How to Install your first BitCoin wallet app

This is part of a multi-part series of articles on how to get started in cryptocurrencies. This article is the first step you need to take: Installing your first wallet app. Before you do anything else, you must first create your own BitCoin wallet.

What does this mean and why?

In the cryptocurrency world, YOU are your own bank. That means YOU are 100% in control of your cryptocurrency and no one else. This means no one can steal your funds… not a bank, not the government, not hackers that hack a cryptocurrency exchange.

What’s a cryptocurrency exchange?

A cryptocurrency exchange is a CENTRALIZED authority where you can buy cryptocurrency with fiat currency. One of the articles in this series will cover that. Fiat currency is money you’ve been using your whole life like U.S. dollars, the British pound, the Euro, etc… Currencies created by and issued by governments are “fiat” currencies. Cryptocurrencies are created by citizens with complex computer code and not under the control of governments and are not assigned to any one country. They are borderless.

A cryptocurrency exchange is essentially a centralized bank. They are your “on ramp” and “off ramp” for cryptocurrency. (they’re not the ONLY way to acquire crypto) Before you buy any cryptocurrency with fiat from an exchange, you need to have your own, personal cryptocurrency wallet set up so that you can immediately transfer your purchased crypto into your own personally controlled wallet. If you don’t do that, you’re not in control of your crypto. “Not your keys, not your crypto”.

Not Your Keys, Not Your Crypto!

People often make the HUGE mistake of purchasing crypto, but then NOT moving it to their own, personal wallets. This is why people WRONGLY claim that crypto is always stolen. IT IS NOT! If they had moved their crypto into their own personal wallet files, the massive thefts of crypto that happened at exchanges like Mt Gox would NEVER have happened!

The REASON people lost money with exchanges is because they made the fatal mistake of LEAVING their crypto IN A CENTRALIZED BANK! Hackers got ahold of the central bank’s keys and stole millions of dollars worth of crypto… FROM THE BANK! Only the users that FAILED to move their crypto into their own wallets ever lost anything.

DO NOT MAKE THAT MISTAKE!

Install the Electrum BitCoin wallet app on your PC. Below, is a video demonstrating the entire process.

There are MANY wallet apps for MANY cryptocurrencies. I created a website for decentralized apps and services and I’m adding more to it all the time. Here’s a (growing) list of cryptocurrency wallets. Electrum isn’t the only one.

Cryptocurrency Wallet Apps

BitCoin Just had its 2020 Halvening: Here’s what that means

What Happened?

Earlier today (2020-05-11), the amount of new BitCoins awarded to each minor that hits the jackpot of finding the right hash to validate the latest block of transactions now gets rewarded HALF the amount of BitCoin that they would have been awarded for each block mined for the last 4 years. For the last 4 years, up until earlier today, every block that was mined, 12.5 BitCoins were awarded to the miner that mined it. Now, and for the next 4 years, any minor that mines a block will be awarded only 6.25 BitCoins.

Why did that happen?

Creating new BitCoins is like printing money. It shouldn’t be done unless it has to because doing so floods the market with new coins and reduces the value of every coin already in existence. This is called “inflation”. But, the miners have to be incentivised to run their expensive hardware and burn through their expensive electricity, therefore, they are rewarded with a small amount of new coins. But, also built into the algorithm is a maximum limit of 21 million total BitCoins. There aren’t that many BitCoins yet, and this halvening algorithm is part of the reason why. By cutting in half, the reward, every 4 years (more specifically, every 210,000 blocks mined), it will take 144 or so years before the last BitCoin is mined.

What does this mean?

For miners, it means their income is cut in half… but only in the short term. BitCoin is deflationary by design, so the value of BitCoin has been and it is expected to continue to go up over time.

For consumers, it doesn’t mean much, at least not in the immediate future. The price of BitCoin has not been immediately effected by prior halvening events. For the most part, it should be business as usual.

For HODL’rs (people that Hold On for Dear Life… saving for the long term), it should reinforce the future value of their BitCoin.

For day traders, given prior halvenings that turned out to be non eventful, they probably won’t experience much of a difference either.

Conclusion:

For the most part, there’s more hype than action… every halvening, but the algorithm for the halvening is critically important for the long term viability of BitCoin.

What’s the best crypto-wallet for daily use?

Cryptocurrency is different than fiat money, as you probably already know.  But those differences make a HUGE impact on how you choose which wallet software to use.  And it’s all about control… YOUR control over your own money.

Let’s begin…

Rather than telling you which wallet apps are best, I’m going to lay out the features you need to look for in wallets, and the ones you need to DEMAND.  In other words, in the “demand” features, you should remove any wallet from consideration that does NOT have the complete “demand” list.  Other features, that may help, but are not deal breakers will be listed as “nice to haves”.  One of the reasons I’m not listing any wallets is because that would make this article dated eventually.  What I’m presenting here should be relevant for decades to come.

