system. And governments around the
world apply significant capital controls to citizens during times of crisis. After these examples, it has become a truism that hackers now own most or all of your sensitive data.
These decentralized applications operate on a more complex infrastructure than today’s web but they have access to an instantaneous and global pool of currency, value and information that today’s web, where data is stored in the silos of individual corporations, cannot provide.

1.2 THE CHALLENGES OF CREATING A DECENTRALIZED CLOUD

A community-run system like this has very different challenges from centralized “cloud” infrastructure, which is running by a single entity or group of known entities. For example:
  1. It must be both inclusive to anyone and secure from manipulation or capture.
  2. Participants must be fairly compensated for their work while avoiding creating incentives for negligent or malicious behavior.
  3. It must be both game theoretically secure so good actors find the right equilibrium and resistant to manipulation so bad actors are actively prevented from negatively affecting the system.

2. NEAR

NEAR is a global community-run computing and storage cloud which is organized to be permissionless and which is economically incentivized to create a strong and decentralized data layer for the new web.
Essentially, it is a platform for running applications which have access to a shared — and secure — pool of money, identity and data which is owned by their users. More technically, it combines the features of partition-resistant networking, serverless compute and distributed storage into a new kind of platform.
NEAR is a community-managed, decentralized cloud storage and computing platform, designed to enable the open web in the future. It uses the same core technology for Bitcoin and Blockchain. On this web, everything can be created from new currencies to new applications to new industries, opening the door to an entirely new future.
NEAR is a decentralized community-run cloud computing and storage platform, which is designed to enable the open web of the future. On this web, everything from new currencies to new applications to new industries can be created, opening the door to a brand new future.
NEAR is a scalable computing and storage platform with the potential to change how systems are designed, how applications are built and how the web itself works.
It is a complex technology allow developers and entrepreneurs to easily and sustainably build applications which reap the benefits of decentralization and participate in the Open Web while minimizing the associated costs for end users.
NEAR creates the only community-managed cloud that is strong enough to power the future of the open web, as NEAR is designed from the ground up to deliver intuitive experiences to
end users, expand capacity across millions of devices, and provide developers with new and sustainable business models for their applications.
The NEAR Platform uses a token — also called “NEAR”. This token allows the users of these cloud resources, regardless of where they are in the world, to fairly compensate the providers of the services and to ensure that these participants operate in good faith.

2.1 WHY NEAR?

Through focus, we find that Platforms based on blockchain technologies like Bitcoin and Ethereum have made great progress and enriched the world with thousands of innovative applications spanning from games to decentralized financing.
However, these original networks and none of the networks that followed were not able to bridge the gap towards mainstream adoption of the applications created above them and do not provide this type of standard that fully supports the web.
This is a result of two key factors:
  1. System design
  2. Organization design
System design is relevant because the technical architecture of other platforms creates substantial problems with both usability and scalability which have made adoption nearly impossible by any but the most technical innovators. End-users experience 97–99% dropoff rates when using applications and developers find the process of creating and maintaining their applications endlessly frustrating.
Fixing these problems requires substantial and complex changes to current protocol architectures, something which existing organizations haven’t proven capable of implementing. Instead, they create multi-year backlogs of specification design and implementation, which result in their technology falling further and further behind.
NEAR’s platform and organization are architected specifically to solve the above-mentioned problems. The technical design is fanatically focused on creating the world’s most usable and scalable decentralized platform so global-scale applications can achieve real adoption. The organization and governance structure are designed to rapidly ship and continuously evolve the protocol so it will never become obsolete.

2.1.1 Features, which address these problems:

1. USABILITY FIRST
The most important problem that needs to be addressed is how to allow developers to create useful applications that users can use easily and that will capture the sustainable value of these developers.
2. End-User Usability
Developers will only build applications, which their end users can actually use. NEAR’s “progressive security” model allows developers to create experiences for their users which more closely resemble familiar web experiences by delaying onboarding, removing the need for user to learn “blockchain” concepts and limiting the number of permission-asking interactions the user must have to use the application.
1. Simple Onboarding: NEAR allows developers to take actions on behalf of their users, which allows them to onboard users without requiring these users to provide a wallet or interact with tokens immediately upon reaching an application. Because accounts keep track of application-specific keys, user accounts can also be used for the kind of “Single Sign On” (SSO) functionality that users are familiar with from the traditional web (eg “Login with Facebook/Google/Github/etc”).
2. Easy Subscriptions: Contract-based accounts allow for easy creation of subscriptions and custom permissioning for particular applications.
3. Familiar Usage Styles: The NEAR economic model allows developers to pay for usage on behalf of their users in order to hide the costs of infrastructure in a way that is in line with familiar web usage paradigms.
4. Predictable Pricing: NEAR prices transactions on the platform in simple terms, which allow end-users to experience predictable pricing and less cognitive load when using the platform.

2.1.2 Design principles and development NEAR’s platform

1. Usability: Applications deployed to the platform should be seamless to use for end users and seamless to create for developers. Wherever possible, the underlying technology itself should fade to the background or be hidden completely from end users. Wherever possible, developers should use familiar languages and patterns during the development process. Basic applications should be intuitive and simple to create while applications that are more robust should still be secure.
2. Scalability: The platform should scale with no upper limit as long as there is economic justification for doing so in order to support enterprise-grade, globally used applications.
3. Sustainable Decentralization: The platform should encourage significant decentralization in both the short term and the long term in order to properly secure the value it hosts. The platform — and community — should be widely and permissionlessly inclusive and actively encourage decentralization and participation. To maintain sustainability, both technological and community governance mechanisms should allow for practical iteration while avoiding capture by any single parties in the end.
4. Simplicity: The design of each of the system’s components should be as simple as possible in order to achieve their primary purpose. Optimize for simplicity, pragmatism and ease of understanding above theoretical perfection.

2.2 HOW NEAR WORKS?

NEAR’s platform provides a community-operated cloud infrastructure for deploying and running decentralized applications. It combines the features of a decentralized database with others of a serverless compute platform. The token, which allows this platform to run also, enables applications built on top of it to interact with each other in new ways. Together, these features allow developers to create censorship resistant back-ends for applications that deal with high stakes data like money, identity, assets, and open-state components, which interact seamlessly with each other. These application back-ends and components are called “smart contracts,” though we will often refer to these all as simply “applications” here.
The infrastructure, which makes up this cloud, is created from a potentially infinite number of “nodes” run by individuals around the world who offer portions of their CPU and hard drive space — whether on their laptops or more professionally deployed servers. Developers write smart contracts and deploy them to this cloud as if they were deploying to a single server, which is a process that feels very similar to how applications are deployed to existing centralized clouds.
Once the developer has deployed an application, called a “smart contract”, and marked it unchangeable (“immutable”), the application will now run for as long as at least a handful of members of the NEAR community continue to exist. When end users interact with that deployed application, they will generally do so through a familiar web or mobile interface just like any one of a million apps today.
In the central cloud hosted by some companies today like: Amazon or Google, developers pay for their apps every month based on the amount of usage needed, for example based on the number of requests created by users visiting their webpages. The NEAR platform similarly requires that either users or developers provide compensation for their usage to the community operators of this infrastructure. Like today’s cloud infrastructure, NEAR prices usage based on easy to understand metrics that aren’t heavily influenced by factors like system congestion. Such factors make it very complicated for developers on alternative blockchain-based systems today.
In the centralized cloud, the controlling corporation makes decisions unilaterally. NEAR community-run cloud is decentralized so updates must ultimately be accepted by a sufficient quorum of the network participants. Updates about its future are generated from the community and subject to an inclusive governance process, which balances efficiency and security.
In order to ensure that the operators of nodes — who are anonymous and potentially even malicious — run the code with good behavior, they participate in a staking process called “Proof of Stake”. In this process, they willingly put a portion of value at risk as a sort of deposit, which they will forfeit if it is proven that they have operated improperly.

2.2.1 Elements of the NEAR’s Platform

The NEAR platform is made up of many separate elements. Some of these are native to the platform itself while others are used in conjunction with or on top of it.
1. THE NEAR TOKEN
NEAR token is the fundamental native asset of the NEAR ecosystem and its functionality is enabled for all accounts. Each token is a unique digital asset similar to Ether, which can be used to:
a) Pay the system for processing transactions and storing data.
b) Run a validating node as part of the network by participating in the staking process.
c) Help determine how network resources are allocated and where its future technical direction will go by participating in governance processes.
The NEAR token enables the economic coordination of all participants who operate the network plus it enables new behaviors among the applications which are built on top of that network.
2. OTHER DIGITAL ASSETS
The platform is designed to easily store unique digital assets, which may include, but aren’t limited to:
  • Other Tokens: Tokens bridged from other chains (“wrapped”) or created atop the NEAR Platform can be easily stored and moved using the underlying platform. This allows many kinds of tokens to be used atop the platform to pay for goods and services. “Stablecoins,” specific kinds of token which are designed to match the price of another asset (like the US Dollar), are particularly useful for transacting on the network in this way.
  • Unique Digital Assets: Similar to tokens, digital assets (sometimes called “Non Fungible Tokens” (NFTs) ranging from in-game collectibles to representations of real-world asset ownership can be stored and moved using the platform.
3. THE NEAR PLATFORM
The core platform, which is made up of the cloud of community-operated nodes, is the most basic piece of infrastructure provided. Developers can permissionlessly deploy smart contracts to this cloud and users can permissionlessly use the applications they power. Applications, which could range from consumer-facing games to digital currencies, can store their state (data) securely on the platform. This is conceptually similar to the Ethereum platform.
Operations that require an account, network use, or storage at the top of the platform require payment to the platform in the form of transaction fees that the platform then distributes to its community from the authentication contract. These operations could include creating new accounts, publishing new contracts, implementing code by contract and storing or modifying data by contract.
As long as the rules of the protocol are followed, any independent developer can write software, which interfaces with it (for example, by submitting transactions, creating accounts or even running a new node client) without asking for anyone’s permission first.
4. THE NEAR DEVELOPMENT SUITE
Set of tools and reference implementations created to facilitate its use by those developers and end users who prefer them. These tools include:
  • NEAR SDKs: NEAR platform supports (Rust and AssemblyScript) languages to write smart contracts. To provide a great experience for developers, NEAR has a full SDK, which includes standard data structures, examples and testing tools for these two languages.
  • Gitpod for NEAR: NEAR uses existing technology Gitpod to create zero time onboarding experience for developers. Gitpod provides an online “Integrated Development Environment” (IDE), which NEAR customized to allow developers to easily write, test and deploy smart contracts from a web browser.
  • NEAR Wallet: A wallet is a basic place for developers and end users to store the assets they need to use the network. NEAR Wallet is a reference implementation that is intended to work seamlessly with the progressive security model that lets application developers design more effective user experiences. It will eventually include built-in functionality to easily enable participation by holders in staking and governance processes on the network.
  • NEAR Explorer: To aid with both debugging of contracts and the understanding of network performance, Explorer presents information from the blockchain in an easily digestible web-based format.
  • NEAR Command Line Tools: The NEAR team provides a set of straightforward command line tools to allow developers to easily create, test and deploy applications from their local environments.
All of these tools are being created in an open-source manner so they can be modified or deployed by anyone.

