Importing master keys on bitcoin core

I want to use a mnemonic phrase and BIP 39 to store the keys, and use bitcoin-core, I understand that master private keys cannot be imported at least directly and that mnemonic phrase is not supported.

Also, I know that there is the idea of re-think the wallet format of bitcoin core to use descriptors, that support key derivation using BIP32.

My idea was to use importmulti to generate a basic usable wallet with some addresses generated from the master account key.

Using https://iancoleman.io/bip39/ , I’ve generated a seed and mnemonic:

rebel image use energy write boil throw okay claw
umbrella advice together clarify water actress

From there I can get the account extended private key (44’/1’/0′):

tprv8fvSBE7NPnC8FJfBwcptSmmgxhQZhsAbbzRWaLo9d9ystozdV7BFUbRHqvYgL18fnV3WfM4GZb2cLKbLq5H8qZqC9XDnq8Mep3RWXfRsZ7o

From there I can build some descriptors to build usable wallet:

External

deriveaddresses "combo(tprv8fvSBE7NPnC8FJfBwcptSmmgxhQZhsAbbzRWaLo9d9ystozdV7BFUbRHqvYgL18fnV3WfM4GZb2cLKbLq5H8qZqC9XDnq8Mep3RWXfRsZ7o/0h/*)#quvrmfad" 0
# => ["myeHNHuNnbk1aG4WcJNkWw6foM2G64AXGF", "myeHNHuNnbk1aG4WcJNkWw6foM2G64AXGF", "tb1qcm233e9h79ntuv4c5mhsvmfhe2umvm0hsgafsf", "2N56BvNBqmkTh1Jic4GbpXSYpbtTNHUdQFw"]

Internal

deriveaddresses "wpkh(tprv8fvSBE7NPnC8FJfBwcptSmmgxhQZhsAbbzRWaLo9d9ystozdV7BFUbRHqvYgL18fnV3WfM4GZb2cLKbLq5H8qZqC9XDnq8Mep3RWXfRsZ7o/1h/*)#6gdaynzv" 0
# => ["tb1q5vgxy6ntsugpdde9ryhst66cz8z4c8ztp4k7qv"]

To generate the wallet, I’ve created an empty wallet (as I don’t want to depend on backups, just the mnemonic I generated earlier), and import some addresses with importmulti:

createwallet "mnemonic-test" false true
importmulti '[{"desc": "combo(tprv8fvSBE7NPnC8FJfBwcptSmmgxhQZhsAbbzRWaLo9d9ystozdV7BFUbRHqvYgL18fnV3WfM4GZb2cLKbLq5H8qZqC9XDnq8Mep3RWXfRsZ7o/0h/*)#quvrmfad", "range": 10, "timestamp": "now"}, {"desc": "wpkh(tprv8fvSBE7NPnC8FJfBwcptSmmgxhQZhsAbbzRWaLo9d9ystozdV7BFUbRHqvYgL18fnV3WfM4GZb2cLKbLq5H8qZqC9XDnq8Mep3RWXfRsZ7o/1h/*)#6gdaynzv", "range": 10, "internal": true, "timestamp": "now"}]' '{"rescan": false}'

It seems to work, all the generated addresses are generated, there is no HD seed enabled (so the addresses are always derived from the mnemonic seed).

The problems I found is that, those addresses, are never used by bitcoin-wallet, when trying to receive bitcoin it says it cannot generate an address (does not try to use one of the already generated addresses) and when spending it says it does not have any internal address available.

Do you know how to enable those coins?

Could Taproot create larger security risks or even hinder future protocol adjustments re Quantum threats?

I am quoting here a user named “blk014” who responded to Pieter’s Taproot tweets from 24JAN. I find this user’s comments very interesting and would like to ask a developer expert how much of a security issue this “Schnorr’s linearity” can be in the future process of finding quantum resistant solutions? And how possibly mitigate or prevent this risks in advance?

While both, ECDSA as well as Schnorr signatures are unsafe vs quantum
computers, Taproot exploits Schnorr’s linearity for which no
quantum-safe replacement is known
today. While making Bitcoin
quantum-safe is already hard, making Bitcoin-Taproot quantum-safe will
be a nightmare.