DEMAND

  1. Open Source:  If the software wallet you’re considering is NOT open source, then ditch it immediately!  Why?  Because open source wallets have no secrets.  Their entire source code is freely available for anyone to inspect, to guarantee there are no malicious intentions hidden behind the scenes.  Closed source wallets are a black box and you’re throwing out any chance of verification of honesty and relying SOLELY on the word of the wallet creator.  The whole point of cryptocurrency technology is that you DO NOT TRUST ANYONE ELSE WITH YOUR MONEY!  And that INCLUDES programmers… ESPECIALLY programmers!  And I say that AS A PROGRAMMER, MYSELF!
    1. Addendum:  Just because a wallet CLAIMS to be “open source”, doesn’t mean it IS.  For example, I could publish a closed source wallet and just CLAIM it’s “open source” and people would just believe it and download and use it, while I never publish the source code.  So, if some app CLAIMS it’s open source, DON’T BELIEVE THEM… EVER!  You go and FIND the source code (usually on https://gitlab.com or https://github.com) and verify the source code exists.  A reputable wallet author will also provide you a link to the source along with the binary to download.
    2. In addition to FINDING the source code, make sure you download the app FROM the source code repository’s binaries, NOT from an app store or anywhere else!
    3. If you’re a programmer, just download the source and compile it yourself and use THAT!  If you’re NOT a programmer, do #1.2 above.
  2. Must be an app that runs on your own hardware.  In other words, if it’s a website, then you’ve just completely obliterated the ENTIRE PURPOSE of cryptocurrency.  A website “wallet” is NOT a wallet.  It’s a BANK!  THEY are a centralized authority holding YOUR money.  By definition, if YOU are not in control of it, then it isn’t YOUR money, it’s THEIRS.  They ALLOW you to access it, until they DON’T!  Stay away from online wallets, with the brief exception of online exchanges where you EXCHANGE your cryptocurrency for fiat money or vice/versa.  But as SOON as you acquire crypto from an online exchange, you MOVE IT IMMEDIATELY into your OWN wallet!
    1. This means that you must DOWNLOAD an app (desktop or mobile).  And I recommend staying away from browser plugin wallets.  Browsers are just not a safe enough environment.
  3. Your keys or seed phrases are not transmitted over the internet FOR ANY REASON!  Your keys ARE your money!  Whomever holds they keys, holds and OWNS the money.  This is the very core and soul of cryptocurrency.  It’s its reason for being.  NO ONE other than YOU should EVER know your seed phrase or passwords… EVER!!!

NICE TO HAVES

  1. Easy to use user interface.  A lot of people mistakenly think this is a “demand” feature, but you’re better off with a klunky UI that puts you in control of your crypto rather than a sleek and polished wallet that doesn’t meet all the “demand” features.
  2. light vs full node.  What does this mean?  The most secure wallet will be one that’s ALSO a full node on the network for that cryptocurrency.  But to do that, it would need to download the ENTIRE blockchain for that cryptocurrency.  For a popular cryptocurrency, like #BitCoin, that would mean HUNDREDS OF GIGABYTES of data (eventually TERABYTES!) and hours or days of downloading, plus consuming all that space on your hard drive, forever.  It would also mean that your PC would be an actor in the BitCoin network, processing transactions.  That’s actually a GOOD thing for the network, but NOT a good thing for your local resources.  If all you’re looking for is a wallet, a full node is beyond overkill.  It’s like running a whole grocery store just because you need a refrigerator for your Milk.  I’m not discouraging you to NOT be a node.  By all means, PLEASE DO run a full node.  It helps the whole crypto community.  But, it’s not necessary for YOU if all you want is a wallet.  A “light” wallet is JUST a wallet, not a full node.  As such, light wallets are the only kinds of wallets that are available on mobile.  A full node requires a desktop PC, plugged into the electrical outlet.

Other Considerations

There’s another kind of wallet that I’m on the fence for at the moment, because it violates demand #1:  It’s NOT open source.  However, it has some other interesting security features.

The Samsung cryptocurrency wallet

I know I said I’m not going to recommend any specific wallet, and I maintain that.  I AM, however, going to TALK ABOUT one:  The Samsung cryptocurrency wallet meets all the other demand features, but it IS NOT OPEN SOURCE!  However, it has an important security feature no other software based wallets have.  That is, modern Samsung phones and tablets have a hardware based key store.  This is a special, isolated chip that can store encrypted versions of your cryptocurrency keys.  This hardware IS robust and is an important, core feature of the Samsung Knox (now known as “Samsung Secure Folder”) isolated security environment.  It’s the only mobile environment approved by the US Department of Defense for its employees.  Take that however you like.

What is Samsung Knox (or “Secure Folder”)?  You know how you enter a PIN or a password, or a pattern, or a fingerprint, or a face image to unlock your phone?  Well, on Samsung phones, you have all that, PLUS another, completely isolated, secure environment INSIDE of that.  It’s like a smartphone within a smartphone.  Once you set up “secure folder”, you get a SECOND smartphone environment, with another home screen and another set of apps.  Apps installed inside this secure area are NOT accessible to apps outside of it.  I personally install all my financial apps inside of this area.  My games and less sensitive apps and data are stored in the regular phone area.

Side note:  Whether you use the Samsung crypto wallet or not, you SHOULD install the mobile wallet you DO use inside the Samsung Secure Folder area on your phone (if you’re using a Samsung device).

The Samsung Cryptocurrency wallet is a software mobile wallet, and just like all other mobile wallets, it encrypts your seed phrase to your cryptocurrency with your password.  But the difference is that it stores that in the isolated, secure chip.  THAT makes it immensely more secure.  HOWEVER, the app is NOT open source!  Hence my hesitation of recommending this app.  We have no way to know what’s REALLY going on inside the Samsung wallet, because it’s closed source.

My Compromise:

So, here’s my recommendation:  If you DO use the Samsung wallet, never have more in it than you’d ever put in your real, physical wallet.  In other words, in the days when you’d have a wallet in your pocket with cash in it (you remember that right?  That green paper that you’d trade for stuff?), you’d rarely carry more than about $100, because that’s all you’d need for 1 day and it wouldn’t be the end of the world if you lost it or if it were stolen.

I recommend the same practice with the Samsung crypto wallet.  Only store about $100(USD) worth of crypto in your Samsung wallet.  If you run across a local place that accepts crypto, you can spend it, but if there’s ever any kind of a breach with Samsung’s OS and/or software, you’re not going to lose too much.

And I’ll give the same $100 limit advice for ALL OTHER mobile wallets too!  Store the remainder of your fortunes in multiple hardware wallets or multiple desktop wallets.

Conclusion

Cryptocurrency was created for the purpose of YOU being in control.  Therefore, it’s pointless to store your cryptocurrency in a place that you DO NOT control.  As always, don’t put all your eggs or cryptos in one basket.  Don’t put your life savings into your mobile wallet.

Addendum

Speaking of not putting all your eggs in one basket:  As you start accumulating more and more wealth in cryptocurrency, either by continuous investing or by the value of it rising, it’s smart to create more digital wallets and spreading your crypto among them.  Don’t store all your passwords and seed phrases in the same place.  Following these practices, if any of your wallets are ever compromised by your own failures to protect them, you won’t lose ALL of your assets.

