Mt.Gox Claim Filing System Online

Today I got mail from Mt.Gox again… their new claim filing system is up and running! So I scrambled to file my claim.

The log in process is a bit complicated, they required me to provide email address, user name and passwords for both the actual Mt.Gox Exchange as well as the old claims system, which I fortunately still had all in my password database. Along the way, they mixed up exchange and claims system at least once, which didn’t make it easier.

Anyway, after a new password is set for the new claims system, you have to set up two factor authentication with an authenticator app, log in again for a last time, and then you get this:

When you click that blue button, you get a listing of all assets that you had on the exchange. In addition to any fiat currency, it listed the BTC and BCH in my account! Now you have to provide some data, they also ask for your old address in case it changed since Mt.Gox got shut down.

So I filed my claim and got this confirmation page along with an email. I guess now I’ll have to wait for a couple years again 😀

Cheers

Remarkable Blackmail Spam

I received some remarkable spam with an attempt to extort some bitcoin from me today, and wanted to share:

Subject: (Your password XXXXXXX)

It seems that, XXXXXXX, is your password. You may not 
know me and you are probably wondering why you are 
getting this e mail, right?
 
actually, I setup a malware on the adult vids (porno) 
web-site and guess what, you visited this site to have 
fun (you know what I mean). While you were watching 
videos, your internet browser started out functioning 
as a RDP (Remote Desktop) having a keylogger which 
gave me accessibility to your screen and web cam. 
afterthat, my software program obtained all of your 
contacts from your Messenger, FB, as well as email.
 
What did I do?
 
I created a double-screen video. 1st part shows the 
video you were watching (you've got a good taste haha
 . . .), and 2nd part shows the recording of your web 
cam.
 
exactly what should you do?
 
Well, in my opinion, $1000 is a fair price for our 
little secret. You'll make the payment by Bitcoin (if 
you do not know this, search "how to buy bitcoin" in 
Google).
 
BTC Address:

1Bb446YF8AZK3nKchPJQ3J5KwPGRHRARJ5

(It is cAsE sensitive, so copy and paste it)
 
Important:
You have one day in order to make the payment. (I've 
a unique pixel in this e mail, and at this moment I 
know that you have read through this email message). 
If I do not get the BitCoins, I will certainly send 
out your video recording to all of your contacts 
including relatives, coworkers, and so on. Having 
said that, if I receive the payment, I'll destroy 
the video immidiately. If you need evidence, reply 
with "Yes!" and I will certainly send out your video 
recording to your 6 contacts. It is a non-negotiable 
offer, that being said don't waste my personal time 
and yours by responding to this message.

The password in the subject was indeed one of my oldest “throwaway-passwords”, which I would use to sign up at websites which required to make a user account for no good reason. That’s why it catched my eye.

Notably, if you look at the address given in the email, you can see that (at this time) eight people have already sent around 0.15 BTC (that’s roughly $1000) each to this address, which is sad – but also a clear sign that this address was apparently used to scam multiple people and not personalized for me.

Most likely, my old password is contained in some publicly available leaked database of some website, along with my email address. So the scammer just mailed every address with their respective password. And it seemed to work.

By the way, the email did in fact not contain a “unique pixel”, it was plain text. It originated from some Japanese email provider, however I guess it’s pointless to try and trace the actual sender.

UPDATE!

The next morning I woke up to another email: this time the subject was:

Subject: (Part num your Hacked phone. +XX XXXXX1234)

It contained the last four digits of my old mobile phone number, otherwise the same text as above, and a different BTC address. This one has only received little Bitcoin so far.

So it looks like the last four digits of my phone number were included in said leaked database as well. If they had the whole number, they would have used it. Maybe I can find out which leak exactly that might be.