Enabling taproot now should be supported by a rational risk
assessment. The outcome depends on your choice of the following
parameters: (1) time until QCs break ECC (2) time until QC-safe
taproot replacement developed+vetted (3) time to upgrade network, …

what to do with ignorant/dead user that wont upgrade (Satoshi, address
re-users) whose UTXOs become vulnerable by (1)

Given these risks, an upgrade to tap root is not very risk averse,
which is the appropriate approach in developing safety-critical
systems, and which was followed so far.

It’s not just a matter of priorities, because without taproot
achieving QC-safety is hard, but a path is at least on the horizon
(cf. current NIST standardization efforts). After taproot, the problem
is completely open.

On a final note: I’m not personally against activating taproot (it’s
very elegant), but I would also like to have consensus on a rational
assessment of the risks that are being accepted here [with Taproot].

The user goes on to describe 3 step approach to a solution, where without Taproot only 2 steps would be needed. But with Taproot a much more difficult 3rd step comes into play:

I think there are 3 major QC problems to solve: (1) find an
appropriate post-quantum DSA (2) solve the transition problem before
QCs become large, (3) find a linear PQ-DSA.
Items (1)-(2) have to be
solved in any case, as long as you believe QCs will become large
eventually.

And Goolge’s recent Quantum Supremacy experiment is significant
evidence that we are on that track. With taproot activated, we also
need to solve (3). If we solve (1) and (3) together, this may take too
long to achieve (2). That’s the risk we take by activating taproot
now.

it might push the the time to make Bitcoin quantum-secure from 5-10 to
10-20 years, as much more research is needed.
Risk assessment should
conclude whether we have the time and want to take the risk.

Thanks for your expert views on this issue.

Bitcoin UTXO discrepancy in calculation

I’m trying to understand the following two sites that display UTXO information. If I can figure out the method, that would be a bonus for this question but if I can’t can someone explain why the two sites measure UTXO differently?

The following website I think adds utxo from the gensis block: https://statoshi.info/dashboard/db/unspent-transaction-output-set?panelId=6&fullscreen

This website’s value is way higher than the one of the previous: https://charts.bitcoin.com/btc/chart/utxo-set-size#5moc

Am I missing that these are different charts? How can I reproduce them if I decide to create the charts myself?

Sweeping paper sweeping private keys from 2009-2010 into electrum wallet

I have several wallets from 2009 and 2010 that have not been touched since day one.I recieved 25 dollars USD worth of BTC for downloading and running a program in the background. Im guessing i was mining BTC. Didnt think another thought about it. I was alittle irritated because 25 bucks didnt just shoot outof the computer screen!! Lol.
Luckly my dad never throws away anything. So after scanning 18 hard drives ( it is a whole learning exp.)i have recovered 13 or so private kets and wallet ids. And still looking.
So obviously i am very slow to do anything and am stuck on this sweeping thing. The files may have had a list of words. I dont recall. They were not encrypted though. So are the priv. keys considered a masterkey? The only options for a standard wallet is seed or master key. One of the files did say rootsomethingor another. None were wallet.dat. i hid one file in a music folder. So where do i go from here? Also,what is xprv yprv and zprv? And what is the purpose of the console for sweeping if any at all? I am not in tye console.
Anybody have any clue how to guide me on this?

How can a reciever verify that transaction data was not altered by 3rd party?

My scenario:

My web server:
– Generates private and public, and a wallet address from the public key for a user website account
– Server can not connect to the outside (Can not connect to the Bitcoin network)
– Has a page that allows anyone to send money to the user account wallet address

What I need to do:
– The server needs to know when bitcoins were sent to the wallet address, and how many total bitcoins are at the wallet address

Because web server can not access outside internet, I am using Javascript on the browser side to get the wallet address info by getting https://api.blockcypher.com/v1/btc/test3/addrs/miedePxMt4SDQHjWJyfhbCWvXcm33vzDa1/full and/or https://api.blockcypher.com/v1/btc/test3/txs/681b16b4de3676a5865a85e0bba3097afcc195d928f3167e4d5591c388c1e474?includeHex=true … and sending that data to my webserver using a Ajax call to check for the received bitcoins.

Note: I have sent testnet bitcoins to that wallet.

Everything works except 1 problem: The browser user can easily change the bitcoin amounts and trick the web server into thinking more bitcoin were sent.

My question is: What methods can I use on the webserver to verify that the transaction data was not changed by the browser user. The web server has the pub/priv key of the receiving wallet. The webserver has the “bx” libbitcoin-explorer program available and I could potentially install other software.