In the comments below, tell us what wallets YOU use… THAT FIT THE DEMANDS listed here?  Please keep the conversation limited to those that fit the minimal demand list.

Cryptotab browser is a total SCAM!

What IS CryptoTab Browser?

It’s a custom and closed source web browser that has a built in BitCoin miner.  That means it’ll run high intensity calculations on your CPU, burning electricity with the intent of creating new BitCoin.  By closed source, that means they’re not open source.  They do NOT make their source code available for inspection.

What it CLAIMS

It claims to make you money by mining BitCoin on your computer while you browse.  But this is misleading.

What it ACTUALLY does

In reality, when you create your account, likely from having clicked someone’s referral link, you’re software is now a slave to the person who owns the referral link.  While your computer burns through electricity that YOU are paying for, it’s giving a large portion of the tiny amount of BitCoin that your computer generates to the other person, not producing any profit for you at all.  Even if you got to keep all of the BitCoin that you mined, you’d STILL be losing way more money than you make.

It’s IMPOSSIBLE to be profitable mining BitCoin on a PC or a mobile device

A very, very long time ago, the complexity of BitCoin became too powerful for PCs to mine it and be profitable.  For years, the only way to make a profit mining BitCoin is to buy specialized hardware that can’t do anything other than mine BitCoin.  Those hardware devices cast at least $1,300 (USD) on the low end, run very loudly and hot.  And you’ll have to run one for about 6 months before you generate enough BitCoin to break even on the cost of the hardware.  There is NO PATH to mining profitably on a PC (unless you get your electricity for free!)

If you mine on ANYTHING else, you’re GOING TO LOSE MONEY! Why? Because the amount of electricity you burn will cost you MORE than ANY infinitesimal amount of bitcoin you mine. Even if your electricity were free, the amount you can mine on a PC is virtually nothing. It also slows down your PC for everything else.

But wait! There’s MORE!  To make matters even WORSE, when you start mining with this browser, you don’t even get to keep all of the minimal amount of coin you mine. Even if you did, you’d already be at a loss, but it’s worse. Whoever’s link you clicked on to get the browser gets a portion of YOUR earnings! Earnings that are ALREADY in LOSS territory.

A Classic Ponzi Scheme

The ONLY way to “make money” with this is NOT by mining BitCoin, but by having LOTS of people sign up through your referral link.  THEY LOSE money by mining and lose even MORE by giving you the minuscule BitCoin THEY mine.

Stay away from CryptoTab Browser.

This is what the Decentralized Web 3.0 will look like

The Decentralized Web 3.0 will bring you the following benefits:

  • The end of ISPs and governments spying on your online activities.
  • The end of big tech collecting all your private data.
  • The end of email providers being able to see your personal email.
  • Encryption of EVERYTHING.
  • The end of social media censoring you.
  • The end of demonetization.
  • The end of spam.
  • The beginning of making money by receiving marketing email (if you choose to).
  • The end of censored banking.
  • The end of domain name confiscation.
  • The end of web hosters shutting you down.
  • The end of registrars shutting you out.
  • The end of app stores removing your apps.
  • The beginning you YOU being in FULL CONTROL of your personal data.

Here’s how, but first a short history…

Internet 1.0

introduced the world to the idea of everyone being a publisher.  Unfortunately, there was no security designed into the architecture and it was mostly static and difficult to have interaction.

Internet 2.0

was a more structured way of creating websites, with more user friendly user interfaces and lots of interactive content, in addition to improved security models.

But something went wrong.

Something went HORRIBLY wrong!  As individuals started becoming effective communicators across geographical and political boundaries, they started being silenced for multiple reasons… sometimes by anti-competitive companies with deep pockets, but usually political reasons by tyrannical regimes in back-assword countries, then in first world countries, by corporations (Twitter, Facebook, Google, Amazon, Instagram, etc…) and so-called “educational” institutions, and in some cases, even first world governments, themselves.

Anti free speech campaigns began successfully shutting out an entire class of voices via social media outrage mobs demanding voices they didn’t like be silenced and for some reason, the big social media companies complied and shut them down by shadow banning, removing them from search, suspending their accounts, or deleting their accounts altogether, frequently with no warning and no explanation.

Then they went after their income.

YouTube began demonetizing video creators.  PayPal began killing users’ PayPal accounts.  It even spread out to the real world.  Credit card companies began shutting down people’s accounts and even BANKS started deleting their OWN CUSTOMERS!  All for political ideological reasons!

They rewound the freedom clock back to the early 90s, and in some cases, back 100 years or more.

Enter Decentralization…

Decentralized services were already being created before “the purge” started, but decentralization started to accelerate because of this.  The FIRST popular decentralized service to hit the scene was #BitCoin, which is a fully decentralized, global currency.  What makes it so powerful is that there’s no central point of failure, and more importantly… no central point of attack.  It’s a BRILLIANT system that prevents double-spending, prevents counterfeiting, and gives control of assets back to the people.  Governments CANNOT control it!  It first rolled out in 2008 and has grown exponentially since then.  It’s been so successful, than many millionaires have been made because of it and thousands of other cryptocurrencies have been created.

The technology behind it can be used for so much more than JUST money.  In fact, all the strangle-points (or censor-points) of the current (or “legacy”) internet can be censorship resistant using the same or similar decentralized technology that BitCoin uses:

  1. DNS
  2. File Storage
  3. EMail

DNS

is the Domain Name System that allows you to type in human readable names into your browser like https://BitCoin.org or other sites you’re familiar with.  The reason this works is because your browser takes the name you enter into your browser’s address bar and looks it up in a publicly distributed database to find the actual IP address of the computer you’re really wanting to connect to.  Even though the database is decentralized, there’s a centralized authority that authorizes the names AND they are beholden to governments, so when a government demands control of your domain name, then you lose your domain name and all your visitors and paying customers, and there’s nothing you can do about it.  Domain name registrars can also take your domain names away, and this has been happening due to political reasons.

