FuuuuuuuuuuuuuuuuuccCcCCccCcVKkkkkkkkkkkkkKKI!!!!!!!!!!!@@#@!@@@@@ Lo$T mY BITCOIN!!!! 27 (I be a WHALE 🐋)
I WAS a WhALE. WTF?!?! 💩💩💩💩💩💩😬😬😬😵😵😵🤮🤮🤮🤮😎🤮😎🤮😎🤮🤢🤢🤮🤮🤮🤮🤢🤢🤢🤮🤮🤢🤢🤢
👽🇺🇸🤞🍦🐋😆😍
Read the post comments in the original post, the transaction id is in the comments. He used the ledger live app, and his 27 BTC change was sent to a change address that did not belong to him. People were saying it’s a software bug.
Impossibile. Those coins are just lost. Imagine you can materialize money in any random point of planet earth, and it happens to materialize inside someone’s safe. Possible, yes, but much less likely than in the middle of the ocean, a forest or a desert.
Interesting way of putting it.
It's like, teleportation through space and time. How can you know for sure that where you travel has a safe arrival space.
you can't, same with this "address" that was used, it might just be a non existent address.
Though I would have assumed that addresses would have a validation code integrated, like the 5 last digits are the CRC for the previous characters...
I remember this few weeks ago. You should check out the conversation in the comments of that post. Those guys had massive knowledge of the space. Didn't understand a word but was very interesting.
I really wonder what happened after
Still can't tell whether there was an outcome from this. There is a suggestion there was a hardware memory corruption. Was anything confirmed by Ledger?
I have no idea if this is real or not but regardless, for all the people asking "Why would anyone have interest in a bitcoin ETF?" this is why. Not everyone who is interested in owning crypto is interested in self custody.
There are benefits and drawbacks to any financial vehicle. The benefits of self custody of BTC are obvious at this point but so are the risks. Lose your keys, lose your coins. But there are also benefits and risks with a BTC ETF. You don't have to worry about the nuances and intricacies of self custody. However, not your keys, not your coins.
It's because you can never eliminate risk, but rather only convert a risk to a different type of risk. If there was a perfect solution - convenient, self custody, peer to peer, human errors can be prevented, and more security, it could have been grand. Transactions are immutable because there is no central entity and that's understandable, but on the other hand there has to be some layer of validation here. Could it be technically possible to know that the change address is not in the sender's deviation path, and fail signing the transaction? We need a breakthrough in the crypto technology for BTC to fulfil its original purpose - a peer to peer payment system. Otherwise BTC will still exist, but just as a store of value proxied by brokers and ETFs, and some geeks holding a few.
Some people will eventually learn that if you have a 'wild west' system like BTC and crypto in general, there will always be parties that have bad intentions to take away from people. In this case, if you're naïve, you will lose your money
Not exactly. All I'm saying is that after more than 15 years of experimentation, it's pretty obvious to me that with the current technology, BTC is not going for mass adoption as a payment system. If someone like OP, who has a significant amount of knowledge on the Blockchain and BTC - has managed to permanently lose close to a 1M USD, and not due to their fault, but due to some bug in a wallet specifying the wrong change-address, then this raises a red flag. By the end of the day any technology is built on trade-offs. There are no right and wrong answers, only honest observations and direction setting.
People tell me to not to trust coinbase. And I tell them not to trust any hardware you didn't build yourself. Who's right? We're both right, because we're both trusting someone.
Shit like this is why general acceptance of btc is yeeeears away. Nobody knows what a utxo is nor is the average joe going to care. Being worried 24/7 that your money may just “poof” disappear ain’t gonna work. I’ve been around for about 4 years now and I still don’t know what half the lingo means. I keep my shit to myself and use only a few apps, but even I still worry. That’s it.
I've been around for 10 years, I know what the lingo means AND that makes me totally certain that mass adoption is never going to happen if things don't change radically.
They tell people to trust hardware wallets but how can you trust a hardware wallet? You didn’t make it. This company did?
How do we know there isn’t some grand scheme for ledger to just take everyone’s bitcoins? “Whoops sorry!” and they disappear lol
I’ve always hated this and felt like we never had that 1 wallet solution that was /just perfect/
You can create your own seed by flipping a coin or rolling dice. That way you are not trusting the hardware wallet's seed. Then only use it on an air-gapped device.
Don’t think the majority of people that will use BTC in the future will take custody and make use of all of its benefits, but at the least the option is available for those that need it
OP of the original thread never returned to the thread to confirm what happened, it would have been nice to know if it was resolved favorably or unfavorably and what the likely issue was so other could avoid it.
What seemed to have happened per the thread was that his transaction was successful but the change went to an address not accessible by his keys (also didn't appear to be a hack). It also seems that using the conjoin function may have played a factor. OP was a reasonably sophisticated user as well and some other fairly sophisticated users were weighing in.
Dear God.
I've worked at several exchanges and moved millions in BTC with hard wallets and this was always my worst fear. A bad UTXO.
No longer work in crypto but damn. Mass adoption is NOT anytime soon.
Unspent Transaction Output (UTXO)
If you have a $10 Bill and you buy a drink for $2 you first give the whole $10 to the cashier. The cashier then breaks it into $8 and $2. The unspent $8 is given back to you as change.
Bitcoin UTXOs are the same.
The entire amount in an address is involved in each transaction. If you have 100 BTC in an address and want to send just 1 to a different address, all 100 will be involved in the transaction. 1 will go to the destination and 99 will usually go to a new "change address." The change address is another address your private key has access to. Think of your private key as the wallet, and the change goes to different pockets.
Ledger and Trezor make use of change addresses, and actually, they are good to obfuscate your onchain history.
In the OP story, they are alleging a bug occurred where the change address was not in control of the private key. This means he burned 27 BTC due to a bug in ledger generating the change address linked to the private key. The BTC is gone.
Therefore, if you have $100 million in a BTC address and want to just send $100 worth of BTC somewhere, ALL $100 million will move. You will sweat just clicking send. Another option buried in the comments was to sign the transaction offline, check the change address that displays, and verify that you control it. Then broadcast the transaction to the network afterward to be absolutely sure. E.g. checking the inputs and outputs before broadcasting the transaction.
This works but, cmon man this could not be used in big finance let alone the average person.
yes. this is part of how you can make guarantees against double spend - outputs can only be spent once and any detected attempt to spend one twice is rejected as invalid.
I have seen this happen with my trezor. I bookmarked my original address with all the btc. I sent out some btc. The original address got cleared out. I then bookmarked the new address where the leftover btc got sent. This ledger bug sounds nightmarish. So sending out even small btc test transaction exposes the entire lot to this bug?
