Address Binance Academy

How to withdraw BTC

Hi, a client of nine has funded a BTC address and sent me both public and private keys and told me i can withdraw them. How do i withdraw like this? Need help urgently thanks in advance
submitted by Majestic_Excuse_1808 to Bitcoin [link] [comments]

Dragonchain Great Reddit Scaling Bake-Off Public Proposal

Dragonchain Great Reddit Scaling Bake-Off Public Proposal

Dragonchain Public Proposal TL;DR:

Dragonchain has demonstrated twice Reddit’s entire total daily volume (votes, comments, and posts per Reddit 2019 Year in Review) in a 24-hour demo on an operational network. Every single transaction on Dragonchain is decentralized immediately through 5 levels of Dragon Net, and then secured with combined proof on Bitcoin, Ethereum, Ethereum Classic, and Binance Chain, via Interchain. At the time, in January 2020, the entire cost of the demo was approximately $25K on a single system (transaction fees locked at $0.0001/txn). With current fees (lowest fee $0.0000025/txn), this would cost as little as $625.
Watch Joe walk through the entire proposal and answer questions on YouTube.
This proposal is also available on the Dragonchain blog.

Hello Reddit and Ethereum community!

I’m Joe Roets, Founder & CEO of Dragonchain. When the team and I first heard about The Great Reddit Scaling Bake-Off we were intrigued. We believe we have the solutions Reddit seeks for its community points system and we have them at scale.
For your consideration, we have submitted our proposal below. The team at Dragonchain and I welcome and look forward to your technical questions, philosophical feedback, and fair criticism, to build a scaling solution for Reddit that will empower its users. Because our architecture is unlike other blockchain platforms out there today, we expect to receive many questions while people try to grasp our project. I will answer all questions here in this thread on Reddit, and I've answered some questions in the stream on YouTube.
We have seen good discussions so far in the competition. We hope that Reddit’s scaling solution will emerge from The Great Reddit Scaling Bake-Off and that Reddit will have great success with the implementation.

Executive summary

Dragonchain is a robust open source hybrid blockchain platform that has proven to withstand the passing of time since our inception in 2014. We have continued to evolve to harness the scalability of private nodes, yet take full advantage of the security of public decentralized networks, like Ethereum. We have a live, operational, and fully functional Interchain network integrating Bitcoin, Ethereum, Ethereum Classic, and ~700 independent Dragonchain nodes. Every transaction is secured to Ethereum, Bitcoin, and Ethereum Classic. Transactions are immediately usable on chain, and the first decentralization is seen within 20 seconds on Dragon Net. Security increases further to public networks ETH, BTC, and ETC within 10 minutes to 2 hours. Smart contracts can be written in any executable language, offering full freedom to existing developers. We invite any developer to watch the demo, play with our SDK’s, review open source code, and to help us move forward. Dragonchain specializes in scalable loyalty & rewards solutions and has built a decentralized social network on chain, with very affordable transaction costs. This experience can be combined with the insights Reddit and the Ethereum community have gained in the past couple of months to roll out the solution at a rapid pace.

Response and PoC

In The Great Reddit Scaling Bake-Off post, Reddit has asked for a series of demonstrations, requirements, and other considerations. In this section, we will attempt to answer all of these requests.

Live Demo

A live proof of concept showing hundreds of thousands of transactions
On Jan 7, 2020, Dragonchain hosted a 24-hour live demonstration during which a quarter of a billion (250 million+) transactions executed fully on an operational network. Every single transaction on Dragonchain is decentralized immediately through 5 levels of Dragon Net, and then secured with combined proof on Bitcoin, Ethereum, Ethereum Classic, and Binance Chain, via Interchain. This means that every single transaction is secured by, and traceable to these networks. An attack on this system would require a simultaneous attack on all of the Interchained networks.
24 hours in 4 minutes (YouTube):
24 hours in 4 minutes
The demonstration was of a single business system, and any user is able to scale this further, by running multiple systems simultaneously. Our goals for the event were to demonstrate a consistent capacity greater than that of Visa over an extended time period.
Tooling to reproduce our demo is available here:
https://github.com/dragonchain/spirit-bomb

Source Code

Source code (for on & off-chain components as well tooling used for the PoC). The source code does not have to be shared publicly, but if Reddit decides to use a particular solution it will need to be shared with Reddit at some point.

Scaling

How it works & scales

Architectural Scaling

Dragonchain’s architecture attacks the scalability issue from multiple angles. Dragonchain is a hybrid blockchain platform, wherein every transaction is protected on a business node to the requirements of that business or purpose. A business node may be held completely private or may be exposed or replicated to any level of exposure desired.
Every node has its own blockchain and is independently scalable. Dragonchain established Context Based Verification as its consensus model. Every transaction is immediately usable on a trust basis, and in time is provable to an increasing level of decentralized consensus. A transaction will have a level of decentralization to independently owned and deployed Dragonchain nodes (~700 nodes) within seconds, and full decentralization to BTC and ETH within minutes or hours. Level 5 nodes (Interchain nodes) function to secure all transactions to public or otherwise external chains such as Bitcoin and Ethereum. These nodes scale the system by aggregating multiple blocks into a single Interchain transaction on a cadence. This timing is configurable based upon average fees for each respective chain. For detailed information about Dragonchain’s architecture, and Context Based Verification, please refer to the Dragonchain Architecture Document.

Economic Scaling

An interesting feature of Dragonchain’s network consensus is its economics and scarcity model. Since Dragon Net nodes (L2-L4) are independent staking nodes, deployment to cloud platforms would allow any of these nodes to scale to take on a large percentage of the verification work. This is great for scalability, but not good for the economy, because there is no scarcity, and pricing would develop a downward spiral and result in fewer verification nodes. For this reason, Dragonchain uses TIME as scarcity.
TIME is calculated as the number of Dragons held, multiplied by the number of days held. TIME influences the user’s access to features within the Dragonchain ecosystem. It takes into account both the Dragon balance and length of time each Dragon is held. TIME is staked by users against every verification node and dictates how much of the transaction fees are awarded to each participating node for every block.
TIME also dictates the transaction fee itself for the business node. TIME is staked against a business node to set a deterministic transaction fee level (see transaction fee table below in Cost section). This is very interesting in a discussion about scaling because it guarantees independence for business implementation. No matter how much traffic appears on the entire network, a business is guaranteed to not see an increased transaction fee rate.

Scaled Deployment

Dragonchain uses Docker and Kubernetes to allow the use of best practices traditional system scaling. Dragonchain offers managed nodes with an easy to use web based console interface. The user may also deploy a Dragonchain node within their own datacenter or favorite cloud platform. Users have deployed Dragonchain nodes on-prem on Amazon AWS, Google Cloud, MS Azure, and other hosting platforms around the world. Any executable code, anything you can write, can be written into a smart contract. This flexibility is what allows us to say that developers with no blockchain experience can use any code language to access the benefits of blockchain. Customers have used NodeJS, Python, Java, and even BASH shell script to write smart contracts on Dragonchain.
With Docker containers, we achieve better separation of concerns, faster deployment, higher reliability, and lower response times.
We chose Kubernetes for its self-healing features, ability to run multiple services on one server, and its large and thriving development community. It is resilient, scalable, and automated. OpenFaaS allows us to package smart contracts as Docker images for easy deployment.
Contract deployment time is now bounded only by the size of the Docker image being deployed but remains fast even for reasonably large images. We also take advantage of Docker’s flexibility and its ability to support any language that can run on x86 architecture. Any image, public or private, can be run as a smart contract using Dragonchain.

Flexibility in Scaling

Dragonchain’s architecture considers interoperability and integration as key features. From inception, we had a goal to increase adoption via integration with real business use cases and traditional systems.
We envision the ability for Reddit, in the future, to be able to integrate alternate content storage platforms or other financial services along with the token.
  • LBRY - To allow users to deploy content natively to LBRY
  • MakerDAO to allow users to lend small amounts backed by their Reddit community points.
  • STORJ/SIA to allow decentralized on chain storage of portions of content. These integrations or any other are relatively easy to integrate on Dragonchain with an Interchain implementation.

Cost

Cost estimates (on-chain and off-chain) For the purpose of this proposal, we assume that all transactions are on chain (posts, replies, and votes).
On the Dragonchain network, transaction costs are deterministic/predictable. By staking TIME on the business node (as described above) Reddit can reduce transaction costs to as low as $0.0000025 per transaction.
Dragonchain Fees Table

Getting Started

How to run it
Building on Dragonchain is simple and requires no blockchain experience. Spin up a business node (L1) in our managed environment (AWS), run it in your own cloud environment, or on-prem in your own datacenter. Clear documentation will walk you through the steps of spinning up your first Dragonchain Level 1 Business node.
Getting started is easy...
  1. Download Dragonchain’s dctl
  2. Input three commands into a terminal
  3. Build an image
  4. Run it
More information can be found in our Get started documents.

Architecture
Dragonchain is an open source hybrid platform. Through Dragon Net, each chain combines the power of a public blockchain (like Ethereum) with the privacy of a private blockchain.
Dragonchain organizes its network into five separate levels. A Level 1, or business node, is a totally private blockchain only accessible through the use of public/private keypairs. All business logic, including smart contracts, can be executed on this node directly and added to the chain.
After creating a block, the Level 1 business node broadcasts a version stripped of sensitive private data to Dragon Net. Three Level 2 Validating nodes validate the transaction based on guidelines determined from the business. A Level 3 Diversity node checks that the level 2 nodes are from a diverse array of locations. A Level 4 Notary node, hosted by a KYC partner, then signs the validation record received from the Level 3 node. The transaction hash is ledgered to the Level 5 public chain to take advantage of the hash power of massive public networks.
Dragon Net can be thought of as a “blockchain of blockchains”, where every level is a complete private blockchain. Because an L1 can send to multiple nodes on a single level, proof of existence is distributed among many places in the network. Eventually, proof of existence reaches level 5 and is published on a public network.

API Documentation

APIs (on chain & off)

SDK Source

Nobody’s Perfect

Known issues or tradeoffs
  • Dragonchain is open source and even though the platform is easy enough for developers to code in any language they are comfortable with, we do not have so large a developer community as Ethereum. We would like to see the Ethereum developer community (and any other communities) become familiar with our SDK’s, our solutions, and our platform, to unlock the full potential of our Ethereum Interchain. Long ago we decided to prioritize both Bitcoin and Ethereum Interchains. We envision an ecosystem that encompasses different projects to give developers the ability to take full advantage of all the opportunities blockchain offers to create decentralized solutions not only for Reddit but for all of our current platforms and systems. We believe that together we will take the adoption of blockchain further. We currently have additional Interchain with Ethereum Classic. We look forward to Interchain with other blockchains in the future. We invite all blockchains projects who believe in decentralization and security to Interchain with Dragonchain.
  • While we only have 700 nodes compared to 8,000 Ethereum and 10,000 Bitcoin nodes. We harness those 18,000 nodes to scale to extremely high levels of security. See Dragonchain metrics.
  • Some may consider the centralization of Dragonchain’s business nodes as an issue at first glance, however, the model is by design to protect business data. We do not consider this a drawback as these nodes can make any, none, or all data public. Depending upon the implementation, every subreddit could have control of its own business node, for potential business and enterprise offerings, bringing new alternative revenue streams to Reddit.

Costs and resources

Summary of cost & resource information for both on-chain & off-chain components used in the PoC, as well as cost & resource estimates for further scaling. If your PoC is not on mainnet, make note of any mainnet caveats (such as congestion issues).
Every transaction on the PoC system had a transaction fee of $0.0001 (one-hundredth of a cent USD). At 256MM transactions, the demo cost $25,600. With current operational fees, the same demonstration would cost $640 USD.
For the demonstration, to achieve throughput to mimic a worldwide payments network, we modeled several clients in AWS and 4-5 business nodes to handle the traffic. The business nodes were tuned to handle higher throughput by adjusting memory and machine footprint on AWS. This flexibility is valuable to implementing a system such as envisioned by Reddit. Given that Reddit’s daily traffic (posts, replies, and votes) is less than half that of our demo, we would expect that the entire Reddit system could be handled on 2-5 business nodes using right-sized containers on AWS or similar environments.
Verification was accomplished on the operational Dragon Net network with over 700 independently owned verification nodes running around the world at no cost to the business other than paid transaction fees.

Requirements

Scaling

This PoC should scale to the numbers below with minimal costs (both on & off-chain). There should also be a clear path to supporting hundreds of millions of users.
Over a 5 day period, your scaling PoC should be able to handle:
*100,000 point claims (minting & distributing points) *25,000 subscriptions *75,000 one-off points burning *100,000 transfers
During Dragonchain’s 24 hour demo, the above required numbers were reached within the first few minutes.
Reddit’s total activity is 9000% more than Ethereum’s total transaction level. Even if you do not include votes, it is still 700% more than Ethereum’s current volume. Dragonchain has demonstrated that it can handle 250 million transactions a day, and it’s architecture allows for multiple systems to work at that level simultaneously. In our PoC, we demonstrate double the full capacity of Reddit, and every transaction was proven all the way to Bitcoin and Ethereum.
Reddit Scaling on Ethereum

Decentralization

Solutions should not depend on any single third-party provider. We prefer solutions that do not depend on specific entities such as Reddit or another provider, and solutions with no single point of control or failure in off-chain components but recognize there are numerous trade-offs to consider
Dragonchain’s architecture calls for a hybrid approach. Private business nodes hold the sensitive data while the validation and verification of transactions for the business are decentralized within seconds and secured to public blockchains within 10 minutes to 2 hours. Nodes could potentially be controlled by owners of individual subreddits for more organic decentralization.
  • Billing is currently centralized - there is a path to federation and decentralization of a scaled billing solution.
  • Operational multi-cloud
  • Operational on-premises capabilities
  • Operational deployment to any datacenter
  • Over 700 independent Community Verification Nodes with proof of ownership
  • Operational Interchain (Interoperable to Bitcoin, Ethereum, and Ethereum Classic, open to more)

Usability Scaling solutions should have a simple end user experience.

Users shouldn't have to maintain any extra state/proofs, regularly monitor activity, keep track of extra keys, or sign anything other than their normal transactions
Dragonchain and its customers have demonstrated extraordinary usability as a feature in many applications, where users do not need to know that the system is backed by a live blockchain. Lyceum is one of these examples, where the progress of academy courses is being tracked, and successful completion of courses is rewarded with certificates on chain. Our @Save_The_Tweet bot is popular on Twitter. When used with one of the following hashtags - #please, #blockchain, #ThankYou, or #eternalize the tweet is saved through Eternal to multiple blockchains. A proof report is available for future reference. Other examples in use are DEN, our decentralized social media platform, and our console, where users can track their node rewards, view their TIME, and operate a business node.
Examples:

Transactions complete in a reasonable amount of time (seconds or minutes, not hours or days)
All transactions are immediately usable on chain by the system. A transaction begins the path to decentralization at the conclusion of a 5-second block when it gets distributed across 5 separate community run nodes. Full decentralization occurs within 10 minutes to 2 hours depending on which interchain (Bitcoin, Ethereum, or Ethereum Classic) the transaction hits first. Within approximately 2 hours, the combined hash power of all interchained blockchains secures the transaction.