3. ECONOMIC

Primarily economic forces drive the ecosystem, which makes up the NEAR platform. This economy creates the incentives, which allow participants permissionlessly organize to drive the platform’s key functions while creating strong disincentives for undesirable, irresponsible or malicious behavior. In order for the platform to be effective, these incentives need to exist both in the short term and in the long term.
The NEAR platform is a market among participants interested in two aspects:
  • On the supply side, certification contract operators and other core infrastructure must be motivated to provide these services that make up the community cloud.
  • On the demand side, platform developers and end-users who pay for their use need to be able to do so in a simple, clear and consistent way that helps them.
Further, economic forces can also be applied to support the ecosystem as a whole. They can be used at a micro level to create new business models by directly compensating the developers who create its most useful applications. They can also be used at a macro level by coordinating the efforts of a broader set of ecosystem participants who participate in everything from education to governance.

3.1 NEAR ECONOMY DESIGN PRINCIPLES

NEAR’s overall system design principles are used to inform its economic design according to the following interpretations:
1. Usability: End users and developers should have predictable and consistent pricing for their usage of the network. Users should never lose data forever.
2. Scalability: The platform should scale at economically justified thresholds.
3. Simplicity: The design of each of the system’s components should be as simple as possible in order to achieve their primary purpose.
4. Sustainable Decentralization: The barrier for participation in the platform as a validating node should be set as low as possible in order to bring a wide range of participants. Over time, their participation should not drive wealth and control into the hands of a small number. Individual transactions made far in the future must be at least as secure as those made today in order to safeguard the value they modify.

3.2 ECONOMIC OVERVIEW

The NEAR economy is optimized to provide developers and end users with the easiest possible experience while still providing proper incentives for network security and ecosystem development.
Summary of the key ideas that drive the system:
  • Thresholded Proof of Stake: Validating node operators provide scarce and valuable compute resources to the network. In order to ensure that the computations they run are correct, they are required to “stake” NEAR tokens, which guarantee their results. If these results are found to be inaccurate, the staker loses their tokens. This is a fundamental mechanism for securing the network. The threshold for participating in the system is set algorithmically at the lowest level possible to allow for the broadest possible participation of validating nodes in a given “epoch” period (½ of a day).
  • Epoch Rewards: Node operators are paid for their service a fixed percentage of total supply as a “security” fee of roughly 4.5% annualized. This rate targets sufficient participation levels among stakers in order to secure the network while balancing with other usage of NEAR token in the ecosystem.
  • Protocol treasury: In addition to validators, protocol treasury received a 0.5% of total supply annually to continuously re-invest into ecosystem development.
  • Transaction Costs: Usage of the network consumes two separate kinds of resources — instantaneous and long term. Instantaneous costs are generated by every transaction because each transaction requires the usage of both the network itself and some of its computation resources. These are priced together as a mostly-predictable cost per transaction, which is paid in NEAR tokens.
  • Storage Costs: Storage is a long term cost because storing data represents an ongoing burden to the nodes of the network. Storage costs are covered by maintaining minimum balance of NEAR tokens on the account or contract. This provides indirect mechanism of payment via inflation to validators for maintaining contract and account state on their nodes.
  • Inflation: Inflation is determined as combination of payouts to validators and protocol treasury minus the collected transaction fees and few other NEAR burning mechanics (like name auction). Overall the maximum inflation is 5%, which can go down over time as network gets more usage and more transactions fees are burned. It’s possible that inflation becomes negative (total supply decreases) if there is enough fees burned.
  • Scaling Thresholds: In a network, which scales its capacity relative to the amount of usage it receives, the thresholds, which drive the network to bring on additional capacity are economic in nature.
  • Security Thresholds: Some thresholds, which provide for good behavior among participants are set using economic incentives. For example, “Fishermen” (described separately).
Full Report
submitted by CoinEx_Institution to Coinex [link] [comments]

How to verify if a transaction is correctly signed?

Given an arbitrary signed raw transaction, how can we easily verify if all inputs are correctly signed (admiting all UTXOs are present and fee is higher than zero)? I know there is an RPC command in bitcoin core testmempoolaccept but this will also check if all inputs are available to be spent in the mempool/blockchain and I want to test a transaction that is a child to a parent transaction that has not yet been broadcasted.
The signed transaction instance could have the scriptPubKey of the used utxos stored as metadata (since it needs to know these to sign each input) and use the stored utxos to perform this validation - alternatively, the verification method could ask for the scriptPubKeys of the utxos as input. I was looking for some nice way to do this in python but was surprised how neglected this task is:
EDIT: converting to PSBT is not possible/easy so the last option I mentioned won't work. I have the transactions in serialized 'network' format (what you get from `bitcoin-cli getrawtransaction hex')
EDIT2: escalated to bitcoin stack exchange: https://bitcoin.stackexchange.com/questions/96759/how-to-verify-if-a-transaction-is-correctly-signed
submitted by johnturtle to BitcoinBeginners [link] [comments]

Goxplorer 0.6.0, a Bitcoin blockchain explorer with embedded HTTP REST/JSON server and UTXO parsing support

Back in December, I announced here that I was working on a Bitcoin blockchain explorer with fairly basic capabilities, written from scratch with the Go language, mainly as a toy project. Back then it was only capable of reading raw block files and render them in JSON using various filters.
Six month later, with development going on and off, I am pleased to announce version 0.6.0 which is approaching the goal I was considering all along, being a self contained, self hosted blockchain explorer, only using Bitcoin blockchain's databases.
Goxplorer is capable of leveraging blocks index and chainstate LevelDB databases to fetch correct block files, meaning that you could search for a transaction involving an UTXO (chainstate only keeps track of those) only using your very bitcoin wallet / node.
The HTTP REST/JSON functionality permits to build a web client over it, I might even get into this as VueJS had me kind of liking it.
Finally, goxplorer has an easy to use callback system for programming plugins to be triggered at every transaction or block. A couple of examples, including a very naive bruteforcer, are available for the curious.
Homepage: https://imil.net/goxplore Binary releases for various popular platforms: https://gitlab.com/iMil/goxplore-/releases Source code: https://gitlab.com/iMil/goxplorer
As always, feedback is very welcome.
Edit: formatting Edit 2: release 0.6.1
submitted by iMil to Bitcoin [link] [comments]

Groestlcoin 6th Anniversary Release

Introduction

Dear Groestlers, it goes without saying that 2020 has been a difficult time for millions of people worldwide. The groestlcoin team would like to take this opportunity to wish everyone our best to everyone coping with the direct and indirect effects of COVID-19. Let it bring out the best in us all and show that collectively, we can conquer anything.
The centralised banks and our national governments are facing unprecedented times with interest rates worldwide dropping to record lows in places. Rest assured that this can only strengthen the fundamentals of all decentralised cryptocurrencies and the vision that was seeded with Satoshi's Bitcoin whitepaper over 10 years ago. Despite everything that has been thrown at us this year, the show must go on and the team will still progress and advance to continue the momentum that we have developed over the past 6 years.
In addition to this, we'd like to remind you all that this is Groestlcoin's 6th Birthday release! In terms of price there have been some crazy highs and lows over the years (with highs of around $2.60 and lows of $0.000077!), but in terms of value– Groestlcoin just keeps getting more valuable! In these uncertain times, one thing remains clear – Groestlcoin will keep going and keep innovating regardless. On with what has been worked on and completed over the past few months.

UPDATED - Groestlcoin Core 2.18.2

This is a major release of Groestlcoin Core with many protocol level improvements and code optimizations, featuring the technical equivalent of Bitcoin v0.18.2 but with Groestlcoin-specific patches. On a general level, most of what is new is a new 'Groestlcoin-wallet' tool which is now distributed alongside Groestlcoin Core's other executables.
NOTE: The 'Account' API has been removed from this version which was typically used in some tip bots. Please ensure you check the release notes from 2.17.2 for details on replacing this functionality.

How to Upgrade?

Windows
If you are running an older version, shut it down. Wait until it has completely shut down (which might take a few minutes for older versions), then run the installer.
OSX
If you are running an older version, shut it down. Wait until it has completely shut down (which might take a few minutes for older versions), run the dmg and drag Groestlcoin Core to Applications.
Ubuntu
http://groestlcoin.org/forum/index.php?topic=441.0

Other Linux

http://groestlcoin.org/forum/index.php?topic=97.0

Download

Download the Windows Installer (64 bit) here
Download the Windows Installer (32 bit) here
Download the Windows binaries (64 bit) here
Download the Windows binaries (32 bit) here
Download the OSX Installer here
Download the OSX binaries here
Download the Linux binaries (64 bit) here
Download the Linux binaries (32 bit) here
Download the ARM Linux binaries (64 bit) here
Download the ARM Linux binaries (32 bit) here

Source

ALL NEW - Groestlcoin Moonshine iOS/Android Wallet

Built with React Native, Moonshine utilizes Electrum-GRS's JSON-RPC methods to interact with the Groestlcoin network.
GRS Moonshine's intended use is as a hot wallet. Meaning, your keys are only as safe as the device you install this wallet on. As with any hot wallet, please ensure that you keep only a small, responsible amount of Groestlcoin on it at any given time.