There are now several decentralized DNS replacements.  One of which is https://NameCoin.org  This is an open source project designed to have NO central authority.  It’s controlled by a blockchain (the technology that drives BitCoin).  In fact, it’s copied directly from Bitcoin, using BitCoin’s source code.  When you register a domain name on THIS system, you do it with a cryptocurrency called NameCoin.  Once registered, you own the domain name like you own your cryptocurrency.  It CANNOT be taken from you.  For now, there’s a problem in that current (legacy) browsers are unaware of this technology and so those names can’t be used with regular browsers unless you install plugins for them.

File Storage

Another weak point for censorship on the legacy 2.0 web is web hosting.  The way it works is you rent space and CPU capacity on someone else’s servers to host your websites.  If the hoster doesn’t like your politics, you’re GONE!  This has been happening at an accelerating pace.

The solution is decentralized file storage.  One of the most popular at the moment is https://IPFS.io which is a fully decentralized file distribtution system.  IPFS stands for InterPlanetary File System.  The genius behind this is that you don’t request content via a URL with a domain name and a path and file name.  Instead, you request it from the decentralized IPFS network via the HASH of the file you want.  (A “hash” is a mathematically generated number based on the CONTENTS of a file.  IPFS hashes are unique for every file).  If you’re a web publisher, you publish your files to the IPFS network.  Users can request your files (like website HTML pages) via the unique HASH of your file.  The IPFS network goes into action, looking for any node that has that file, and if found ANYWHERE on the network, delivers it to the user.  As a file is requested more often, it starts to spread across the globe, becoming more and more decentralized and faster to load.

Decentralized DNS systems, like NameCoin can be configured to return an IPFS file.

EMail

Your EMail will radically change too.  From your usage point of view, it will still look and feel similar to what you’re using now, but it’ll have the following, drastically different and improved features:

  1. Censorship-resistant, meaning no one can shut down your e-mail account.
  2. Decentralized.  There will be no central server that you connect to.
  3. Encrypted.  By default, ALL of your email will be heavily encrypted, without any effort on your part.
  4. Spam-Free:  NO ONE will be able to send you email unless you authorize them to.  You’ll also be able to set prices that spammers must PAY YOU in order to send you spam, should you elect to even receive spam.  The global system will prevent any email going to you unless you’ve authorized it AND that it includes the proper amount of cryptocurrency you’ve specified.

Conclusion:

In conclusion, the dark forces trying to silence you or block you from seeing speech that THEY do not approve of are coming to an end.  No websites will be blocked by other people deciding what you can see.  Your sites will not be blocked.  Your web hosting cannot be blocked.  Your social media will not be blocked.  Your videos will not be blocked.  Your content will not be demonetized.  Your banking will not be stopped.  Your web browsing cannot be spied upon.  Your email cannot be read by third parties.  Spam will be a thing of the past.  Censorship will be much more difficult for the censors.  And everything will be encrypted all of the time.  AND you’ll even MAKE MONEY by receiving marketing email and ONLY if you choose to do so.

All of your data will be 100% in YOUR control.

Your data will be stored, fully encrypted on your end, across multiple, replicated hosts (or locally only on your hardware), readable ONLY by YOU!

Decentralized Resources in the making (or already made):

The list keeps growing and is far far bigger than this list.  Check out all the decentralized apps on https://Blockstack.org as plenty of examples.

Samsung Blockchain Keystore “Couldn’t install app”

If you’re getting the “Couldn’t install app” error when trying to install the Samsung Blockchain Keystore app in your device’s Secure Folder, then read on.  Skip the background if you’re familiar with it and go straight to the Solution section.

Background

In mid-2019, Samsung came out with the Samsung Galaxy S10 phone.  At the same time, they introduced their first cryptocurrency wallet, the “Samsung Blockchain Wallet”.  At first, it only supported Ethereum.  But as of late 2019, it supports a few more cryptocurrencies, most notably, it now supports the most important one, Bitcoin!

But, to use the wallet app, it requires another app; the “Samsung Blockchain Keystore”.  I’m not sure why they separated that out into two apps, but my semi-educated guess is that you can create your keys and manage them in one app and use them in other apps, not JUST the wallet app.

Now, as anyone with any knowledge of cryptocurrencies knows, you have to be EXTRA careful with your keys for cryptocurrency.  YOU are 100% in control of your cryptocurrency.  If you’re careless, and it gets stolen, you have NO RECOURSE!  Unlike a traditional bank with FDIC insurance of up to $100,000 protection per account, there’s NOTHING for cryptocurrency.  That’s not a bug, that’s a feature!  With freedom, comes responsibility.  But that’s a speech for another day.  The point is, that if you’re going to do this on mobile, you want it to be a secure as possible, and on a Samsung phone, that means putting it in the ultra secure section called “Secure Folder”.  Now, let’s get back to the “Couldn’t install app” error.

Solution

Sorry to be the bearer of bad news, but there is no solution at the time of this writing (2020-01-04).  I spent an hour on chat support with Samsung, who then sent me to a phone tech support that’s a specialist on the Secure folder.  Both the chat tech and the Secure Folder tech were unaware of the problem and both confirmed that it is, indeed, a problem that they’re going to have to fix.

Here are the problems you’ll experience:

  1. When trying to install the Samsung Blockchain Keystore into the Samsung Secure Folder:
    1. It will not find it in the installed apps from the apps installed outside of the Secure Folder.
    2. It will not find it in the Play Store (to their surprise, it’s not in the Play Store at all.  You can search for it with a desktop browser.  It’s just not there).
    3. It WILL not find it in the Samsung Galaxy Store… at least, not directly.  First, you have to search for the Samsung Blockchain Wallet app, select it, scroll down for similar apps, and you’ll find the Samsung Blockchain Keystore down there.  Try to install it, and you’ll get the error:
    4. Installing the KeyStore app OUTSIDE of Secure Folder will NOT make it available to the wallet app INSIDE the secure folder.
    5. Even when installed outside of secure folder, it does not show up in the app drawer.  You cannot add its icon to the home screen.
    6. The ONLY way to launch it is to find it in the Galaxy Store and tap the “Open” button there.