Free to use for end users (no gas fees, or fixed/minimal fees that Reddit can pay on their behalf)
With transaction pricing as low as $0.0000025 per transaction, it may be considered reasonable for Reddit to cover transaction fees for users.
All of Reddit's Transactions on Blockchain (month)
Community points can be earned by users and distributed directly to their Reddit account in batch (as per Reddit minting plan), and allow users to withdraw rewards to their Ethereum wallet whenever they wish. Withdrawal fees can be paid by either user or Reddit. This model has been operating inside the Dragonchain system since 2018, and many security and financial compliance features can be optionally added. We feel that this capability greatly enhances user experience because it is seamless to a regular user without cryptocurrency experience, yet flexible to a tech savvy user. With regard to currency or token transactions, these would occur on the Reddit network, verified to BTC and ETH. These transactions would incur the $0.0000025 transaction fee. To estimate this fee we use the monthly active Reddit users statista with a 60% adoption rate and an estimated 10 transactions per month average resulting in an approximate $720 cost across the system. Reddit could feasibly incur all associated internal network charges (mining/minting, transfer, burn) as these are very low and controllable fees.
Reddit Internal Token Transaction Fees

Reddit Ethereum Token Transaction Fees
When we consider further the Ethereum fees that might be incurred, we have a few choices for a solution.
  1. Offload all Ethereum transaction fees (user withdrawals) to interested users as they wish to withdraw tokens for external use or sale.
  2. Cover Ethereum transaction fees by aggregating them on a timed schedule. Users would request withdrawal (from Reddit or individual subreddits), and they would be transacted on the Ethereum network every hour (or some other schedule).
  3. In a combination of the above, customers could cover aggregated fees.
  4. Integrate with alternate Ethereum roll up solutions or other proposals to aggregate minting and distribution transactions onto Ethereum.

Bonus Points

Users should be able to view their balances & transactions via a blockchain explorer-style interface
From interfaces for users who have no knowledge of blockchain technology to users who are well versed in blockchain terms such as those present in a typical block explorer, a system powered by Dragonchain has flexibility on how to provide balances and transaction data to users. Transactions can be made viewable in an Eternal Proof Report, which displays raw data along with TIME staking information and traceability all the way to Bitcoin, Ethereum, and every other Interchained network. The report shows fields such as transaction ID, timestamp, block ID, multiple verifications, and Interchain proof. See example here.
Node payouts within the Dragonchain console are listed in chronological order and can be further seen in either Dragons or USD. See example here.
In our social media platform, Dragon Den, users can see, in real-time, their NRG and MTR balances. See example here.
A new influencer app powered by Dragonchain, Raiinmaker, breaks down data into a user friendly interface that shows coin portfolio, redeemed rewards, and social scores per campaign. See example here.

Exiting is fast & simple
Withdrawing funds on Dragonchain’s console requires three clicks, however, withdrawal scenarios with more enhanced security features per Reddit’s discretion are obtainable.

Interoperability Compatibility with third party apps (wallets/contracts/etc) is necessary.
Proven interoperability at scale that surpasses the required specifications. Our entire platform consists of interoperable blockchains connected to each other and traditional systems. APIs are well documented. Third party permissions are possible with a simple smart contract without the end user being aware. No need to learn any specialized proprietary language. Any code base (not subsets) is usable within a Docker container. Interoperable with any blockchain or traditional APIs. We’ve witnessed relatively complex systems built by engineers with no blockchain or cryptocurrency experience. We’ve also demonstrated the creation of smart contracts within minutes built with BASH shell and Node.js. Please see our source code and API documentation.

Scaling solutions should be extensible and allow third parties to build on top of it Open source and extensible
APIs should be well documented and stable

Documentation should be clear and complete
For full documentation, explore our docs, SDK’s, Github repo’s, architecture documents, original Disney documentation, and other links or resources provided in this proposal.

Third-party permissionless integrations should be possible & straightforward Smart contracts are Docker based, can be written in any language, use full language (not subsets), and can therefore be integrated with any system including traditional system APIs. Simple is better. Learning an uncommon or proprietary language should not be necessary.
Advanced knowledge of mathematics, cryptography, or L2 scaling should not be required. Compatibility with common utilities & toolchains is expected.
Dragonchain business nodes and smart contracts leverage Docker to allow the use of literally any language or executable code. No proprietary language is necessary. We’ve witnessed relatively complex systems built by engineers with no blockchain or cryptocurrency experience. We’ve also demonstrated the creation of smart contracts within minutes built with BASH shell and Node.js.

Bonus

Bonus Points: Show us how it works. Do you have an idea for a cool new use case for Community Points? Build it!

TIME

Community points could be awarded to Reddit users based upon TIME too, whereas the longer someone is part of a subreddit, the more community points someone naturally gained, even if not actively commenting or sharing new posts. A daily login could be required for these community points to be credited. This grants awards to readers too and incentivizes readers to create an account on Reddit if they browse the website often. This concept could also be leveraged to provide some level of reputation based upon duration and consistency of contribution to a community subreddit.

Dragon Den

Dragonchain has already built a social media platform that harnesses community involvement. Dragon Den is a decentralized community built on the Dragonchain blockchain platform. Dragon Den is Dragonchain’s answer to fake news, trolling, and censorship. It incentivizes the creation and evaluation of quality content within communities. It could be described as being a shareholder of a subreddit or Reddit in its entirety. The more your subreddit is thriving, the more rewarding it will be. Den is currently in a public beta and in active development, though the real token economy is not live yet. There are different tokens for various purposes. Two tokens are Lair Ownership Rights (LOR) and Lair Ownership Tokens (LOT). LOT is a non-fungible token for ownership of a specific Lair. LOT will only be created and converted from LOR.
Energy (NRG) and Matter (MTR) work jointly. Your MTR determines how much NRG you receive in a 24-hour period. Providing quality content, or evaluating content will earn MTR.

Security. Users have full ownership & control of their points.
All community points awarded based upon any type of activity or gift, are secured and provable to all Interchain networks (currently BTC, ETH, ETC). Users are free to spend and withdraw their points as they please, depending on the features Reddit wants to bring into production.

Balances and transactions cannot be forged, manipulated, or blocked by Reddit or anyone else
Users can withdraw their balance to their ERC20 wallet, directly through Reddit. Reddit can cover the fees on their behalf, or the user covers this with a portion of their balance.

Users should own their points and be able to get on-chain ERC20 tokens without permission from anyone else
Through our console users can withdraw their ERC20 rewards. This can be achieved on Reddit too. Here is a walkthrough of our console, though this does not show the quick withdrawal functionality, a user can withdraw at any time. https://www.youtube.com/watch?v=aNlTMxnfVHw

Points should be recoverable to on-chain ERC20 tokens even if all third-parties involved go offline
If necessary, signed transactions from the Reddit system (e.g. Reddit + Subreddit) can be sent to the Ethereum smart contract for minting.

A public, third-party review attesting to the soundness of the design should be available
To our knowledge, at least two large corporations, including a top 3 accounting firm, have conducted positive reviews. These reviews have never been made public, as Dragonchain did not pay or contract for these studies to be released.

Bonus points
Public, third-party implementation review available or in progress
See above

Compatibility with HSMs & hardware wallets
For the purpose of this proposal, all tokenization would be on the Ethereum network using standard token contracts and as such, would be able to leverage all hardware wallet and Ethereum ecosystem services.

Other Considerations

Minting/distributing tokens is not performed by Reddit directly
This operation can be automated by smart contract on Ethereum. Subreddits can if desired have a role to play.

One off point burning, as well as recurring, non-interactive point burning (for subreddit memberships) should be possible and scalable
This is possible and scalable with interaction between Dragonchain Reddit system and Ethereum token contract(s).

Fully open-source solutions are strongly preferred
Dragonchain is fully open source (see section on Disney release after conclusion).

Conclusion

Whether it is today, or in the future, we would like to work together to bring secure flexibility to the highest standards. It is our hope to be considered by Ethereum, Reddit, and other integrative solutions so we may further discuss the possibilities of implementation. In our public demonstration, 256 million transactions were handled in our operational network on chain in 24 hours, for the low cost of $25K, which if run today would cost $625. Dragonchain’s interoperable foundation provides the atmosphere necessary to implement a frictionless community points system. Thank you for your consideration of our proposal. We look forward to working with the community to make something great!

Disney Releases Blockchain Platform as Open Source

The team at Disney created the Disney Private Blockchain Platform. The system was a hybrid interoperable blockchain platform for ledgering and smart contract development geared toward solving problems with blockchain adoption and usability. All objective evaluation would consider the team’s output a success. We released a list of use cases that we explored in some capacity at Disney, and our input on blockchain standardization as part of our participation in the W3C Blockchain Community Group.
https://lists.w3.org/Archives/Public/public-blockchain/2016May/0052.html

Open Source

In 2016, Roets proposed to release the platform as open source to spread the technology outside of Disney, as others within the W3C group were interested in the solutions that had been created inside of Disney.
Following a long process, step by step, the team met requirements for release. Among the requirements, the team had to:
  • Obtain VP support and approval for the release
  • Verify ownership of the software to be released
  • Verify that no proprietary content would be released
  • Convince the organization that there was a value to the open source community
  • Convince the organization that there was a value to Disney
  • Offer the plan for ongoing maintenance of the project outside of Disney
  • Itemize competing projects
  • Verify no conflict of interest
  • Preferred license
  • Change the project name to not use the name Disney, any Disney character, or any other associated IP - proposed Dragonchain - approved
  • Obtain legal approval
  • Approval from corporate, parks, and other business units
  • Approval from multiple Disney patent groups Copyright holder defined by Disney (Disney Connected and Advanced Technologies)
  • Trademark searches conducted for the selected name Dragonchain
  • Obtain IT security approval
  • Manual review of OSS components conducted
  • OWASP Dependency and Vulnerability Check Conducted
  • Obtain technical (software) approval
  • Offer management, process, and financial plans for the maintenance of the project.
  • Meet list of items to be addressed before release
  • Remove all Disney project references and scripts
  • Create a public distribution list for email communications
  • Remove Roets’ direct and internal contact information
  • Create public Slack channel and move from Disney slack channels
  • Create proper labels for issue tracking
  • Rename internal private Github repository
  • Add informative description to Github page
  • Expand README.md with more specific information
  • Add information beyond current “Blockchains are Magic”
  • Add getting started sections and info on cloning/forking the project
  • Add installation details
  • Add uninstall process
  • Add unit, functional, and integration test information
  • Detail how to contribute and get involved
  • Describe the git workflow that the project will use
  • Move to public, non-Disney git repository (Github or Bitbucket)
  • Obtain Disney Open Source Committee approval for release
On top of meeting the above criteria, as part of the process, the maintainer of the project had to receive the codebase on their own personal email and create accounts for maintenance (e.g. Github) with non-Disney accounts. Given the fact that the project spanned multiple business units, Roets was individually responsible for its ongoing maintenance. Because of this, he proposed in the open source application to create a non-profit organization to hold the IP and maintain the project. This was approved by Disney.
The Disney Open Source Committee approved the application known as OSSRELEASE-10, and the code was released on October 2, 2016. Disney decided to not issue a press release.
Original OSSRELASE-10 document

Dragonchain Foundation

The Dragonchain Foundation was created on January 17, 2017. https://den.social/l/Dragonchain/24130078352e485d96d2125082151cf0/dragonchain-and-disney/
submitted by j0j0r0 to ethereum [link] [comments]

RESEARCH REPORT ABOUT ARYACOIN

RESEARCH REPORT ABOUT ARYACOIN
Author: Gamals Ahmed, CoinEx Business Ambassador

https://preview.redd.it/a7jv4azk86u51.jpg?width=1600&format=pjpg&auto=webp&s=e4a4dbb5afacd5747076beaa59e6343b805c3392

ABSTRACT

Aryacoin is a new cryptocurrency, which allows for decentralized, peer to peer transactions of electronic cash. It is like Bitcoin and Litecoin, but the trading of the coin occurs on sales platforms that have no restriction to use. Further, it was created with the goal of addressing the double spend issues of Bitcoin and does so using a timestamp server to verify transactions. It works by taking the hash of a block of items to be timestamped and widely publishing the hash. The timestamp proves that the data must have existed at the time in order to get the hash. Each timestamp then includes the previous timestamp in its hash, forming a chain.
The Aryacoin team is continuously developing new use cases for the coin, including exchanges where users can exchange the coins without any fees or restrictions, and offline options where the coins can be bought and sold for cash. The coins can also be used on the company’s other platform, mrdigicoin.io. Along with the coin, there is a digital wallet that can be created and controlled by the user entirely, with no control being retained by the Aryacoin team.

1.INTRODUCTION

The concept of Blockchain first came to fame in October 2008, as part of a proposal for Bitcoin, with the aim to create P2P money without banks. Bitcoin introduced a novel solution to the age-old human problem of trust. The underlying blockchain technology allows us to trust the outputs of the system without trusting any actor within it. People and institutions who do not know or trust each other, reside in different countries, are subject to different jurisdictions, and who have no legally binding agreements with each other, can now interact over the Internet without the need for trusted third parties like banks, Internet platforms, or other types of clearing institutions.
When bitcoin was launched it was revolutionary allowing people to transfer money to anytime and anywhere with very low transaction fees . It was decentralized and their is no third party involved in the transaction , only the sender and receiver were involved.
This paper provide a solution to the double-spending problem using a peer-to-peer distributed timestamp server to generate computational proof of the chronological order of transactions.The system is secure as long as honest nodes collectively control more CPU power than any cooperating group of attacker nodes. Bitcoin was made so that it would not be controlled or regulated but now exchanges and governments are regulating bitcoin and other cryptocurrencies at every step. Aryacoin was developed to overcome these restrictions on a free currency.
Aryacoin is a new age cryptocurrency, which withholds the original principle on which the concept of cryptocurrency was established. Combining the best in blockchain technology since the time of its creation, Aryacoin strives to deliver the highest trading and mining standards for its community.