Features

Download

iOS
Android

Source

ALL NEW! – HODL GRS Android Wallet

HODL GRS connects directly to the Groestlcoin network using SPV mode and doesn't rely on servers that can be hacked or disabled.
HODL GRS utilizes AES hardware encryption, app sandboxing, and the latest security features to protect users from malware, browser security holes, and even physical theft. Private keys are stored only in the secure enclave of the user's phone, inaccessible to anyone other than the user.
Simplicity and ease-of-use is the core design principle of HODL GRS. A simple recovery phrase (which we call a Backup Recovery Key) is all that is needed to restore the user's wallet if they ever lose or replace their device. HODL GRS is deterministic, which means the user's balance and transaction history can be recovered just from the backup recovery key.

Features

Download

Main Release (Main Net)
Testnet Release

Source

ALL NEW! – GroestlcoinSeed Savior

Groestlcoin Seed Savior is a tool for recovering BIP39 seed phrases.
This tool is meant to help users with recovering a slightly incorrect Groestlcoin mnemonic phrase (AKA backup or seed). You can enter an existing BIP39 mnemonic and get derived addresses in various formats.
To find out if one of the suggested addresses is the right one, you can click on the suggested address to check the address' transaction history on a block explorer.

Features

Live Version (Not Recommended)

https://www.groestlcoin.org/recovery/

Download

https://github.com/Groestlcoin/mnemonic-recovery/archive/master.zip

Source

ALL NEW! – Vanity Search Vanity Address Generator

NOTE: NVidia GPU or any CPU only. AMD graphics cards will not work with this address generator.
VanitySearch is a command-line Segwit-capable vanity Groestlcoin address generator. Add unique flair when you tell people to send Groestlcoin. Alternatively, VanitySearch can be used to generate random addresses offline.
If you're tired of the random, cryptic addresses generated by regular groestlcoin clients, then VanitySearch is the right choice for you to create a more personalized address.
VanitySearch is a groestlcoin address prefix finder. If you want to generate safe private keys, use the -s option to enter your passphrase which will be used for generating a base key as for BIP38 standard (VanitySearch.exe -s "My PassPhrase" FXPref). You can also use VanitySearch.exe -ps "My PassPhrase" which will add a crypto secure seed to your passphrase.
VanitySearch may not compute a good grid size for your GPU, so try different values using -g option in order to get the best performances. If you want to use GPUs and CPUs together, you may have best performances by keeping one CPU core for handling GPU(s)/CPU exchanges (use -t option to set the number of CPU threads).

Features

Usage

https://github.com/Groestlcoin/VanitySearch#usage

Download

Source

ALL NEW! – Groestlcoin EasyVanity 2020

Groestlcoin EasyVanity 2020 is a windows app built from the ground-up and makes it easier than ever before to create your very own bespoke bech32 address(es) when whilst not connected to the internet.
If you're tired of the random, cryptic bech32 addresses generated by regular Groestlcoin clients, then Groestlcoin EasyVanity2020 is the right choice for you to create a more personalised bech32 address. This 2020 version uses the new VanitySearch to generate not only legacy addresses (F prefix) but also Bech32 addresses (grs1 prefix).

Features

Download

Source

Remastered! – Groestlcoin WPF Desktop Wallet (v2.19.0.18)

Groestlcoin WPF is an alternative full node client with optional lightweight 'thin-client' mode based on WPF. Windows Presentation Foundation (WPF) is one of Microsoft's latest approaches to a GUI framework, used with the .NET framework. Its main advantages over the original Groestlcoin client include support for exporting blockchain.dat and including a lite wallet mode.
This wallet was previously deprecated but has been brought back to life with modern standards.

Features

Remastered Improvements

Download

Source

ALL NEW! – BIP39 Key Tool

Groestlcoin BIP39 Key Tool is a GUI interface for generating Groestlcoin public and private keys. It is a standalone tool which can be used offline.

Features

Download

Windows
Linux :
 pip3 install -r requirements.txt python3 bip39\_gui.py 

Source

ALL NEW! – Electrum Personal Server

Groestlcoin Electrum Personal Server aims to make using Electrum Groestlcoin wallet more secure and more private. It makes it easy to connect your Electrum-GRS wallet to your own full node.
It is an implementation of the Electrum-grs server protocol which fulfils the specific need of using the Electrum-grs wallet backed by a full node, but without the heavyweight server backend, for a single user. It allows the user to benefit from all Groestlcoin Core's resource-saving features like pruning, blocks only and disabled txindex. All Electrum-GRS's feature-richness like hardware wallet integration, multi-signature wallets, offline signing, seed recovery phrases, coin control and so on can still be used, but connected only to the user's own full node.
Full node wallets are important in Groestlcoin because they are a big part of what makes the system be trust-less. No longer do people have to trust a financial institution like a bank or PayPal, they can run software on their own computers. If Groestlcoin is digital gold, then a full node wallet is your own personal goldsmith who checks for you that received payments are genuine.
Full node wallets are also important for privacy. Using Electrum-GRS under default configuration requires it to send (hashes of) all your Groestlcoin addresses to some server. That server can then easily spy on your transactions. Full node wallets like Groestlcoin Electrum Personal Server would download the entire blockchain and scan it for the user's own addresses, and therefore don't reveal to anyone else which Groestlcoin addresses they are interested in.
Groestlcoin Electrum Personal Server can also broadcast transactions through Tor which improves privacy by resisting traffic analysis for broadcasted transactions which can link the IP address of the user to the transaction. If enabled this would happen transparently whenever the user simply clicks "Send" on a transaction in Electrum-grs wallet.
Note: Currently Groestlcoin Electrum Personal Server can only accept one connection at a time.

Features

Download

Windows
Linux / OSX (Instructions)

Source

UPDATED – Android Wallet 7.38.1 - Main Net + Test Net

The app allows you to send and receive Groestlcoin on your device using QR codes and URI links.
When using this app, please back up your wallet and email them to yourself! This will save your wallet in a password protected file. Then your coins can be retrieved even if you lose your phone.

Changes

Download

Main Net
Main Net (FDroid)
Test Net

Source

UPDATED – Groestlcoin Sentinel 3.5.06 (Android)

Groestlcoin Sentinel is a great solution for anyone who wants the convenience and utility of a hot wallet for receiving payments directly into their cold storage (or hardware wallets).
Sentinel accepts XPUB's, YPUB'S, ZPUB's and individual Groestlcoin address. Once added you will be able to view balances, view transactions, and (in the case of XPUB's, YPUB's and ZPUB's) deterministically generate addresses for that wallet.
Groestlcoin Sentinel is a fork of Groestlcoin Samourai Wallet with all spending and transaction building code removed.

Changes

Download

Source

UPDATED – P2Pool Test Net

Changes

Download

Pre-Hosted Testnet P2Pool is available via http://testp2pool.groestlcoin.org:21330/static/

Source

submitted by Yokomoko_Saleen to groestlcoin [link] [comments]

Sharering (SHR) I believe this one is going to surprise so many. Already generating revenue and doing buybacks every week. Already over 10 000 registered users. Mainnet + app + masternodes and staking before EOY.

