Showing posts with label wallets. Show all posts
Showing posts with label wallets. Show all posts

November 23, 2017

Scammed Bitcoin Gold wallet named ‘MyBTGWallet’ stole $3M from users

By Bhushan Akolkar - November 23, 2017 (

An alleged Fraudulent Wallet appearing on the Bitcoin Wallet is said to have stolen $3.3 million worth of cryptocurrency holdings of users.

After being initialized through the second hard fork in the Bitcoin network, Bitcoin Gold (BTG) the second derivative of Bitcoin had to go through a bumpy ride initially with its website being a victim of DDoS attacks. The Bitcoin derivate is yet again in news for an alleged scam that is suspected to have stolen $3.3 million from Bitcoin users. The theft is said to have been done by the operators of while falsely asking users to claim the bitcoin gold and traping them in a malicious scheme.

The scheme asked users to submit their private keys as a requirement to generate bitcoin gold wallets. All the users who agreed to this proposal soon became victims of the fraud as all the cryptocurrency holdings in their wallet were sent to a different address. The development team has said that they are investigating the matter and are working with different security experts.

The BTG team explained “When we receive verifiable reports that a website or app is a problem, we removed it from our site. Preliminary investigations indicated that at least some of the claims of theft by the mybtgwallet site are reliable — Like all third-party sites, that site was not in our control, but we immediately removed it from our pages and the team is working with security experts to get to the bottom of this issue — It appears the mybtgwallet online wallet site was modified by unknown parties long after it was originally published.”

In addition to this, Bitcoin Gold has been through an interesting recovery in the past week. Last week, Satoshi Labs – a cryptocurrency hardware wallet manufacturer and the maker of Trezor, announced that Trezor will integrate BTG into its wallet. Following this news, there has been a fresh cash flow and increase in market liquidity as the BTG prices have increased by 100% from $150 to above $300. According to CoinMarketCap, BTG is currently trading at $279.47.

This sudden and huge surge in the price of BTG is said to be coming in the wake of the announcement by Satoshi Labs that Trezor’s beta wallet will allow its customer to retrieve BTG coins. A step-by-step process to claim BTG is listed in a blog post by Satoshi Labs. Users are requested to upgrade their firmware to 1.6.0 and to use the company’s beta wallet. The company explained: “For the time being, your Bitcoin Gold wallet will only be accessible from the Trezor beta Wallet. Bitcoin Gold is not Bitcoin — It merely uses bitcoin’s history similarly to the case of Bitcoin Cash — This process will not affect your Bitcoin wallet at all.”

Just after Bitcoin Gold went live on November 12 earlier this month, there are many cryptocurrency wallet-players who have extended support for BTG after realizing that there is a lot of community interest for the latest Bitcoin derivative. One such cryptocurrency mobile wallet ‘Freewallet’ has launched its first dedicated wallet for BTG. The Android version of the wallet is already available on Google Play Store where the iOS version on AppStore is awaiting approval and is expected to launch next week.

Freewallet co-founder, Alvin Hagg, while announcing this on his website, stated: “That’s the second Bitcoin chain split we’ve supported. And Freewallet managed to provide uninterrupted operations during both of them! When a new cryptocurrency is born and a new network is launched, it means there’s a great opportunity for our users to get free coins and instant profits. And Freewallet’s mission is to make sure they are happy because that’s what makes us happy, too.”

October 21, 2017

Money at risk? Mobile wallets become new battleground in Bitcoin fork debate

By Alyssa Hertig - October 21, 2017 (

Mobile bitcoin wallets users might not realize it, but their money might be at a heightened risk this November.

While advertised as a tool bitcoin users can tap to achieve an experience more akin to a conventional financial product, mobile bitcoin wallets today send transactions to the bitcoin blockchain, though in a way that differs from the default wallet options. But come November this construction could cause turbulence, because that's when the bitcoin protocol is aiming to undergo yet another major change to its software.

Following this summer's activation of the code upgrade SegWit, a group of businesses are now seeking to trigger a hard fork to increase bitcoin's block size and further expand its transaction capacity. The code, part of a larger upgrade called Segwit2x, could lead bitcoin to split into two (again), that is, if not everyone decides to support the upgrade.

Still, the difference is that, unlike bitcoin cash, Segwit2x's developers are doing everything they can to keep all bitcoin users on the same blockchain.

Segwit2x lead developer Jeff Garzik told CoinDesk:

"The design goal of Segwit2x – just like [the latest] ethereum fork – is to upgrade bitcoin, not create a new currency."

To do so, developers backing the project also have made a couple of key (if controversial) design decisions that have to do with maintaining compatibility with "simplified payment verification" wallets, the technical term for smartphone-based bitcoin wallet applications.

But developers argue that there are pros and cons of how they are trying to accomplish this.

For one, it might not exactly be safe for mobile wallet users to make transactions immediately after the hard fork is enacted.

Attack resistance or convenience?

The first design decision is omitting so-called "replay protection."

A bit of a political term, it's meant to describe what happens when a blockchain splits in two, as users suddenly have equal value on both blockchains. This means that when users move tokens on one blockchain, the tokens also move (or "replay") on the other.