1.1 OVERVIEW ABOUT ARYACOIN

Aryacoin is a new age cryptocurrency, which withholds the original principle on which the concept of cryptocurrency was established. Combining the best in blockchain technology since the time of its creation, Aryacoin strives to deliver the highest trading and mining standards for its community.
Aryacoin is a blockchain based project that allows users to access their wallet on the web and mobile browsers, using their login details.
Aryacoin can be mined; it also can be exchanged by other digital currencies in several world-famous exchanges such as Hitbtc, CoinEx, P2pb2b, WhiteBit, Changelly and is also listed in reputable wallets such as Coinomi and Guarda.
Aryacoin is a coin, which can be used by anyone looking to use cryptocurrency which allows them to keep their privacy even when buying/selling the coin along with while using the coin during transactions. Proof of work and cryptographic hashes allows transactions to verified.
Stable Fee Per AYA is a unique feature of Aryacoin, so by increasing the amount or volume of the transaction, there is no change in the fee within the network, which means that the fee for sending an amount less than 1 AYA is equal to several hundred million AYA. Another unique feature of Aryacoin is the undetectability of transactions in Explorer, such as the DASH and Monero, of course, this operation is unique to Aryacoin.
Using Aryacoin digital currency, like other currencies, international transactions can be done very quickly and there are no limitations in this area as the creators claim.
Aryacoin aims to allow users to access the Aryacoin wallet via the web and mobile browsers using their login details.
Aryacoin is a peer-to-peer electronic cash system that enables users to send and receive payments directly from one party to another, and allow them to transfer funds across borders with no restriction or third party involvement. The blockchain-based system embraces the digital signature, which prevents double spending and low transfer fees, which enables users to transfer huge amounts with very low fees. The proof-of-work consensus mechanism allows each transaction to be verified and confirmed, while anonymity enables users to use the coin anywhere at any time.
According to the website of the operation, each wallet is divided into 2 or more AYA wallet addresses for each transaction, and depending on the volume of the transaction block, the origin, and destination of transactions in the network can not be traced and displayed to the public.
In fact, each wallet in Aryacoin consists of a total of several wallets. The number of these wallets increases per transaction to increase both security and privacy. Aryacoin also uses the dPoW protocol. In the dPoW protocol, a second layer is added to the network to verify transactions, which makes “51% attack” impossible even with more than half of the network hash, and blocks whose Blockchain uses this second layer of security never run the risk of 51% attacks.
AYA has been listed on a number of crypto exchanges, unlike other main cryptocurrencies, it cannot be directly purchased with fiats money. However, You can still easily buy this coin by
first buying Bitcoin from any large exchanges and then transfer to the exchange that offers to trade this coin.

1.1.1 ARYACOIN HISTORY

Aryacoin (AYA) is a new cryptocurrency, which has been created by a group of Iranian developers, is an altcoin which allows for decentralised, peer to peer transactions of electronic cash without any fees whatsoever. Along with the coin, there is a digital wallet that can be created and managed by the user entirely, with no control being retained by the Aryacoin team.
Aryacoin’s founder, Kiumars Parsa, has been a fan of alternative currencies and particularly Bitcoin.
We see people from all around the world using Blockchain technology and the great benefits that came with it and it then that I decided to solve this puzzle for find a way of bringing the last missing piece to the jigsaw. The idea for Aryacoin was born.” Parsa said.
Parsa and his team of Iranian ex-pats not only persevered but expedited the project and just a year later, in the summer of 2019, the first version of Aryacoin was released. In 2020, Aryacoin is the first and only Iranian coin listed on CMC.
Parsa goes on to state that it is now the strength of the community that has invested in the coin that will ultimately drive its success, alongside its robust technology and appealing 0% network fees.
We have thousands of voices behind Aryacoin. People for the people make this coin. It is a massive shout out for democracy. This had made us base the whole team strategy on the benefits for both our users and our traders.
One key example is that the network fee on AYA Blockchain is 0%. Yes, absolutely nothing, which which differentiates us from other networks. What also differentiates us from other coins is that we have AYAPAY which is the first cryptocurrency Gateway in the world which does not save funds on third party storage with all funds being forwarded directly to any wallet address that the Gateway owner requests”.
So for the first time ever, and unlike other gateways, incoming funds will be saved on the users account with submitted withdrawal requests then made on the Gateway host website. In AYAPAY which has also been developed by the Aryacoin team, all funds without extra fees or extra costs will directly forwarded to users wallets. We have named this technology as CloudWithdrawal.
We are continuously challenging ourselves as it is a crowded marketplace. We are striving to have a safer Blockchain against 51% attacks, faster confirmations speeds of transactions, cheaper network fee, growing the market by cooperation with Top tier Exchangers.

1.1.2 ARYACOIN’S MAIN GOAL

Aryacoin’s main goal is to educate people and give them the freedom to use cryptocurrency in any way they want. Aryacoin empowers the users to transfer, pay, trade cryptocurrency from any country around the globe.
Platforms that have been created by Aryacoin Team, as well as those that will go live in future, operate on the same principle and exclude absolutely no one.

1.1.3 PROBLEM ARYACOIN SEEKS TO SOLVE

Aryacoin aims to provide a long-term solution to the problem of double spending, which is still common in the crypto market. The developers of the system have created a peer-to-peer distributed timestamp server that generates computational proof of the transactions as they occur.
Besides, the system remains secure provided honest nodes control more CPU power than any cooperating group of attacker nodes. While Bitcoin was designed not to be regulated or controlled, many exchanges and governments have put regulatory measures on the pioneer cryptocurrency at every step. Aryacoin aims to overcome these restrictions as a free digital currency.

1.1.4 BENEFITS OF USING ARYACOIN

Aryacoin solution offers the following benefits:
  • Real-time update: whether you’re going on a holiday or a business trip, no problem. You can access your coins all over the world.
  • Instant operations: Aryacoin makes it quite easy for you to use your digital wallet and perform various operations with it.
  • Safe and secure: all your data is stored encrypted and can only be decrypted with your private key, seed, or password.
  • Strong security: The system has no control over your wallet. You are 100% in charge of your wallet and funds.

1.1.5 ARYACOIN FEATURES

1. Anonymity
The coin provides decent level of anonymity for all its users. The users can send their transactions to any of the public nodes to be broadcasted , the transaction sent to the nodes should be signed by the private key of the sender address . This allows the users to use the coin anywhere any time , sending transactions directly to the node allows users from any place and country .
2. Real Life Usage
aryacoin’s team is continuously developing new and innovative ways to use the coins , they are currently developing exchanges where the users can exchange the coins without any fees and any restrictions . They also are currently developing other innovative technologies, which would allow users to spend our coins everywhere and anywhere.
3. Offline Exchanges
They are also working with different offline vendors which would enable them to buy and sell the coins directly to our users on a fixed/variable price this would allow easy buy/sell directly using cash . This would allow the coins to be accessible to users without any restrictions which most of the online exchanges have, also increase the value and number of users along with new ways to spend the coin. This would increase anonymity level of the
coin. In addition, introduce new users into the cryptomarket and technology. Creating a revolution, which educates people about crypto and introduce them to the crypto world, which introduces a completely new group of people into crypto and a move towards a Decentralized future!
4. Transactions
When it comes to transactions, Aryacoin embraces a chain of digital signatures, where each owner simply transfers the coin to the next person by digitally signing a hash of the previous transaction and the public key of the next owner. The recipient can then verify the signatures to confirm the chain of ownership. Importantly, Aryacoin comes with a trusted central authority that checks every transaction for double spending.
5. Business Partner with Simplex
Aryacoin is the first and only Iranian digital currency that managed to obtain a trading license in other countries.
In collaboration with the foundation and financial giant Simplex, a major cryptocurrency company that has large companies such as Binance, P2P, Changelly, etc. Aryacoin has been licensed to enter the world’s major exchanges, as well as the possibility of purchasing AYA through Credit Cards, which will begin in the second half of 2020.
Also, the possibility of purchasing Aryacoin through Visa and MasterCard credit cards will be activated simultaneously inside the Aryacoin site. plus, in less than a year, AYA will be placed next to big names such as CoinCapMarket, Coinomi, P2P, Coinpayments and many other world-class brands today.

1.1.6 WHY CHOOSE ARYACOIN?

If you want to use a cryptocurrency that allows you to keep your privacy online even when buying and selling the coins, the Aryacoin team claims that AYA is the way to go. Aryacoin is putting in the work: with more ways to buy and sell, and fixing the issues that were present in the original Bitcoin, plus pushing the boundaries with innovative solutions in cryptocurrencies. You can get started using Aryacoin (AYA) payments simply by having a CoinPayments account!

1.1.7 ARYANA CENTRALIZED EXCHANGE

Aryana, the first Iranian exchange is a unique platform with the following features:
  • The first real international Persian exchange that obtains international licenses and is listed in CoinMarketCap.
  • The first Iranian exchange that has been cooperating with a legal and European exchange for 3 years.
  • The possibility of trading in Tomans (available currency in Iran) at the user’s desired price and getting rid of the transaction prices imposed by domestic sites inside Iran.
  • There is an internal fee payment plan by Iranian domestic banks for depositing and withdrawing Tomans for Aryacoin holders in Aryana Exchange.
  • The number that you see on the monitor and in your account will be equal to the number that is transferred to your bank account without a difference of one Rial.
  • The last but not least, noting the fact that there is a trading in Tomans possibility in Aryana exchange.
Aryana Exchange is using the most powerful, fastest, and most expensive server in the world, Google Cloud Platform (GCP), which is currently the highest quality server for an Iranian site, so that professional traders do not lag behind the market even for a second.
The feature of Smart Trading Robots is one of the most powerful features for digital currency traders. Digital cryptocurrency traders are well aware of how much they will benefit from smart trading robots. In the Aryana exchange, it is possible to connect exchange user accounts to intelligent trading bots and trade even when they are offline.
The injection of $ 1 million a day in liquidity by the WhiteBite exchange to maintain and support the price of Tether and eliminate the Tether fluctuations with Bitcoin instabilities used by profiteers to become a matter of course.

1.1.8 HOW DOES ARYACOIN WORK?

Aryacoin (AYA) tries to ensure a high level of security and privacy. The team has made sure to eliminate any trading restrictions for the network users: no verification is required to carry out transactions on AYA, making the project truly anonymous, decentralized, and giving it a real use in day-to-day life. The Delayed-Proof-of-Work (dPoW) algorithm makes the Aryacoin blockchain immune to any attempts of a 51% attack. AYA defines a coin as a chain of digital signatures — each owner transfers the coin to the next owner by digitally signing the hash of the previous transaction and the public key of the next owner, and the receiver verifies the signatures and the chain of ownership.

2. ARYACOIN TECHNOLOGY

2.1 PROOF-OF-WORK

They use a proof-of-work system similar to Adam Back’s Hashcash to implement a distributed timestamp server on a peer-to-peer basis, rather than newspaper or Usenet publications. The proof-of-work involves scanning for a value that when hashed, such as with SHA-256, the hash begins with a number of zero bits. The average work required is exponential in the number of zero bits required and can be verified by executing a single hash.
For their timestamp network, they implement the proof-of-work by incrementing a nonce in the block until a value is found that gives the block’s hash the required zero bits. Once the CPU effort has been expended to make it satisfy the proof-of-work, the block cannot be changed without redoing the work. As later blocks are chained after it, the work to change the block would include redoing all the blocks after it.
The proof-of-work also solves the problem of determining representation in majority decision making. If the majority were based on one-IP-address-one-vote, it could be subverted by anyone able to allocate many IPs. Proof-of-work is essentially one-CPU-one-vote. The majority decision is represented by the longest chain, which has the greatest proof-of-work effort invested in it. If honest nodes control a majority of CPU power, the honest chain will grow the fastest and outpace any competing chains. To modify a past
block, an attacker would have to redo the proof-of-work of the block and all blocks after it, then catch up with, and surpass the work of the honest nodes.

2.2 NETWORK

The steps to run the network are as follows:
  • New transactions are broadcast to all nodes.
  • Each node collects new transactions into a block.
  • Each node works on finding a difficult proof-of-work for its block.
  • When a node finds a proof-of-work, it broadcasts the block to all nodes.
  • Nodes accept the block only if all transactions in it are valid and not already spent.
This is a very simple system that makes the network fast and scalable, while also providing a decent level of anonymity for all users. Users can send their transactions to any of the public nodes to be broadcast, and the private key of the sender’s address should sign any transaction sent to the nodes. This way, all transaction info remains strictly confidential. It also allows users to send transactions directly to the node from any place at any time and allows the transferring of huge amounts with very low fees.

2.3 AYAPAY PAYMENT SERVICES GATEWAY:

According to creators Aryacoin, the development team has succeeded in inventing a new blockchain technology for the first time in the world, which is undoubtedly a big step and great news for all digital currency enthusiasts around the world.
This new technology has been implemented on the Aryacoin AYAPAY platform and was unveiled on October 2. AYAPAY payment platform is the only payment gateway in the world that does not save money in users’ accounts and transfers incoming coins directly to any wallet address requested by the gateway owner without any additional transaction or fee.
In other similar systems or even systems such as PayPal, money is stored in the user account.

2.4 CONSENSUS ALGORITHM IN ARYACOIN

The devs introduced the Delayed-Proof-of-Work (dPoW) algorithm, which represents a hybrid consensus method that allows one blockchain to take advantage of the security provided by the hashing power of another blockchain. The AYA blockchain works on dPoW and can use such consensus methods as Proof-of-Work (PoW) or Proof-of-Stake (PoS) and join to any desired PoW blockchain. The main purpose of this is to allow the blockchain to continue operating without notary nodes on the basis of its original consensus method. In this situation, additional security will no longer be provided through the attached blockchain, but this is not a particularly significant problem. dPoW can improve the security level and reduce energy consumption for any blockchain.

2.5 DOUBLE-SPEND PROBLEM AND SOLUTION

One of the main problems in the blockchain world is that a receiver is unable to verify whether or not one of the senders did not double-spend. Aryacoin provides the solution, and has established a trusted central authority, or mint, that checks every transaction for double-spending. Only the mint can issue a new coin and all the coins issued directly from the mint are trusted and cannot be double-spent. However, such a system cannot therefore
be fully decentralized because it depends on the company running the mint, similar to a bank. Aryacoin implements a scheme where the receiver knows that the previous owners did not sign any earlier transactions. The mint is aware of all transactions including which of them arrived first. The developers used an interesting solution called the Timestamp Server, which works by taking a hash of a block of items to be ‘timestamped’ and publishing the hash. Each timestamp includes the previous timestamp in its hash, forming a chain. To modify a block, an attacker would have to redo the proof-of-work of all previous blocks, then catch up with, and surpass the work of the honest nodes. This is almost impossible, and makes the network processes more secure. The proof-of-work difficulty varies according to circumstances. Such an approach ensures reliability and high throughput.