I got this stuff from Steve Aitchison, he wrote this review and posted it on Uptrennd. Figured I should put it on here as well since I truly believe this is an incredible moonshot. I'm personally holding SHR myself and am very convinced it will do extremely well.
Give a read through it and you will immediatly see why. Enjoy guys.
Introduction
Imagine for a second the following scenario. You are a 2 car family. One car is used every day going back and forth to work, for shopping, all the little jaunts you and your husband like to go on. Your grown children are at university and come home for the weekends so the other car sits in the driveway all week and doesn’t get used during the week. What a waste of a perfectly good car. You think to yourself we could put that car to good use and actually help to pay for university fees, by renting it out during the week. However, then you think “well it’s only a little Ford Fiesta who’s going to want to rent that.” Well, it turns out a lot of people want to rent it and for a good price: £34 ($40) per day, a possible $800 per month.
Peer to peer car sharing has grown massively over the last few years and people are making serious money by letting our vehicles on a daily basis, emulating the Airbnb model. In fact companies like Turo, Getaround and Drivy, which has just been acquired by Getaround for $300 Million, are bringing in serious investors like Toyota, Softbank Vision Fund, Menlo Ventures, and IAC to the tune of over $800 Million.
A key difference between rental companies and peer to peer is that they have vastly improved technology with app interfaces that make locating assets and resources, reserving and using them, and making payment convenient and seamless. This, combined with location-specific analytics, allows by-the-minute access to assets and resources (e.g. cars or bicycles) and enables customers to pick up and drop these assets where and when convenient.
Car sharing is just one example of an industry that is being disrupted. We have seen, experienced and read about the amazing growth of Airbnb which is now estimated to be valued at $38 Billion. Airbnb has been so successful that companies like booking.com are trying to get in on the act by adopting a similar model when it comes to booking accommodation.
There is also the phenomenal rise of bicycle rentals which we see in cities all over the world, not quite the same as peer to peer sharing, but it’s another rental model that is ripe for being disrupted by the new sharing model.
With this business model in mind what other areas could it be used in:
Transport: Used for the rental of cars, trucks, scooters, trailers, and even heavy vehicles. Delivery Drivers: Facilitate booking and payment for delivery drivers. Agriculture: Garden sharing, seed swap, bee-hive relocation, etc. Finance: Peer to peer lending Food bank, social dining Travel Tours, shared tour groups Real Estate Airbnb, co-housing, co-living, Couchsurfing, shared office space, house swapping. Time: Labour, co-working, freelancing Assets Book swapping, clothes swapping, fractional ownership, freecycling, toy libraries. Transportation Car sharing, ride-sharing, car-pooling, bicycle sharing, delivery company, couriers And so much more!
This newly emerging, but highly fragmented sharing industry, is currently worth over $100 billion. It is predicted to grow to at least $335 billion by 2025.
As you can see from a few examples above the sharing economy has a lot of room to grow but what it doesn’t have, yet, is a company who can facilitate ALL of the above use cases in one place.
That is until now!
ShareRing is disrupting the disruptors by bringing everything together in one place and making it easy for you and me to share anything and everything and making it as easy as opening an app on your phone.
Business Case
The sharing market has exploded over the last several years. This is due, in part, to the digital age we live in, as we now have over 2.82 Billion people with smart phones around the world. It also due to how easy the business model of sharing lends itself to the digital world, and how with the simple installation of an app we can access a plethora of markets to rent almost anything from.
Due to this rise of digital platforms and the proliferation of smartphones, revenues coming from sharing economy platforms are only expected to increase. It is estimated to grow to a $335 billion industry in 2025, compared to its $14 billion value in 2014. (PwC UK).
The beauty of the sharing economy is that it is a win/win/win situation for the person who wants to rent something for a few days or weeks, the person who is renting out, and the company who facilitates the ease of the transactions between the renter and the person renting out. Typically the renter will save a lot of money whilst renting out someone else’s apartment, car, bicycle, clothes, dog sitting services etc and they can almost be assured of quality due to the social side of the business model with reviews from real people. The person who is renting out can make additional income and will want good reviews and therefore keep the standard of service higher. The company that is facilitating all of this can make a lot of money on transaction fees, as well as from advertising, and partnership deals, and obviously have an exit strategy for possible buyouts.
When it comes to looking at the business model, ShareRing fits in to the Commission Based Platform as described in Ritter and Schanz study where they looked at the core difference in difference business models of the sharing economy: Singular Transaction Models, Subscription-Based Models, Commission-Based Platforms and Unlimited Platforms.)
Commission Based Platforms are dominated by (at least) triadic relationships amongst providers, intermediaries and consumers with a utility-bound revenue stream. These business models enable their customers to switch between provider and consumer roles by creating and delivering the value proposition. Only a few employees work for the intermediary and the value creation and delivery is externalized. From a consumer perspective, consumers are empowered to collaborate with each other and to design the collaboration terms by negotiating the terms and conditions of the content, creation, distribution and consumption of the value proposition. Depending on the orientation of the value proposition, consumers purchase commodities (Tauschticket, ebay), access commodities in a defined timespan (booking.com, Airbnb) or buy services (uber, turo) from occasional and professional providers found via an intermediary. The intermediary mainly focuses on nurturing a community feeling and reducing exchange insecurity by incorporating rating systems, micro-assurances and standardizations of payment and delivery into the platform. The platform mainly takes commissions for successful matching and executing trade. (Journal of Cleaner Production Volume 213, 10 March 2019, Pages 320-331)
The USP of the ShareRing Business Model
The USP that ShareRing has is that it brings all of the different forms of sharing together in one app through partnerships and onboarding of users.
No other company, to date, is bringing everything together in such a way. However there are other factors that make ShareRing unique, which we will look at.
Token Economics
SHR is a utility token and will be used to pay for transactions on the network, such as 'new booking', 'add asset', etc. SHR is used by providers to pay for their access to the ShareLedger blockchain, including the addition of assets, renting out of assets, adding attributes, adding smart contracts, and other features.
SharePay (SHRP) is used by customers to pay for the rental of assets.
Masternodes will also be a main feature of the SHR token. When a transaction fee is incurred, it will be distributed in a way that allows for masternode holders who provide a service to the platform to receive a reward from each transaction. Transaction fees are charged to sharing providers in SHR. The distribution of transaction fees will be as follows: 50% - will be distributed amongst the active masternode holders who host an active node on the blockchain at that point in time (these holders provide a service to the platform). The distribution will be based on a calculation of the Total Amount Staked and the total continuous uptime of the node. 50% - will be provided to ShareRing Ltd (view ShareRing owned masternodes) for various purposes that contribute to working capital and platform growth.
Leased Proof of Stake Consensus
ShareRing have chosen the Leased Proof-of-Stake protocol as the consensus algorithm for ShareLedger. This choice is based on the practicality and security benefits evident in the Waves platform. It is also much more cost effective than Proof-of-Work (POW), and will not suffer from the current issues Bitcoin and other POW cryptocurrencies are facing such as scalability and electricity consumption.
As explained above master nodes will be a main feature but there is the other feature of lightweight nodes. A user with a lightweight node will be able to stake their tokens to a full node of their choosing and participate in reaching consensus. They will also be free to cancel their leasing at any time as there are no contracts or freezing periods. The more tokens that have been staked in a full node, the higher the probability the node will have in producing the next block. Since the reward is given based on the total number of tokens staked in the full node, there will always be a trade-off between the size of the full node and the percentage of the reward. As an average user of the platform, you will not need to have technical knowledge on how to set up a node nor will you have to download the entire blockchain in order to stake your tokens. Only a user who sets up a full node will be required to do this, making it simpler than ever for users to earn a reward for supporting the platform.
The return expected for staking is expected to be around 6 - 8% although this has yet to be confirmed.
Buybacks
ShareRing are currently implementing a series of buybacks which started in the beginning of November:
The buyback operation is done at a random time during the week.
If there is enough liquidity, SHR tokens will be bought through a single market order at the time of buyback. In case there is not enough liquidity, a limit buy order at last sell order price will be placed on the market, and will remain open until it gets filled.
The buyback program was implemented to test the API purchase process for when live transactions occur on ShareLedger
The Buyback Program is expected to:
  1. Reduce the supply of ShareTokens available in both public and private markets
  2. Bring New capital and fund inflows into the Shareledger
  3. Substantially magnify value creation for the ShareToken holders
The Token Flow
ShareRing will bring in hundreds of merchants to list their rental products, either exclusively or as part of an aggregator system e.g. When you look at the likes of trivago.com they will list the best hotel prices from multiple merchants who are listed on their website. Essentially ShareRing will become part of the aggregator ecosystem and be listed on sites like trivago.com as well as have exclusive agreements with merchants who are listed directly on their app.
ShareRing’s USP is that they have everything on one place as well as their OneID module with means buyers can get a hotel, rent a car, rent their ski equipment, book events all through the one app and using the OneID.
With that in mind they are going to attract a lot of merchants.
This is where it gets exciting so pay attention to this part.
When a merchant is part of the ShareRing ecosystem and a buyer rents something from that merchant ShareRing will take a small % commission from that transaction. So say someone books a hotel for $100 for the night, ShareRing might take $0.50 as a commission. What ShareRing will then do is go to one of the exchanges that ShareRing (SHR) is listed on and buy SHR tokens directly using an API system using USDT.
Now, the actual commission has not been disclosed yet however if we assume even a 0.25% commission that means for every $100 Million worth of bookings made through the app will net ShareRing $250,000 which means buy backs of $250,000 for the SHR token, which increases the liquidity of SHR on the exchanges.
If you think $100 Million of bookings is a lot, booking.com customers book around 1.5 Million rooms per day, if we estimate an average of $50 per room that is $75 million of bookings PER DAY or $2 Billion worth of bookings per month.
This revenue coupled with revenue from OneID and eVOA makes ShareRing profitable almost from day one of the app going live.
OneID And eVOA
Another exciting development from the ShareRing team is the collaboration between ShareRings Self Sovereign Identity protocol and third party providers to bring OneID and eVOA which will utilise OneID
With the huge rise in E-commerce and with over 2.82 billion people who now own a smartphone we are entrusting our personal information to more and more centralised entities. These entities are frequently hacked and our information is leaked to outside parties.
ShareRing aims to tackle this with their service OneID module.
ShareRing’s OneID solution protects users' data by handling Know Your Customer (KYC) information through third parties and ShareRing’s Self Sovereign Identity Protocol. ShareRing does not hold any identifying information anywhere on its servers. It provides the ultimate security for the renter and also the provider, as the Protocol encrypts and stores your data in a secure manner within your device. Essentially, this means that it is near impossible for a hack or data leak to happen, simply because there is no centralized server of data for hackers to exploit.
The OneID module is very easy to use. The end-user needs to complete their ID submission only once, with the entire submission process requiring less than two minutes to complete. Once this step has been completed, the customers KYC is destroyed by the 3rd party document verification system and the OneID module allows merchants to verify a customer’s identity via a hashed verification packet, stored on the users device and ShareLedger. This removes the need for merchants to store or see personal information; safeguarding both merchants and users from fraud.
To create your ShareRing OneID, simply:
  1. Take a picture of your government ID document
  2. Take a selfie
  3. Confirm and submit your details
This is something I am really excited about for ShareRing and they already have made partnerships for other companies to use this feature which is another income stream for ShareRing.
eVOA
E-Visa On Arrival allows applicants to apply online and receive a travel authorisation before departure – this eVOA can be shown at dedicated Thailand immigration counters on arrival at major Thailand airports, allowing travellers to pass through in minutes.
OneID system is scheduled to become the lynchpin technology in Thailand’s electronic Visa On Arrival (eVOA) system; one of only two companies to partner with Thai authorities to provide this service. The new Visa system eliminates much of the hassle involved in entering the country:
This is a strong validation of the OneID system - immigration controls are some of the most scrutinized processes in any branch of government, and if the OneID solution can operate to their standards then it is truly business-ready. As explained by our COO, Rohan Le Page:
“We are providing our OneID product for Thailand e-VOA (Visa On Arrival) that allows 5 Million travellers from 20 countries including China and India to complete the visa process on their mobile through our app. This provides a streamlined immigration process that negates the need for an expensive and time-consuming process when you get off the plane. Additionally, fraud is mitigated with several extra layers of security in the back end including our blockchain (ShareLedger) consensus model that makes all data immutable and all but impossible to hack.”
Profit Margins on OneID
So how does ShareRing make money from OneID and eVOA?
With each application for an eVOA using the OneID module ShareRing will make an undisclosed commission. The e-VOA is available to citizens of 21 different countries and is intended for those who will be holidaying in Thailand and not working in the country.
This means that each eVOA will last for a period of around 15 days which effectively means that ShareRing will get commission multiple times from each person travelling to one of the 21 countries listed below:
Andorra, Bhutan, Bulgaria, China, Ethiopia, Fiji, India, Kazakhstan, Latvia, Lithuania, Maldives, Malta, Mauritius, Papua New Guinea, Republic of Cyprus Romania, San Marino, Saudi Arabia, Taiwan, Ukraine, Uzbekistan
The profits on this alone, according to projections, are worth millions of dollars per year to ShareRing, with a healthy growth of about 35% in raw profit over the next 5 years, ultimately netting the company about $1.5 million profit per quarter.
The ShareLedger Blockchain Platform
ShareRing will utilize the registered intellectual property from the existing KeazACCESS framework (KEAZ: A car sharing company founded by Tim Bos) as well as improving it the blockchain experience in their team.
It will consist of fo the primary elements:
SharePay (SHRP) – SharePay is the base currency that will allow users of the ShareRing platform to pay for the use of third party assets. ShareToken (SHR)
ShareToken (SHR) is the digital utility token that drives sharing transactions to be written to the ShareRing ledger that is managed by the ShareRing platform.
Account – This will be a standard account, which such an account being represented by a 24-byte address. The account will contain 4 general fields:
SHRP – SharePay token balance
SHR – ShareToken balance
ASSETS – linked/owned by the account (see below for definition of an Asset) ATTRIBUTES – Any additional attributes that are associated with this account. These attributes may be updated or added by Sharing Economy providers that utilise the ledger such as ID checks by rental companies. These attributes may be ‘global’ (i.e. used by any sharing providers) or ‘local’ (i.e. used by a specific sharing provider).
Assets – An asset represents a tangible real-world or digital asset that is being shared, such as a car, a house, industrial machinery, an e-book, and so on.
Smart Contracts – Similar to a number of other blockchain platforms, such as Ethereum and NEO, the ShareLedger blockchain will feature highly customisable smart contracts. These Smart Contracts will allow for decentralised autonomous applications that can be attached to an asset and/or account. Every smart contract will be Turing complete, meaning it will have the ability to implement sophisticated logic to manage the sharing of the assets. The smart contracts will be tested and reviewed by ShareRing in a sandbox as well as audited by reputable third-party code auditors prior to implementation.
Proof of Stake Consensus
ShareRing have chosen the Leased Proof-of-Stake protocol as the consensus algorithm for ShareLedger. This choice is based on the practicality and security benefits evident in the Waves platform. It is also much more cost effective than Proof-of-Work (POW), and will not suffer from the current issues Bitcoin and other POW cryptocurrencies are facing such as scalability and electricity consumption.
The ShareRing App
At the heart of the ShareRing project lies the ShareRing app:
A universal ‘ShareRing’ app is being developed that will allow anyone to easily see and use any sharing services around them. Each partner will have the option of developing a ‘mini’ app within the ShareRing app that will have functionalities specific to that partner. The app will use geolocation-based services to display the ShareRing services that are nearby
Social Media Presence
Coming from a social media background I feel this is an extremely important area to look into, especially in the crypto world.
ShareRing has done an okay job in growing their social media presence however I feel it could be much better. Here is a look at some of the key stats for their online social media presence:
Youtube: 191 Subscribers Instagram: 238 Followers Linkedin: 376 Followers Telegram: 6,525 members (very active) Twitter: 2,216 Followers (Fairly regular updates) Facebook: 1,965 Followers
Whilst social media may not be a priority just now I feel there has to be a big presence with image-based platforms and video-based platforms. Youtube and Instagram should be made a priority here as it spans all generations:
Other News on ShareRing
There is a lot of stuff going on at the moment with ShareRing which is what makes it an exciting prospect. Rather than give information on each of them here are some highlights provided by the ShareRing team.:
- ShareRing's revolutionary ID management based module OneID.
- Worlds first Blockchain based eVOA in place with major Thai company targeting 5 to 10 million travellers from 20 countries.
- 2.6 million International Hotels/ Accommodation coming on to the Platform. Lots more to come!
- Partnership with HomeAway
- 200,000 Activites, Tours and Events added to the ShareRing App
- Multi Global Car Sharing Partnerships
- 1 Partner Directly Integrating SHR's OneID consisting of 1.2 million Vehicles across 150 Countries
- Luxury Car Brand Sharing Platform purely based on SHR
- SHR payment system SHRP available in 10% Taxi Terminals in Australia
- SHRP available in 10,000 EFTPOS Terminals Australia wide
- White Labelling Services incorporating ShareRings revolutionary OneID
- 20 Significant Unannounced Partnerships, more to come!
- Major Partners include -
- BYD (Largest Electric Car Maker in the World)
- DJI (Largest Drone Maker in the World)
- Keaz (300 locations around the world)
- Yogoo EV Car Sharing
- MOBI Alliance Member
Overview of Positives and Negatives
Negatives
Social Media and marketing possibly needs to be ramped up in order to bring more awareness to the project.
The roadmap and white paper has not been updated recently for 2019/2020 but this I believe is coming soon.
Positives
With a low market cap project like ShareRing the risk to reward ratio is very good for retail and institutional investors.
Technical analysis of current prices, currently at 31 Satoshi, is also very good with resistance levels at 50, 77 and 114 Satoshi which would be nearing its all time high.
Referral program will increase the numbers of users that are currently using the site.
If ShareRing can capture even a small % of the overall sharing market then success looks assured.
There are 20 new announcements coming up and with Tim Bos looking for more partnerships it seems likely that ShareRing will break ATH prices soon.
Great long term hold, in my opinion.
Realistic Expectations of ROI
Short term (4 weeks - 12 weeks)
Short term looks great for ShareRing both from a TA point of view and a fundamental point of view.
With lots of news still to come out about ShareRing there is not going to be a shortage of fundamentals to drive the price up. From a TA point of view the next line of resistance stands at around the 50 Satoshi level which would complete a massive cup and handle formation from August 24th of this year. After that we are looking at resistances of 77 and 114 to reach near the all time highs which i expect ShareRing to reach going into 2020.
Long term (6 Months - 2 Years)
If ShareRing can onboard users and keep on making partnerships at the same rate there will be no stopping it. It’s all about onboarding the users and utilising the most powerful marketing tool ever - word of mouth!
When a great app is realised with great and useful functionality then it tends to go viral and I am hoping this happens for ShareRing.
With a market cap at the moment of just under $6 Million then I don’t think it’s crazy to talk about 1000% increases in the next 2 years and I really believe that is being extremely conservative, given where we think crypto is heading as a whole.
submitted by Grills93 to CryptoMoonShots [link] [comments]

