bitcoin core – Forgotten password for wallet. Must a password be entered before spending?

Learn from other people’s past mistakes

Some good advice is at https://bitcoin.org/en/secure-your-wallet#encrypt

Encrypt your wallet
Encrypting your wallet or your smartphone allows you to set a password for anyone trying to withdraw any funds. This helps protect against thieves, though it cannot protect against keylogging hardware or software.

Never forget your password
You should make sure you never forget the password or your funds will be permanently lost. Unlike your bank, there are very limited password recovery options with Bitcoin. In fact, you should be able to remember your password even after many years without using it. In doubt, you might want to keep a paper copy of your password in a safe place like a vault.

Use a strong password
Any password that contains only letters or recognizable words can be considered very weak and easy to break. A strong password must contain letters, numbers, punctuation marks and must be at least 16 characters long. The most secure passwords are those generated by programs designed specifically for that purpose. Strong passwords are usually harder to remember, so you should take care in memorizing it.

Notice that second item.

Once you set a password, which you definitely should, it is important to never forget your password. This is why people use password managers and make backup copies in secure places.


What next?

If you have some idea of what your password might have been, you might try recovery tools such as btcrecover. (not an endorsement, other tools exist, take extreme care choosing tools)

If you care about your money …

  • Only download tools from sites you are 100% certain of, Check carefully.
  • Compile any tools from source code if you can.
  • Never give any potentially sensitive information to helpers. Treat all helpers as if they were thieves (almost all people offering to help will in fact be confidence tricksters). A genuine helper never needs to know your password or any part of it or anything about it. A genuine helper never needs any kind of access to your PC. A genuine helper never needs to create a wallet for you.
  • It is better to spend time learning how to do things yourself with no active participation from any helper. A genuine helper needs no more information than is already in your question above.
  • Don’t attempt recovery on any computer that has ever been used or accessed by anyone else in the past.
  • Don’t attempt recovery on any computer or device that is connected to the Internet.

bitcoin core – Is it possible to query a node for all addresses containing value?

Bitcoin-core (the full node implementation that makes up the majority of the network) does not keep an index of all addresses and balances, so without writing additional code to do the job, it is not possible. Bitcoin-core keeps track of coins via the UTXO model– the idea of ‘an address with a balance’ is just an abstraction of this that makes for a more user-friendly interface.

Of course, you could write some code to create an index of addresses and their respective balances, or perhaps find an already-existing open-source block explorer project that accomplishes this.

bitcoin core – Are P2SH transactions with disabled opcodes relayed/mined?

Many OPCODES like OP_AND, OP_CAT, OP_SUBSTR are disabled as described in https://en.bitcoin.it/wiki/Script. Although, with Bitcoin Core 0.10.0 Gavin Andresen proposed “any Script” in P2SH transactions to be relayed/mined:
enter image description here
I’m still unsure if this applies disabled opcodes. I’ve come across a Mainnet coinbase transaction with disabled “OP_AND” opcode here, and a Testnet transaction here. I’m very curios if P2SH transactions with disabled opcodes in the redeem script relayed and mined on the BTC Mainnet.

Cómo puedo evitar los ataques XSS en mi aplicación ASP.Net Core 3.1 con Entity Framework?

¡Gracias por contribuir en StackOverflow en español con una respuesta!

  • Por favor, asegúrate de responder a la pregunta. ¡Proporciona información y comparte tu investigación!

Pero evita

  • Pedir ayuda o aclaraciones, o responder a otras respuestas.
  • Hacer declaraciones basadas en opiniones; asegúrate de respaldarlas con referencias o con tu propia experiencia personal.

Para obtener más información, consulta nuestros consejos sobre cómo escribir grandes respuestas.

bitcoin core – Password before complete transaction

I was about to spend some bitcoins but Bitcoin Core required my password, which I don’t remember, to complete transaction… The wallet is open but cant use bitcoins.

I would like to know if before ANY transaction, you must ALWAYS enter password. This is the first time I try to send bitcoins so I don’t know how this goes…

Thanks.

microservices – Refactoring and moving monolithic ASP.NET Core app to Kubernetes

(This is my very first post here, so I’m sure I violate a few rules of this community, mainly by asking too much questions in a simple post. Sorry for that.)

I have a monolithic ASP.NET Core MVC application which I develop as a hobby project for private use. It can download videos and music from several video sharing websites by using youtube-dl. This application simply shell executes youtube-dl using the correct cmdline arguments, captures stdout and stderr, does some parsing on it, and reports any status changes real-time to the frontend using SignalR. Also, every day when it is idle, shell executes youtube-dl to update itself. I made some changes in the code to limit the maximum parallel downloads to a specified value in appsettings.json.