Have a nice day, and be vigilant 😉

P.S. my apologies to everyone who is going to receive those videos of me “having fun” 😉

You’ve been looking at the wrong Bitcoin chart

Every now and then, I am tempted to look at an all-time price chart of Bitcoin. Or I google the price of 1 Bitcoin in USD. What I find, is shocking…

linear price chart
Linear Bitcoin all-time USD price chart from bitinfocharts.com

That looks just unbelievable – it must be a bubble, a hype, and unsustainable, right? Wrong. I’ve just been looking at the wrong chart. What I found is a linear chart, and it is misleading. Have a look at this one instead:

lograithmic all-time price chart
Logarithmic Bitcoin all-time USD price chart from bitinfocharts.com

This is the very same data plotted on a logarithmic scale. In fact the growth of Bitcoin has been relatively smooth, steady and natural all along. Natural growth tends to be exponential. You find it in nuclear chain reactions, the growth of the human population, and economic growth, which is the one applying here.

And natural growth is usually limited. Looking at the logarithmic chart, you can see that the rate of growth actually seems to slow down over time – it grew at a higher rate in the beginning than it grew in the second half of 2017 (the year which ended with Bitcoin hitting $20k in December).

I have no clue what the limit might be, but I’m confident that Bitcoin will exceed the December 2017 spike again, unless something unexpected happens.

What Was My Mt.Gox Balance Again?

As you might remember, Mt.Gox, one of the first Bitcoin trading platforms, was hacked in February 2014 (or before that), and subsequently closed down, with the users’ funds lost. A long process started where users could apply to reclaim their funds, but nothing came of it so far. Now on June 22, Mt.Gox sent out another email to its former users, and actually I’m not entirely sure what it says, but it seems like a new system will be set up for filing claims.

But I was wondering, because I forgot – how much BTC did I have on Mt.Gox anyway? How can I find out my former Mt.Gox balance?

So, it turns out there was a leak of Mt.Gox data in 2014, and you can download the whole thing from archive.org here. The zip file contains a dump of all account balances and a BTC transfer log with all transactions since 2011. The transfer log and account balance dump do not contain user’s names or email addresses – they only contain user and transaction IDs.

Bitcoin transfer log from Mt.Gox leak

I found a transaction reference in one of my old emails from Mt.Gox. With this transaction reference, I was able to look up my wallet ID and so I found my balance in the other file.

Account balances from Mt.Gox leak

The balances in the dump are shown in Satoshis, i.e. you have to multiply by 0.00000001 in order to get the amount in BTC. Note that the topmost entry in the dump had a balance of 44547.67562508 BTC, which is worth about 285 million Euro or 331 million US Dollars at the time of writing.

I’m not going to reveal my own balance here, I’ll just say that, while it is not a negligible amount at today’s prices, other people were much more unlucky than me 🙂

Update: there is this post on reddit which sums up what’s going on with Mt.Gox claims refiling right now.

Update 2: the new claims system is online, read about it in my new post: Mt.Gox Claim Filing System Online

How to claim and sell your Bitcoin Cash

On Tuesday August 1st, Bitcoin Cash forked from Bitcoin, and every Bitcoin holder is eager to claim their free BCH. So here is the short and painless way to do it.

In short, what we’re going to do is:

  1. Secure your Bitcoin by transferring it away to a new (paper-) wallet
  2. Sweep your private keys in Electron Cash to a new BCH address
  3. Sell your BCH

Secure your Bitcoin

So, the first thing you want to do is to secure your existing Bitcoin – in case anything goes wrong while handling your private keys, your existing Bitcoin will be safe.

I did this by creating a paper wallet on bitaddress.org as described in my earlier article; then I transferred all my BTC to that wallet. Store it in a safe place.

Obtain your private keys

Next, you need your private keys in order to sweep them on the BCH chain. I run a bitcoind, the way to do this is to unlock your wallet and then dump it:

$  bitcoin-cli walletpassphrase "xxx" 60
$ bitcoin-cli dumpwallet wallet.txt

Note the extra space before the walletpassphrase command; this will tell your bash to not write the command to the command history, thereby keeping your passphrase a secret.