3. ARYACOIN ROADMAP

April 2019: The launch of Aryacoin; AYA ICO, resulting in over 30BTC collected
December 2019: The launch of AYA Pay
April 2020: The successful Hamedan Hardfork, supported by all AYA exchanges, aimed at integrating the dPoW algorithm, improving the security of the AYA blockchain.
June 2020: Aryana Exchange goes live, opening more trading opportunities globally
July 2020: The enabling of our Coin Exchanger
November 2020: The implementation of Smart Contracts into the Aryacoin Ecosystem
Q1 2021: Alef B goes live (more details coming soon)

4. THE NUCYBER NETWORK COMMUNITY & SOCIAL

Website: https://aryacoin.io/
Explorer: https://explorer.aryacoin.io/
Github: https://github.com/Aryacoin/Aryacoin
Twitter: 1.1k followers https://twitter.com/AryacoinAYA
Reddit: 442 members https://github.com/nucypher
Instagram: 3.8k followers https://www.instagram.com/mrdigicoin/ Telegram: 5.9k subscribers https://t.me/AYA_Global

5. SUMMARY

Aryacoin (AYA) is a new age cryptocurrency that combines the best of the blockchain technology and strives to deliver high trading and mining standards, enabling users to make peer-to-peer decentralized transactions of electronic cash. Aryacoin is part of an ecosystem that includes payment gateway Ayapay and the Ayabank. AYA has a partnership with the Microsoft Azure cloud platform, which provides the ability to develop applications and store data on servers located in distributed data centers. The network fee for the AYA Blockchain is 0%. In Ayapay service, which has been developed by the Aryacoin team, all funds without extra fees or costs are directly forwarded to users’ wallets with technology called CloudWithdrawal. The devs team is introducing new use cases including exchanges where users will exchange AYA without any restrictions. You can buy AYA on an exchange of your choice, create an Aryacoin wallet, and store it in Guarda.

6. REFERENCES

1) https://coincodex.com/crypto/aryacoin/
2) https://www.icosandstos.com/coin/Aryacoin%20AYA/YuXO60UPF3
3) https://www.publish0x.com/iran-and-cryptocurrency/a-brief-introduction-of-aryacoin-first-ever-iranian-cryptocu-xoldlom
4) https://techround.co.uk/cryptocurrency/aryacoin-the-digital-currency-created-by-iranians/
5) https://bitcoinexchangeguide.com/aryacoin/
6) https://blog.coinpayments.net/coin-spotlight/aryacoin
7) https://guarda.com/aryacoin-wallet
submitted by CoinEx_Institution to Coinex [link] [comments]

The events of a SIM swap attack (and defense tips)

Posted this on Coinbase and someone recommend it also be posted here. The information below on an attempted SIM swap attack was pieced together through a combination of login and security logs, recovering emails initiated by the attacker that were deleted and then deleted again from the trash folder, and learning from AT&T’s fraud representatives. The majority if this is factual, and we do our best to note where we are speculating or providing a circumstantial suspicion. TLDRs at the bottom.
The full story:
We were going about our business and received a text from AT&T that says “…Calls & texts will go to your new phone/SIM card. Call 866-563-4705 if you did not request.” We did not request this, and were suspicious that the text itself could be a phishing scam since we searched the phone number and it wasn’t overtly associated with AT&T. Thus, we tried calling AT&T’s main line at 611 but all we hear is beep beep beep. The phone number is already gone. We use another phone to call AT&T and at the same time start working on our already compromised email.
While we didn’t see everything real time, this is what the recovered emails show. In less than 2 minutes after receiving the text from AT&T, there is already an email indicating that the stolen phone number was used to sign into our email account associated with Coinbase. 2 minutes after that, there is an email from Coinbase saying:
"We have received your request for password reset from an unverified device. As a security precaution, an e-mail with a reset link will be sent to you in 24 hours. Alternatively, if you would like your password reset to be processed immediately, please submit a request using a verified device.
This 24 hour review period is designed to protect your Coinbase account."
This is where Coinbase got it right to have a 24 hour review period (actually a recovery period) before allowing the password to be reset. However, the attackers knew this and planned to steal the second email from Coinbase by setting email rules to forward all emails to a burner address and also have any emails containing “coinbase” re-routed so they don’t appear in the Inbox. 5 minutes later, they request a password reset from Gemini and the password was reset to the attacker’s password within a minute after that. The next minute they target and reset DropBox’s password followed immediately with Binance. Less than 2 minutes later, an email from Binance indicates that the password has been reset and another email arrives a minute later indicating a new device has been authorized.
It’s at this point that we begin locking the attacker out by (1) removing the phone number as 2FA (2) changing the email password, (3) and three forcing a logout of all sessions from the email. There was a bit of back and forth where they still had an active login and re-added the stolen phone number as 2FA.
They added only one more password reset to a gaming account that was not deleted. I can only suspect that was a decoy to make it look like the attack was directed at gaming rather than finances.
The Gemini and Binance accounts were empty and effectively abandoned, with no balances and inactive bank accounts (if any), and no transactions in 1-3 years. DropBox had no meaningful files (they probably look for private keys and authenticator backups) and the phone number they stole from us was suspended, so as far as the attacker is concerned, there is no meat on this bone to attack again… unless they had inside information.
This is where I suspect someone internal at Coinbase receiving wire deposits has been compromised in tipping off ripe accounts – accounts with new and somewhat large balances. We had completed a full withdrawal of funds from Coinbase earlier in the year, and had a balance of less than $20 heading into May. Deposits to Coinbase staggered in to get above six figures through mid-May then stopped. The attack occurred 7 days after the last large wire deposit was made to Coinbase.
From the perspective of an attacker that had no inside information, we were a dead end with abandoned Gemini and Binance accounts with zero balances and stale transactions, no DropBox information, and the suspended phone number access. Our Coinbase deposits were known to no one except us, Coinbase, and our bank. We were also able to stop the hacker’s email forwarding before Coinbase’s 24 hour period to send the password reset, so this one didn’t work out for the attackers and it would make sense for them to move on to the next rather than put efforts into a second attack only for Coinbase - for what would appear to be a zero-balance Coinbase account based on the other stale accounts.
Then…23 hours and 42 minutes after the first attack, another message from AT&T “…Calls & texts will go to your new phone/SIM card. Call 866-563-4705 if you did not request.” Here we go again. We had been confident in AT&T’s assurances that our account had been locked and would not be SIM swapped again, so we unwisely added the phone number back to our email account as a backup (it’s now removed permanently and we use burner emails for account recovery like we should have all along).
Upon seeing that our phone number had been stolen again I knew they were after the Coinbase reset email that was delayed by 24 hours from Coinbase as part of their security. We did 4 things within 2 minutes of that text: (1) removed the phone number again from the email account – this time for good, (2) market sell all Bitcoin on Coinbase, (3) withdraw from Coinbase, (4) have AT&T suspend service on the phone line.
In speaking with AT&T, they were floored that our SIM would be transferred again in light of all the notes about fraud on the account and the PIN being changed to random digits that had never been used by us before. Based on the response of disbelief from AT&T on the second port, I suspect that this attack also involved a compromised AT&T employee that worked with the attacker to provide timely access to the Coinbase password reset email. Apparently, this has been going on for years: https://www.flashpoint-intel.com/blog/sim-swap-fraud-account-takeove
with phone carrier employees swapping SIMs for $80s a swap.
Remember that most of this was hidden in real time, and was only known because we were able to recover emails deleted from Trash by the attacker.
Since we require any withdrawals to use Google Authenticator on Coinbase, our funds may have been secure nonetheless. However, under the circumstances with attackers that were apparently working with insiders to take our phone number twice in attempts to steal Bitcoin, and it being unknown if they had additional tools related to our Google Authenticator, we decided it was safer on the sidelines. The coins were held on the exchange for a quick exit depending on whether Bitcoin was going to break up or down from $10,000. A hardware wallet is always safest, but we were looking to time the market and not have transaction delays.
For some some security recommendations:
AT&T: If you are going to send a text saying that calls and texts are moving to a new number, provide a 10 minute window for the phone number to reply with a “NO” or “STOP” to prevent the move. This can escalate the SIM dispute to more trusted employees to determine who actually owns the line. Don’t let entry level employees swap SIMs.
Coinbase: Do not default to phone numbers as 2FA. Also, if someone logs in successfully with the password before the 24 hours are up, the password is known and there is no need to send the password reset email again for attacker to have forwarded to them. At least have an option to stop the password reset email from being sent. We did not tag our account at Coinbase with fraud because of the stories of frozen funds once an account is tagged. I’m not sure what the solution is there, but that is another problem.
Being a trader, it would be nice to think of Coinbase as any other type of security brokerage where your assets are yours (someone can’t steal your phone number and transfer your stocks to their account). We fell into that mindset of security, yet this experience has reminded us of the uniqueness of cryptocurrency and the lack of custodial assurance and insurance from exchanges because of the possession-is-everything properties of cryptocurrency.
As many have said before, 2FA with a phone number quickly becomes 1-factor authentication as soon as that phone number is associated with password recovery on your email or other accounts. Our overall recommendation is to avoid having a phone number associated with any recovery options across all your accounts.
TLDR on the process:
Scammers will steal your phone number (in our case twice in 24 hours) and use your phone number to access your email and accounts. They will use your email to reset passwords at financial accounts and file hosting such as DropBox. They will then use that combination to transfer any assets they can access from your accounts to theirs. They will do their best to hide this from you by
(1) not resetting your email password so as to raise suspicion,
(2) immediately delete any password reset emails you may receive from financial accounts to hide them from you,
(3) attempt to forward all emails sent to your address to a burner email, and
(4) set email rules to forward emails containing “coinbase” to an email folder other than your Inbox so that you don’t see the transactions and password reset emails that arrive to your inbox.
TLDR on defense tips: If your phone stops working or you receive a text of your number being ported do the following as soon as possible:
(1) log into your email account(s) associated with your financial accounts and remove your phone number as 2FA immediately
(2) change your email password,
(3) force a logout of all sessions from your email (at this point you have locked them out), then
(4) check your mail forwarding settings for forwards to burner addresses,
(5) check your mail rules for rerouting of emails from accounts such as Coinbase, and
(6) call your carrier to have them suspend service on your lost phone number and ask them to reinstate your SIM or get a new SIM. This will require a second phone because your personal phone number has been stolen.
We hope this helps some others be safe out there in protecting their coins. The more we know, the more we can protect ourselves. Wishing you all the best!
submitted by etheregg to CryptoCurrency [link] [comments]

BitcoinBCH.com accidentally publishes on-chain proof that they fake BCHs adoption metrics. Post to r/btc gets deleted and OP is now permanently banned.

Everybody who has posted this on btc has been banned according to modlog. Total of 9 users so far. Don't post this on btc or you will get banned. If you get banned comment on this thread or PM me.

May 2020:

According to btc modlogs, mc-78 has been banned because he questioned the April report with this comment.

According to btc modlogs, BCH4TW has been banned because he questioned the April report with this comment.

March 2020:

According to btc modlogs, bch4god has been banned because he questioned the February report with this comment.

According to btc modlogs, ISeeGregPeople has been banned because he linked to this thread in his comment.

February 2020:

According to btc modlogs, whene-is-satoshi has been banned because he linked to this thread in his comment.

January 2020:

According to btc modlogs, cryptokittykiller's post has been removed for linking to this thread.

According to btc modlogs, bashcalf has now been banned for linking to this thread.

According to btc modlogs, EnterLayer2 has now been banned for this post pointing out that this thread has reached 1000 upvotes.

This article was posted by bitcoinsatellite on btc here. Once it reached frontpage it got deleted and OP was banned from btc and bitcoincash as a result.

Disclaimer: I am not and have never been affiliated with any of the mentioned parties in a private or professional matter.
Presumably in an attempt to smear a local competitor, Hayden Otto inadvertently publishes irrefutable on-chain proof that he excluded non-BCH retail revenue to shape the "BCH #1 in Australia" narrative.
  • Scroll down to "Proof of exclusion" if you are tired of the drama recap.
  • Scroll down to "TLDR" if you want a summary.

Recap

In September 2019, BitcoinBCH.com started publishing so called monthly "reports" about crypto retail payments in Australia. They claimed that ~90% of Australia's crypto retail revenue is processed via their own HULA system and that ~92% of all crypto retail revenue happens in BCH.
They are aggregating two data sources to come up with this claim.
One is TravelByBit (TBB) who publishes their PoS transactions (BTC, LN, ETH, BNB, DASH, BCH) live on a ticker.
The other source is HULA, a newly introduced POS system (BCH only) and direct competitor to TBB run by BitcoinBCH.com - the same company who created the report. Despite being on-chain their transactions are private, not published and not verifiable by third parties outside BitcoinBCH.com
Two things stood out in the "reports", noted by multiple users (including vocal BCH proponents):
  • The non-BCH parts must have tx excluded and the report neglects to mention it (the total in their TBB analysis does not match what is reported on the TBB website.)
  • The BCH part has outliers included (e.g. BCH city conference in September with 35x the daily average)
The TBB website loads the historic tx data in the browser but hides transactions older than 7 days from being displayed, i.e. you can access more than 7 days worth of data if you understand JavaScript and can read the source code (source).

Hayden Otto's reaction

In direct response to me publishing these findings on btc, Hayden Otto - an employee at BitcoinBCH.com and the author of the report who also happens to be a moderator of /BitcoinCash - banned me immediately from said sub (source).
In subsequent discussion (which repeated for every monthly "report" which was flawed in the same ways as described above), Hayden responded using the same tactics:
"No data was removed"
"The guy is straight out lying. There is guaranteed no missing tx as the data was collected directly from the source." (source)
"Only data I considered non-retail was removed"
"I also had these data points and went through them to remove non-retail transactions, on both TravelbyBit and HULA." (source)
He admits to have removed non-BCH tx by "Game Ranger" because he considers them non-retail (source). He also implies they might be involved in money laundering and that TBB might fail their AML obligations in processing Game Ranger's transactions (source).
The report does not mention any data being excluded at all and he still fails to explain why several businesses that are clearly retail (e.g. restaurants, cafes, markets) had tx excluded (source).
"You are too late to prove I altered the data"
"[...] I recorded [the data] manually from https://travelbybit.com/stats/ over the month of September. The website only shows transactions from the last 7 days and then they disappear. No way for anyone to access stats beyond that." (source)
Fortunately you can, if you can read the website's source code. But you need to know a bit of JavaScript to verify it yourself, so not an ideal method to easily prove the claim of data exclusion to the public. But it laters turns out Hayden himself has found an easier way to achieve the same.
"The report can't be wrong because it has been audited."
In response to criticism about the flawed methodology in generating the September report, BitcoinBCH.com hired an accountant from a regional Bitcoin BCH startup to "audit" the October report. This is remarkable, because not only did their reported TBB totals still not match those from the TBB site - their result was mathematically impossible. How so? No subset of TBB transaction in that month sums up to the total they reported. So even if they excluded retail transactions at will, they still must have messed up the sum (source). Why didn't their auditor notice their mistake? She said she "conducted a review based on the TravelByBit data provided to her", i.e. the data acquisition and selection process was explicitly excluded from the audit (source).
"You are a 'pathetic liar', a 'desperate toll', an 'astroturf account' and 'a total dumb ass' and are 'pulling numbers out of your ass!'"
Since he has already banned me from the sub he moderates, he started to resort to ad hominems (source, source, source, source).