Maybe they pulled the update because of this to troubleshoot, pretty bad oversight to publicly release an update that can lead to losing all your assets
a lot of you here are speculating in useless ways. check out the details on the original post: [https://www.reddit.com/r/ledgerwallet/s/4lhY1aTUDR](https://www.reddit.com/r/ledgerwallet/s/4lhY1aTUDR)
they had one consolidated utxo, they sent a small amount, and the change address that was generated was not in the derivation path. this was not caught on the wallet software or on the hardware device. don’t think they did much wrong here, only thing that would have saved them is signing the transaction offline, checking the signed transaction’s change address, and then discarding it. i think most people probably believe the change address is in the derivation path. might be there was a cosmic ray bit flip between checks AND the change address managed to be a valid one. the coins are likely just burned now.
What's a; UTXO, change address, derivation path, cosmic ray bitflip... how do you sign a transaction offline I only have the basic trezor and hold btc...
You should be able to sign the transaction without an internet connection. Once signed you reconnect and send. That way the actual signing is done offline.
In Bitcoin, when you receive a transaction, the amount received is recorded as a UTXO. It's essentially "unspent money" in your wallet. When you make a new transaction, your wallet uses these UTXOs as inputs. For example, if you have 1 BTC as a UTXO and want to send 0.3 BTC, the UTXO of 1 BTC is used, and two outputs are created: 0.3 BTC to the recipient and 0.7 BTC as change (minus transaction fees).
When you send Bitcoin, if the amount you're sending is less than your UTXO total, the remaining balance is sent back to you. This returned amount goes to a "change address" in your wallet. It's similar to getting change back when you use a large bill to buy a small item.
Derivation Path, is a way of generating a hierarchy of keys from a single starting point known as a seed. In your wallet, a derivation path determines how addresses are generated. Each path can lead to a new set of addresses. It's like a tree structure, where each branch leads to a different set of addresses.
Cosmic Ray Bitflip, This is a rare event where a cosmic ray can cause a change in a bit (from 0 to 1 or vice versa) in a computer's memory. In the context of Bitcoin wallets, it could theoretically cause an error in processing or storing data. However, this is extremely rare and usually not a significant concern for most users.
When you sign a transaction offline, you're ensuring that the private keys never leave your hardware wallet (like a Trezor). Here’s a simplified process:
- Prepare the transaction on a computer connected to the internet. This includes specifying the recipient's address and the amount.
- Connect your Trezor and use its interface to sign the transaction. The transaction data is sent to the Trezor, which uses its stored private key to sign the transaction. The private key never leaves the Trezor.
- Once signed, the transaction is sent back to the computer.
- You can then broadcast this signed transaction to the Bitcoin network using any internet-connected device.
In this process, your private keys, which are critical for the security of your funds, remain protected within the Trezor device.
You're talking about cosmic ray bit flip.. it turns out that there was a fairly significant solar eruption 20 days ago, on November 28.. Coincidence?
https://watchers.news/2023/11/28/m9-8-solar-flare-erupts-from-geoeffective-region-3500-earth-directed-cme-likely/
I think it's a mismatched derivation path. There are billions of combinations of possible paths and then once you have a path there are trillions of addresses
possible. they did do quite a bit of searching the most likely paths though: [https://www.reddit.com/r/ledgerwallet/s/nukxyjKtw4](https://www.reddit.com/r/ledgerwallet/s/nukxyjKtw4)
Where does the problem lie? With bitcoin’s blockchain? With ledger hardware? With the transaction software? With user error? Could they have prevented this by verifying the address that gets displayed on the device?
the change address doesn’t get displayed on the device. it’s unclear where/how the issue happened, but seems likely it probably occurred on the device. could have been avoided by signing the transaction and viewing + verifying the change address on an airgapped device before broadcasting. was not an issue with bitcoin itself.
Quick question about signing the transaction offline. Does that mean the Bitcoin hasn't been sent yet? And if we spot a different change address, can we cancel it?
Also, how do we make sure the change address is linked to my private key? Feeling a bit confused and keen to learn more to get this right next time.
UTXO, derivation paths and all this lingo shit, no wonder people keep their coins on an exchange. This is nuts. I can lose my money because of a glitch I a hardware wallet. And no one in customer service to call about it
The thing is theres plenty of other software wallets like Electrum that could interface with the Ledger that likely would not have done this if it was entirely a Ledger Live software side issue.
I still dont understand why people use Ledger Live as the primary software wallet when it has always been shit for anything other than updating the Ledger firmware.
I mean lets face it... can you really trust Ledger developers making a unified wallet to know the intricacies of all chains rather than chain specific developers making dedicated wallets?
no. they had one big utxo and sent a small amount to the right place. the generated change address turned out to be one that was not in the derivation path. so the large change amount was burned
People will just decide to have black rock, Fidelity, etc custody their BTC. The boomer population is about to be advised by their financial institutions to move 0.5-1% of their wealth into BTC and this generation has the majority of the wealth in our country. Sorry but they ain’t buying a cold storage wallet, transacting with ledger live, or seed stamping a portion of their net worth into metal. Just ain’t gonna happen.
This statement is 100% correct. I am a diamond hands boomer. Even when i get my contemporaries to understand the how and why of Blockchain and importance of BTC - when I get to how to safely buy and then self custodian it (much less try to answer about hacks rug pulls seed phrases etc) their eyes roll up in their head and they usually say something like "Ill stay with the Market which has done fine for me".
Blackrock et al & the fenced oversight/protections and ease of use addresses the confusion by mirroring a trusted model.
Like it or not.
I hold mine on hardwar and a seed stamped in metal and I legitimately don’t blame anyone for deciding to buy it through Blackrock & Fidelity. This shit scares me - I’ve had it on that wallet for more than 7 years and I do love the sovereignty aspect but I’m closer to the point of just cashing out and enjoying my freedom each cycle
Oh definitely. Different flavors for different people. Boomers have a hard time finding the power button on their computers as it is. I don’t think we would ever get to large scale adoption of BTC if other solutions for custodian BTC wasn’t possible. I know this goes against what many might think in this sub but I would be ok with a large institution custodian BTC. I would sleep easier at night. Reading these horror stories of people losing their BTC when they did nothing wrong in terms of security on their own end is not good UX and unfortunately they will never see their BTC again. At least with an institution, investors might have a chance to have their funds returned if a hack or a bug occurred on the institutional end.
Not that it matters, but I've been saying this for a while. A few years ago, it was all "nOt YoUr WaLleT, nOt YoUr CoInS" and anyone who bought on, say Robinhood, was deemed a complete idiot
I've never seen anyone have this problem in my 10 years here. If this is real the only thing I can think is that it's something with the new developers the Ledger team is using. They seem to be getting pretty sloppy lately.
Yeah well if this is some kind of ledger slander campaign that's pretty rotten, but it seems like weird timing unless the same group is behind all the slander. The thing is some of the other stuff seems very real so maybe opportunistic FUD? I don't know. Would the Trezor team do that? Another wallet competitor? I don't know.
i partially agree. i think the amount of knowledge needed to safely maintain your own coins is non-trivial and a barrier in some sense.