Feature Request: Bitcoin.com wallet

Pinging memorydealers. I don't know another avenue to ask this, so I'm doing it on reddit. Apologies to all for the inconvenience.
FEATURE REQUEST: Please allow import of raw private key into Bitcoin.com wallet. Please support the common key export formats from other wallets, like Core-derived wallets (ABC/BU) and Electron Cash, etc.
The use-case for me is to manage my local.bitcoin.com wallet from my phone. Easier to keep track of it, fund it, etc.
In fact, seems like would be good if the Bitcoin.com wallet integrated into *.bitcoin.com services seamlessly. UX is key for adoption, IMO.
Thanks.
PS: I believe your wallet can send/receive "twice as fast" as now, from a UX perspective by simple alteration of payment workflow.
By altering your payment workflow from authorize -> build -> sign -> broadcast to build -> sign -> authorize -> broadcast.
You can be pre-build and pre-sign the transaction in the background as the phone is doing the screen transitions and awaiting fingerprint/password. Once authorized, the transaction can be instantly broadcast.
From a users perspective, the physical authorization and receive events will look near instant. Good for photo ops.
NOTE: if you do perform this optimization on your wallet, please ensure your devs place the pre-built transaction in a region of secure memory on the device. This is to prevent the (unlikely) attack of malware reading the app's memory to get a copy of the unauthorized but signed transaction. Very low risk and unlikely attack.
submitted by HermanSchoenfeld to btc [link] [comments]

The BCH blockchain is 165GB! How good can we compress it? I had a closer look

Someone posted their results for compressing the blockchain in the telegram group, this is what they were able to do:
Note, bitcoin by its nature is poorly compressible, as it contains a lot of incompressible data, such as public keys, addresses, and signatures. However, there's also a lot of redundant information in there, e.g. the transaction version, and it's usually the same opcodes, locktime, sequence number etc. over and over again.
I was curious and thought, how much could we actually compress the blockchain? This is actually very relevant: As I established in my previous post about the costs of a 1GB full node, the storage and bandwidth costs seem to be one of the biggest bottlenecks, and that CPU computation costs are actually the cheapest part, as were able almost to get away with ten year old CPUs.
Let's have a quick look at the transaction format and see what we can do. I'll have a TL;DR at the end if you don't care about how I came up with those numbers.
Before we just in, don't forget that I'll be streaming today again building a SPV node, as I've already posted about here. Last time we made some big progress, I think! Check it out here https://dlive.tv/TobiOnTheRoad. It'll start at around 15:00 UTC!

Version (32 bits)

There's currently two transaction types. Unless we add new ones, we can compress it to 1 bit (0 = version 1; and 1 = version 2).

Input/output count (8 to 72 bits)

This is the number of inputs the transaction has (see section 9 of the whitepaper). If the number of inputs is below 253, it will take 1 byte, and otherwise 2 to 8 bytes. This nice chart shows that, currently, 90% of Bitcoin transactions only have 2 inputs, sometimes 3.
A byte can represent 256 different numbers. Having this as the lowest granularity for input count seems quite wasteful! Also, 0 inputs is never allowed in Bitcoin Cash. If we represent one input with 00₂, two inputs with 01₂, three inputs with 10₂ and everything else with 11₂ + current format, we get away with only 2 bits more than 90% of the time.
Outputs are slightly higher, 3 or less 90% of the time, but the same encoding works fine.