But this isn't visible to people who might not know that they have money on two networks during a network split. Worse case: users might lose some of their money and not even notice.

"It becomes unpredictable what money you're moving and when," Bread Wallet CMO Aaron Lasher explained in conversation with CoinDesk.

Since not everyone agrees with the Segwit2x hard fork – some are even going as far as to write up manifestos in opposition – it's likely to split into two competing networks, and this could be confusing for general users.

However, Segwit2x developers have a reason for leaving replay protection out: to keep Segwit2x compatible with SPV mobile wallets.

"'Replay protection', as you call it, splits the chain. It simply doesn't make sense. You'd suddenly be breaking [more than 10 million] SPV clients that otherwise work just fine. It is a goal of Segwit2x to help avoid this," BitGo CEO Mike Belshe wrote in an email debate between developers of the project.

In other words, replay protection would cause inconvenience for mobile wallet users who want to shift over to the Segwit2x blockchain, so Segwit2x developers don't plan on adding it.

Hard fork decisions

Mobile wallets are the subject of debate in another area as well.

Many providers of this wallet option, such as Electrum and Bread Wallet, rely on SPV. This does away with need to hold a full copy of the blockchain, making the data far easier to store on storage-strapped cellphones.

But, they have some drawbacks. (Coinkite co-founder CEO Rodolfo Novak went as far as to quip that "the 'V' in SPV stands for Victim.")

As implemented today, SPV wallets will automatically follow whatever version of bitcoin has the most miners backing it. So, if bitcoin splits into two, and Segwit2x attracts more computing power than the legacy bitcoin chain, then all of the SPV wallets will follow along. That's by design.

But some mobile wallet providers aren't so happy about this, as it's hard to explain to users what's happening.

"It's really tough for us because we are so direly affected," said Lasher.

This also has the potential to lead to some technical problems. If there are two bitcoins, mobile wallet software might get confused about which chain to follow, especially if miners switch between blockchains over time (as happened in the aftermath of the bitcoin cash fork).

"It could confuse SPV clients and result in clients switching back and forth between chains, making them lose money depending on which chain has more work at what point," Chaincode engineer Matt Corallo said.

Novak painted another scenario.

"With SVP you don't know if the node you are connected to is lying to you. For example, a Segwit2x node can spoof as a [bitcoin] node [on the other chain], this means that without replay protection your wallet may spend the funds in the wrong chain and lose them on the correct chain," Novak told CoinDesk.

Overall, developers paint an assortment of "if-then" scenarios. Lasher admitted as much, noting that it's unclear which ones will actually play out.

"It's really this decision tree of many, many things that can happen. And all of them are on the scale of somewhat annoying to downright dangerous," he said, adding that Bread Wallet plans to encourage users to stop making transactions during the hard fork, "if they can manage."

A solution?

But with disarray at the application layer, protocol developers have been arguing about how best to handle what might come.

Bitcoin contributor James Hilliard, well-known for helping to prevent a bitcoin split earlier this year, suggested a change to the Segwit2x codebase that he argues would give mobile wallets more control over the which bitcoin they ultimately land on.

Again, though, Segwit2x developers argue that this change would make it more difficult for users to transition to a blockchain with a block size increase – something they believe many users want to do, so that they can make cheaper transactions. (Garzik argued that is the most "neutral" metric for determining which chain SPV wallets should follow.)

But, again, others believe that this will confuse users and perhaps even lead those that are unaware of the situation to lose money.

Some developers even agree that there needs to be a block-size parameter increase, but simply disagree with some of Segwit2x's design decisions.

As such, the statements highlight that, while often portrayed as black and white, the scaling argument still has its shades of gray.

Lasher concluded:

"There might be some merits to a block-size increase. But we don't agree with the current way it's being pushed through."

Disclosure: CoinDesk is a subsidiary of Digital Currency Group, which helped organize the Segwit2x proposal and has an ownership stake in BitGo.

Fishing net image via Shutterstock

October 19, 2017

Bitcoin surge creates storage fears as users take extreme measures

By C. Edward Kelso - October 20, 2017 (

Bitcoin millionaires are now a thing, and so are thousandaires. It’s been a good, good year for users of the world’s most popular cryptocurrency. With sums exceeding expectations by a lot, problems arise. Keeping it all on a smartphone no longer seems reasonable. Exchanges prove insolvent. And so storage has become an obsession, leading to interesting extremes and hardware innovations. 

Swiss Mountain Storage

“This is not a race. It is a chess game, Xapo’s head of security, Carlos Rienzi, warns. “You have to think about the opponent’s next movement. You can never relax.”

Xapo was born ultimately from its founder’s trials in his native Argentina. Known as its Great Depression, it lasted half a decade, decimating peso holders, wiping out savings. CEO Wences Casares’ home country contracted nearly thirty percent; poverty and indigence rates combined to include seventyfive percent of its population.

He would later explain finding bitcoin to be something of a revelation, and a potential answer to persistent emerging economic regions’ plights.