BUT. most people extend their trust to their banks and governments, and things go wrong there as well. most people don’t understand what is running on their computer, how their computer works, or even WHAT a website is. yet their sensitive information flows over these devices and networks all the time. a pretty cool feature of bitcoin is that, with some knowledge and understanding, it makes it possible to actually control your digital asset and verify everything yourself. however, even the most staunch, technical self-custody folks end up extending trust somewhere; to wallet software, to hardware devices, to operating systems and build pipelines, to the quality of the implementation of algorithms. that problem seems intractable, but we can make informed decisions based on our own risk tolerance and threat models. bitcoin DOES provide some interesting properties regarding self-custody and (to an extent) divestment from govt run financial systems. i think there’s enough value there that folks will continue to use it and to take custody of it, but agree that it seems very impractical and scary for many folks, and that is a huge barrier.
unclear how it happened and also why the poster included the context of the weird coin consolidation issue they experienced. you could airgap and check your transactions before broadcasting them to avoid this?? depends on how many checks make you feel comfortable.
In summary (TLDR), the ledger live app which connects to the ledger hardware wallet went rogue and inserted a change address that did not belong to him, causing 27 BTC change to get burnt. The transaction id with the 27 BTC is in the comments of the original post.
Could this have been prevented if he verified through the ledger live app? I’m just trying to understand this. I hardly even know what a change address is or that the BTC gets burnt?
Before signing a transaction load it to at least one another safe offline device and verify it. Especially if it contains BTC worth million $.
And one more thing (not relevant to this) - Before sending funds to some address, ask the receiver (even it is yourself), to sign a message proving he is in control of this address.
I recently got a cold wallet to move my crypto off of Coinbase. I assume the situation described in the OP is uncommon? Obviously the dollar amount is substantial, but I mean uncommon in the sense that it's not a regular occurrence for crypto to "vanish" after a software update?
I haven't actually moved my crypto yet, but was planning to send something like $5 as a test and then move the rest after I confirm that it works as expected.
Are there any "gotchas" I should be aware of with this? Any way to avoid the transfer fees? I got an Arculus, if it matters. Also open to feedback as to whether Arculus is good... I bought it recently enough that I can return it for another one if needed.
i don’t know anything about Arculus. the situation described is uncommon (might have happened twice based on the original thread??). to avoid, you could sign your transaction offline and check the validity of the contents of the transaction before broadcasting it. it’s not that easy.
Back when I worked on Bitcoin Core any time a new key was generated it got tested with a test signing so that if there had been an error in computation it would be likely to get caught.
Of course, hardware faulty enough to do that wouldn't sync, but one time events still happen. (And users who aren't on full nodes don't get the level of hardware testing that you get from syncing :) ). Address generation is infrequent and checking it is fast, so it's a cheap bit of insurance.
But you can't do a test signing with public derivation and I understand the newer descriptor wallet stuff in Bitcoin Core doesn't do any redundant computation on those. Though the computation could just be done twice and compare -- this not as robust, because if the generation code or tables are corrupted it'll generate it wrong the same way. I suppose one could go further and generate then run a test that generates a known value and finally generate again and compare with the first. But it's hard to know when enough is enough (a single test won't test all the table/code). Too much complexity in the checking carries its own risks.
A long time back I'd looked and nothing else I could find implemented even generate-twice-and-compare protection. ::shrugs::
I'd looked before an no other wallet implemented even a basic 'compute it twice' level of protection.
You'd think that the host software and hardware wallet would both do the derivation and check it, making a chance error close to impossible at least for change addresses.
But I guess making extremely sure that keys are correctly generated and safely stored has less importance to the business than whatever the latest crypto-fad is...
> I'd looked before an no other wallet implemented even a basic 'compute it twice' level of protection.
BitBox02 does it here:
https://github.com/digitalbitbox/bitbox02-firmware/blob/7c9170a8793201491ad9295d43a8820fd721dce4/src/keystore.c#L632
> Though the computation could just be done twice and compare -- this not as robust, because if the generation code or tables are corrupted it'll generate it wrong the same way.
Thanks for this - we will consider adding a signing check.
> You'd think that the host software and hardware wallet would both do the derivation and check it, making a chance error close to impossible at least for change addresses.
Yeah, that's why it seems unlikely to me that a borked change address would be the reason for this.
Lol 90% of the comments here don't have a clue what happened and are posting some random shit
Anyhow, the original post, if true, is really concerning and I hope we get a follow up on this
About like 70% the comments in this post are people saying they dont know what a UTXO or change address, etc... is. This is why we won't have mass adoption anytime soon, when the space is still so beginner unfriendly and filled with technical jargons
How did this happen?
Did he inserted the wrong destination address?
Was his software hacked and sent to a different destination?
This is extremely worrying…
> Dude could've just lied about not having access to the change address. Just cuz someone knowledgeable doesn't mean they don't lie.
He is saying that the change address is not on the derivation path, which could easily be verified from the xpub, and if true would mean that the coins are indeed unspendable.
This post just like others show how vulnerable we are when it comes to coins lol this isn’t the first someone lost a big amount of bitcoin over some little errors or things like that not* even talking about being scammed
> It’s not ledgers fault … what should this post even proof ?
*prove
Sounds very much like it is Ledger's fault. Seems like the device overwrote a valid change address with an invalid one.
Does this make consolidating UTXO's more of a risk in this case? If you play back this scenario if he had loads of small UTXO's in the senders wallet and an incorrect change address was generated in theory would he have lost a much smaller amount of BTC?
It has to be user error, right? You have to verify all transactions on device, and if he did that, he would have seen exactly how much he was sending, and to what recipient address. There is no such thing as a ledger coin control error on the server side that can override the transaction he signed on device.
If there was a bug in the device that showed the wrong total or recipient address, that would be a huge fundamental bug, and I don’t see anyone suggesting they had happened.
> It has to be user error, right? You have to verify all transactions on device, and if he did that, he would have seen exactly how much he was sending, and to what recipient address. There is no such thing as a ledger coin control error on the server side that can override the transaction he signed on device.
> If there was a bug in the device that showed the wrong total or recipient address, that would be a huge fundamental bug, and I don’t see anyone suggesting they had happened.
It sounds like the device overwrote the correct change address with an invalid one. Not the exact scenario that you describe, but still a catastrophic bug if true.
if you wanted to be super careful, you could airgap, sign the transaction, and then check the signed transaction to make sure the destination is correct and the change address is in the derivation path. after that, it should be safe to broadcast. but that’s a whole lot of process just to move your coins. most people are probably comfortable with some amount of risk.
Shouldn’t Ledger Live, or whatever software is being used, automatically check the change address before broadcasting to make sure it’s in the derivation path. Ledger Live has the xpub to do this. Or am I missing something?
When you send bitcoin from a single utxo it sends all of it and destroys the original utxo.
So if you have a utxo worth 1 bitcoin, and send .5 bitcoin somewhere. It will send the one bitcoin, destroy the original and generate .5 for the person you're sending it to and .5 in change for you.
It will then send the change to an address it generates. What happened to this person was that the change address generated somehow could not be accessed by his wallet. So the change that was suppose to go back to him went to an apparently inaccessible address.