So, the conclusion is that it’s not possible to use the Samsung Wallet app in the Secure Folder area.  And if you can’t use it in there, it’s not worth using.  You NEED the extra protection of the Secure Folder for your cryptocurrency.  DO NOT ATTEMPT TO USE IT OUTSIDE OF SECURE FOLDER!!!

Speaking of Decentralized Monetization,

If you like my work, you can contribute directly to me with the following cryptocurrencies (but, apparently, not with the Samsung Blockchain Wallet app in Secure Folder yet!)

BitCoin:

bc1qx6egntacpaqzvy95n90hgsu9ch68zx8wl0ydqg
bc1qx6egntacpaqzvy95n90hgsu9ch68zx8wl0ydqg

LiteCoin:

LXgiodbvY5jJCxc6o2hmkRF131npBUqq1r
LXgiodbvY5jJCxc6o2hmkRF131npBUqq1r

Must-Haves for Decentralized Apps

Whether you’re a developer or a user, these are the requirements for a truly decentralized app. If it lacks any of these, your app can (and should be assumed that it WILL) be censored:

  1. No reliance on legacy DNS.

    1. While you CAN make use of DNS as an additional measure, your app should still fully function even if the entire DNS system is compromised and/or your domain name confiscated.  You should think of the DNS as only a gateway for legacy users to find your services.
  2. No reliance on a centralized account creation system.

    1. User accounts should be created client side ONLY, like a cryptocurrency wallet. The app’s concern with the user account should ONLY be that the user cryptographicly signs their communication with you, using their private key and you use their public key to transmit private data from you to them.
  3. Deployment of the app should NOT depend on a centralized app publisher.

    1. The app should be obtainable if you or your company or your organization cease to exist. This does not mean that you can’t ALSO deploy to centralized app stores, but those should be SECONDARY. You should also dissuade your users away from centralized app stores.
  4. User’s personal data should ONLY be stored on their own device

    1. OR encrypted with their public key before being stored remotely to their choice of external storage.
  5. Remote storage

    1. All remote storage should be stored on a decentralized storage platform (The user’s SiaCoin or FileCoin accounts, for example. For published data, IPFS and/or a blockchain). This doesn’t mean you can’t also make use of centralized platforms. In fact, make use of popular centralized cloud storage like Amazon S3, DropBox, Google Drive, etc, but encourage the user to add 3 of those to their storage preferences and you encrypt their data locally, with their public key, then replicate it, like RAID 3, across at least 3 or more centralized storage platforms.
  6. Monetization

    1. Creator monetization should NOT be controlled by the app creator. The app creator should only facilitate code in their app to allow independent users to pay, directly, to each other, using a system outside the control of the app creator (such as cryptocurrencies).

Speaking of Decentralized Monetization,

If you like my work, you can contribute directly to me with the following cryptocurrencies:

BitCoin:

bc1qx6egntacpaqzvy95n90hgsu9ch68zx8wl0ydqg
bc1qx6egntacpaqzvy95n90hgsu9ch68zx8wl0ydqg

LiteCoin:

LXgiodbvY5jJCxc6o2hmkRF131npBUqq1r
LXgiodbvY5jJCxc6o2hmkRF131npBUqq1r

The Importance of Decentralized Apps & Services

First, a definition:  What IS a decentralized app or service?

A decentralized app or service, its data, and the user accounts are available from multiple locations.  If any one of them go offline, the app or service continues to be functional and distribution of the app or service does not cease, the data does not go away, the user accounts do not die, and no functionality ceases to function.

Let’s review how legacy (centralized) apps and services currently work…

Ordinary, legacy services that you’re probably used to are things like Google Maps, Google GMail, Google Search, Google Drive, Google Docs (seeing a pattern here?), Google’s YouTube.  Aside from the obvious fact that all of these are from A SINGLE COMPANY! they’re also centralized.  In spite of the fact that Google has a planetary wide system where they distribute their services and storage, they have the following centralized points of failure:

  1. They’re all owned by one company.
    1. Google could, in theory, go out of business.  Wait!  Stop laughing.  Where are you going?  Obviously, that’s not likely to happen any time soon, but it’s always a possibility, especially with the possibility that they may be broken up into multiple smaller companies, due to their gigantic control of virtually the entire internet.
    2. They can (and DO) censor.  THOUSANDS of YouTubers have had the following problems, increasing and accelerating in occurrences, frequently for political, not safety reasons:
      1. Demonetization.
      2. Shadow banning.
        1. Removing their videos or channels from “suggested videos”.
        2. Hiding their videos or channels from search results.
        3. Marking them as “age restricted”, which hides them from search results where “child safe” restrictions are enabled, such as public libraries and schools.
      3. Videos deleted.
      4. Channels deleted.
    3. Falsification of viewer counts.
    4. Blocking of voting.
    5. Blocking of comments.
    6. Simply not paying the creators what they’re owed.
  2. They’re all reliant on the centrally controlled DNS system.
    1. Though the DNS is a decentralized service, the CONTROL of it is NOT.  The CONTROL of the DNS is controlled by an organization called ICANN (Internet Corporation for Assigned Names and Numbers).  They’re the ones that can take your domain name away from you.  They used to be a U.S. based organization, but in 2016, the U.S. government, in a highly controversial move, transferred control to an international body that is not adherent to your first amendment rights.  At the time of this writing (2020/1/4), there are fears that tyrannical governments like Russia or China may start to get partial control of this too.  Both of them are already creating their own DNS and many countries block domains from their entire citizenry.
      1. See this:  UN Moves Towards Handing Dictatorships Power to Control the Internet
  3. They all have access to your PERSONAL data.
    1. Any data you enter into their apps or websites is viewable by them and stored on their servers.  YOUR data is controlled by other people.
  4. Your user account is proprietary for THEIR services
    1. You’ll have to create separate accounts for apps and services on OTHER centralized apps and services not owned by Google.
    2. Your user account and password are known and stored on these organizations servers.  They have access to EVERYTHING you do with their apps, and so do their employees and contractors!