Proof of exclusion

I published raw data as extracted from the TBB site after each report for comparison. Hayden responded that I made those numbers up and that I was pulling numbers out of my ass.
Since he was under the impression that
"The website only shows transactions from the last 7 days and then they disappear. No way for anyone to access stats beyond that." (source)
he felt confident to claim that I would be
unable to provide a source for the [missing] data and/or prove that that data was not already included in the report. (source)
Luckily for us Hayden Otto seems to dislike his competitor TravelByBit so much that he attempted to reframe Bitcoin's RBF feature as a vulnerability specific to TBB PoS system (source).
While doublespending a merchant using the TBB PoS he wanted to prove that the merchant successfully registered the purchase as complete and thus exposed that the PoS sales history of TBB's merchants are available to the public (source), in his own words:
"You can literally access it from a public URL in the Web browser. There is no login or anything required, just type in the name of the merchant." (source)
As of yet it is unclear if this is intentional by TBB or if Hayden Ottos followed the rules of responsible disclosure before publishing this kind of data leak.
As it happens, those sale histories do not only include the merchant and time of purchases, they even include the address the funds were sent to (in case of on-chain payments).
This gives us an easy method to prove that the purchases from the TBB website missing in the reports belong to a specific retail business and actually happened - something that is impossible to prove for the alleged HULA txs.
In order to make it easier for you to verify it yourself, we'll focus on a single day in the dataset, September 17th, 2019 as an example:
  • Hayden Otto's report claims 20 tx and $713.00 in total for that day (source)
  • The TBB website listed 40 tx and a total of $1032.90 (daily summary)
  • Pick a merchant, e.g. "The Stand Desserts"
  • Use Hayden's "trick" to access that merchants public sale history at https://www.livingroomofsatoshi.com/merchanthistory/thestanddesserts, sort by date to find the 17th Sep 2019 and look for a transaction at 20:58 for $28. This proves that a purchase of said amount is associated with this specific retail business.
  • Paste the associated crypto on-chain address 17MrHiRcKzCyuKPtvtn7iZhAZxydX8raU9 in a blockchain explorer of your choice, e.g like this. This proves that a transfer of funds has actually happened.
I let software aggregate the TBB statistics with the public sale histories and you'll find at the bottom of this post a table with the on-chain addresses conveniently linked to blockchain explorers for our example date.
The total of all 40 tx is $1032.90 instead of the $713.00 reported by Hayden. 17 tx of those have a corresponding on-chain address and thus have undeniable proof of $758.10. Of the remaining 23, 22 are on Lightning and one had no merchant history available.
This is just for a single day, here is a comparison for the whole month.
Description Total
TBB Total $10,502
TBB wo. Game Ranger $5,407
TBB according to Hayden $3,737

What now?

The usual shills will respond in a predictive manner: The data must be fake even though its proof is on-chain, I would need to provide more data but HULA can be trusted without any proof, if you include outliers BCH comes out ahead, yada, yada.
But this is not important. I am not here to convince them and this post doesn't aim to.
The tx numbers we are talking about are less than 0.005% of Bitcoin's global volume. If you can increase adoption in your area by 100% by just buying 2 coffees more per day you get a rough idea about how irrelevant the numbers are in comparison.
What is relevant though and what this post aims to highlight is that BitcoinBCH.com and the media outlets around news.bitcoin.com flooding you with the BCH #1 narrative are playing dirty. They feel justified because they feel that Bitcoin/Core/Blockstream is playing dirty as well. I am not here to judge that but you as a reader of this sub should be aware that this is happening and that you are the target.
When BitcoinBCH.com excludes $1,000 Bitcoin tx because of high value but includes $15,000 BCH tx because they are made by "professionals", you should be sceptical.
When BitcoinBCH.com excludes game developers, travel businesses or craftsmen accepting Bitcoin because they don't have a physical store but include a lawyer practice accepting BCH, you should be sceptical.
When BitcoinBCH.com excludes restaurants, bars and supermarkets accepting Bitcoin and when pressed reiterate that they excluded non-retail businesses without ever explaning why a restaurant shouldn't be considered reatil, you should be sceptical.
When BitcoinBCH.com claims the reports have been audited but omit that the data acquisition was not part of the audit, you should be sceptical.
I expect that BitcoinBCH.com will stop removing transactions from TBB for their reports now that it has been shown that their exclusion can be provably uncovered. I also expect that HULA's BCH numbers will rise accordingly to maintain a similar difference.
Hayden Otto assumed that nobody could cross-check the TBB data. He was wrong. Nobody will be able to disprove his claims when HULA's BCH numbers rise as he continues to refuse their release. You should treat his claims accordingly.
As usual, do your own research and draw your own conclusion. Sorry for the long read.

TLDR

  • BitcoinBCH.com claimed no transactions were removed from the TBB dataset in their BCH #1 reports and that is impossible to prove the opposite.
  • Hayden Otto's reveals in a double spend attempt that a TBB merchant's sale history can be accessed publicly including the merchant's on-chain addresses.
  • (For example,) this table shows 40 tx listed on the TBB site on Sep 17th, including their on-chain addresses where applicable. The BitcoinBCH.com report lists only 20 tx for the same day.
  • (Most days and every months so far has had BTC transactions excluded.)
  • (For September, TBB lists $10,502 yet the report only claims $3,737.
No. Date Merchant Asset Address Amount Total
1 17 Sep 19 09:28 LTD Espresso Lightning Unable to find merchant history. 4.50 4.50
2 17 Sep 19 09:40 LTD Espresso Binance Coin Unable to find merchant history. 4.50 9.00
3 17 Sep 19 13:22 Josh's IGA Murray Bridge West Ether 0x40fd53aa...b6de43c531 4.60 13.60
4 17 Sep 19 13:23 Nom Nom Korean Eatery Lightning lnbc107727...zkcqvvgklf 16.00 29.60
5 17 Sep 19 13:24 Nom Nom Korean Eatery Lightning lnbc100994...mkspwddgqw 15.00 44.60
6 17 Sep 19 14:02 Nom Nom Korean Eatery Binance Coin bnb1w5mwu9...552thl4ru5 30.00 74.60
7 17 Sep 19 15:19 Dollars and Sense (Fortitude Valley) Lightning lnbc134780...93cpanyxfg 2.00 76.60
8 17 Sep 19 15:34 Steph's Cafe Binance Coin bnb124hcjy...ss3pz9y3r8 57.50 134.10
9 17 Sep 19 19:37 The Stand Desserts Binance Coin bnb13f58s9...qqc7fxln7s 18.00 152.10
10 17 Sep 19 19:59 The Stand Desserts Lightning lnbc575880...48cpl0z06q 8.50 160.60
11 17 Sep 19 20:00 The Stand Desserts Lightning lnbc575770...t8spzjflym 8.50 169.10
12 17 Sep 19 20:13 The Stand Desserts Lightning lnbc202980...lgqp5ha8f4 3.00 172.10
13 17 Sep 19 20:21 The Stand Desserts Lightning lnbc577010...decq7r4p05 8.50 180.60
14 17 Sep 19 20:24 Fat Dumpling Lightning lnbc217145...9dsqpjjr6g 32.10 212.70
15 17 Sep 19 20:31 The Stand Desserts Lightning lnbc574530...wvcpp3pcen 8.50 221.20
16 17 Sep 19 20:33 The Stand Desserts Lightning lnbc540660...rpqpzgk8z0 8.00 229.20
17 17 Sep 19 20:37 The Stand Desserts Lightning lnbc128468...r8cqq50p5c 19.00 248.20
18 17 Sep 19 20:39 The Stand Desserts Lightning lnbc135220...cngp2zq6q4 2.00 250.20
19 17 Sep 19 20:45 The Stand Desserts Lightning lnbc574570...atcqg738p8 8.50 258.70
20 17 Sep 19 20:51 Fat Dumpling Lightning lnbc414190...8hcpg79h9a 61.20 319.90
21 17 Sep 19 20:53 The Stand Desserts Lightning lnbc135350...krqqp3cz8z 2.00 321.90
22 17 Sep 19 20:58 The Stand Desserts Bitcoin 17MrHiRcKz...ZxydX8raU9 28.00 349.90
23 17 Sep 19 21:02 The Stand Desserts Bitcoin 1Hwy8hCBff...iEh5fBsCWK 10.00 359.90
24 17 Sep 19 21:03 The Stand Desserts Lightning lnbc743810...dvqqnuunjq 11.00 370.90
25 17 Sep 19 21:04 The Stand Desserts Lightning lnbc114952...2vqpclm87p 17.00 387.90
26 17 Sep 19 21:10 The Stand Desserts Lightning lnbc169160...lpqqqt574c 2.50 390.40
27 17 Sep 19 21:11 The Stand Desserts Lightning lnbc575150...40qq9yuqmy 8.50 398.90
28 17 Sep 19 21:13 The Stand Desserts Lightning lnbc947370...qjcp3unr33 14.00 412.90
29 17 Sep 19 21:15 The Stand Desserts Binance Coin bnb1tc2vva...xppes5t7d0 16.00 428.90
30 17 Sep 19 21:16 Giardinetto Binance Coin bnb1auyep2...w64p6a6dlk 350.00 778.90
31 17 Sep 19 21:25 The Stand Desserts BCH 3H2iJaKNXH...5sxPk3t2tV 7.00 785.90
32 17 Sep 19 21:39 The Stand Desserts Binance Coin bnb17r7x3e...avaxwumc58 8.00 793.90
33 17 Sep 19 21:47 The Stand Desserts BCH 32kuPYT1tc...uFQwgsA5ku 18.00 811.90
34 17 Sep 19 21:52 The Stand Desserts BCH 3ELPvxtCSy...4QzvfVJsNZ 36.00 847.90
35 17 Sep 19 21:56 The Stand Desserts Lightning lnbc677740...acsp04sjeg 10.00 857.90
36 17 Sep 19 22:04 The Stand Desserts BCH 38b4wHg9cg...9L2WXC2BSK 54.00 911.90
37 17 Sep 19 22:16 The Stand Desserts Binance Coin bnb14lylhs...x6wz7kjzp5 18.00 929.90
38 17 Sep 19 22:21 The Stand Desserts BCH 3L8SK3Hr7u...F3htdSPxfL 90.00 1019.90
39 17 Sep 19 22:30 The Stand Desserts Binance Coin bnb19w6tle...774uknv57t 5.00 1024.90
40 17 Sep 19 22:48 The Stand Desserts BCH 3Qag8c4UYg...9EYuWzGjhs 8.00 1032.90
submitted by YeOldDoc to CryptoCurrency [link] [comments]

The events of a SIM swap attack directed at Coinbase (and defense tips)

The information below on an attempted SIM swap attack was pieced together through a combination of login and security logs, recovering emails initiated by the attacker that were deleted and then deleted again from the trash folder, and learning from AT&T’s fraud representatives. The majority if this is factual, and we do our best to note where we are speculating or providing a circumstantial suspicion. TLDRs at the bottom.
The full story:
We were going about our business and received a text from AT&T that says “…Calls & texts will go to your new phone/SIM card. Call 866-563-4705 if you did not request.” We did not request this, and were suspicious that the text itself could be a phishing scam since we searched the phone number and it wasn’t overtly associated with AT&T. Thus, we tried calling AT&T’s main line at 611 but all we hear is beep beep beep. The phone number is already gone. We use another phone to call AT&T and at the same time start working on our already compromised email.
While we didn’t see everything real time, this is what the recovered emails show. In less than 2 minutes after receiving the text from AT&T, there is already an email indicating that the stolen phone number was used to sign into our email account associated with Coinbase. 2 minutes after that, there is an email from Coinbase saying:
"We have received your request for password reset from an unverified device. As a security precaution, an e-mail with a reset link will be sent to you in 24 hours. Alternatively, if you would like your password reset to be processed immediately, please submit a request using a verified device.
This 24 hour review period is designed to protect your Coinbase account."
This is where Coinbase got it right to have a 24 hour review period (actually a recovery period) before allowing the password to be reset. However, the attackers knew this and planned to steal the second email from Coinbase by setting email rules to forward all emails to a burner address and also have any emails containing “coinbase” re-routed so they don’t appear in the Inbox. 5 minutes later, they request a password reset from Gemini and the password was reset to the attacker’s password within a minute after that. The next minute they target and reset DropBox’s password followed immediately with Binance. Less than 2 minutes later, an email from Binance indicates that the password has been reset and another email arrives a minute later indicating a new device has been authorized.
It’s at this point that we begin locking the attacker out by (1) removing the phone number as 2FA (2) changing the email password, (3) and three forcing a logout of all sessions from the email. There was a bit of back and forth where they still had an active login and re-added the stolen phone number as 2FA.
They added only one more password reset to a gaming account that was not deleted. I can only suspect that was a decoy to make it look like the attack was directed at gaming rather than finances.
The Gemini and Binance accounts were empty and effectively abandoned, with no balances and inactive bank accounts (if any), and no transactions in 1-3 years. DropBox had no meaningful files (they probably look for private keys and authenticator backups) and the phone number they stole from us was suspended, so as far as the attacker is concerned, there is no meat on this bone to attack again… unless they had inside information.
This is where I suspect someone internal at Coinbase receiving wire deposits has been compromised in tipping off ripe accounts – accounts with new and somewhat large balances. We had completed a full withdrawal of funds from Coinbase earlier in the year, and had a balance of less than $20 heading into May. Deposits to Coinbase staggered in to get above six figures through mid-May then stopped. The attack occurred 7 days after the last large wire deposit was made to Coinbase.
From the perspective of an attacker that had no inside information, we were a dead end with abandoned Gemini and Binance accounts with zero balances and stale transactions, no DropBox information, and the suspended phone number access. Our Coinbase deposits were known to no one except us, Coinbase, and our bank. We were also able to stop the hacker’s email forwarding before Coinbase’s 24 hour period to send the password reset, so this one didn’t work out for the attackers and it would make sense for them to move on to the next rather than put efforts into a second attack only for Coinbase - for what would appear to be a zero-balance Coinbase account based on the other stale accounts.
Then…23 hours and 42 minutes after the first attack, another message from AT&T “…Calls & texts will go to your new phone/SIM card. Call 866-563-4705 if you did not request.” Here we go again. We had been confident in AT&T’s assurances that our account had been locked and would not be SIM swapped again, so we unwisely added the phone number back to our email account as a backup (it’s now removed permanently and we use burner emails for account recovery like we should have all along).
Upon seeing that our phone number had been stolen again I knew they were after the Coinbase reset email that was delayed by 24 hours from Coinbase as part of their security. We did 4 things within 2 minutes of that text: (1) removed the phone number again from the email account – this time for good, (2) market sell all Bitcoin on Coinbase, (3) withdraw from Coinbase, (4) have AT&T suspend service on the phone line.
In speaking with AT&T, they were floored that our SIM would be transferred again in light of all the notes about fraud on the account and the PIN being changed to random digits that had never been used by us before. Based on the response of disbelief from AT&T on the second port, I suspect that this attack also involved a compromised AT&T employee that worked with the attacker to provide timely access to the Coinbase password reset email. Apparently, this has been going on for years: https://www.flashpoint-intel.com/blog/sim-swap-fraud-account-takeove with phone carrier employees swapping SIMs for $80s a swap.
Remember that most of this was hidden in real time, and was only known because we were able to recover emails deleted from Trash by the attacker.
Since we require any withdrawals to use Google Authenticator on Coinbase, our funds may have been secure nonetheless. However, under the circumstances with attackers that were apparently working with insiders to take our phone number twice in attempts to steal Bitcoin, and it being unknown if they had additional tools related to our Google Authenticator, we decided it was safer on the sidelines. The coins were held on the exchange for a quick exit depending on whether Bitcoin was going to break up or down from $10,000. A hardware wallet is always safest, but we were looking to time the market and not have transaction delays.
For some some security recommendations:
AT&T: If you are going to send a text saying that calls and texts are moving to a new number, provide a 10 minute window for the phone number to reply with a “NO” or “STOP” to prevent the move. This can escalate the SIM dispute to more trusted employees to determine who actually owns the line. Don’t let entry level employees swap SIMs.
Coinbase: Do not default to phone numbers as 2FA. Also, if someone logs in successfully with the password before the 24 hours are up, the password is known and there is no need to send the password reset email again for attacker to have forwarded to them. At least have an option to stop the password reset email from being sent. We did not tag our account at Coinbase with fraud because of the stories of frozen funds once an account is tagged. I’m not sure what the solution is there, but that is another problem.
Being a trader, it would be nice to think of Coinbase as any other type of security brokerage where your assets are yours (someone can’t steal your phone number and transfer your stocks to their account). We fell into that mindset of security, yet this experience has reminded us of the uniqueness of cryptocurrency and the lack of custodial assurance and insurance from exchanges because of the possession-is-everything properties of cryptocurrency.
As many have said before, 2FA with a phone number quickly becomes 1-factor authentication as soon as that phone number is associated with password recovery on your email or other accounts. Our overall recommendation is to avoid having a phone number associated with any recovery options across all your accounts.
TLDR on the process:
Scammers will steal your phone number (in our case twice in 24 hours) and use your phone number to access your email and accounts. They will use your email to reset passwords at financial accounts and file hosting such as DropBox. They will then use that combination to transfer any assets they can access from your accounts to theirs. They will do their best to hide this from you by
(1) not resetting your email password so as to raise suspicion,
(2) immediately delete any password reset emails you may receive from financial accounts to hide them from you,
(3) attempt to forward all emails sent to your address to a burner email, and
(4) set email rules to forward emails containing “coinbase” to an email folder other than your Inbox so that you don’t see the transactions and password reset emails that arrive to your inbox.
TLDR on defense tips: If your phone stops working or you receive a text of your number being ported do the following as soon as possible:
(1) log into your email account(s) associated with your financial accounts and remove your phone number as 2FA immediately
(2) change your email password,
(3) force a logout of all sessions from your email (at this point you have locked them out), then
(4) check your mail forwarding settings for forwards to burner addresses,
(5) check your mail rules for rerouting of emails from accounts such as Coinbase, and
(6) call your carrier to have them suspend service on your lost phone number and ask them to reinstate your SIM or get a new SIM. This will require a second phone because your personal phone number has been stolen.
We hope this helps some others be safe out there in protecting their coins. The more we know, the more we can protect ourselves. Wishing you all the best!
submitted by etheregg to CoinBase [link] [comments]