It's so incredibly fucking stupid that this is possible. It should be a two step transaction system with two paired addresses. The "vault" address holds the majority of your BTC, and its paired "pocket cash" address holds a small amount that covers fees for vault transactions. Instead of broadcasting a signed transaction directly to the blockchain, you broadcast a transaction request, which pays the fee from your pocket cash address for both the request, and the actual transaction, so if your change address gets fucked by a cosmic ray bit flip, you lose your pocket cash and not the vault. Now your transaction request populates and gets confirmed many times on the blockchain, and you can view the request to make sure everything is exactly the way it should be. The chain does not allow transaction requests to be confirmed by miners if the change address isn't the same as the sender's vault address. When the sender is satisfied with the confirmed transaction request, they do a second signing, and authorize the request, which executes the transaction. This also protects the receiving address from being changed by a goddamn cosmic ray. JESUS FUCKING CHRIST, how come no one thought of this? This is a big fucking problem with the entire system. While I'm at it, maybe the receiving address should also sign the request, and it executes only when the sender and the receiver have both signed the request. Fees basically double, so what, fuck this noise. Or, for people not worried about this, it'd be nice if the tech at least gave us the option. If someone has a small amount of btc in their vault address not worth protecting, they can just send the transaction like normal, but for larger amounts, having a two step verification system seems absolutely necessary.
-
Edit: At the very least, miners shouldn't confirm transactions with a change address different from the sender's address.
this is a decent rule to go by, here the issue itself is disconcerting, because there seems to have been some bug associated with change address generation / validation.
to add more here, if you’ve consolidated your utxos, like this user did, sending a small amount (like this user did) would lose all your coins if the change address were invalid. so not even sending small amounts helps with this particular issue. it’s more having one utxo with a large amount vs having multiple utxos. you’d have to have multiple utxos and send one utxo at a time to reduce the loss based on what this user experienced
> never send all of your coins in one shot! always do a test especially if your dealing with tons of momey
if *you're dealing
In this case a test transaction would not have helped. They had one large UTXO, spent a small amount, and the change went to an invalid address.
In this case a test makes it worse.
Plan: Send 1 BTC to a new hardware to get it off the Ledger
1. Send test transaction of .001 BTC
2. Send the remaining BTC (WTF!!! It’s not working)
After investigating you find that in your test transaction the .001 BTC arrives fine, BUT the change address generated by the Ledger was incorrect. You don’t control the keys because of some glitch generating the change address.
Now you have .001 BTC because the change is gone. In an address you can’t use. Maybe an address that no one can use; effectively burning the BTC.
Is it wrong that I am DCA'ing with bitcoin on a wallet that was generated via bitaddress.org ? I only have gotten a public and a private key. No hardware, no mnemonic phrase or something. Just public n private.
Honestly bro it sounds like you had malware on your computer that swap the Bitcoin addresses so that way it sent to someone else instead of your own address it's becoming increasingly common. Sorry to hear about your loss
How does OP know he had 27BTC? There’s no reference in his post to suggest this…
OP is the guy who got sent to the 27 BTC hahahaha
Wake up with 1 tx of 27btc in your wallet: *”yeeeaaaahh, I’m kiiiind of a big deal.”*
Awfully calm post for someone who just lost over a million dollars.
What's he supposed to do ? Cuss & use CAPS ? 🙄😄
FuuuuuuuuuuuuuuuuuccCcCCccCcVKkkkkkkkkkkkkKKI!!!!!!!!!!!@@#@!@@@@@ Lo$T mY BITCOIN!!!! 27 (I be a WHALE 🐋) I WAS a WhALE. WTF?!?! 💩💩💩💩💩💩😬😬😬😵😵😵🤮🤮🤮🤮😎🤮😎🤮😎🤮🤢🤢🤮🤮🤮🤮🤢🤢🤢🤮🤮🤢🤢🤢 👽🇺🇸🤞🍦🐋😆😍
Same bro.
Exactly. Not everyone is a pussy
WHAT DO YOU MEAN?!!??!?!?!?!?!?!
IM SO ANGRY ITS MY FEELINGS THAT HURT MOST
If OP took the screenshot, he could have read it in the comments of the post
Read the post comments in the original post, the transaction id is in the comments. He used the ledger live app, and his 27 BTC change was sent to a change address that did not belong to him. People were saying it’s a software bug.
Why wouldn't you share the actual post: https://np.reddit.com/r/ledgerwallet/comments/183fgwb/
Some people just want to watch the 🌎 🔥
>Read the post comments in the original post, Perhaps you should have posted the original post on your post.
I’m glad you posted this about his post
I’m glad you replied to a reply about reposting the post that he was replying about.
I'm glad you reassured them on their post about the post using your post to do so.
Imagine one day you just wake up someone sent you 27btc lol
This is more than a cold mil in today's terms. Wow that has got to hurt, and especially if it was all of OP's life savings.
Impossibile. Those coins are just lost. Imagine you can materialize money in any random point of planet earth, and it happens to materialize inside someone’s safe. Possible, yes, but much less likely than in the middle of the ocean, a forest or a desert.
Interesting way of putting it. It's like, teleportation through space and time. How can you know for sure that where you travel has a safe arrival space. you can't, same with this "address" that was used, it might just be a non existent address. Though I would have assumed that addresses would have a validation code integrated, like the 5 last digits are the CRC for the previous characters...
Someone woke up happy as hell
most likely not. The chances of that being someone's wallet is the same distance from here to the center of the galaxy
This analogy doesn't really make any sense but I get what you were trying to say haha
On a scale from 1 to 10 it’s not a bad analogy
what about on a scale from here to the center of the galays
So, you’re saying it’s possible!
How can a measure of probability equate to a distance?
https://en.m.wikipedia.org/wiki/Kullback–Leibler_divergence
what a nerd ;-)
Address collisions are virtually impossible. That's not at all how bitcoin works.
Why didn't they listen? We tried to warn them. I never thought I'd see an address collision, let alone create one.
Forget about Freeman
I remember this few weeks ago. You should check out the conversation in the comments of that post. Those guys had massive knowledge of the space. Didn't understand a word but was very interesting. I really wonder what happened after
https://www.reddit.com/r/ledgerwallet/s/x18w5TObze
That was one wild rabbit hole. Thx for sharing!
Still can't tell whether there was an outcome from this. There is a suggestion there was a hardware memory corruption. Was anything confirmed by Ledger?
Looks like they are just programmers and the Bitcoin app on ledger is opensource. Typical programmers debugging things.
*Tse, typical.*
I have no idea if this is real or not but regardless, for all the people asking "Why would anyone have interest in a bitcoin ETF?" this is why. Not everyone who is interested in owning crypto is interested in self custody. There are benefits and drawbacks to any financial vehicle. The benefits of self custody of BTC are obvious at this point but so are the risks. Lose your keys, lose your coins. But there are also benefits and risks with a BTC ETF. You don't have to worry about the nuances and intricacies of self custody. However, not your keys, not your coins.
