Warning: do NOT use travala.com any more, if you did. They directly stole my money. Here is my response to the customer service agent: (Customer service agent), > Sorry for the delay, im ahmed from compliance department, for refund or either processing the booking, the verification is a mandatory step, we require the minimum and basic info for that, and you can pass it easily through the following link : <snipped> Let's establish the facts: I have been a regular customer of Travala for years, have done probably a hundred or more bookings through your site - mentioning this *not* to claim some status as a customer (which I do not want, and do not have), but to point out that ZERO times on the website or through any of those transactions was it mentioned that you could simply keep my money and provide no service - i.e. STEAL my money - if I did not pass a verification process -handing over extensive and intrusive personal documents - that you never documented anywhere. And indeed for this booking, again, no such advance warning was given. So you (that is to say Travala, not you personally!) act exactly as a kidnapper: to give me back the money which is mine, you insist that I hand over security sensitive information. Which I will not do. There are an endless stream of documented violent theft events of cryptocurrency holders, so spreading one's personal information is stupid, and any claim you make to "keep my data safe" is ridiculous, given the equally endless stream of reported hacking events. I do not trust your company with my personal information because I don't trust *any* company with it. I have been doing Bitcoin development work for over a decade, I will make sure that a lot of people in the community know that Travala steals its customers money, directly, with no apology. Feel free to pass this message to any management, I would appreciate that. (me)

Question for @Liana Wallet : why is the mnemonic stored unencrypted on the hard disk?

Phoenix can't be mentioned in the same sentence as the others. It's an actual self-custodial lightning wallet that works, seamlessly. "Outrageous fees": as an experiment, I went through my last 5 transactions. Tx1: $2.22 fee: 14 sats 2: $142 fee: 643 sats 3: $141 fee: 641 sats 4: $586 fee: 2644 sats 5: (deposit on chain) $1555 fee: 210 sats. Does that seem outrageous to you? The $586 payment had a high fee of a little over $2, which is like 0.3%; Lightning is like that, it's percentage based. But "high": this is way lower than many other payment methods, and it's instant, sovereign and mainly private. Overall it's crazy to me that for years now, every time I recommend Phoenix, saying the actual tradeoff is a slightly worse privacy model (but really not bad), I hear people dismiss it as "crazy fees". Just because immediate onboarding (which is a one-time event) to an actually self sovereign wallet costs a couple of bucks doesn't mean "crazy fees"! You don't get everything working perfectly for zero dollars, sheesh. View quoted note →

An ignored part of the current quantum computer fud^H^H debate, because it's a counterfactual: back in 2015-17 a lot of people got very excited about a proposal from Greg Maxwell to do "confidential transactions" on bitcoin. I was very much in the group of people both fascinated and excited about the prospect and went very deep down the rabbit hole on it, learning a lot about cryptography along the way. But the energy to even suggest a fork to include it slowly dissipated; my own personal reason for rejecting it was *not* the obvious "the range proofs are too large" (see: Bulletproofs, work that was heavily inspired by that scaling problem, though it ended up being far more significant w.r.t. "folding"). It was "pedersen commitments are only computationally binding" [1], to put it another way an EC break means we get unbounded, invisible inflation. At the time it was fun to predict that Zcash had this failure mode and indeed it was borne out (look up their history if you don't know). It felt weird justifying this to people sometimes: "I don't want a bitcoin where amounts are not visible because the total might not add up" sounds Luddite ... I remember being asked on a panel by Giulia Fanti "are you scared that P=NP or something?" ... it was not felt to be a quite logical thing to worry about this, since we rely on EC in Bitcoin anyway ... and if we trust EC, the math of homomorphic commitments *guarantees* it adds up! But a computational bound on that is not OK. i.e. i don't want *any* computer to be able to break it! not just normal computers! - and that's exactly where a quantum computer comes in. I am FAR more worried about breaking bitcoin's fixed supply than about a million old P2PK coins getting stolen. Stealing is not minting. [1] A counterpoint is that ElGamal commitments exist, at the cost of even more space. But hey, it's still less space, by a huge margin, than current post quantum signature schemes! Something worth considering? #cryptography #bitcoin