Buy, Sell, and Trade Crypto on WazirX: How to trade Bitcoin and other Cryptocurrencies on WazirX?

Buy, Sell, and Trade Crypto on WazirX: How to trade Bitcoin and other Cryptocurrencies on WazirX?

Source: WazirX
Hello Friends! Welcome to my one-stop article where you can do earning while learning about “Cryptocurrencies”.
So, in this article, you’ll learn about: How to buy, sell, and trade Bitcoin as well as other cryptocurrencies on WazirX?
WazirX is an “International Cryptocurrency Exchange” and do allow individuals from most countries to sign up on their exchange.

Step 1: Signing up for a WazirX account.

Click here or simply copy-paste the below link in your browser’s search-bar and press Enter to go over to the WazirX’s Sign-Up page:
WazirX Referral Link: https://wazirx.com/invite/j9ykd
Once you’re on the sign-up page, click on the SIGN UP or SIGN UP NOW button to proceed further.

Step 2: Submit your registration details.

  • Email — Enter your complete email address. This is the email address you will use to login and also receive any communication from WazirX. You cannot change your login email address later.
  • Password — Enter a strong password that you will remember. Passwords must be atleast 6 characters long and a maximum of 64 characters. We recommend using passwords longer than 10 characters. Do not use passwords that you’ve already used on another website. Try and mix special characters like @#$%^&-* along with capitals and numerics in your password.

Step 3: Email verification.

Once you’ve entered your email, password and clicked on sign up, you will receive a verification email at your email address. Click on the Verify Email button in the email. You will be taken back to the WazirX website where your verification will be confirmed!
  • Note that the verification email is only valid for 15 minutes. If you do not verify in 15 minutes, login to your WazirX account again and click on the Resend verification email button.

Step 4: Mobile verification.

After verifying your email, the next step is to verify your mobile number.
  • Mobile number — Enter your complete mobile number. Do not include country code or ‘0’ at the start. This will also be the number at which you will receive an OTP when logging into your WazirX account.
  • Verification OTP — You will receive an OTP via an SMS. Enter the OTP in the verification box and click verify.

Step 5: Submit your KYC details.

You can complete your KYC by selecting your country from the dropdown & click on Complete KYC. You’ll then be taken to the next step to enter your details and upload KYC documents for verification.
  • Name — Enter your name as it appears on your KYC document. For eg — If the name is John Smith on your document, please enter John Smith in the form too.
  • Date of Birth — Enter your DOB in DD/MM/YYYY format. For eg — If your DOB is 1st April 1989, enter 01/04/1989. You must be 18 Years and above to apply for a WazirX account.
  • Address — Enter your full address as it appears on your KYC document. Do not enter the City, State & PIN Code in this box as there are separate boxes for that
  • Documents — Depending on the country you’ve chosen, you’ll need to upload a set of KYC documents. Carefully fill in the details in the respective fields & upload a scanned copy or a photo of your KYC document & your selfie as illustrated in the Sign Up form.
Before you click submit, please cross check all your details to make sure you’ve not made any typing errors. This will speed up your verification process. The verification process could take anywhere between 24–48 hours depending on the volume of signups.

Step 6: Start trading Crypto on your WazirX.

  • EXCHANGE — Click on the “Exchange” tab and select the crypto pair in which you want to trade from the: USDT, BTC, or INR pairing list.
  • BUY or SELL — Click on the Buy or Sell tab. Then select either a LIMIT or STOP LIMIT order type. Note that in case of STOP LIMIT, you need to enter a STOP PRICE at which you want that trade to take place. So if you’re a beginner, then it’s recommended to select a LIMIT order type.
  • AT PRICE —Enter your own price at which you want to Buy or Sell your selected crypto.
  • AMOUNT — Enter the amount of crypto which you want to Buy or Sell.
  • PLACE ORDER — Once you’ve entered all the required details related to your Buy or Sell order, you just need to click on the PLACE [BUY/SELL] ORDER to submit your order which will be and can be seen in WazirX’s Open Order Book.
That’s it! As soon as your open order gets completed, you’ve executed your first cryptocurrency trade successfully.
So, what are you waiting for? Sign-up, trade, and earn exciting referral bonuses on the WazirX exchange from the above given link now.
If you want to support me in my efforts for the growth of the Crypto Community then please feel free to donate as per your wish:
Bitcoin $BTC Address: 17hRk6kuhwEnAJN6KTkSjFvfihX4PFbei
Ethereum $ETH Address: 0x63d5692ee8b7bd9bcf1706d2fa73ca0e4e2cef96
XRP $XRP Address: rNxCw7HUbd51dvUMUyC7ju5XivXmCM1Bvr
XRP $XRP Destination Tag: 544806860
Binance Coin $BNB Address: bnb14kktnh6n20efy4kfh0u5xy38rw53j8q5gkzuzv
Binance Coin $BNB Memo: 7515036536

❤️ Like, Share, Leave your comment

If you like my article, don’t forget to like, share with your friends or colleagues and leave your comment below. And do Follow me…

Disclaimer

Trading and investing in cryptocurrencies (also called digital or virtual currencies, crypto assets, altcoins and so on) is subject to market risks. The information provided on this blog is purely for guidance, informational and educational purposes. It does not constitute investment advice, financial advice, trading advice, or any other sort of advice. Do conduct your own due diligence and consult your financial advisor before making any investment decisions.
submitted by VipulJadhav12 to u/VipulJadhav12 [link] [comments]

Binance scammed me 1516 USDT with unethical verification requests! Stay Away from this Scam Exchance!

**************************************************************EDIT from 04/24/20:
read directly here the latest discussion per Email with Symbiotic and the final stage of the BINANCE SCAM:Part 1:
https://www.reddit.com/Bitcoin/comments/g08w53/binance_scammed_me_1516_usdt_with_unethical/fodphld?utm_source=share&utm_medium=web2x
Part 2:
https://www.reddit.com/Bitcoin/comments/g08w53/binance_scammed_me_1516_usdt_with_unethical/fodskqw?utm_source=share&utm_medium=web2x
PART 3: https://www.reddit.com/Bitcoin/comments/g08w53/binance_scammed_me_1516_usdt_with_unethical/fodxud3?utm_source=share&utm_medium=web2x
***************************************************************
Following the discussion here with u/symbiotic_bnb on binance BinanceExchange
Please read the complete story here:
https://np.reddit.com/binance/comments/g01kig/binance_scammed_me_1516_usdt_with_unethical/
Then I'm replying to the official comment made here:https://np.reddit.com/binance/comments/g01kig/binance_scammed_me_1516_usdt_with_unethical/fn83ixw/
IThe reason why I'm giving more details here is that u/symbiotic_bnb banned me from their board so that I couldn't comment his reply and provide more information about the unethical requests made by their exchance binance
Here my answer:
Please feel free to spread the information. I will contact more media if they don't want to fix this.
---
Thanks u/symbiotic_bnb for having banned me from your board binance BinanceExchange. However I will reply on other boards to let everyone know about your abuse.
You wrote:
"Risk Control." This can mean many things, and most often it simply means that we have identified unusual activity on your account that may indicate a third-party has gained unauthorized access and withdrawals were suspended to protect your assets.
Nice. So I remember the steps done:
  1. Last year opened my Tier 0 account (Non verified, just Email, 2FA set)
  2. on same day deposited 0.21BTC
  3. 3-4 months later back, I login to my account from a new machine, but same country. I m asked to verify email, I receive code, login successully, same 2FA.
  4. I sell some of assets, then I withdraw you cancel it for "Risk control" and force me to upgrade my account??? why???? seriously???
If you dont want people to use Level 0 accounts (unverified with KYC, 2 BTC limit), then just don't offer that option!! force everyone from scratch to submit KYC. Simple!
Don't allow people to use the service, then randomly you force them to provide verification. We have a right of privacy !
And now if you force me to verify my account to be able to withdraw my funds, it's my right to choose HOW I verify it. Regardless if my son, brother or sister or whoever does it for me, its verified! End! Now I know you will call this "illegal" but what you are doing is as well illegal in this case! Don't try to find bs reasons for that behaviour.
Your forced me to verify my account, so my account has been verified, as my screenshot is showing. Don't create new reasons to keep my money by asking things I can't provide.
When you ask me to provide video recording of how I load btc in my account, 4 months back, how sick is this? It sounds for me as a torture to find ways to keep money of people. A kind of trap.
You comment:
Case in point: is there a particular reason why someone else attempted to KYC your account a day before your attempt? Typically, legitimate customers do not cycle through various individuals for their KYC attempts. It's interesting that you made no mention of this anywhere, given how obvious it is that this is cause for concern, especially considering that the other individual that submitted KYC for "your" account has been involved in malicious activity on our platform.
First, what do you mean here with "legitmate customer"?? I was using, as your system allows, an unverified account, which was more than enough for my needs. So what is then "legimate customer"?? So do you mean now, all your users who don't have level 2 verified accounts are not legtimate? interesting point...
Now about the verification which has been done after your "illegal" action to force me to upgrade the account to be able to access my account, only because I changed the machine.
Indeed 2 verifications have been done. The first verification has been rejected by Binance because the passport was not the latest updated passport of my country. Though the passport is still valid, binance verification rejected it. So what option did I have from that moment? I spoke with customer service and they couldn't help.
So what should I have done from that moment? Just abandon my hard earned money with binance for this? Even the drive license was rejected. It's a lot of money. So I asked my friend who had a newer passport to verify the account for me. And the account was verified successfully!
If you call this "illegal", then you are not different at all, you are exactly the same! You lock customers in a wheel while having their money, then forcing them to upgrade to level 2. This is illegal! Then you again you complain when the account is finally verified!
Next you start asking what customers can't provide to have a way to keep the money.
That said, Binance has no interest in "stealing" anything from any of its customers, but we surely aren't going to allow bad actors to freely operate on our platform. You may simply respond to the ticket from here forth.
really? so you are the good actor and I m the bad actor right? Congratulations! :-)
Sorry this does not give you the right to keep my coins. If so, it's simply called SCAM. You don't like me? No problem, give me my money, and close my account.
Don't find pretexts to keep the money for you.
Imagine that this exchange is doing this shit every day, randomly to customers, customers who don't want to provide their KYC (and it's their right! don't call them bad actor! You are Superman!) will simply abandon their money, do you know how many boost revenue is it for them? Nice way to make money u/symbiotic_bnb BinanceExchange
For any normal customer reading this, support is extremely busy due to recent market conditions and new interest pouring into the market and some tickets may take longer than intended to address, but that doesn't mean that there is any ill intent behind the delay. If you go an extended amount of time, such as 3+ days, with no response to your ticket, you may speak with the live support on our website and request an update.
Sorry but I have been patient enough! After I opened the ticket, your CS was fast enough to reply and make insane and unethical request. Since it has been 12 days, that I sent different emails, no response. Now you found better excuse! When you contact live support, they said "in few hours you will get answer".
If you are unable to provide anything that customer support asks for, all you need to do is respond to the ticket and explain what you are unable to provide and why you are unable to provide it. There are procedures in place for nearly every situation, support does not simply give up after the first step if a customer is unable to provide something that is not always guaranteed to be known.
Objection! I already replied, 12 days, no single answer from your team. What other option did I have?? See the screenshots I posted earlier, its clear enough!
Posting on Reddit is the last stop once all other options have failed. Keep in mind that you do not need to embellish or over-exaggerate your situation to get assistance. Simply be reasonable and you will receive the same in return.
Exactly! All other options to solve this issue directly with you have failed! I have to tell my story here. And see, you replied fast.... 12 days you / your CS didn't reply to my emails.
You asked me to be reasonable? I think I'm very reasonable. Treat well your customers and with respect if you want to get the same in return. Simple life's rule.
You can scam me if you want. I expect you to release my money and close my account. This is the correct way if your company is serious.
Bitcoin BinanceExchange CryptoCurrency CryptoCurrencyTrading CryptoScam CryptoScamAlert CryptoScamsVictims
EDIT: When I asked to u/symbiotic_bnb why they banned me from their board, see the answer:
The answer to every single on of your questions here is answered within my comment. People that come to our subreddit, over-exaggerate their situation, and spread FUD, especially by way of ridiculous conspiracy theories, are not welcome. Respond to the ticket as your were advised and we aill proceed accordingly with verifying the details of your case.
Screenshot: https://i.imgur.com/B1MYT0U.png
Very funny, so I m spreading "ridiculous conspiracy theories"?? wow very nice :-)
And they are asking me to respond to the ticket? lol how many times should I respond? I'm telling that I responded alredy 12 days ago, and sent many reminders, they simply ignored. very funnny lol
submitted by churgercold to Bitcoin [link] [comments]