Input (>320 bits)

There can be multiple of those. It has the following format:

Output (≥72 bits)

There can be multiple of those. They have the following format:

Lock time (32 bits)

This is FF FF FF FF most of the time and only occasionally transactions will be time-locked, and only change the meaning if a sequence number for an input is not FF FF FF FF. We can do the same trick as with the sequence number, such that most of the time, this will be just 1 bit.

Total

So, in summary, we have:
Nice table:
No. of inputs No. of outputs Uncompressed size Compressed size Ratio
1 1 191 bytes (1528 bits) 128 bytes (1023 bits) 67.0%
1 2 226 bytes (1808 bits) 151 bytes (1202 bits) 66.5%
2 1 339 bytes (2712 bits) 233 bytes (1861 bits) 68.6%
2 2 374 bytes (2992 bits) 255 bytes (2040 bits) 68.2%
2 3 408 bytes (3264 bits) 278 bytes (2219 bits) 68.0%
3 2 520 bytes (4160 bits) 360 bytes (2878 bits) 69.2%
3 3 553 bytes (4424 bits) 383 bytes (3057 bits) 69.1%
Interestingly, if we take a compression of 69%, if we were to compress the 165 GB blockchain, we'd get 113.8GB. Which is (almost) exactly the amount which 7zip was able to give us given ultra compression!
I think there's not a lot we can do to compress the transaction further, even if we only transmit public keys, signatures and addresses, we'd at minimum have 930 bits, which would still only be at 61% compression ratio (and missing outpoint and value). 7zip is probably also able to utilize re-using of addresses/public keys if someone sends to/from the same address multiple times, which we haven't explored here; but it's generally discouraged to send to the same address multiple times anyway so I didn't explore that. We'd still have signatures clocking in at 512 bits.
Note that the compression scheme I outlined here operates on a per transaction or per block basis (if we compress transacted satoshis per block), unlike 7zip, which compresses per blockchain.
I hope this was an interesting read. I expected the compression ratio to be higher, but still, if it takes 3 weeks to sync uncompressed, it'll take just 2 weeks compressed. Which can mean a lot for a business, actually.

I'll be streaming again today!

As I've already posted about here, I will stream about building an SPV node in Python again. It'll start at 15:00 UTC. Last time we made some big progress, I think! We were able to connect to my Bitcoin ABC node and send/receive our first version message. I'll do a nice recap of what we've done in that time, as there haven't been many present last time. And then we'll receive our first headers and then transactions! Check it out here: https://dlive.tv/TobiOnTheRoad.
submitted by eyeofpython to btc [link] [comments]

AMA: Ask Mike Anything

Hello again. It's been a while.
People have been emailing me about once a week or so for the last year to ask if I'm coming back to Bitcoin now that Bitcoin Cash exists. And a couple of weeks ago I was summoned on a thread called "Ask Mike Hearn Anything", but that was nothing to do with me and I was on holiday in Japan at the time. So I figured I should just answer all the different questions and answers in one place rather than keep doing it individually over email.
Firstly, thanks for the kind words on this sub. I don't take part anymore but I still visit occasionally to see what people are talking about, and the people posting nice messages is a pleasant change from three years ago.
Secondly, who am I? Some new Bitcoiners might not know.
I am Satoshi.
Just kidding. I'm not Satoshi. I was a Bitcoin developer for about five years, from 2010-2015. I was also one of the first Bitcoin users, sending my first coins in April 2009 (to SN), about 4 months after the genesis block. I worked on various things:
You can see a trend here - I was always interested in developing peer to peer decentralised applications that used Bitcoin.
But what I'm best known for is my role in the block size debate/civil war, documented by Nathaniel Popper in the New York Times. I spent most of 2015 writing extensively about why various proposals from the small-block/Blockstream faction weren't going to work (e.g. on replace by fee, lightning network, what would occur if no hard fork happened, soft forks, scaling conferences etc). After Blockstream successfully took over Bitcoin Core and expelled anyone who opposed them, Gavin and I forked Bitcoin Core to create Bitcoin XT, the first alternative node implementation to gain any serious usage. The creation of XT led to the imposition of censorship across all Bitcoin discussion forums and news outlets, resulted in the creation of this sub, and Core supporters paid a botnet operator to force XT nodes offline with DDoS attacks. They also convinced the miners and wider community to do nothing for years, resulting in the eventual overload of the main network.
I left the project at the start of 2016, documenting my reasons and what I expected to happen in my final essay on Bitcoin in which I said I considered it a failed experiment. Along with the article in the New York Times this pierced the censorship, made the wider world aware of what was going on, and thus my last gift to the community was a 20% drop in price (it soon recovered).

The last two years

Left Bitcoin ... but not decentralisation. After all that went down I started a new project called Corda. You can think of Corda as Bitcoin++, but modified for industrial use cases where a decentralised p2p database is more immediately useful than a new coin.
Corda incorporates many ideas I had back when I was working on Bitcoin but couldn't implement due to lack of time, resources, because of ideological wars or because they were too technically radical for the community. So even though it's doesn't provide a new cryptocurrency out of the box, it might be interesting for the Bitcoin Cash community to study anyway. By resigning myself to Bitcoin's fate and joining R3 I could go back to the drawing board and design with a lot more freedom, creating something inspired by Bitcoin's protocol but incorporating all the experience we gained writing Bitcoin apps over the years.
The most common question I'm asked is whether I'd come back and work on Bitcoin again. The obvious followup question is - come back and work on what? If you want to see some of the ideas I'd have been exploring if things had worked out differently, go read the Corda tech white paper. Here's a few of the things it might be worth asking about:
I don't plan on returning to Bitcoin but if you'd like to know what sort of things I'd have been researching or doing, ask about these things.
edit: Richard pointed out some essays he wrote that might be useful, Enterprise blockchains for cryptocurrency experts and New to Corda? Start here!
submitted by mike_hearn to btc [link] [comments]

BTC Lightning Network -vs- BCH Coffee Shop simulation

TLDR;

View this gist. It's a python program that runs through various TXN simulations to compare fees of various coins and wallets. Rates are based on late June pricing. Jump to Results section below.

Lighting network simulator

This is a very simple python program that will simulate a few conditions. For the ground work lets set up an Alice and Bob story.
Bob's friend Alice sets up a coffee shop. She is going to start taking cryptocurrency at the coffee shop, so she is set up to accept Bitcoin Cash (BCH) and Bitcoin Core via Lightning (BTCLN). Bob has a substantial holding in both BTC and BCH, though it is all in cold storage in a HW wallet. He does have a Coinbase account but is always very careful to calculate trading fees. So now Bob wants to determine what would be the best way to get ready to move his daily coffee patronage to Alice's shop.
Looking over his past expenses on morning coffee, he decides that 20,000 satoshis (BTC) should be a nice round number for lattes and perhaps 19,000 for coffee. Since BTC is trading at $10,600, his budget in terms of fiat comes out to just about $2 a day. With his budget in hand, he goes about reviewing the BCH and BTCLN payment options. He suspects BTC (mainnet) is too costly since he doesn't want to leave Alice with low priority economical transactions to chase.

Bitcoin Cash

His simplest solution of course is just to move BCH from his HW wallet (cold) to his mobile wallet (hot), but he wants to keep his BTC and BCH accounts fairly balanced and doesn't want to deplete his BCH funds entirely. He also wants to pay Alice in both BCH and BTCLN since she seemed excited about her new Point Of Sale system. He had thought about converting some of his BTC to BCH, though he realizes that there is always a cost for this on Coinbase (usually 0.15%).

Eclair LN Wallet

The next wallet Bob looked at was the Eclair mobile LN wallet. This would be simplest to fund with BTC which of course would have costs in moving funds from his HW wallet to Eclair, and then even more costs opening and closing a channel. He also noted on the github for the project that many LN wallets do not allow fees to be set on channel close operations. This might get costly as market fee rates rise.

Wallet of Satoshi, funded by a BTCLN exchange.

Another popular LN solution is Wallet of Satoshi (WoS). WoS seems like a simple solution since it doesn't have the same constraints on incoming and outgoing capacity like Eclair does. There is also no need to do any complicated channel setup since it is custodial and that is all just handled. Bob does realize that WoS funding options might be costly. He researches ways to load and unload WoS using the FixedFloat exchange as well as the bitrefill Thor channel services.

FixedFloat for BCH funding and withdrawals from WoS

As noted before with WoS, LN transactions are seamless enough, but WoS has no way to convert funds back to BTC. For this we have to use a LN exchange. FixedFloat is a fairly reasonable exchange offering competitive exchange rates and a 0.5% fee. To convert funds from BTC, WoS has offers a comptitive rate of 0.3%, so obviously this is the simplest way to fund the wallet.

Bitrefill for BTC funding

Although not a verify competitive option, the Bitrefill funding option is included here just to see how it stacks up to the others.

Results

I've included two runs of the simluator in LibreOffice format. They should be viewable in Google Sheets, Excel or LibreOffice

Latte (without bugfix)

This simulated buying lattes (20k sat) and compared the cost of using various wallets. Important inflection points that were found:

Coffee (with bugfix)

This simulated buying coffees (19k sat) and compared the cost of using various wallets. Important inflection points that were found. This simulation did assume that the expensive channel close bug in Eclair was fixed:

Files

Usage

To run this, do the following:
  1. git clone https://gist.github.com/brianddk/1f339832a677aa941c7c16a7aeac8735 lnsim to get files.
  2. Edit lnsim.py and update the defines at the top of the file to your liking
  3. python3 lnsim.py > results.csv or python.exe in windows
  4. Open results.csv in LibreOffice, Excel, or Google Sheets
Brought to you by u/MoonNoon
submitted by brianddk to btc [link] [comments]

Just spent about 12 hours figuring out my tax liabilities with bitcoin.tax. Here is how it went...