Decentralization solves ALL of the above problems!  Here’s how:

  1. No centralized DNS.
    1. Decentralized apps do not rely on the centrally controlled DNS (Dynamic Name System).  Once you install and run the app on your local device, most of the functionality happens on your own device.  In cases where data needs to be shared, it’s either done so directly from your device to your friend’s device, if you’re having a private conversation, or it’s distributed to a decentralized, public data system like IPFS (InterPlanetary File System).
  2. Decentralized account management:
    1. Instead of creating a user account on a centralized web site for each and every website you visit, you create ONE account.  And you do this on your own device.  And you do not publish it (unless you want to).  This is how cryptocurrencies work.  You create your “wallet” using software running on your own computer.  It’s essentially a very large and random number, run through a cryptographic algorithm that generates TWO keys:  One private (that you hide from everyone) and on public (that you can share with the world).  These keys work in unison.  If you want to prove to anyone that you created content, you encrypt it with your private key.  Anyone with your public key can decrypt it.  Technically, that’s not what we call “encryption”.  It’s “digitally signing”.  If something can be decrypted using your public key, it’s proof that it was encrypted (or signed) with your private key, meaning only YOU.  If someone wants to send you something private, they’ll encrypt it with your public key.  It can ONLY be decrypted with YOUR private key.  This key combination is your “account” and you can use that on any decentralized app that uses that particular technology.  You can also create multiple accounts, if you like.
      1. You create your accounts on your own device.
      2. You use the same account everywhere (if you want).
      3. You can create as many accounts as you like.
      4. No one, but YOU has control over your accounts.  No one can delete them.
  3. Decentralized app deployment:
    1. Apps are made accessible on a network of nodes, rather than a centralized app store.  Some examples of decentralized networks are BitTorrent & IPFS.  This prevents a single entity (Like the Apple App Store or Google’s Play Store) from deleting them.  It also prevents a centralized authority, like ICANN from taking away the public’s access to your content via the DNS.
  4. Personal Data & Remote Storage
    1. While personal data does NOT need to be decentralized, decentralized apps SHOULD handle personal data ONLY locally, on the user’s device, OR, per the user’s intention, encrypt, then store on the user’s choice of cloud storage, preferably a decentralized cloud storage, like SiaCoin or FileCoin, or replicated (after encrypted) across multiple accounts on separate centralized cloud storage services like Amazon S3, Google Drive, DropBox, etc…
  5. Monetization
    1. Content creators should receive payments DIRECTLY from the consumers of their content, usually in the form of cryptocurrency.  The app providers need only provide the means for the content creator to accept cryptocurrencies.  This is usually done by the content creator registering their cryptocurrency wallet addresses with their content and users being able to tap or click it and then transfer crypto directly to the creator.  There should be no middleman involved.
  6. Elimination of DDOS
    1. Distributed Denial Of Services is an attack against a CENTRALIZED web site.  For example:  Multiple machines send thousands or millions of requests to a website, overwhelming the CENTRALIZED servers, causing them to be unable to respond to legitimate requests, because they can’t tell the difference.  If your services or content are decentralized, there’s no central server to attack.
  7. Faster Downloads
    1. When you download content from a decentralized network, you’re not relying on the limited server resources of a single organization or single server anymore.  The system finds the closest or fastest nodes to you that have the content and deliver it to you.
  8. Global bandwidth
    1. Decentralized distribution means closer physical transfers.  In other words, as a downloaded item gets distributed via the act of downloading, it spreads organically across the internet.  Each download is done via the closest neighbor, preventing clogging up the longer path connections, making the rest of the internet faster for everything else too.

Decentralization provides massive benefits for BOTH publishers AND consumers.

  1. For Consumers:
    1. As a consumer, the content you love cannot be taken away from you just because of the politics of the day or the preferences of the owner of an organization.
  2. For Publishers/Creators:
    1. You can’t be censored.
      1. Twitter, Facebook, & YouTube have gone on a massive censorship craze and in spite of being hauled in front of Congress multiple times and facing backlash from the public, they’re only accelerating their censorship.  Decentralization puts an end to that.
    2. You can’t be demonetized.
      1. A sinister part of censorship is demonetization.  In addition to silencing dissident voices, they’re also cutting off their funding and propping up the distribution of funding of only the voice they approve of.  Decentralization puts an end to that.

Speaking of Decentralized Monetization,

If you like my work, you can contribute directly to me with the following cryptocurrencies:

BitCoin:

bc1qx6egntacpaqzvy95n90hgsu9ch68zx8wl0ydqg
bc1qx6egntacpaqzvy95n90hgsu9ch68zx8wl0ydqg

LiteCoin:

LXgiodbvY5jJCxc6o2hmkRF131npBUqq1r
LXgiodbvY5jJCxc6o2hmkRF131npBUqq1r

The Cryptography of a BlockChain

[Updated on 2019-09-11]

By now you’ve all heard of a blockchain and that it’s the backbone of cryptocurrencies like BitCoin, Ethereum, LiteCoin and others.  I’m not here to tell you that blockchains are the solution to every problem or that blockchains are the next best technology that everyone will use.  You’ve heard that 100 times.  I’m going to explain, in as simple and straightforward a way as possible HOW a blockchain is put together and how cryptography is central and core to the whole thing.

You’ll discover, on your own, that putting a couple of old ideas together creates something phenomenally more powerful than the individual parts summed together.

First, let’s list the parts:

  1. A simple transaction (a record showing a FROM address, a TO address, an amount being transferred, and a time stamp).
  2. A “block”, which is just a list of transactions.
  3. Hashing (the result of a complex math problem using the numbers of all the bytes of a file (or a block and/or a transaction record)), to uniquely identify a larger chunk of data.
  4. Encryption

That’s it!  No, really!  A block chain and a cryptocurrency contain no more than that.  Well, a cryptocurrency needs computers to do the calculations for the hashing and encryption, etc…, but they just build  and validate the block chain.

