Mega blast stress test attempt of 5,000,000+ transactions November 15th or December 1st?
| November 15th |
6 votes
· 125,344 satoshis
|
| December 1st |
34 votes
· 164,638 satoshis
|
| Never, tests are stupid. HODL! |
0 votes
· 0 satoshis
|
Results
Creating...
Broadcasting...
We need to migrate over to memo and yours from r\btc and make the trolls/ABC shills put their money where their mouth is - pay for your rudeness and madness on the BCH blockchain and at least contribute SOMETHING
Yours.org isn't accepting anymore people and hasn't been for quite some time.
For now yes. We plan to use multiple keys that can recover ID from compromise. The funds would still be lost though.
https://github.com/memocash/mips/blob/master/mip-0003/mip-0003.md
Generate BIP39 mnemonic, use that as seed to derive m/44'/145'/x' where x' is the service. Forget the root master and use the Memo pass to encrypt the XPRV of this account.
Security risk: my Memo pass is stored in plain text in the browser. Please ENCRYPT local storage and hold the plain text only in SESSION storage (and provide public mode where there's no plaintext).
As blake said this has been brought up and is fairly standard practice. We are changing our stance on this though and will be removing plaintext passwords from local storage soon. Ty.
Malware can search for it because the data has the same rights as you. Instead of stealing, it'll just post spam from your account. At least that's how I'd exploit it.
Security risk: my Memo pass is stored in plain text in the browser. Please ENCRYPT local storage and hold the plain text only in SESSION storage (and provide public mode where there's no plaintext).
I expressed my concerns with this months ago to @jason when I first started on the app but was told it's standard practice. I'm with you. Session tokens, no plaintext.
Well, at least we know what is going on. So, your memo $BCH is as secure as your browser. Lose the browser, lose the funds. The more browsers, the bigger the security risk. Right?
Malware can search for it because the data has the same rights as you. Instead of stealing, it'll just post spam from your account. At least that's how I'd exploit it.
I expressed my concerns with this months ago to @jason when I first started on the app but was told it's standard practice. I'm with you. Session tokens, no plaintext.
BIP39 mnemonic should be provided to the user and forgotten. The Memo password should encrypt the XPRV for this specific account and should be unlocked on each session.
Security risk: my Memo pass is stored in plain text in the browser. Please ENCRYPT local storage and hold the plain text only in SESSION storage (and provide public mode where there's no plaintext).
I'd always wondered what would happen if someone posted their email.
It lives forever on the blockchain. EIGHT.
You mean like this with my $HandCash written on on it? lol
That code URI is incorrect. It's not prefixed with bitcoincash. Should be "bitcoincash:qzlycgpk2kym38d9pt6gwz2wvd7p405t5y996s96vx"
That sounds like the wording from a bad banner ad from 1999. The kind that wiggled on the screen. Did you create a P2SH for that puzzle?
Amusingly, now I do indeed have 6.
SEVEN!
"if you lose your laptop, there is no way to recover your LN payments, unless you have arranged to send each payment to a trusted paid third-party backup service. Moreover, in order to run your own watchtower (a
It's like the original Bitcoin client that chose random keys. Lose the wallet.dat, lose the coins.
Memo app says I have 5 notifications.
Still.
Now you have six.
Memo needs an edit feature or at least I need one badly. Could it work by "overriding" the existing memo, sending a new memo with the existing posts ID and the site displays the most recent?
Memo needs an edit feature or at least I need one badly. Could it work by "overriding" the existing memo, sending a new memo with the existing posts ID and the site displays the most recent?
Wish there was a diff Memo code. You'd just post the diff of the text, that way changes can be tracked.
Mega Millions is nearly $1 bill cash. Anyone interested in doing a pool (BCH equiv of $2)? I'll buy the tickets in a state with no income tax and post pics of the tickets.
this was exactly the plan but can't even get past sharing the pubkey (we're only in touch via memo). the point is not to make it foolproof, but to alleviate the bot writer's risk.
In that case, your only option is to share the extended key as you did (which is not ideal). But going forward, you might want to find a secure way to share it 👍
can i derive the pubkey from the extended? or suggestions on how to proceed? we want to add some money handling protection to a bot that is collecting BCH for stress testing.
(cont) But I'm not sure if you're gaining anything since you'd still be sending it to a single address (the bot) in the end anyway, which could be used to steal the funds.
can i derive the pubkey from the extended? or suggestions on how to proceed? we want to add some money handling protection to a bot that is collecting BCH for stress testing.
(cont) People would donate funds to that P2SH address. When you want to spend, all cosigners will sign the transaction consolidating the donations and send to the bot's wallet. (cont)
can i derive the pubkey from the extended? or suggestions on how to proceed? we want to add some money handling protection to a bot that is collecting BCH for stress testing.
You'd set up the multisig wallet in Electron by sharing the extended public key with the other cosigners, then create a P2SH address. This is the donation address for the bot. (cont)