This will dump all your private keys in wallet.txt. You can reduce this to just the keys like this:

$ cut -f1 -d' ' <wallet.txt >keys.txt

Now you got your keys.

Sweep your private keys

Next, install Electron Cash. You are going to enter your private keys there, so be sure you got the right version.. apparently there were scams, that’s your own responsibility.

On startup, it prompts you to create a new wallet. Save the passphrases in a secure location. Once Electron Cash is up and running, go to Wallet -> Private Keys -> Sweep and paste all your private keys from your keys.txt file there.

Potentially you have many more keys. Press “sweep”. If you have many keys, this will now take some time, maybe one or two minutes, while the GUI appears to do nothing. Then, a transaction window pops up. Here, you click “broadcast” in order to broadcast your transaction. This will transfer all your BCH to your new Electron Cash wallet.

Now you have to wait until the transaction is confirmed.

Sell your BCH

You can now transfer and sell your BCH on any exchange that supports it. I use shapeshift.io.

Hope that was helpful.

Paper Wallets and Cold Storage for Bitcoin and Ethereum

An Ethereum Paper Wallet

You made a fortune trading crypto currencies, but don’t like the general idea of actual money being stored on the hard disk of your worm-infested PC? Then cold storage and paper wallets are for you.

In this post, I am going to explain what cold storage and paper wallets are, and how you can create one, the really safe way.

Offline Accounts

Due to the nature of how blockchain-based currencies such as Bitcoin, Litecoin and Ethereum work, it is possible to generate a wallet or an account and send money to it, without the account ever having seen the network – you can generate and store it entirely offline, so no one could possibly steal it over the network.

When coins are being sent to an address, the blockchain merely stores the information “address X owns N coins”. Only in order to spend those coins again, one needs the private key associated with the address; the private key is used to sign a transaction which moves coins from the address to another one.

So all we need to do is use a software to generate our address and private key pairs.

Generating Wallets

We are going to use the tools provided by MyEtherWallet, BitAddress.org and LiteAddress.org for the respective currencies. You can just go there and do the generating on those websites – all generation happens client side, in the browser, and not on their servers.

However, we want to be really safe and sure that our keys never touch the net, so we go one step further. We are going to create our wallets on an air-gapped computer. An air-gapped computer is a computer which is not connected to the network.

Prerequisites

You need mainly two things – a computer which is not connected to the internet, and a means of safely and securely storing your generated keys. If you don’t have an extra computer around (which you totally should have, you can never have enough), you can use the one you are using right now, you just have to go offline for a while.

I will set up the key generation software on an extra RaspberryPi 3 I have lying around, and store my new wallet on a USB drive, and print it as a paper wallet. The USB drive will also be used to transfer the required software to the air-gapped computer.

Download the Software

For Ethereum, go to https://github.com/kvhnuke/etherwallet/releases/latest and download the distribution zip file (dist-vx.x.x.zip).

For Bitcoin, go to https://github.com/pointbiz/bitaddress.org/releases/latest and download the latest release source code archive (zip or tar.gz). (It is the same software for Bitcoin and Litecoin).

Store the archives you downloaded on a USB stick if you are going to transfer it to your air-gapped computer.

Working Offline

Setup an offline computer. All you need is a working browser, such as Chrome or Firefox. Transfer the software from the USB stick to your computer and unpack it.

For Ethereum, go to the unpacked archive and open index.html in your browser (by double-clicking it). You now have the same environment as on the websites mentioned before. Create your wallet as instructed.

Safe the encrypted JSON “UTC” key file. Then print your paper wallet – either generate a PDF or print it directly (obviously that requires a printer).

For Bitcoin, open bitcoinaddress.org.html in your browser. You need to generate some randomness by moving your mouse around. When done (counters go to 100%) you now have multiple options – generate a single wallet, a number of fancy looking paper walled, or just bulk wallets as a text file. Download the result and store or print it as needed.