So, here is what a block chain is in a nutshell:

  1. Every transaction ever taken place since the creation of the blockchain.
    1. The list of transactions are divided into “blocks”.  If you create your own blockchain, you get to decide how big a block is and how many transactions are placed in a block.  In BitCoin, for example, a block used to be 1MB max (it was updated in August of 2017 to be bigger).  A new block is added to the blockchain every 10 minutes… at least, on BitCoin, it’s every 10 minutes.
    2. The transaction is digitally signed by the sender so the network can confirm the owner of the cryptocurrency is truly authorizing the transfer.
  2. Each transaction in the block has a hash that uniquely identifies the transaction.  No 2 transactions will ever have the same hash.
  3. Once all transactions for the next block are ready, the hash from the prior block is added to the new block and that hash, plus all the transactions, are hashed to create a final hash of the new block.
  4. Critically important:  That prior hash being added to the new block is what LINKS the new block back to the prior block!  That’s what makes it a “chain”.  Each new block references the old one and the new block’s hash is dependent on the old one, which was dependent on ITS older one, and so on, all the way back to the first “genesis” block.  The new hash is the way it is because of ALL the older hashes are the way they are.  If any single transaction anywhere in the blockchain were different, so would ALL the hashes be different following that one.

That’s it!  Really, that’s all there is.

But, some really important things have happened as a result of those simple pieces:

  • Every processing computer on that network has a full copy of the entire blockchain.
  • There’s no central blockchain server.  The blockchain exists ONLY on the hard drives of the machines of the volunteers.

That means a hacker can’t hack “the bitcoin server” and change records, because no such central server exists.  He’d have to hack into EVERY bitcoin node and change it.  (Well, he’d have to hack at least 51% of them).

Something else important happens with the technology:

  • When a BitCoin node computes the hash of a block, it doesn’t just compute the hash ONCE, it computes TRILLIONS and TRILLIONS of hashes.  A single, home laptop, would probably take years to compute that hash.  Why? The network won’t accept just any hash.  The hash produced MUST match a pre-defined pattern.  Specifically, it has to, by pure chance, come up with a hash that begins with a bunch of zeros.  The amount of zeros needed increases over time as computers get faster, to ensure that Moore’s law doesn’t overtake the network.  These hashing computations NEED to take a long time.  MANY BitCoin nodes are competing with each other to find that magical hash value.  The first one that finds it, submits it to multiple peers on the network for confirmation.  Confirmation is instant.  Once confirmed, the block is accepted into the blockchain and it’s distributed to every node on the network so they can all add it to their local copy of the blockchain.  And the computer that found the hash is awarded with 12.5 new BitCoins (worth about $92,000 at the time of this writing).  Those computers that spend all their time crunching numbers to produce those hashes are called “miners”.

So, why are miners required to compute all those useless hashes only to find yet another useless hash?  Because it has to cost the miners something to do it.  It’s too expensive to do that if there’s no reward, so a hacker is not going to waste their time doing it.  If a hacker tried to submit a false hash, the network would reject the false hash and would ban them from the network.  So, only hashes that actually went through the full AND EXPENSIVE computational process are accepted.

When a miner submits their hash, and it’s confirmed by other miners, that hash is a “proof of work”.

Again, WHY?

Aside from making it too expensive and mathematically improbable to submit false hashes, it makes it impossible to change records in the blockchain.  If you tried to change a record from 24 hours ago, you’d have to rehash it, then rehash the next block (because remember, the NEXT block has been hashed with the prior block’s hash… the one you’re CHANGING!).  You’d have to rehash EVERY block after the one you’re changing.  It takes about $1,000 worth of electricity to mine a block and thousands of specialized computers to get it done in time.  In a 24 hour period, there are 144 new blocks, so it would cost you $144,000 to rehash them all.  Every 10 minutes back in time of a transaction you’re trying to alter will cost you another $1,000 in electricity.

Then, you’d have to somehow hack 51% of all bitcoin mining rigs and REPLACE ALL their local copies of the blockchain.

There simply is not enough computer power in the world to accomplish that task, not even if you add all the world’s supercomputers owned by the NSA, Oak Ridge National Laboratories, China, etc…  Because while you’re doing that, the bitcoin network (the fastest supercomputer on the planet), is still churning out new blocks every 10 minutes.  You’d need the combined computational power of the ENTIRE bitcoin network, PLUS MORE to catch up with them.

It’s no longer a hacking challenge, but a thermodynamic problem that you simply cannot do with current technology.  It’s expected that a quantum computer would eventually be able to do that, but the BitCoin developer teams are working on new algorithms safe from quantum exploitation.  Side note:  It’s believed that current AES encryption is likely quantum-safe.

THAT is why any record written to the blockchain is permanent and unalterable.  That was accomplished with extra hashing of blocks and distributing copies of the blockchain all over the network.

Back to Cryptography

Hashing:  Again, hashing is taking a string of bytes, pushing them through a particular algorithm, and producing a fixed length, unique string of bytes, always the same size (for the SHA256 hashing algorithm, the one that BitCoin uses, that’s 256 bits long or 32 bytes long), regardless of the size of the original string.  A hash is non-reversible.  That means that you CANNOT reverse a hash to recreate the original data that was used.  Think of it in the same way you think of the remainder to a division math problem.  For example, 13/5 = 2, with a remainder of 3.  But how many other divisions have a remainder of 3?  An infinite number of them.  So, if all you have is the remainder, you have no way to determine what the original 2 numbers were.  That’s kind of how a hashing works.

Important to cryptocurrency (and blockchains):  You must have a “wallet” to keep your cryptocurrency in.  That wallet is simply this:  You create a new public/private encryption key pair.  Your private key is generated from random numbers put through an algorithm.  Your public key is generated from your private key by putting it through another algorithm.  Your wallet address is simply a hash of your public key.  You can freely give people your public key and your wallet address.  Your address is what you want people to have so they can send you money.

Signing:  For more details on signing, please see:

Understanding Encryption

But here’s a short explanation:  When you encrypt data, you use the recipient’s PUBLIC key.  When they DECRYPT your message, they use their PRIVATE key.  But, if you want to PROVE that YOU sent the message, you’d also SIGN it.  That simply means that you encrypt with your PRIVATE key.  The recipient DECRYPTS it with your PUBLIC key.  Anything encrypted with your private key can be decrypted with your public key.  Since your public key is public and anyone can decrypt your data with it that you encrypted with your private key, it’s not considered “decryption”.  And since ONLY YOU can encrypt anything with your private key and your public key can’t decrypt ANYTHING NOT encrypted with your private key, then that proves YOU are the one that encrypted it.  You digitally “signed” it.  That’s how you prove you created the content.