It does its job fine on a single server. But at work I became an architect associate, learned about Kubernetes, and from scratch I never made my own software for Kubernetes. So, I want to make the following changes:

  1. Refactor the code from monolithic to microservice architecture…
  2. …by considering Kubernetes as the target platform.

Question 0: Does it make sense to make these changes and migrate this project to Kubernetes, considering how youtube-dl is used?

On the backend side, I have two tasks, and both of them requires youtube-dl.

  1. By using the URI given by the user, I have to collect information about the media (title, description, thumbnail image). This task is only network-heavy until youtube-dl gathers the media information and it is done within a few seconds.
  2. Also by the given URI, I have to download the media and present a file to the user. Also, I need to keep the real-time progress report. This is both network and CPU-heavy, since youtube-dl not only downloads the media, but alsp performs video merging and video to audio conversion using FFmpeg. So it takes some time and CPU resources.

Question 1: Sould I separate these responsibilities to two different backend microservice? If I have it separated, I would be able to keep only a few instances for the first task, and several instances for the second (splitted to different nodes). On the other hand, I need to use youtube-dl for both the tasks, so it would also make sense to put it in one service.

My next consideration is the real-time process feedback to the frontend. By separating this project, I have to make a chain: DownloaderMS->FrontendMS->HTML frontend. In the old world I used SignalR. According to the Microsoft docs, using SignalR between DownloaderMS and Frontend does not violate the microservice architecture until I use Redis backplane.

Question 3: By considering Kubernetes and load balancing, is it a good idea to keep using SignalR both on frontend and backend side? Or should I use something else?

The software needs some storage space to store the downloaded media. I think I should have a persistent volume with read-write access for the backend services with 1 hour data retention.

Question 4: Should the backend microservices encapsulate the persistent volume and provide the downloaded media for the FrontendMS on an API endpoint, or is it allowed in microservice architecture to let the FrontendMS access this volume but with read-only permissions?

Question 5: Do you have any other considerations or recommendations?

bitcoincore development – How will the migration tool from a Bitcoin Core legacy wallet to a descriptor wallet work?

The migration tool will go through all the keys in the legacy wallet and create descriptors for them. This requires considering everything that IsMine matches on. From the Bitcoin Core release notes:

IsMine refers to the function used to determine whether a script belongs to the wallet. This is used to determine whether an output belongs to the wallet. IsMine in Legacy Wallets returns true if the wallet would be able to sign an input that spends an output with that script. Since keys can be involved in a variety of different scripts, this definition for IsMine can lead to many unexpected scripts being considered part of the wallet.

For HD wallets, it is pretty simple to compute the xpriv for the HD seed using a single descriptor. For non-HD wallets but still only key things, it’s a descriptor for each key. The set of scriptPubKeys is finite and O(n!) so it is doable.

For watch-only wallets and multisigs it gets more complicated. Also getting the Descriptor Wallet to treat as IsMine any future script that the Legacy Wallet would have treated as IsMine is probably impossible for all edge cases.

Thanks to Andrew Chow and Pieter Wuille for answering this question on IRC. Any errors are my own.

bitcoincore development – Why is the Bitcoin Core wallet database moving from Berkeley DB to SQLite?

The introduction of descriptor wallets presents an opportunity to introduce a new database backend as descriptor wallets are backwards incompatible. The following is taken from Andrew Chow’s blog post on what’s coming to the Bitcoin Core wallet in 0.21.

Why move from Berkeley DB?

  • Not designed to be used as an application data file. The Legacy Wallet has several hacks as a result and Berkeley DB wallet files can easily be corrupted.
  • Berkeley DB produces extra files which need to be moved with the database file. This means that Berkeley DB is less portable and requires a directory for each wallet.
  • Changes were introduced to Berkeley DB database environment files breaking backwards compatibility.

Why choose SQLite?

  • Can be used as an application data file.

  • New SQLite versions maintains backwards compatibility with versions as far back as 2013.

  • Does not require database environment. A completed write guarantees that the data was written to the database file.

  • Can now move to single wallet files instead of wallet directories.

asp.net core – Extension “IntelliSense for CSS class names in HTML” not work on file .cshtml

I create project MVC.Net Core by VSCode and VSCode have extension “IntelliSense for CSS class names in HTML”. The problem is when I type class like “btn btn-primary” IntelliSense not show, I have to press Ctrl+Spacebar everytime when I type class.
How to solve this problem?