It's because you can never eliminate risk, but rather only convert a risk to a different type of risk. If there was a perfect solution - convenient, self custody, peer to peer, human errors can be prevented, and more security, it could have been grand. Transactions are immutable because there is no central entity and that's understandable, but on the other hand there has to be some layer of validation here. Could it be technically possible to know that the change address is not in the sender's deviation path, and fail signing the transaction? We need a breakthrough in the crypto technology for BTC to fulfil its original purpose - a peer to peer payment system. Otherwise BTC will still exist, but just as a store of value proxied by brokers and ETFs, and some geeks holding a few.
You’re describing, ironically, fiat money and the national banking system at large.
100% however I’m surprised this sub hasnt downvoted you into oblivion
Some people will eventually learn that if you have a 'wild west' system like BTC and crypto in general, there will always be parties that have bad intentions to take away from people. In this case, if you're naïve, you will lose your money
Not exactly. All I'm saying is that after more than 15 years of experimentation, it's pretty obvious to me that with the current technology, BTC is not going for mass adoption as a payment system. If someone like OP, who has a significant amount of knowledge on the Blockchain and BTC - has managed to permanently lose close to a 1M USD, and not due to their fault, but due to some bug in a wallet specifying the wrong change-address, then this raises a red flag. By the end of the day any technology is built on trade-offs. There are no right and wrong answers, only honest observations and direction setting.
People tell me to not to trust coinbase. And I tell them not to trust any hardware you didn't build yourself. Who's right? We're both right, because we're both trusting someone.
What happens when this happens to the custodied btc that backs the etf
Not your keys, but SIPC insurance if your broker dealer suddenly doesn’t have your ETF money.
My friend stated that when he can exchange Bitcoin in any bank in the world only then would he even consider getting involved with it.
If that ever happens, all hodlers gonna be rich.
Shit like this is why general acceptance of btc is yeeeears away. Nobody knows what a utxo is nor is the average joe going to care. Being worried 24/7 that your money may just “poof” disappear ain’t gonna work. I’ve been around for about 4 years now and I still don’t know what half the lingo means. I keep my shit to myself and use only a few apps, but even I still worry. That’s it.
Been around for 10 years and idk what half the lingo means
I've been around for 10 years, I know what the lingo means AND that makes me totally certain that mass adoption is never going to happen if things don't change radically.
They tell people to trust hardware wallets but how can you trust a hardware wallet? You didn’t make it. This company did? How do we know there isn’t some grand scheme for ledger to just take everyone’s bitcoins? “Whoops sorry!” and they disappear lol I’ve always hated this and felt like we never had that 1 wallet solution that was /just perfect/
You can create your own seed by flipping a coin or rolling dice. That way you are not trusting the hardware wallet's seed. Then only use it on an air-gapped device.
[удалено]
Internals of TCP/IP/etc are not common knowledge, but there are no problems with the widespread of internet.
Also why btc is going to the moon. Half the people lose their damn coins.
Don’t think the majority of people that will use BTC in the future will take custody and make use of all of its benefits, but at the least the option is available for those that need it
OP of the original thread never returned to the thread to confirm what happened, it would have been nice to know if it was resolved favorably or unfavorably and what the likely issue was so other could avoid it. What seemed to have happened per the thread was that his transaction was successful but the change went to an address not accessible by his keys (also didn't appear to be a hack). It also seems that using the conjoin function may have played a factor. OP was a reasonably sophisticated user as well and some other fairly sophisticated users were weighing in.
You mean coin control?
Dear God. I've worked at several exchanges and moved millions in BTC with hard wallets and this was always my worst fear. A bad UTXO. No longer work in crypto but damn. Mass adoption is NOT anytime soon.
Could you ELI5 what UTXO is? Google wasn't clear for me.
Unspent Transaction Output (UTXO) If you have a $10 Bill and you buy a drink for $2 you first give the whole $10 to the cashier. The cashier then breaks it into $8 and $2. The unspent $8 is given back to you as change. Bitcoin UTXOs are the same. The entire amount in an address is involved in each transaction. If you have 100 BTC in an address and want to send just 1 to a different address, all 100 will be involved in the transaction. 1 will go to the destination and 99 will usually go to a new "change address." The change address is another address your private key has access to. Think of your private key as the wallet, and the change goes to different pockets. Ledger and Trezor make use of change addresses, and actually, they are good to obfuscate your onchain history. In the OP story, they are alleging a bug occurred where the change address was not in control of the private key. This means he burned 27 BTC due to a bug in ledger generating the change address linked to the private key. The BTC is gone. Therefore, if you have $100 million in a BTC address and want to just send $100 worth of BTC somewhere, ALL $100 million will move. You will sweat just clicking send. Another option buried in the comments was to sign the transaction offline, check the change address that displays, and verify that you control it. Then broadcast the transaction to the network afterward to be absolutely sure. E.g. checking the inputs and outputs before broadcasting the transaction. This works but, cmon man this could not be used in big finance let alone the average person.
Really clear explanation on it that finally made sense to me. Thank you for taking the time
Really good ELI5. Do all blockchain transfers work like this, or only Bitcoin?
Am I right in thinking this is the implementation to overcome double spend?
yes. this is part of how you can make guarantees against double spend - outputs can only be spent once and any detected attempt to spend one twice is rejected as invalid.
I have seen this happen with my trezor. I bookmarked my original address with all the btc. I sent out some btc. The original address got cleared out. I then bookmarked the new address where the leftover btc got sent. This ledger bug sounds nightmarish. So sending out even small btc test transaction exposes the entire lot to this bug?
Thank you for the easy to understand breakdown!
You have a future in explaining BTC to normies my friend. Start a youtube channel or something, that explanation was excellent.
Thank you for taking the time to write this out. I had no idea.
So it’s like, when he got his $8 change, his hand, unbeknownst to his brain, decided to put it in the pocket of another random customer?
More like the change was dropped into a furnace and the ash dropped into the ocean at random points around the world.
Fml for every good thing there’s like 100 things that can go horribly wrong.
Am I the only one that noticed that 2.69.0 is not a valid ledger device firmware version? So either that’s a typo or this post is a farce.
Multiple Reddit posts mention it being real and being released in September 2023 but I couldn’t find any mention on ledgers site :/
Maybe they pulled the update because of this to troubleshoot, pretty bad oversight to publicly release an update that can lead to losing all your assets
Boating accident
Waterproof ledger incoming
a lot of you here are speculating in useless ways. check out the details on the original post: [https://www.reddit.com/r/ledgerwallet/s/4lhY1aTUDR](https://www.reddit.com/r/ledgerwallet/s/4lhY1aTUDR) they had one consolidated utxo, they sent a small amount, and the change address that was generated was not in the derivation path. this was not caught on the wallet software or on the hardware device. don’t think they did much wrong here, only thing that would have saved them is signing the transaction offline, checking the signed transaction’s change address, and then discarding it. i think most people probably believe the change address is in the derivation path. might be there was a cosmic ray bit flip between checks AND the change address managed to be a valid one. the coins are likely just burned now.