You can now start to send money to your wallets.

Checking your wallet’s balance

You can check your wallet balance online. For Ethereum, you can enter your public address at etherscan.io. For Bitcoin, enter it at blockchain.info. No need to have your wallet online, as all the information needed is on the chain.

Secure Storage

You now have PDFs or pieces of paper with your *unencrypted* private key. No password is needed to spend money from your wallet with this key, so you have to keep it safe. And be sure to make a backup and store it in multiple locations (what happens if your house burns down?).

I hope you found this post helpful. If so, you can throw me a couple Satoshis via my donation address. Thank you 🙂

 

 

 

 

 

 

Bitcoin Transaction Fees Done Right

It happens ever so often – someone tries to send Bitcoins and the transaction is just stuck with zero confirmations forever. The reason is that the transaction is never mined, because the transaction fee was set too low.

In this article, I am going to explain how you set your transaction fee right, and then I’m going to explain what you can do to get your stuck transaction going again, or how to cancel a transaction.

Why do transactions get stuck?

Each transaction has a certain size, depending on some factors, usually it is between about 200 and 1000 byte. When a miner creates a block, they incorporate transactions into the block and get rewarded the transaction fee. The transaction fee is set by the sender of the transaction (i.e. you).

Now, the block size of Bitcoin is limited to 1MB. And because Bitcoin is so popular and there are many transactions, every block is full. The miners will therefore only incorporate transactions with the highest transaction fees. If you set your fee too low, your transaction might stick around for hours, or days, or even weeks without being mined.

What is the right transaction fee?

So, how is the best transaction fee determined? There are websites which can calculate the fee for you. I like this one: https://bitcoinfees.21.co/ – have a look – it lists the predicted block- and time delay by transaction fee.

The transaction fee is usually shown in Satoshi per Byte. One Satoshi, the smallest unit in Bitcoin, equals 0.00000001 BTC. At the time of writing, the page suggests, if you want your transaction to clear in under one hour, you should set a transaction fee of 331-360 Satoshi per byte.

In the official Bitcoin Client, the transaction fee is configured in BTC per Kilobyte, so that’s Satoshi per byte divided by 100’000; so, to set 360 Satoshi per byte, you would set a transaction fee of 0.0036 – on the command line:

$ bitcoin-cli settxfee 0.0036

Ideally you put this as a default into your bitcoin.conf:

paytxfee=0.0036

So, if your transaction has a size of 250 bytes, your fee would be calculated as 0.0036 * 0.25 = .0009 BTC, which at the time of this writing are about $2.54 – be aware that your transaction size might be bigger, though!

How can I get my stuck transaction going again?

That said, your problem still exists – you have sent a transaction, the money is gone, but it is stuck on the network – what now?

Luckily there is a trick – you can double spend the coins with a higher transaction fee. All you have to do is make your bitcoind “forget” that you already sent your money, and then send it again with a higher fee (calculated and set as described above).

First, you stop your bitcoind. I recommend you make a backup of your wallet.dat. And then start it with:

$ bitcoind -zapwallettxes=2

This removes all transactions from your wallet and re-reads them from the blockchain data. This will take quite some time, as the entire block chain is rescanned.

Now your bitcoind is running again but it “forgot” that you have sent your coins. As your transaction is not on the blockchain yet (because it was never mined), it does not re-appear.

$ bitcoin-cli settxfee 0.0036

Now, don’t forget to set the right transaction fee as described above, and then send the transaction again. Your bitcoind will now broadcast your new transaction. It can take some time until the network picks it up, up to one day in my experience – but when it is mined, the old transaction will be abandoned and forgotten.

Note that this strictly only works when your original transaction was never confirmed.

I hope this helped. If you are happy about the result, feel free to send me some Satoshis – thank you 🙂