When you transfer digital money on a blockchain,  you digitally sign your transaction to move money out of your “wallet” (again, your wallet address is a hash of your public key).

The network refuses to transfer money from one address to another unless the transaction is digitally signed by the “from” wallet address’s owner.

Encryption: You don’t really encrypt anything in most blockchains, but I’ll mention encryption here, just so it’s not ignored from the conversation.  But “signing” and “hashing” are considered subsets of the larger “encryption” concepts.

Benefits of all these pieces of technology put together:

  1. An immutable (unchangeable), public ledger.  You never have to worry about someone changing a past transaction.
  2. Decentralized.  There’s no single place that a hacker can attack and no single place a dishonest website owner can manipulate, and no single place for a tyrannical government to shut down, and no single company to go out of business, tacking everything with it.
  3. You are 100% in control of your own cryptocurrency.  No one, not EVEN the government can technologically steal your funds or stop you from sending or receiving money on the blockchain.
  4. It’s virtually unhackable, not even someone with resources as deep as say the NSA.

See these images?

image

You’ll find actual working versions of them at the top and bottom of this article. Please click the appropriate buttons in it to let your friends know about this article.

Check back later for updates too!

IRS Hell for BitCoin Users

Summary

2018 is the first year U.S. citizens have to file taxes on their cryptocurrency activities for 2017.  The limited “rules” the IRS has published do not cover the majority of types of activities and the information needed to accurately file taxes is simply not available to non programmers and is excruciatingly difficult to acquire, even for programmers.

Tax “Guidance”

In 2014, the IRS published a somewhat vague guidance on how to report cryptocurrency taxes.  It essentially boils down to:

  1. How much did you buy? 
  2. How much did you sell?
  3. What’s the difference?
  4. Send in 30% of your profits.
  5. Determine fair market value on the day of your transactions.

Here’s the actual 2014 IRS tax guidance document.

Reality

Unfortunately, reality is much more complicated than that.  Here are the real-world things that we have no clear rules on:

  1. What if I bought some prior to 2017?
  2. When I sell some, which of the MANY prior purchasing transactions do I apply the price to?  The price is different for every transaction.
  3. What about mining?
  4. What about mining hardware prices?
  5. What about price of electricity?
  6. I bought & sold on more than one exchange.
  7. I moved crypto between exchanges.
  8. I converted crypto from one to another.
  9. Prices at the moment of each transaction are not available when converting between currencies.
  10. Which price would we use, even if we had it?  There’s no universal price on any crypto.  Each exchange has its own, moving price that changes by the second.
  11. What about when a cryptocurrency forks, like BitCoin to BitCoinCASH and BitCoinGold?
  12. They say to use the fair market value of the day to determine prices on transactions, but that’s of no use since the price can swing thousands of dollars within a day.

My Experience

Since 2014, I’ve bought and sold crypto hundreds of times.  On some days, I’ve made dozens of trades in a single day.  In addition to that, I have accounts on 4 exchanges and also mine Ethereum.  I also traded between cryptos like converting BitCoin to LiteCoin and LiteCoin to Ethereum & Ripple & IOTA, etc., and moved crypto between exchanges like CoinBase, Kraken, Bitfinex, & Bittrex, and to and from my personal wallets,  and gained some crypto during forks, and lost some due to CoinBase not giving me my Ethereum Classic.

Over the past week, I’ve spent about 6-10 hours or so JUST on trying to gather what I understood would be needed for my tax accountant for cryptocurrency (not counting my usual taxes).  From the list above, you’ll get a rough idea of what I was going through to try to collect the information.

It’s 2018-03-31 and I finally finished my taxes.  Here’s how the day went:

I was woken up around 9:45 am this morning (I like to sleep late on Saturdays) by my tax accountant.  We spent a SOLID FIVE HOURS on the phone, trying to resolve everything (95% of that was related to cryptocurrencies).  This is their first year dealing with this.  I had to explain a lot about crypto and even the IRS’s rules.  She, apparently, had the same, uninformative PDF document from 2014 from the IRS too and just assumed it’d be as simple as they explain.  Reality is hugely different.

She wanted me to make it simple for her.  I wanted her to make it simple for ME.  That’s kind of why I’m paying her, right?  I spent hours gathering everything she could possibly need (minus the information that was just not feasible to get, but that we actually DO need).

It was simply not enough information, not just the lack of data that I didn’t have access to, but the lack of rules from the IRS.

Conclusion

The amount of effort trying to figure out just HOW to report my cryptocurrency transactions to the IRS was a nightmare and equals about the same amount of effort I spent throughout the year transacting and buying, learning, and setting up my Ethereum mining.  And it was significantly more frustrating than the actual crypto activities.

The IRS needs to get their act together, learn what it is we actually do, and come up with REALISTIC rules that we can actually perform.

After all the time and effort I spent preparing my taxes for my accounted, PLUS the amount of time we spent on the phone afterwords was insane and we STILL didn’t get everything.  We probably got about 85% of what was needed and I guarantee that what we reported was not right, but that was the best we could do.  I had tens of thousands of dollars in transactions.  With the limited information we had, she simply ended up using what I sent to her from the website CoinTracking.com, which is ONLY good for a SINGLE exchange.  So, I reported a $200 profit and paid taxes on that.  At least that is small, to keep my taxes down AND shows a “profit”, which should keep the IRS off my back, since I’m actually paying them something.  I was told that if I reported a loss, it would likely trigger an audit.

What?  Were you hoping to come here for a resolution to YOUR tax problems?  Sorry.  All I can offer is comfort that you’re not alone.  The IRS needs to get their act together and YOU need to click this link to contact your U.S. representative and explain to them the nightmare they’ve created for us.  Click the following link:

Find Your Representative

 

See these images?

image

You’ll find actual working versions of them at the top and bottom of this article. Please click the appropriate buttons in it to let your friends know about this article.

Check back later for updates too!