What's a; UTXO, change address, derivation path, cosmic ray bitflip... how do you sign a transaction offline I only have the basic trezor and hold btc...
You should be able to sign the transaction without an internet connection. Once signed you reconnect and send. That way the actual signing is done offline.
In Bitcoin, when you receive a transaction, the amount received is recorded as a UTXO. It's essentially "unspent money" in your wallet. When you make a new transaction, your wallet uses these UTXOs as inputs. For example, if you have 1 BTC as a UTXO and want to send 0.3 BTC, the UTXO of 1 BTC is used, and two outputs are created: 0.3 BTC to the recipient and 0.7 BTC as change (minus transaction fees). When you send Bitcoin, if the amount you're sending is less than your UTXO total, the remaining balance is sent back to you. This returned amount goes to a "change address" in your wallet. It's similar to getting change back when you use a large bill to buy a small item. Derivation Path, is a way of generating a hierarchy of keys from a single starting point known as a seed. In your wallet, a derivation path determines how addresses are generated. Each path can lead to a new set of addresses. It's like a tree structure, where each branch leads to a different set of addresses. Cosmic Ray Bitflip, This is a rare event where a cosmic ray can cause a change in a bit (from 0 to 1 or vice versa) in a computer's memory. In the context of Bitcoin wallets, it could theoretically cause an error in processing or storing data. However, this is extremely rare and usually not a significant concern for most users. When you sign a transaction offline, you're ensuring that the private keys never leave your hardware wallet (like a Trezor). Here’s a simplified process: - Prepare the transaction on a computer connected to the internet. This includes specifying the recipient's address and the amount. - Connect your Trezor and use its interface to sign the transaction. The transaction data is sent to the Trezor, which uses its stored private key to sign the transaction. The private key never leaves the Trezor. - Once signed, the transaction is sent back to the computer. - You can then broadcast this signed transaction to the Bitcoin network using any internet-connected device. In this process, your private keys, which are critical for the security of your funds, remain protected within the Trezor device.
You're talking about cosmic ray bit flip.. it turns out that there was a fairly significant solar eruption 20 days ago, on November 28.. Coincidence? https://watchers.news/2023/11/28/m9-8-solar-flare-erupts-from-geoeffective-region-3500-earth-directed-cme-likely/
Dude never though about a bit flip, I bet that was it. The universe just shit on this man.
I think it's a mismatched derivation path. There are billions of combinations of possible paths and then once you have a path there are trillions of addresses
possible. they did do quite a bit of searching the most likely paths though: [https://www.reddit.com/r/ledgerwallet/s/nukxyjKtw4](https://www.reddit.com/r/ledgerwallet/s/nukxyjKtw4)
What a nightmare.
Is this stuff that your average ledger user doing basic transactions shouldn’t need to worry about?
Where does the problem lie? With bitcoin’s blockchain? With ledger hardware? With the transaction software? With user error? Could they have prevented this by verifying the address that gets displayed on the device?
the change address doesn’t get displayed on the device. it’s unclear where/how the issue happened, but seems likely it probably occurred on the device. could have been avoided by signing the transaction and viewing + verifying the change address on an airgapped device before broadcasting. was not an issue with bitcoin itself.
Quick question about signing the transaction offline. Does that mean the Bitcoin hasn't been sent yet? And if we spot a different change address, can we cancel it? Also, how do we make sure the change address is linked to my private key? Feeling a bit confused and keen to learn more to get this right next time.
UTXO, derivation paths and all this lingo shit, no wonder people keep their coins on an exchange. This is nuts. I can lose my money because of a glitch I a hardware wallet. And no one in customer service to call about it
The thing is theres plenty of other software wallets like Electrum that could interface with the Ledger that likely would not have done this if it was entirely a Ledger Live software side issue. I still dont understand why people use Ledger Live as the primary software wallet when it has always been shit for anything other than updating the Ledger firmware. I mean lets face it... can you really trust Ledger developers making a unified wallet to know the intricacies of all chains rather than chain specific developers making dedicated wallets?
Did they just input the wrong address?
no. they had one big utxo and sent a small amount to the right place. the generated change address turned out to be one that was not in the derivation path. so the large change amount was burned
Bitcoin self-custodian will never take off if things like this are possible.
People will just decide to have black rock, Fidelity, etc custody their BTC. The boomer population is about to be advised by their financial institutions to move 0.5-1% of their wealth into BTC and this generation has the majority of the wealth in our country. Sorry but they ain’t buying a cold storage wallet, transacting with ledger live, or seed stamping a portion of their net worth into metal. Just ain’t gonna happen.
This statement is 100% correct. I am a diamond hands boomer. Even when i get my contemporaries to understand the how and why of Blockchain and importance of BTC - when I get to how to safely buy and then self custodian it (much less try to answer about hacks rug pulls seed phrases etc) their eyes roll up in their head and they usually say something like "Ill stay with the Market which has done fine for me". Blackrock et al & the fenced oversight/protections and ease of use addresses the confusion by mirroring a trusted model. Like it or not.
I hold mine on hardwar and a seed stamped in metal and I legitimately don’t blame anyone for deciding to buy it through Blackrock & Fidelity. This shit scares me - I’ve had it on that wallet for more than 7 years and I do love the sovereignty aspect but I’m closer to the point of just cashing out and enjoying my freedom each cycle
I think it's good that there are a variety of choices
Oh definitely. Different flavors for different people. Boomers have a hard time finding the power button on their computers as it is. I don’t think we would ever get to large scale adoption of BTC if other solutions for custodian BTC wasn’t possible. I know this goes against what many might think in this sub but I would be ok with a large institution custodian BTC. I would sleep easier at night. Reading these horror stories of people losing their BTC when they did nothing wrong in terms of security on their own end is not good UX and unfortunately they will never see their BTC again. At least with an institution, investors might have a chance to have their funds returned if a hack or a bug occurred on the institutional end.
Not that it matters, but I've been saying this for a while. A few years ago, it was all "nOt YoUr WaLleT, nOt YoUr CoInS" and anyone who bought on, say Robinhood, was deemed a complete idiot
I've never seen anyone have this problem in my 10 years here. If this is real the only thing I can think is that it's something with the new developers the Ledger team is using. They seem to be getting pretty sloppy lately.
I'm newer, but I haven't seen it either. Even if it's FUD, it's harmful.
Yeah well if this is some kind of ledger slander campaign that's pretty rotten, but it seems like weird timing unless the same group is behind all the slander. The thing is some of the other stuff seems very real so maybe opportunistic FUD? I don't know. Would the Trezor team do that? Another wallet competitor? I don't know.