I have been reading more lately about all the US tax liabilities that can come into play in the crypto world and have started worrying about how much I would owe for 2017. I was starting to lose some sleep on the matter and finally decided to organize all of my activity once and for all. I figured I'd write this post for other people who might want to find out what I have learned in this process. I am filing in the US, but some of this might apply to people in other countries as well.
If you have just bought and HODL'd then it will probably be much simpler for you. But if you have done ICOs and any trading and are worried about this stuff, don't worry too much. Its totally possible to get yourself organized with a little bit of work.
Background
Bought my first ETH in Feb '17 from Coinbase and since then:
The Tools
The best place to get started is bitcoin.tax
Referral Link
Normal Link
I signed up for the 1 year plan for $19.95 (they also accept crypto) and believe me its worth every penny. You can use it for free, but are limited to 100 items (I ended up having > 1500). It really does almost everything for you, so you don't have to worry about figuring out the cost basis yourself. The only time USD was involved was buying via coinbase, everything else was handled as a token to token trade.
Microsoft Excel or Google Sheets is a must if you are doing any trading on the non-supported exchanges because you might have to massage the data into the correct format.
Etherscan
Unfortunately, for some trades and the ICOs, I had to go directly to Etherscan to track down the data.
DeltaBalances
This is a lifesaver for tracking trades made on ED. I wasn't able to get the export feature working, but copy/pasting the table into Excel was fine.
Html Table to CSV
If you are having trouble copy/pasting table data this comes in handy. You can just copy the raw table HTML from Chrome Dev Tools and get a nice CSV.
Exchanges
I am only going to list the exchanges I use and how I was able to get the data into bitcoin.tax. But regardless of the method, make sure you verify all the data that was imported. The system did a bad import on my Bitfinex data and I had to wipe it and reimport because it was missing a bunch of rows.
All the importing is done on the trading tab of bitcoin.tax. Some exchanges require you to download a .csv file from the exchange website, and some have direct API access. Just follow the tutorials on bitcoin.tax for each exchange.
The Easy Ones
Bitcoin.tax supports API data pulls for these exchanges: Bitfinex, Coinbase, GDAX, Kraken. For these, I still recommend going to the exchanges and downloading a copy of your history for your personal records.
You need to login to the exchange and download trade history and then use bitcoin.tax's import tool for these: Binance, Bittrex, Poloniex
The Tough Ones
Trades made on Etherdelta present a bit of a challenge. There is no direct import into bitcoin.tax so you will have to manually compile a CSV and import it to their system. They give you a template to follow with the required data and it will require a bit of "massaging" to get the ED data to the correct format. For this is it extremely helpful to use DeltaBalances. For each wallet you use you will need to check the trade history and go back a sufficient number of days to cover your trading history. Warning, it might take a long time for this process to finish and it isn't 100% reliable. When I ran it, it needed to download > 200MB worth of data for the 260 days I went back. My suggestion is to run it a few times to validate the results. You will need to run it for each wallet you use to trade on ED. Once you get the results, you can try copy/paste the table into Excel and then format the columns to match.
Liqui was the biggest pain in the ass of them all. If you traded a lot on Liqui, be prepared for some pain because they have no export and only show you the history of 1 pair at a time (and only the last 30 trades!). Liqui has over 250 trading pairs so if you forgot what you traded, you will tediously have to go through each pair to check. I couldn't bear this, so I ended up coding a custom script to query all 250 trading pairs and dump out the data for me, then I had to import that into Excel and format it to match the bitcoin.tax template.
Kucoin wasn't too bad. They don't have an export function, but you can copy paste the tables into Excel and massage the data there.
I did a few trades with OasisDEX but when I went there it didn't have any of my history, so I had to manually cobble that together from looking at Etherscan. Luckily it was only a few trades or else this would have been very tedious.
ICOs
Like I mentioned, I participated in something like 20 ICOs this last year. Unfortunately I have no records of any of them. In bitcoin.tax I handled these as just another trade. In order to track down the ICOs I participated in, I was forced to use Etherscan and go through my whole transaction history looking for them. In order to add the trades manually in bitcoin.tax you need the Date, the # of ETH you spent and the # of tokens you received. It's not super difficult, but just very tedious. One that threw me for a curve ball was RedPulse. This was a NEO ICO, but adding a trade manually doesn't yet support NEO as a currency. The workaround for this is putting it into a CSV and importing it that way. In fact, if I was to do this again, I would have built a CSV for all the ICOs and just imported it that way rather than inputting them one-by-one.
Airdrops
I treated airdrops as "Gifts/Tips" under the income tab. I had to find these through Etherscan.
Verifying the data
In order to verify that all seemed right and there are no problems, there are two things that I was working toward:
Conclusion
Overall, although there was some tedious parts, this was a really good exercise. Going through my entire history gave me some great insight on how my strategies played out (ICOs were great / I suck at trading). As far as the taxes themselves, it turned out to be a lot more than I was expecting, but considering the gains I am not too sad. Going into this next year I am going to make some changes. First of all, I will probably stop trading as much. It just wasn't that successful for me and created a lot of work and taxes on top of that. Secondly, I really want to try and stay away from exchanges that don't (or don't plan to) offer history exports. Third, I will probably hold most of my unsold ICOs for at least a year so as not to be liable for short term gains. Lastly, I will keep better records as I go along so I don't have to do so much digging for next tax season.
I hope this can help some of you guys figure this out and I would love to hear any additional tips from those of you who have gone through this.
Edit: A couple other hiccups that I just remembered. Some tokens change their symbol, this can cause some havoc, I had done some trades in MyriadCoin as MYR then it changed to something else and it got all wacky. Updating the old token symbol to the new one seemed to do the trick. Also, to add to the Liqui woes, I had bought some BCAP way back in the day, but it got delisted so there is no way I found through the UI to get that information. The only way I found out I had actually done that trade was that the script I coded iterated through every possible trading pair and only then it was uncovered.
Edit #2: I got a request for the liqui ruby script
submitted by GenghisJuan to ethtrader [link] [comments]

OP_CHECKDATASIG is copying Blockstream, and is inferior to OP_DATASIGVERIFY

Hi all,
Bitcoin-ABC's implementation of Bitcoin Cash is set to hard fork on November 18th, activating a bunch of features aimed at enhencing the usability of the currency.
One of the proposed improvements is OP_CHECKDATASIG, which can be used to run a verify operation on a (signature, message hash, pubkey) triplet. By itself, this is an extremely useful opcode to have. It allows one to embed an arbitrary message to the transaction, and these messages can then be used in applications external to the chain, or as an way to allow delegated signatures on top of the script itself that is being verified. Pretty cool.
OP_CHECKDATASIG is also exceptional for a different reason. In particular, it is an almost exact line-by-line copy of a little-known, yet fairly mature opcode called OP_CHECKSIGFROMSTACK, implemented here : https://github.com/ElementsProject/elements/commit/c35693257ca59b80659cfc4a965311f028c2d751#diff-be2905e2f5218ecdbe4e55637dac75f3R1328
For those who haven't been following, Elements is a project created by Blockstream, and elements alpha is a sidechain where experimental features can be added and tested. This commit from October 2016 shows (among other things) the addition of OP_CHECKSIGFROMSTACK to the elements alpha chain. Compared to the recent addition of OP_CHECKDATASIG to the bitcoin-abc client, the similarity is obvious : https://reviews.bitcoinabc.org/source/bitcoin-abc/change/mastesrc/script/interpreter.cpp;9ba4bfca513d6386ee3d313b15bdd4584da7633d
On the other hand, consider Bitcoin Unlimited's OP_DATASIGVERIFY : https://github.com/BitcoinUnlimited/BitcoinUnlimited/commit/1bf53307cab5d96076721ef5a238a63b03aca07d#diff-be2905e2f5218ecdbe4e55637dac75f3R970
This looks more like an independent development. It allows the same functionality as OP_CHECKDATASIG, but it does so in a way which is more transparent and also accessible for normal users. What I mean by that is, recall the verification parameters passed to OP_CHECKDATASIG, these were (signature, message hash, pubkey). For OP_DATASIGVERIFY, the parameters are slightly different: (signature, message, pubkey hash). The difference is subtle, but important. OP_DATASIGVERIFY follows the same design pattern as the widely known signmessage and verifymessage features that are implemented by various wallets (and in use by services like https://vote.bitcoin.com/ ). That is, a raw message is signed for and published by the user to the world, and independent verifiers are able to match the published signature and message to a specific pubkey hash - the data that makes up the user's on-chain address. If you've ever used this message signing and verifying feature of your wallet, you probably know how useful it can be. In contrast, OP_CHECKDATASIG verifies a message hash, not a plaintext message, against a pubkey, not a public address. This means that for a verifymessage-like operation, the script used in the transaction would become quite cumbersome:

  OP_HASH256[1]  OP_DUP OP_TOALTSTACK[2] OP_CHECKDATASIGVERIFY[3] OP_FROMALTSTACK OP_HASH160[4]  OP_EQUALVERIFY 

  1. We want to publish a plaintext message, but we have to "feed" its hash to OP_CHECKDATASIGVERIFY, so we have to use an OP_HASH256
  2. The pubkey we provide for verification will be "used up" by OP_CHECKDATASIGVERIFY, so we must both duplicate it and keep the copy in altstack
  3. OP_CHECKDATASIGVERIFY behaves exactly like OP_CHECKDATASIG, except that it fails the entire script immediately if the signature fails to verify
  4. We have the pubkey, but we still have to check that its hash matches the address, so we use OP_HASH160 and test for equality. Note that this means that we have to publis both public key /and/ its hash in the same transaction. Almost too wasteful.

