Share this page!

librehash Profile picture
Twitter logo
17 Jan, 11 tweets, 6 min read
1/ Wrote an article here about an exchanger that allows you to swap several different cryptocurrencies for Monero without KYC or logins at all

librehash.org/alfacash-a-mon…
2/ Being the eternal skeptic, wanted to test if this website was actually legitimate (there are a lot of crypto scams out there; way too many)..

So we start off visiting the main website and set up a LTC:XMR conversion.
3/ The Monero address that you see in the picture above was created using this "mindwallet" altered tool created by Pactito (patcito.github.io)
3a/ Wouldn't recommend creating a Monero wallet this way, specifically, but this tool generates addresses deterministically with Argon2 as its KDF using BIP32 + BIP38
3b/ You can try it yourself. Password for this wallet = librehash

E-mail (salt) = librehash@test.com

You'll generate the exact same addresses and keys as you see here.

Benefit = in theory, you never need to have your private key stored anywhere, ever.
3c/ If you're wondering if this is legit or not, check out the @KeybaseIO implementation at keybase.io/warp ; as you can see, a simple 8-character alphanumeric password with 20+ btc in it has yet to be solved 3-4 years later (salt already given)
4/ Back to the site, we tested out a simple $LTC #Litecoin to $XMR #Monero transfer
5/ Elected to send about $20 worth of $LTC at the time. Enough of an amount to where it felt like a legitimate test. The 6 confirmation wait screen is pretty standard. Cool.
6/ Once that was finished, we were given this screen.

$XMR Monero is diff from other cryptocurrencies (obviously). We need to visit the transaction link.

xmrchain.net/tx/c43ab352aaa…
7/ The link from above takes us here. Notice the two stealth addresses with question marks for 'amount'.

If we want to see ours, we need to use our reg. $XMR addy + priv. view key.
8/ Upon doing so, we can see that the correct output has been matched. Cross referencing it with what the site told us (and what we agreed to), we can see that the values match.

So this gets the stamp of approval right now.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with librehash

librehash Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @librehash

librehash Profile picture
17 Jan
1/ Polkadot is a really well-designed project with some extremely smart folks at the helm - but their plan for interoperability with Bitcoin won't work for a few reasons that will be explained in detail within this thread. #Polkadot $DOT #Parity
2/ Documentation on the proposed 'bridges' for $DOT can be found here = wiki.polkadot.network/docs/en/learn-…

This is where the 'XClaim' protocol is introduced.
2a/ One major setback stopping this from being trustless from the jump is the fact that Polkadot does not use Proof of Work (that is necessary) - but even putting this to the side, there are critical elements missing.
Read 21 tweets
librehash Profile picture
16 Jan
1/ Anyone can be in crypto if they want to be.

But there needs to be a lot more transparency in this space for those using the technology directly as well as those that are investing.
2/ The Electrum wallet hacks are a prime example of how you can get screwed in this space even if you are just a "user"..

zdnet.com/article/bitcoi…

This problem has been pervasive for Electrum wallet users for over 2 years.
3/ Of course, we don't even need to speak on Ledger wallet users - that debacle has only gotten worse over time.

cointelegraph.com/news/ledger-da…
Read 5 tweets
librehash Profile picture
16 Jan
1/ Thread on @adam3us because he's the head of @Blockstream ; an organization that he created as a power grab over #Bitcoin to subvert its direction into a money making machine to salvage all of his previously failed experiments in crypto. @zooko is his student.
2/ We already know about 'hashcash', everyone talks about it all the time. But do you all know about 'Zero Knowledge Systems'?

That's a company he co-founded *way back when* with Sammy Hill

en.wikipedia.org/wiki/Zero_Know…
2a/ Curiously, the former CEO of Blockstream (before Adam Back), was Austin Hill - the same Austin Hill from the Zero Knowledge System company that they had created with one another.

source: cnbc.com/austin-hill/
Read 16 tweets
librehash Profile picture
4 Nov 20
1/ Once upon a time, CZ promised us that he would never list 'shitcoins'.

Not even if they "pay 400 or 4,000 BTC".

He forgot to mention (about the coins that he did list on his exchange "without fee", that he has extensive ties with each project's community)
2/ $NEO was probably listed because of @cz_binance's relationship with Da Hongfei (head of NGC Capital whom is also a seed investor in Binance); these guys go way back - maybe that's why @binance tends to list *almost all* of Da Hongfei's projects.
2a/ Attached, we can see Da Hongfei listed as one of the seed investors in Binance (source: Binance exchange whitepaper ; not the exchange token, but the actual exchange itself)
Read 6 tweets
librehash Profile picture
4 Nov 20
1/ This article enumerates the inefficacy of modern wallet solutions (and why I recently wrote a three-part series titled, 'Why You Don't Need a Hardware Wallet' <-- being released today in an hour or so).
2/ If you read the quoted tweet above and thought to yourself, 'Wait a minute, I thought that Bitcoin & blockchain were supposed to be unhackable!', then you're on the right track.

Its more so that the *cryptography* used for Bitcoin cannot be reasonably cracked.
3/ However, these cryptographic primitives (i.e., ecdsa) are only as strong as their implementation and only as secure as their execution environment.

The idea of encrypting 'wallet.dat' files (a default standard for $BTC by Core), is unnecessarily dumb & unnecessary.
Read 13 tweets
librehash Profile picture
3 Nov 20
1/ Not in the least bit, and the protocol isn't really designed to operate like Bitcoin (since Bitcoin was created for peer-to-peer payments).

Also, the upside for what Ethereum can / can't do seems to be a hell of a lot more limited than it is for Bitcoin (ironically).
2/ The fact that Ethereum has an account-based transaction system (vs. UTXO) means that all Ethereum wallets must have an incrementally increasing 'nonce' value; the downside here is that this requires one to 'sync' with a node / API running *somewhere* on planet earth
3/ More so to that API point that I made above, the disadvantage here for Ethereum users (in comparison to Bitcoin; don't worry I'll bring up an advanage).

Metamask users, for instance, have their wallets pointed at Infura(.)io's API endpoint.
Read 5 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @librehash has new unrolls!

Check out other threads from @librehash!

Read all threads by @librehash