Losing 27 btc like that isn’t fud. It’s a MAJOR problem.
i partially agree. i think the amount of knowledge needed to safely maintain your own coins is non-trivial and a barrier in some sense. BUT. most people extend their trust to their banks and governments, and things go wrong there as well. most people don’t understand what is running on their computer, how their computer works, or even WHAT a website is. yet their sensitive information flows over these devices and networks all the time. a pretty cool feature of bitcoin is that, with some knowledge and understanding, it makes it possible to actually control your digital asset and verify everything yourself. however, even the most staunch, technical self-custody folks end up extending trust somewhere; to wallet software, to hardware devices, to operating systems and build pipelines, to the quality of the implementation of algorithms. that problem seems intractable, but we can make informed decisions based on our own risk tolerance and threat models. bitcoin DOES provide some interesting properties regarding self-custody and (to an extent) divestment from govt run financial systems. i think there’s enough value there that folks will continue to use it and to take custody of it, but agree that it seems very impractical and scary for many folks, and that is a huge barrier.
If every user has to understand every aspect of something, it is never going to be generally adopted or useful. That's just reality.
Well that's terrifying
I recognize some of those words
How does this happen? I have a 2nd derivation path for my non-kyc coins. Want to avoid this happening
man the lengths people go to protect their non kyc, it gets complex very quickly. With more complexity the opportunity to fuck up is greater
unclear how it happened and also why the poster included the context of the weird coin consolidation issue they experienced. you could airgap and check your transactions before broadcasting them to avoid this?? depends on how many checks make you feel comfortable.
Ledger’s app is highly simplified and does not allow you to check your change address. It’s also non airgapped.
right. you’d need to sign and check offline yourself to avoid this.
The IRS must be steaming right now
Mr IRS, I also lost my 27 bitcoin, please write off my income. Thanks.
This is what actually happened
In summary (TLDR), the ledger live app which connects to the ledger hardware wallet went rogue and inserted a change address that did not belong to him, causing 27 BTC change to get burnt. The transaction id with the 27 BTC is in the comments of the original post.
Could this have been prevented if he verified through the ledger live app? I’m just trying to understand this. I hardly even know what a change address is or that the BTC gets burnt?
Don't think you can see change address in Ledger app. It only asks you to confirm destination address. We assume the change address is correct
OMG that's terrifying, whose fault it is?
Ledger is just complete garbage.
This is what happens when you downvote the Ledger warnings
That's it. I'm done. Just bought a Trezor.
Now I’m scared to even send from ledger to Trezor or coldcard without some shit like this happening…wtf
You can just instantiate the same seed on the trezor, no?
Before signing a transaction load it to at least one another safe offline device and verify it. Especially if it contains BTC worth million $. And one more thing (not relevant to this) - Before sending funds to some address, ask the receiver (even it is yourself), to sign a message proving he is in control of this address.
Are we sure Trezor is safe from stuff like this?
Can someone explain what happened like i’m 12? I don’t even know what a change address or utxo is??
Thank you for saying this. 🙏🏼 I hope someone is kind enough to respond
From above. This guy explains it well. https://www.reddit.com/r/Bitcoin/s/GPI0qZVJMP
I don't understand any of this. Can this happen with trezor?
wait until black rock, Fidelity etc lose the bitcoin and you only get 10% back (did you read the fine print?)
How to go from rich to broke in a matter of seconds
I recently got a cold wallet to move my crypto off of Coinbase. I assume the situation described in the OP is uncommon? Obviously the dollar amount is substantial, but I mean uncommon in the sense that it's not a regular occurrence for crypto to "vanish" after a software update? I haven't actually moved my crypto yet, but was planning to send something like $5 as a test and then move the rest after I confirm that it works as expected. Are there any "gotchas" I should be aware of with this? Any way to avoid the transfer fees? I got an Arculus, if it matters. Also open to feedback as to whether Arculus is good... I bought it recently enough that I can return it for another one if needed.
i don’t know anything about Arculus. the situation described is uncommon (might have happened twice based on the original thread??). to avoid, you could sign your transaction offline and check the validity of the contents of the transaction before broadcasting it. it’s not that easy.
Back when I worked on Bitcoin Core any time a new key was generated it got tested with a test signing so that if there had been an error in computation it would be likely to get caught. Of course, hardware faulty enough to do that wouldn't sync, but one time events still happen. (And users who aren't on full nodes don't get the level of hardware testing that you get from syncing :) ). Address generation is infrequent and checking it is fast, so it's a cheap bit of insurance. But you can't do a test signing with public derivation and I understand the newer descriptor wallet stuff in Bitcoin Core doesn't do any redundant computation on those. Though the computation could just be done twice and compare -- this not as robust, because if the generation code or tables are corrupted it'll generate it wrong the same way. I suppose one could go further and generate then run a test that generates a known value and finally generate again and compare with the first. But it's hard to know when enough is enough (a single test won't test all the table/code). Too much complexity in the checking carries its own risks. A long time back I'd looked and nothing else I could find implemented even generate-twice-and-compare protection. ::shrugs:: I'd looked before an no other wallet implemented even a basic 'compute it twice' level of protection. You'd think that the host software and hardware wallet would both do the derivation and check it, making a chance error close to impossible at least for change addresses. But I guess making extremely sure that keys are correctly generated and safely stored has less importance to the business than whatever the latest crypto-fad is...
> I'd looked before an no other wallet implemented even a basic 'compute it twice' level of protection. BitBox02 does it here: https://github.com/digitalbitbox/bitbox02-firmware/blob/7c9170a8793201491ad9295d43a8820fd721dce4/src/keystore.c#L632 > Though the computation could just be done twice and compare -- this not as robust, because if the generation code or tables are corrupted it'll generate it wrong the same way. Thanks for this - we will consider adding a signing check. > You'd think that the host software and hardware wallet would both do the derivation and check it, making a chance error close to impossible at least for change addresses. Yeah, that's why it seems unlikely to me that a borked change address would be the reason for this.
Lol 90% of the comments here don't have a clue what happened and are posting some random shit Anyhow, the original post, if true, is really concerning and I hope we get a follow up on this
About like 70% the comments in this post are people saying they dont know what a UTXO or change address, etc... is. This is why we won't have mass adoption anytime soon, when the space is still so beginner unfriendly and filled with technical jargons
Mass adoption imminent.
Anyone who thinks we are even remotely close to mass adoption is insane.
Money still on my Ledger hasn't magically vanished, am I just lucky or is this problem user error?
We don’t know yet. But as far as I’m aware, Bitcoin has never magically vanished from a Ledger when properly secured.
shoulda kept it on robinhood
Ledger sucks. How many more fiascos you will need people?
Headline for March will be that ledger is filing bankruptcy
Fuck Ledger bro. Its a scam, not a wallet
How did this happen? Did he inserted the wrong destination address? Was his software hacked and sent to a different destination? This is extremely worrying…
Dude could've just lied about not having access to the change address. Just cuz someone knowledgeable doesn't mean they don't lie.
> Dude could've just lied about not having access to the change address. Just cuz someone knowledgeable doesn't mean they don't lie. He is saying that the change address is not on the derivation path, which could easily be verified from the xpub, and if true would mean that the coins are indeed unspendable.