HUOBI EXCHANGE REVIEW

HUOBI EXCHANGE REVIEW
Huobi is a Singapore-based cryptocurrency exchange. Founded in China, the company now has offices in Hong Kong, Korea, Japan and the United States. In August 2018 it became a publicly listed Hong Kong company.
Recently during early 2019, after crypto communities lost interest in ICOs (Initial Coin Offering) due to many unregistered STOs (Security Token Offering) and other projects whose aim was only to raise the funds. Exchanges adapted and gave a new dimension of the fund raising, IEO (Initial Exchange Offering).
In this regard, exchanges helped the projects by providing them a platform to raise the funds and also helped the retail investors by doing due diligence on the project on behalf of the investors. Best part of this process is, such issued tokens are listed on the same platform and exchanges helped these start ups in the process. This gave a sense of security and helped to maintain integrity with the projects and public investors.
All the top tier exchanges are participating in this movement and named such fund raising as Launchpad, Jumpstart, Spotlight, Startup etc. While Huobi came up with Huobi Prime.
Unlike other exchanges, Huobi Prime has helped varieties of start-ups.
  • It all started with a DAG based blockchain platform, Top Network.
  • A project named after the greatest scientist who made a major impact on the human lives, Newton Project. It is aimed to deliver an infrastructure for the community economy.
  • It is followed by Thunder Core. A blockchain project dreamt of decentralized future and allows anyone to build dApps on their platform.
  • Then Reserve Rights continued the legacy. It’s a protocol for stable currencies with three kinds of tokens RSV, RSR and collateral tokens.
  • Akropolis - a protocol to explore the informal economy and help the people with DeFi. It was one of it’s kind which was competitive enough to seek the help from the Huobi.
  • Later a social digital currency, Emogi secured a place to be the next Prime project.
  • Recently, Whole Network - A consensus, co-creation, and win-win behavioral value network had the opportunity to feature as a 7th Prime project.
However, each of the Prime project is different from the other in the list. One must admit, it is a basket with mixed fruits. From DAG to Currency to dApp platform to stable coin protocol to DeFi protocol to digital currency to blockchain phone. Huobi has covered a rich list of projects in this journey.

https://preview.redd.it/8z08lbq3qls41.png?width=800&format=png&auto=webp&s=34de122d950f32feb46df82cdce290221e1572be

(This chart presents the information based on the price of the each token on 2nd October. However it may vary marginally as price of the cryptocurrencies are volatile in nature)
Trading Options
Many centralized exchanges serve as the sole, centralized market maker. In contrast, Huobi also allows you to trade over the counter (OTC). This means that you can buy and sell cryptocurrencies peer-to-peer on Huobi. Even though this option exists on the exchange, it has yet to gain adoption from traders. Various commenters have said that there is a lack of OTC offers. Still, this is still an innovative technical feature.

If you are a margin trader, Houbi has a separate platform specifically for this. You can access this by going to the margin tab in the header. The amount of leverage you can have varies from coin-to-coin. For example, BTC is around 3x. Compared to other margin trading platforms, this is low. Nonetheless, it is an attractive option for potential users.

In December 2018, Huobi Derivative Market issued BTC contracts and ETH contracts (including weekly, bi-weekly and quarterly, respectively), and flexible leverages, including 1x, 5x, 10x and 20x. In the future, more digital currencies will be issued to meet various investment demands.
Meaning “currency” in Mandarin Chinese, Huobi consistently ranks as one of the world’s top ten largest exchanges by trade volume. In this article, we look at everything you need to know as a potential Huobi user. Let’s examine fees, fund security, customer experience and more.

User Interface and Mobile App

Available on iOS and Android, the Huobi mobile app features most of the functionalities available on the web platform. You can even complete tasks like account registration and verification directly via the app. In Google Play, the Huobi Global app has an average rating of 4.1 stars out of 3,730 reviews. However, in December 2018 and January 2019, some users have said that the Android app won’t let them login due to an error with Captcha. On the Apple App Store, Huobi boasts an average rating of 4.9 stars out of over 4,800 reviews.

Trading Options

Many centralized exchanges serve as the sole, centralized market maker. In contrast, Huobi also allows you to trade over the counter (OTC). This means that you can buy and sell cryptocurrencies peer-to-peer on Huobi. Even though this option exists on the exchange, it has yet to gain adoption from traders. Various commenters have said that there is a lack of OTC offers. Still, this is still an innovative technical feature.

If you are a margin trader, Houbi has a separate platform specifically for this. You can access this by going to the margin tab in the header. The amount of leverage you can have varies from coin-to-coin. For example, BTC is around 3x. Compared to other margin trading platforms, this is low. Nonetheless, it is an attractive option for potential users.

In December 2018, Huobi Derivative Market issued BTC contracts and ETH contracts (including weekly, bi-weekly and quarterly, respectively), and flexible leverages, including 1x, 5x, 10x and 20x. In the future, more digital currencies will be issued to meet various investment demands.

Huobi offers a margin trading option.

Security

Compared to other exchanges, Huobi continues to excel from a security perspective. Many top exchanges suffer from large-scale hacks, with varying results in terms of trading volume afterward. In 2015, a Bitstamp hacker withdrew 12,000 BTC from Huobi. However, this issue did not relate to the security of Huobi. Huobi reported a DDOS attack in 2015 but this did not cause a security breach. According to one review, an individual user lost USDT and EOS on Huobi. This reviewer states that the problem was caused by a technical error with Huobi’s 2FA. One comment suggests that it was the result of a phishing scam.

Huobi claims that its risk controls have been developed by the likes of Goldman Sachs. The exchange stores around 98 percent of funds in cold wallets. Moreover, Huobi now utilizes a decentralized exchange structure to prevent DDOS attacks. The exchange even has a User Protection Fund Initiative. Twenty percent of net revenue that the exchanges gains from trades will go to this fund, which it will use to buy back Huobi Token (HT). It also has a service called Huobi Security Reserve. As part of this, the exchange plans to store 20,000 BTC for insurance. This is a preventative measure that will help Huobi reimburse users in the case of any future hacks.

Huobi Fees

Huobi has a 0.2 percent fee that applies to both market makers and takers for amounts between $0 and $5,000,000 over the course of a 30-day period. In comparison, other top exchanges like Binance have 0.1 percent fees. Meanwhile, GDAX has 0.3 percent fees.

In January 2019, Huobi Global launched a tiered fee structure that significantly reduces fees for higher volume traders. This is relatively competitive when compared to other exchanges. Users also have the option to reduce trading fees on Huobi by becoming a VIP member. This involves paying a monthly payment of HT, which varies depending on the membership level (1-5).

Like most exchanges Huobi has no fees on deposits. However, Huobi does have withdrawal fees and minimums that vary from coin-to-coin. For example, withdrawing Bitcoin (BTC) costs 0.001 BTC, with a minimum withdrawal amount of 0.01 BTC. For Tether (USDT), the flat fee is 5 USDT and minimum withdrawal amount is 20 USDT. Overall, this means that Huobi fees are generally higher than most exchanges for lower withdrawal amounts. A few exceptions exist. For example, TUSD has a withdrawal minimum of $20 but a withdrawal fee of only $2.

Withdrawal Limitations

Similar to many exchanges on the market, Huobi has withdrawal limitations based on various levels of user verification. One thing you will notice is that withdrawal amounts vary greatly depending on your citizenship. For example, if you are a citizen of China, you can’t withdraw any funds as an unverified user or with level 1 verification. This option is only available at level 2 or above. In the United States, the exchange only requires level 1 verification. However, the amounts are relatively low: a daily limit of $2,000 and a monthly limit of $10,000.

Customer Service Experience

Compared to most exchanges, Huobi has above average customer service experience. Customer support is available 24/7, and response times only take two to three hours on average. Many consider this to be a rarity in the space.

There are two main methods that you can use to reach customer support. First, you can utilize the chat app that is available directly on the Huobi trading platform. Second, you can contact the team at [[email protected]](mailto:[email protected]). If you choose this option, Huobi asks that you use the registered email address associated with your Huobi account and include your user ID.

Huobi Website: https://www.huobi.vc/en-us/topic/invited/?invite_code=3afg5
UID: 134371568
Huobi Indian Community: https://t.me/huobiglobalindia
Huobi Global Community: https://t.me/huobiglobalofficial
submitted by asheroliver to u/asheroliver [link] [comments]

Binance scammed me 1516 USDT with unethical verification requests! Stay Away from this Scam Exchance!


Following the post made here https://www.reddit.com/binance/comments/g01kig/_/fn83ixw
Please read the complete story here:
https://np.reddit.com/binance/comments/g01kig/binance_scammed_me_1516_usdt_with_unethical/
Thanks u/symbiotic_bnb for having banned me from your board binance BinanceExchange so that I can't reply anymore.

So I have decided to create my own community now. I hope other victims of your exchange will join this community and share their experience here.
For my current case you can review all the discussion here:
You wrote:
"Risk Control." This can mean many things, and most often it simply means that we have identified unusual activity on your account that may indicate a third-party has gained unauthorized access and withdrawals were suspended to protect your assets.
Nice. So I remember the steps done:
1) Last year opened my Tier 0 account (Non verified, just Email, 2FA set)
2) on same day deposited 0.21BTC
3) 3-4 months later back, I login to my account from a new machine, but same country. I m asked to verify email, I receive code, login successully, same 2FA.
4) I sell some of assets, then I withdraw you cancel it for "Risk control" and force me to upgrade my account??? why???? seriously???
If you dont want people to use Level 0 accounts (unverified with KYC, 2 BTC limit), then just don't offer that option!! force everyone from scratch to submit KYC. Simple!
Don't allow people to use the service, then randomly you force them to provide verification. We have a right of privacy !
And now if you force me to verify my account to be able to withdraw my funds, it's my right to choose HOW I verify it. Regardless if my son, brother or sister or whoever does it for me, its verified! End! Now I know you will call this "illegal" but what you are doing is as well illegal in this case! Don't try to find bs reasons for that behaviour.

Your forced me to verify my account, so my account has been verified, as my screenshot is showing. Don't create new reasons to keep my money by asking things I can't provide.
When you ask me to provide video recording of how I load btc in my account, 4 months back, how sick is this? It sounds for me as a torture to find ways to keep money of people. A kind of trap.

You comment:
Case in point: is there a particular reason why someone else attempted to KYC your account a day before your attempt? Typically, legitimate customers do not cycle through various individuals for their KYC attempts. It's interesting that you made no mention of this anywhere, given how obvious it is that this is cause for concern, especially considering that the other individual that submitted KYC for "your" account has been involved in malicious activity on our platform.
First, what do you mean here with "legitmate customer"?? I was using, as your system allows, an unverified account, which was more than enough for my needs. So what is then "legimate customer"?? So do you mean now, all your users who don't have level 2 verified accounts are not legtimate? interesting point...
Now about the verification which has been done after your "illegal" action to force me to upgrade the account to be able to access my account, only because I changed the machine.
Indeed 2 verifications have been done. The first verification has been rejected by Binance because the passport was not the latest updated passport of my country. Though the passport is still valid, binance verification rejected it. So what option did I have from that moment? I spoke with customer service and they couldn't help.
So what should I have done from that moment? Just abandon my hard earned money with binance for this? Even the drive license was rejected. It's a lot of money. So I asked my friend who had a newer passport to verify the account for me. And the account was verified successfully!
If you call this "illegal", then you are not different at all, you are exactly the same! You lock customers in a wheel while having their money, then forcing them to upgrade to level 2. This is illegal! Then you again you complain when the account is finally verified!
Next you start asking what customers can't provide to have a way to keep the money.

That said, Binance has no interest in "stealing" anything from any of its customers, but we surely aren't going to allow bad actors to freely operate on our platform. You may simply respond to the ticket from here forth.
really? so you are the good actor and I m the bad actor right? Congratulations! :-)
Sorry this does not give you the right to keep my coins. If so, it's simply called SCAM. You don't like me? No problem, give me my money, and close my account.
Don't find pretexts to keep the money for you.
Imagine that this exchange is doing this shit every day, randomly to customers, customers who don't want to provide their KYC (and it's their right! don't call them bad actor! You are Superman!) will simply abandon their money, do you know how many boost revenue is it for them? Nice way to make money u/symbiotic_bnb BinanceExchange

For any normal customer reading this, support is extremely busy due to recent market conditions and new interest pouring into the market and some tickets may take longer than intended to address, but that doesn't mean that there is any ill intent behind the delay. If you go an extended amount of time, such as 3+ days, with no response to your ticket, you may speak with the live support on our website and request an update.
Sorry but I have been patient enough! After I opened the ticket, your CS was fast enough to reply and make insane and unethical request. Since it has been 12 days, that I sent different emails, no response. Now you found better excuse! When you contact live support, they said "in few hours you will get answer".

If you are unable to provide anything that customer support asks for, all you need to do is respond to the ticket and explain what you are unable to provide and why you are unable to provide it. There are procedures in place for nearly every situation, support does not simply give up after the first step if a customer is unable to provide something that is not always guaranteed to be known.
Objection! I already replied, 12 days, no single answer from your team. What other option did I have?? See the screenshots I posted earlier, its clear enough!

