Jump to content

fluxw42

Member
  • Content Count

    8
  • Joined

  • Last visited

Everything posted by fluxw42

  1. There are quite some people who run validators here. Do you guys keep logs? It doesn't look like they used Gatehub to transfer the money. Gatehub normally stores a memo but their transaction is clean, there's no additional info there. So my guess is that while stealing the funds, they probably connected to one of the public rippled servers to submit their transaction. If there are logs, you could get an IP for the fraudulent transactions. If they used their own rippled instance, maybe it's possible to see which IP proposed the transaction first? Just an idea Sorry but that's some ******** and fearmongering right there. Even if it was true, why steal from the highly visible Ripple accounts instead of their Gatehub hosted ones?
  2. Looking for an official response from Gatehub, hoping to get it here: Does Gatehub store deleted wallets? I currently have 2 wallets in GateHub and also got 2 security warnings. In the past I had more wallets, but extracted the secret and deleted them from Gatehub ~1-2 years ago (in case my account was breached). Can I have a list of the actual wallets of which the secret key may be compromised? It would be useful if Gatehub included the wallet address in each security notification they send out by mail and phone.
  3. Another option would be to represent the full address in a visual way so it's easier for a human to recognize. This way you encode the FULL address, and changing a single bit gives you a completely different image. Some examples generated using http://identicon.org/: The genesis account (rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh) Gatehub (rhub8VRN55s94qWKDv6jmDy1pUykJzF3wq) RippleFox (rKiCet8SdvWxPXnAgYarFUXMh1zCPz432Y)
  4. Wow that's expensive Definitely cheaper over here: I use a locker in a bank and it costs me 35€ a year, that's peanuts compared to what you could lose.
  5. If you're not trading? One or more offline generated paper wallets, put them in a secure locker in a bank. That's way better than having a Ledger S recovery phrase laying around somewhere in your home (which is almost the equivalent of having your secret, even if you don't have access to the hardware ledger).
  6. So what I read between the lines from all this fuss: If you're using a hardware wallet such as the Nano S, don't become careless because your secret is reasonably safe: Only use your ledger on a trusted machine Don't leave your hardware unsupervised in someones hands Know what the hardware ledger can protect you against, but more important, know against which attacks it CANT protect. Consider if you really need a hardware wallet, if you want to use it as cold storage, there are better solutions IMHO An attacker doesn't need your secret to steal your stash, he needs a valid signature on a malicious transaction.
  7. Yes, this! The TrustSet quality fields have a short description on what value it should be (a value n, where the quality is n/1,000,000,000), but I've seen examples which just use percentages such as 1.01 ... Also a description on what it actually does would be nice ;-)
×
×
  • Create New...