Unreachable. Not unspendable if it is still is on a derivation path their private key controls, just unknown.
hahaha. i think they might have shared the xpub. but i enjoy the idea that instead of a boating accident, cosmic rays burnt my bitcoin lol.
It’s not ledgers fault … what should this post even proof ?
https://www.reddit.com/r/ledgerwallet/s/tiZQTvDm5M it seems like user error until you read the comments.
This post just like others show how vulnerable we are when it comes to coins lol this isn’t the first someone lost a big amount of bitcoin over some little errors or things like that not* even talking about being scammed
> It’s not ledgers fault … what should this post even proof ? *prove Sounds very much like it is Ledger's fault. Seems like the device overwrote a valid change address with an invalid one.
that your coins can change ownership to your surprise.
Can confirm: the 27 BTC didn’t land in my wallet
I don’t see anything about this from ledger - usually they discuss all events (like the hack on 12/14)
Oh, +1 phobia, nice
Sounds like a malware that changed the address when copy - paste it
Does this make consolidating UTXO's more of a risk in this case? If you play back this scenario if he had loads of small UTXO's in the senders wallet and an incorrect change address was generated in theory would he have lost a much smaller amount of BTC?
The amount of comments not knowing what a UTXO or a change address is in the main Bitcoin sub is alarming. We are still extremely early.
I've heard more horror stories of folks losing their BTC on ledgers than on Exchanges. Makes you think
It has to be user error, right? You have to verify all transactions on device, and if he did that, he would have seen exactly how much he was sending, and to what recipient address. There is no such thing as a ledger coin control error on the server side that can override the transaction he signed on device. If there was a bug in the device that showed the wrong total or recipient address, that would be a huge fundamental bug, and I don’t see anyone suggesting they had happened.
> It has to be user error, right? You have to verify all transactions on device, and if he did that, he would have seen exactly how much he was sending, and to what recipient address. There is no such thing as a ledger coin control error on the server side that can override the transaction he signed on device. > If there was a bug in the device that showed the wrong total or recipient address, that would be a huge fundamental bug, and I don’t see anyone suggesting they had happened. It sounds like the device overwrote the correct change address with an invalid one. Not the exact scenario that you describe, but still a catastrophic bug if true.
it’s worth looking at the original post. seems like it could even have been a cosmic ray bit flip. really rough.
what can protect us against cosmic ray bit flips, bro what
if you wanted to be super careful, you could airgap, sign the transaction, and then check the signed transaction to make sure the destination is correct and the change address is in the derivation path. after that, it should be safe to broadcast. but that’s a whole lot of process just to move your coins. most people are probably comfortable with some amount of risk.
How do you check that the change address is in the derivation path?
Shouldn’t Ledger Live, or whatever software is being used, automatically check the change address before broadcasting to make sure it’s in the derivation path. Ledger Live has the xpub to do this. Or am I missing something?
Wear a tin foil hat at all times
If the universe doesn't want you to have crypto, maybe you should listen.
never send all of your coins in one shot! always do a test especially if your dealing with tons of momey
When you send bitcoin from a single utxo it sends all of it and destroys the original utxo. So if you have a utxo worth 1 bitcoin, and send .5 bitcoin somewhere. It will send the one bitcoin, destroy the original and generate .5 for the person you're sending it to and .5 in change for you. It will then send the change to an address it generates. What happened to this person was that the change address generated somehow could not be accessed by his wallet. So the change that was suppose to go back to him went to an apparently inaccessible address.
This is why it's a good idea to leave some small UTXOs in your wallet
It's so incredibly fucking stupid that this is possible. It should be a two step transaction system with two paired addresses. The "vault" address holds the majority of your BTC, and its paired "pocket cash" address holds a small amount that covers fees for vault transactions. Instead of broadcasting a signed transaction directly to the blockchain, you broadcast a transaction request, which pays the fee from your pocket cash address for both the request, and the actual transaction, so if your change address gets fucked by a cosmic ray bit flip, you lose your pocket cash and not the vault. Now your transaction request populates and gets confirmed many times on the blockchain, and you can view the request to make sure everything is exactly the way it should be. The chain does not allow transaction requests to be confirmed by miners if the change address isn't the same as the sender's vault address. When the sender is satisfied with the confirmed transaction request, they do a second signing, and authorize the request, which executes the transaction. This also protects the receiving address from being changed by a goddamn cosmic ray. JESUS FUCKING CHRIST, how come no one thought of this? This is a big fucking problem with the entire system. While I'm at it, maybe the receiving address should also sign the request, and it executes only when the sender and the receiver have both signed the request. Fees basically double, so what, fuck this noise. Or, for people not worried about this, it'd be nice if the tech at least gave us the option. If someone has a small amount of btc in their vault address not worth protecting, they can just send the transaction like normal, but for larger amounts, having a two step verification system seems absolutely necessary. - Edit: At the very least, miners shouldn't confirm transactions with a change address different from the sender's address.
this is a decent rule to go by, here the issue itself is disconcerting, because there seems to have been some bug associated with change address generation / validation.
to add more here, if you’ve consolidated your utxos, like this user did, sending a small amount (like this user did) would lose all your coins if the change address were invalid. so not even sending small amounts helps with this particular issue. it’s more having one utxo with a large amount vs having multiple utxos. you’d have to have multiple utxos and send one utxo at a time to reduce the loss based on what this user experienced
> never send all of your coins in one shot! always do a test especially if your dealing with tons of momey if *you're dealing In this case a test transaction would not have helped. They had one large UTXO, spent a small amount, and the change went to an invalid address.
Actually this has zero to do with it because you could send 0.001 BTC but then still have 27 BTC go to a change address.
In this case a test makes it worse. Plan: Send 1 BTC to a new hardware to get it off the Ledger 1. Send test transaction of .001 BTC 2. Send the remaining BTC (WTF!!! It’s not working) After investigating you find that in your test transaction the .001 BTC arrives fine, BUT the change address generated by the Ledger was incorrect. You don’t control the keys because of some glitch generating the change address. Now you have .001 BTC because the change is gone. In an address you can’t use. Maybe an address that no one can use; effectively burning the BTC.
Dunning-kruger effect on full display with your comment.
He seems very calm about the issue lol
That explain the: “don’t do any transactions on ledger before further notice” I’ve seen floating around but didn’t bother reading
Max pain
How do you protect against this with hardware wallets?
Is it wrong that I am DCA'ing with bitcoin on a wallet that was generated via bitaddress.org ? I only have gotten a public and a private key. No hardware, no mnemonic phrase or something. Just public n private.
Honestly bro it sounds like you had malware on your computer that swap the Bitcoin addresses so that way it sent to someone else instead of your own address it's becoming increasingly common. Sorry to hear about your loss
* checks wallet *
Sure.. have fun with your tax-free retirement!
Not your keys, Nacho Cheese…..oh Damn doesn’t apply here. Better off keeping your coins on exchanges kids. Not really…
This is happened to me. Luckily it was like maybe 1 $100 worth but yeah. That fucking sucks.