Can I use the cammands in this diagram at all? https://github.com/libbitcoin/libbitcoin-explorer/wiki/Transaction-Commands

How can Server-less communication take place between clients?

I was thinking to design a application which is not dependent on server and can directly send and receive data to and from other clients.I learned it is possible with UDP but how can new users join in the network and is it possible for any node to calculate active nodes .I would implement this with Socket programming using java .

Error while syncing with the blockchain on my Raspberry Pi

So I already have the node set up on my raspberry pi. This night the transfer of the Blockchain from my laptop to the raspi’s hard disk finished. Now I am waiting for the blocks to match the headers

"blocks": 162064, "headers": 613982

The thing is that when I do bitcoin-cli getblockchaininfo to check if it is already complete, I get this error:

error: Could not connect to the server 127.0.0.1:8332
Make sure the bitcoind server is running and that you are connecting to the correct RPC port.

I check if bitcoind is running with systemctl status bitcoind.service and this shows up:

● bitcoind.service - Bitcoin daemon

Loaded: loaded (/etc/systemd/system/bitcoind.service; enabled; vendor preset: enabled)

Active: activating (auto-restart) (Result: exit-code) since Wed 2020-01-22 11:59:12 CET; 15s ago

Process: 811 ExecStartPre=/bin/sh -c sleep 30 (code=exited, status=0/SUCCESS)

Process: 814 ExecStart=/usr/local/bin/bitcoind -daemon -conf=/home/bitcoin/.bitcoin/bitcoin.conf -pid=/home/bitcoin/.bitcoin/bitcoind.pid (code=exited, status=0/SUCCESS)

Main PID: 815 (code=exited, status=1/FAILURE)

So I try to restart the bitcoin daemon with sudo systemctl stop bitcoind and sudo systemctl start bitcoind. And when I check its status it shows the following (which looks good):

bitcoind.service - Bitcoin daemon

Loaded: loaded (/etc/systemd/system/bitcoind.service; enabled; vendor preset: enabled)

Active: active (running) since Wed 2020-01-22 12:01:01 CET; 5s ago

Process: 862 ExecStartPre=/bin/sh -c sleep 30 (code=exited, status=0/SUCCESS)

Process: 864 ExecStart=/usr/local/bin/bitcoind -daemon -conf=/home/bitcoin/.bitcoin/bitcoin.conf -pid=/home/bitcoin/.bitcoin/bitcoind.pid (code=exited, status=0/SUCCESS)

Main PID: 865 (bitcoind)

Tasks: 12 (limit: 2200)

Memory: 111.0M

CGroup: /system.slice/bitcoind.service

└─865 /usr/local/bin/bitcoind -daemon -conf=/home/bitcoin/.bitcoin/bitcoin.conf -pid=/home/bitcoin/.bitcoin/bitcoind.pid

And when I do bitcoin-cli getblockchaininfo again, it doesn’t show me an error, but the number of blocks synchronized is lower than before. And a few minutes later, when I go check again it all repeats itself.

What am I supposed to do here?

Thanks

Withdraw and deposit in cryptocurrency exchange website

In an exchange website we just book trades in our database and just when user want to withdraw his BTC balance we make a real transaction in bitcoin network for him. Consider a scenario that a user deposits 2 BTC and after some trades he now owns 5 BTC. His public address balance is 2 BTC and server must send 5 BTC to user’s address. So server need to do more than one transaction: 2 BTC from his own deposit address and the rest 3 BTC from another address that server manages. In this scenario we must pay fee for at least 2 transaction. We usually in withdrawal take fee just for one transaction from user. The problem is now server must pay the other fees?
What is the solution for this problem?

In BTC scenario I want to use blockchain.com’s wallet app api. As I understood, we can have lots of publuic address corresponding to one extended public key of wallet. So we assign each user to a different public address in time of deposit. In time of withdraw, we can pay from blockchain’s wallet to withdraw address of user. Am I right about this approach?
I can generate new address of blockchain wallet with “http://localhost:3000/merchant/$guid/new_address” url. But this url just generte BTC address. How an I generate new address for ethereum and bitcoin cash in block chain.com api?

Is it possible to use such this solution for ethereum, litecoin and …

If not, how can I manage the problem of many users deposits and withdraw in an exchange site?

Excuse me for number of questions

Thank you in advance