Using OP_DATASIGVERIFY instead, the script is simply:
   OP_DATASIGVERIFY 

Hashing of the plaintext message is done internally by the OP_DATASIGVERIFY operation, and the same is also true for the hashing of the resulting public key against the provided pubkey hash (the data that makes up the address). A second not-so-obvious difference is the actual content of in the two scripts. For the OP_DATASIGVERIFY script, this message is actually parsed and verified using the exact same format as verifymessage in the wallet. This means that services like blockchain explorers can then simply decode the data in such a transaction and present it to users in a manner that enables them to run local verification of the message using their own wallet, simply by copy+pasting the information! Using OP_CHECKDATASIG instead, the does not follow the same semantics and format as the one in verifymessage, and no wallet exists today which support such a verifying operation in the UI. It is also hard to expect something like verifydatasigmessage to be implemented on absolutely all wallets.
I think it benefits of OP_DATASIGVERIFY when measured against OP_CHECKDATASIG are obvious, and am curious to hear your opinions.
submitted by moosapor to btc [link] [comments]

KYC-Tezos wallets vulnerable to "blind sig" attack

KYC-Tezos wallets vulnerable to
Summary
Most KYC-Tezos wallets we tested are vulnerable to a simple yet catastrophic attack that can lead to loss of all funds on wallet (blind signature vulnerability). These wallets connect to a server (the RPC node) but they do not build the raw tx like normal cryptocurrency wallets, nor do they check the binary provided by the RPC before signing it. Should the RPC get hacked (or turn malicious) it will provide clients a malicious tx to sign: with no way to parse the binary, the unsuspecting user will sign a tx which sends 100% of their funds to the attacker's address. (Update: since publishing this post some wallets have fixed the issue, see table below)

Ledger
Ledger users are not safe. This video shows how funds can be stolen from a Ledger device.

Demo
To demonstrate the vulnerability we also expose a malicious RPC to test your wallet against it (warning: funds could be lost).


Vulnerable wallets

RPC address WHOIS record Can set custom RPC? Vulnerable?
Atomic n/a n/a No Yes
Galleon tezos-prod.cryptonomic-infra.tech Anonymous (Panama) Yes No (fixed in 0.7.0b+)
Guarda mainnet.tezrpc.me Anonymous (US) No Yes
Kukai mainnet.tezrpc.me Anonymous (US) No No
Librebox mainnet.tezrpc.me Anonymous (US) Yes No
Magnum tezos.mgnm.rocks (updated) Anonymous (Russia) No No (fixed in v137+)
T3Wallet n/a n/a No Yes
Tezbox Web mainnet.tezrpc.me Anonymous (US) Yes No (fixed)
Tezbox Chrome mainnet.tezrpc.me Anonymous (US) Yes No (fixed in 13.0.0)
Tezbox MacOs mainnet.tezrpc.me Anonymous (US) Yes No (fixed in 4.0.0+)
Tezbox Windows mainnet.tezrpc.me Anonymous (US) Yes No (fixed in 4.0.0+)
Tezos Blue n/a n/a No No (fixed in v0.4.3+)
TezBridge mainnet.tezbridge.com Anonymous (Panama) Yes Yes
WeTez n/a n/a No Yes

Why it matters
Cryptocurrency wallets were meant to be trustless, but most KYC-Tezos wallets are not. When you're signing any tx with these wallets you're trusting the server (RPC) to send your money where you actually want it to go. Even if you trust the sourcecode of your wallet and are not using a web wallet, you're still vulnerable. The RPC you rely upon could turn malicious (e.g. be hacked) at any moment in time, with no way for you to detect it.

How the attack works
  1. RPC turns malicious (e.g. gets hacked)
  2. Wallet securely connects to malicious RPC via HTTPS
  3. Wallet provides JSON of tx to build
  4. RPC provides malicious binary sending funds to attacker's address
  5. Wallet blindly signs binary
  6. RPC broadcasts tx: funds are now lost

In a variant of the attack, the unsuspecting user will set a malicious RPC as custom RPC in their wallet. There are multiple ways someone could be tricked to do that (see Electrum hack below).

Causes
More than wallet developers themselves, we deem KYC-Tezos developers inadequacy and lack of understanding of an adversarial environment as the culprit for this simple yet potentially catastrophic vulnerability.
1.Wrong design
The RPC exposes a JSON API to build the tx, which is then provided to the client for signing, and returned to the RPC for broadcast. This is not how a blockchain wallet should work: txs should be built and signed locally, and only then pushed to a server.
2.OCaml binary with no serialization specs
In the KYC-Tezos APIs there is no spec for the transaction binary format. tezos-data-encoding is the library responsible for encoding a tx, so the tx format is tightly coupled with the the serialization of OCaml objects. An OCaml binary with no spec is what led GUI wallet developers, who are not using OCaml, to just trust the binary provided by the RPC instead of parsing and checking it.

A secure channel with your attacker
SSL security between client and server won't help: if the RPC turns malicious, it will first establish a secure connection as usual and then provide a malicious tx to sign. Hiding in plain sight, KYC-Tezos APIs actually hint [1] to the vulnerability. The "solution" they suggest is securing the connection, which as already explained does not solve the issue at all while providing users a false sense of security.

Hiding in plain sight: a hint from KYC-Tezos APIs

What happened to Electrum
Recently more than $750,000 were stolen by an attacker spawning malicious Electrum servers and stealing BTC from Electrum users. [2][3]
The attack succeeded despite Electrum being way more secure than KYC-Tezos wallets: with Electrum the tx is generated by the client and not by the server.

Malicious RPC demo
Set this custom RPC in your wallet to test the vulnerability:
https://demo.tzlibre.io/malicious/ 
WARNING: IF YOUR WALLET IS VULNERABLE FUNDS WILL BE LOST AND SENT TO FOUNDATION BAKER 1 (tz3RDC3Jdn4j15J7bBHZd29EUee9gVB1CxD9)
As safety measure this demo RPC only manipulates recpient's address, and not the transaction amount as well.
If your wallet is vulnerable and not listed above yet, please let us know.

How we fixed it
We fixed the vulnerability in LibreBox by checking portions of the tx (such as destination address, amount, etc) after a reverse-engineering of the tx format itself.

Suggested next steps
  • KYC-Tezos users: do not sign any tx with a vulnerable wallet until the vulnerability is addressed.
  • Wallet developers: immediately start warning your users of the danger, until binary txs are parsed and checked. If you resolved the issue or if your wallet is not listed, feel free to contact us to update this post.
  • Tezos Foundation: immediately release specs for the binary tx format, and improve documentation to a more decent standard.

Update (1/14/2019): in a previous version of this post Kukai was wrongly listed as vulnerable. Kukai has never been vulnerable to the attack. Tezbox Web has fixed the vulnerability, while Tezbox Chrome, Tezbox MacOs, Tezbox Windows remain vulnerable.
Update (1/15/2019): Magnum has fixed the vulnerability in v137 and changed the RPC from mainnet.tezrpc.me to tezos.mgnm.rocks
Update (1/16/2019): Tezos Blue has fixed the vulnerability on Github [4], but their 3 apps remain vulnerable to date.
Update (1/17/2019): TezBox has fixed the vulnerability on Chrome, MacOs, Windows. Tezos Blue has fixed the vulnerability on all 3 apps with v0.4.3
Update (1/18/19); Galleon has fixed the vulnerability in version 0.7.0b

References
[1] https://tezos.gitlab.io/alphanet/introduction/various.html#signer
[2] https://github.com/spesmilo/electrum/issues/4968
[3] https://www.zdnet.com/article/users-report-losing-bitcoin-in-clever-hack-of-electrum-wallets/
[4] https://github.com/tezos-blue/client/commit/7eb335df64f4b72706fa2252dd369edca903ee93
submitted by tzlibre to tzlibre [link] [comments]

Constructing a Bitcoin transaction using python - 3/5 m1xolyd1an - YouTube How To Build Raw Bitcoin Transactions in NodeJS - YouTube Blockchain tutorial 27: Bitcoin raw transaction and transaction id How To Get Your Bitcoin Transaction Confirmed with CPFP ...

What is a raw transaction. Nothing special, just a Bitcoin transaction where the user completely controls every component, instead of letting the wallet choose the input coins, the fees and the change address. Raw transactions are easy to construct using Electrum commands, or using coinb.in, and more difficult using bitcoin-cli commands The "raw transaction API" was introduced with Bitcoin-Qt/bitcoind version 0.7. It gives developers or very sophisticated end-users low-level access to transaction creation and broadcast. JSON-RPC API listunspent [minconf=1] [maxconf=999999] Returns an array of unspent transaction outputs in the wallet that have between minconf and maxconf (inclusive) confirmations. Each output is a 5-element ... Raw Transaction Format¶. Bitcoin transactions are broadcast between peers in a serialized byte format, called raw format.It is this form of a transaction which is SHA256(SHA256()) hashed to create the TXID and, ultimately, the merkle root of a block containing the transaction—making the transaction format part of the consensus rules. Transaction create a signed raw transaction. Use this page to create a signed raw transaction. WIF key: Format: Enter the address and amount you wish to make a payment to. [Legacy, SegWit/Bech32 supported] Donate! Address: Amount: Input: Output: Miners Fee: Sort Input/Output: Satoshi Per Byte [Optional]: New Address create a new address. Brain Wallet. Random Address. Address (Share): Public ... To sign the transaction message first, we need to double SHA-256 hash the hex of transaction message which will give us a hashed raw transaction. The easiest way of performing hash is by using ...

[index] [7074] [44066] [4589] [14031] [12442] [20131] [22673] [39424] [30433] [45197]

Constructing a Bitcoin transaction using python - 3/5

This video is for people who want to use (almost) raw python code to Constructing a Bitcoin transaction. In the previous videos, I've explained how to connect to the bitcoin network, as well as ... Bitcoin: How to Create a Raw Transaction - Duration: 6:12. m1xolyd1an 13,880 views. 6:12 . 19 Industries The Blockchain Will Disrupt - Duration: 9:57. Future Thinkers Recommended for you. 9:57 ... This is part 27 of the Blockchain tutorial. This tutorial explains: - What Bitcoin raw transaction is. - Shows an example of a raw transaction using the very first transaction on the Genesis block. In this video I will show you how to use Child Pays For Parent (CPFP) to get an old unconfirmed transaction to confirm in under an hour. You will need to be ... Step by step guide on creating a raw transaction with bitcoin core client. createrawtransaction '[{"txid":"", "vout":}]' '{"1anyAddress":0.01,"1changeAddress...

#