Posting on Reddit is the last stop once all other options have failed. Keep in mind that you do not need to embellish or over-exaggerate your situation to get assistance. Simply be reasonable and you will receive the same in return.
Exactly! All other options to solve this issue directly with you have failed! I have to tell my story here. And see, you replied fast.... 12 days you / your CS didn't reply to my emails.
You asked me to be reasonable? I think I'm very reasonable. Treat well your customers and with respect if you want to get the same in return. Simple life's rule.
You can scam me if you want. I expect you to release my money and close my account. This is the correct way if your company is serious.

Bitcoin BinanceExchange CryptoCurrency CryptoCurrencyTrading CryptoScam CryptoScamAlert CryptoScamsVictims

EDIT: When I asked to u/symbiotic_bnb why they banned me from their board, see the answer:
The answer to every single on of your questions here is answered within my comment. People that come to our subreddit, over-exaggerate their situation, and spread FUD, especially by way of ridiculous conspiracy theories, are not welcome. Respond to the ticket as your were advised and we aill proceed accordingly with verifying the details of your case.
Screenshot: https://i.imgur.com/B1MYT0U.png
Very funny, so I m spreading "ridiculous conspiracy theories"?? wow very nice :-)
And they are asking me to respond to the ticket? lol how many times should I respond? I'm telling that I responded alredy 12 days ago, and sent many reminders, they simply ignored. very funnny lol
Let's see what will happen next.
submitted by churgercold to BinanceExchangeScam [link] [comments]

HUOBI EXCHANGE REVIEW

ABOUT HUOBI :
Huobi is a cryptocurrency exchange founded in China in 2013. Currently, Huobi is based in Singapore because this country has friendlier cryptocurrency regulations. The company is registered in Seychelles. Before leaving China due to a cryptocurrency ban, the exchange was responsible for 90% of Bitcoin trading volume in this country. Now Huobi is an international platform with offices located in Singapore, Hong Kong, the United States, Japan, and Korea. In China, the company provides blockchain consulting services. Huobi has sub-exchanges: Huobi Korea, Huobi US, etc. Huobi Global is the biggest Huobi exchange. In November 2019 Huobi Global had to shut down all the accounts belonging to the US customers due to strict cryptocurrency regulations of the USA. This exchange is one of the top 50 cryptocurrency exchanges by trade volume. On the Coingecko chart of exchanges, Huobi Global occupies the third position. The exchange has more than 500 markets and supports over 220 cryptocurrencies. As Huobi provides an option to buy cryptocurrency with fiat money, this exchange is a gateway for people who enter the cryptocurrency world .

FEATURES :
Huobi Global has a really wide range of functions. First off, this exchange provides an opportunity to buy cryptocurrencies with fiat money using a credit card and other payment means. This option is delivered in the over-the-counter trading section (OTC). There is a menu line in the upper part of the website. It begins with "But Crypto". That's where one can see the OTC offerings provided by Huobi. One can buy or sell the following currencies: Bitcoin (BTC), Ether (ETH), Tether (USDT), EOS, XRP, Litecoin (LTC), Huobi Token (HT), Huobi stablecoin (HUSD), and Bitcoin Cash (BCH). Please note, that there are not so many offerings especially for certain currencies. Normally there are many options for buying BTC or USDT. The prices and payment methods vary from one trader to another. You can pay with a credit card, some traders accept payments via Western Union, AliPay, and other services.
There is a cryptocurrency exchange with hundreds of crypto-to-crypto pairs. The exchange supports market, limit and stop-limit orders. It gives traders some control over the situation and helps to secure the assets from trading in loss to some extent. In general, the exchange interface of Huobi is quite generic.
Those who have experience of trading on several other exchanges will find the interface familiar. It has a trading view with a candlestick chart on the left and the list of orders updating in real-time on the right. Under the charts, there is an order history. Under the list of market trades, there is a section where users can place orders. The candlestick chart is powered with numerous analysis tools and indicators.
What makes Huobi Global more attractive for traders is the support of margin trading. In all margin trading pairs the currencies are traded against Tether (USDT). There are 6 cryptocurrencies that can be traded with x3 leverage: Bitcoin (BTC), Bitcoin Cash (BCH), Litecoin (LTC), XRP, Ether (ETH), and EOS.
Huobi Global is aimed to provide service both to small investors and institutional traders. That's the reason why the platform offers institutional accounts with special opportunities for corporate customers. Among these features, there are colocation options and other tools that provide the opportunity of seamless high-frequency trading. Additionally, institutional accounts can get special OTC loans.
One more feature is trading derivatives. Huobi provides two separate interfaces for that purpose: Swap trading and Futures trading platforms on Huobi DM. Moreover, it is possible to participate in IEO trading via the Huobi exchange. This feature requires the use of the Huobi Token.

ASSETS AND INSTRUMENTS:
As mentioned, there are two types of instruments that you can trade on the Huobi derivatives platform. These are your traditional futures as well as the perpetual swaps or futures.
With these instruments, you are trading crypto on margin. This means that they are leveraged and your exposure is often many multiples of the amount that you have put down as collateral.
Now that we have a brief understanding of leverage, let’s take a look at the instruments on offer at the Huobi exchange.
Futures are instruments that allow the holder to buy or sell some asset in the future. Essentially, you are trading some future price of the instrument on the chose delivery date. In terms of expiry dates, they have weekly, bi-weekly and Quarterly which settle every Friday. In terms of expiry dates, they have weekly, bi-weekly and Quarterly which settle every Friday. When it comes to the specifics of the contract, they differ according to which asset is being traded. You should also take a look into the contract specifics in the Huobi docs. This includes such information as the index reference for the prices as well as your last trading price. The latter can only be done up till 10 minutes before the expiry.
Perpetual swaps are leveraged instruments that do not have have a delivery date. They are marked to market everyday and settle 3 times a day. They are sometimes also called “perpetual futures” at other exchanges.
The reason that they are called “Swaps” at Huobi Derivatives is because you are swapping the returns of one asset for the returns of another. Here, you are swapping crypto returns for returns on the US dollar.
At Huobi DM, the Perpetual swaps have leverage up to 125x and they are written on 5 different assets. These are Bitcoin and Ethereum with other coins to be added soon.

HUOBI APPS:
Huobi mobile app for iOS and Android are available. Similarly, the Huobi mobile app features most of the functionalities available on the web platform also. You can even complete tasks like account registration and verification directly via the app. In Google Play, the Huobi Global app has an average rating of 4.1 stars out of 3,730 reviews. However, in December 2018 and January 2019, some users have said that the Android app won’t let them login due to an error with Captcha. On the Apple App Store, Huobi boasts an average rating of 4.9 stars out of over 4,800 reviews.

API :
For those of you who are programmers, you will be happy to learn that Huobi global API can be used on the Futures and Swap markets.
There is both a websocket as well as a REST version available. It is suggested that you use the REST for one off operation to trade and withdraw. You should use the websocket for market data & order updates. You should also note that you can be a market maker on through the API.
If you want to start using the API then you will to get yourself an API key. This can easily be done in the API management of your account dashboard. Here you can select whether you would like it to be a read-only, Withdraw or Trade. You can also bind an IP address to this API so you can ensure than no other person will use your account even if compromised.

HUOBI FEES :
Huobi has a 0.2 % fee that applies to both market makers and takers for amounts between $0 and $5,000,000 over the course of a 30-day period. In comparison, other top exchanges like Binance have 0.1 percent fees. Actually, it has a fair trading fees structure and easy to remember also. Meanwhile, GDAX has 0.3 percent fees.
In January 2019, Huobi Global launched a tiered fee structure that significantly reduces fees for higher-volume traders. This is relatively competitive when compared to other exchanges. Users also have the option to reduce trading fees on Huobi by becoming a VIP member. This involves paying a monthly payment of HT, which varies depending on the membership level (1-5).
Like most exchanges, Huobi has no fees on deposits. However, Huobi does have withdrawal fees minimums that vary from coin-to-coin. For example, withdrawing Bitcoin (BTC) costs 0.001 BTC, with a minimum withdrawal amount of 0.01 BTC. For Tether (USDT), the flat fee is 5 USDT. And the minimum withdrawal amount is 20 USDT. Overall, the meaning- Huobi fees are generally higher than most exchanges for lower withdrawal amounts. A few exceptions exist. For example, TUSD has a withdrawal minimum of $20 but a withdrawal fee of only $2.

IS IT TRUSTWORTHY?
In contrast to other exchanges, Huobi receives a favorable score. First of all, it is incorporated and operated from Singapore. As we all know crypto regulations are advanced there. And promote blockchain startups always. Second, Huobi does provide users with multiple ways to safeguard their accounts. Although it is not enough. Essentially, 2-factor authentication is available using both SMS and authenticator apps. The platform does not require any special confirmation if the account is logged into from an unfamiliar IP address or location. There is no option to whitelist addresses for asset withdrawal, allowing funds to be sent to any address input. Furthermore, Huobi was never hacked. Even though they do present a lucrative target for attackers. Meaning, Huobi has adopted a decentralized exchange structure, which helps to resist DDOS attacks. And we believe the exchange takes these threats seriously and does everything in their power to protect the exchange from hackers. Also, Huobi does store user funds in cold storage to restrict access to them. Actually, the exchange stores around 98 percent of funds in cold wallets.

SUPPORT :
Something else that is crucial to the entire trading experience is the level of support that the exchange provides. There is nothing more frustrating than having to wait hours for response from support.
When it comes to Huobi, there are actually quite a few options to reach their customer support. Perhaps the quickest and most effective way is through their live chat function. Firstly, they will try to help you with the available resources. If that does not work then you can reach out to a live agent.

CONCLUSION:
So, in summary. We really liked the Huobi futures products. It is not only highly functional but is also secure and leverags the expertise that the team have at the main Huobi exchange.
For the futures instruments, there is a decent range of assets and leverage. Markets are also pretty liquid and these are all traded on a simplistic yet technically able trading platform. It’s also great that you can trade on PC programs and mobile apps as well.
When it comes to security, they have taken all of the same precautions that are used on the main exchange. Their 20,000 BTC strong insurance fund keeps them well protected and they have not had a single clawback of trader funds since their inception.
Yes, there are areas for improvement but the exchanges is still evolving and building out functionality. One can only hope that they take trader suggestions into account.
So then, is it worth considering?
Well, if you are looking for a highly functional and secure futures exchange that is backed by one of the biggest names in the business, then it is well worth a try.

Huobi Website: https://www.huobi.com/en-us/topic/invited/?invite_code=czdh5
UID: 138138177
Huobi Indian Community: https://t.me/huobiglobalindia
Huobi Global Community: https://t.me/huobiglobalofficial
submitted by sreenthepotato to u/sreenthepotato [link] [comments]

Bitcoin Price Jumps, Massive Power Grab, Binance In China, Ripple + Santander & Games On Tezos How To Get Any Binance Coin Wallet Address To Send Funds ... Binance Tutorial deutsch - Anleitung zum Kaufen und ... Deposting Bitcoin to Your Binance Wallet Address Open a Binance US Bitcoin Trading Account - YouTube HOW TO FUND YOUR ACCOUNT IN BINANCE? #003(TAGALOG) - YouTube Binance.US Guides: How to complete Advanced Verification ... Binance - Withdrawal Address Management Tutorial

Create a Wallet. Sign up for the Exchange. Buy Bitcoin in minutes. Get Started. Twitter Instagram Medium Trade over 40 cryptocurrencies and enjoy the lowest trading fees in America. After the login, please click [Wallet] - [Spot Wallet] on the upper right-hand side of the page, and then click on [Deposit]. 3. Input the abbreviation or full name of a coin/token that you want to deposit or select it from the list. 4. We will use BTC as an example. In order to quickly get the BTC deposit address for your account, copy BTC deposit address, and paste it to the corresponding ... Individuals, businesses, developers: learn from our simple Bitcoin guides. How Bitcoin works, what is Bitcoin, what is blockchain, how to buy Bitcoin, what is Bitcoin mining and more. Home of forex-binance.com. Enter Bitcoin Address; Start Mining. Withdraw Generated Bitcoin; LOGIN. What is bitcoin? How does it work? Bitcoin is open-source software, It was released in 2009. Bitcoin is often abbreviated as the world's first cryptocurrency. In other word, we can say it is the currency in digital form or exists electrically. It is decentralized, It means bitcoin doesn't have ... Centre d'aide et de support Binance Your BTC address is a string of 26-35 letters and numbers that identify your Bitcoin wallet. BTC addresses begin with either a 1 or a 3 and are case-sensitive. When you want to receive funds, this is the information that you provide to the person paying you. Your BTC address is oftentimes called your wallet address or your public address. Login to Coinbase. You’re bringing money from Binance to here, so first, we need to know where the money or cryptocurrency is going to land. Access your wallet on Coinbase, and from there, you’ll be given an address code to use when transferring funds. All you have to do is click on your wallet to open up a menu of adding money, and you’ll be met with a screen that has all the necessary ... Login Register. Home > Glossary > Address. Address. beginner . Much like an address in the real world, or a website, an address on the blockchain relates to the string of text given to identify a particular place or user. More specifically it is the string of text that designates the location of a particular wallet on the blockchain, that can be used to send or receive digital assets from. All ... You’re sending it to Binance, so you need to get an Ethereum address from your Binance account. 2. Login to your Binance account. On the taskbar, click on Funds then Deposits. Now, enter the cryptocurrency you need an address for. In this example, I’m using Ethereum. Binance will create an Ethereum address for you to send funds to. The ETH Deposit Address is where you will be sending your ...

[index] [17870] [941] [15200] [8038] [22786] [22166] [17562] [16434] [958] [14148]

Bitcoin Price Jumps, Massive Power Grab, Binance In China, Ripple + Santander & Games On Tezos

Binance.US - America's New Home for Digital Asset Trading. Get started in minutes once you set up an account with Binance.US to buy and sell cryptocurrencies... Binance Tutorial deutsch In diesem Video erfährst du wie man auf der Plattform Binance Kryptowährungen handeln kann und gegen Bitcoins kaufen und verkaufen k... In this video: Deposting Bitcoin to Your Binance Wallet Address. We go step by step and deposit Bitcoin to Binance Wallet Address. How to fund binance account. Steve Wozniak interview: Blockchain technology, AI, Crypto, Bitcoin BTC Halving 2020 Wozniak Foundation 61,465 watching Live now Binance - Market Orders Tutorial - Duration: 2:39. 👨‍💻 SET UP A BINANCE US ACCOUNT 👩‍💻 https://www.binance.us/?ref=35000644 Invite a friend to get $15! Get $15 when you complete $100 in trading volume ... Brief intro on how to get any coin wallet address to deposit funds to. In this example I'm using Binance Exchange and wallet address ETH- Ethereum In order t... ang video na ito ay guide kong paanu tayo mag deposit ng fund sa binance,gamit ang coin ph. pls subscribe ...thanks... pag wala ka pang account sa binace pls... My Second Channel: https://www.youtube.com/channel/UCvXjP6h0_4CSBPVgHqfO-UA ----- Supp...

#