Bitcoin keys in a Swiss Mountain

Billed as combining “the convenience of an everyday bitcoin wallet with the security of a deep cold storage,” Xapo has since grown to include former Secretary of the US Treasury Lawrence Summers as an Advisor.

Demand for services caused it to contract with Deltalis, giving the phrase “deep cold storage” literal meaning. Its facility is in the birthplace of Switzerland’s independence, the canton Uri — inside a mountain, to be exact.

“Where the Swiss military built one of its primary command and control centers, Deltalis has found optimum levels in security and stability,” company press notes. The 10,000m2 mountain spot is “further enhanced with a multilayer security concept, full redundancy and a strong IP and IX connectivity from international carriers.”

Joon Ian Wong, Quartz technology reporter, gives a sprawling account of lengths newly minted bitcoin millionaires will go to keep their holdings free from tamper.

Xapo’s Deltalis wing has “two more portals inside the suite: the first leads to an operators’ room, and the second to a “cold room.” The cold room is encircled with steel slabs to form a Faraday cage: a barrier that protects against a possible electromagnetic pulse (EMP) attack that could wipe out the data—and thus the keys to the bitcoin—stored in the room.” Staff’s Cold Storage Choices

Readers might not be in dire need of Swiss mountain cold storage, however.

In no way endorsements nor recommendations, asked a few staff members how they’re navigating bitcoin’s increased value of late.

All mentioned they keep slight access to funds on their smartphones. One staffer elaborated, “I like iOS, because it is end to end encrypted and Apple analyzes apps before approving them.” When asked about fully encrypted phones such as Blackphone 2 by Silent Circle, “Yeah that’s extreme. Maybe if you’re a bitcoin millionaire.”

As for cold storage, offline proper, “I like my Trezor but Trezor 2 is coming out soon,” a staffer mentioned. “Ledger is good and [less expensive].”

Another staffer jumped in, agreeing, “I love my Ledger Wallet Nano S. It is awesome. I have used it for a year without any problems and it [allows] you to store a variety of altcoins as well. I bought my wife the Keepkey, because Shapeshift has just been integrated into it, and it is aesthetically pleasing. It is great.”

Images courtesy of: Pinterest, Deltalis, Silent Circle. 

C. Edward Kelso - C. Edward Kelso is a long-time fintech journalist, passionately covering the cryptocurrency space since 2014. Contact: (Nine Two Nine) 367-1848.

What Lightning will look like: Lightning Labs has announced its user interface wallet

By Aaron van Wirdum, Staff Writer - October 19, 2017 (

Development of the lightning network, the highly-anticipated second-layer Bitcoin protocol for instant microtransactions, continues to inch forward.

Lightning Labs, major contributor to the lightning network daemon, lnd, announced its cross-platform Lightning Desktop App last week. The open-source lightning wallet is essentially a user interface (UI) built on top of lnd and powered by Lightning Labs’ new open-source Bitcoin light client, Neutrino.

“This is the first functioning user interface for both sending and receiving lightning transactions with a light client mode,” Lightning Labs CEO Elizabeth Stark told Bitcoin Magazine.

The lightning network is currently being developed by several teams working on different but interoperable implementations of the protocol. Several of these implementations are functional, though only on Bitcoin’s test network (“testnet”): a sort of copy of the Bitcoin network with valueless coins specifically designed for testing new applications and more.

But, while there are already several lightning daemons available for testnet, most are only usable via command line tools. Developers Olaoluwa Osuntokun, Bryan Vu and Case Sandberg collaborated to now extend lnd with the new Lightning Desktop App to provide a user interface.

“I think the big takeaway is being able to visualize this technology and see what an early UI might look like,” said Stark. “It's one thing to be using the command line, as our lnd testers and developers have been, but it's another to be able to download the app. Being able to see this kind of progress is important.”

As part of the announcement, Lightning Labs also introduced Neutrino, the new open-source Bitcoin light client that powers the Lightning Desktop App. As a main benefit, Neutrino users don’t need to download the entire Bitcoin blockchain, which is currently over 140 gigabytes in size. This makes the desktop app much more accessible to regular users who transact small amounts, for which the lightning network is particularly suited. And because Neutrino uses a new method of transaction filtering (client side instead of bloom filters), it offers more privacy than most light clients, too.

The release of the new Lightning Desktop App kicks off a two-week “testing blitz,” as the company described it in their accompanying blog post. Developers are invited to experiment with the desktop app itself, as well as with Neutrino. Further, it makes it much easier for anyone to play around with lnd and the lightning network itself.

“The really cool thing about having our desktop app out there is now there's an easy way for people to interact with all of the apps that developers are building on Lightning, such as Yalls,” said Stark.

After the two-week testing period, the implementation will enter a regular release cycle. Releasing the wallet for Bitcoin mainnet, however, could take a while longer still, Stark explained:

“We're working toward testing and making the software more stable before releasing a beta. This is financial software and its a protocol dealing with money, so we want to ensure people can have a good user experience.”

There is no specific deadline for the beta release, but Stark added that, "The next step is for us to gather feedback from testers and develop it further, along with improvements in lnd and Neutrino."

The open-source Lightning Desktop App code is available on GitHub.