[METASAFE] Closed / Ignore | Bitcointalksearch.org

CristianOff

member

Activity: 421

Merit: 97

My message to loycev

Quote from: CristianOff on April 22, 2020, 12:50:04 PM

Hi LoyceV,

Just wanted to inform you that you and RHavar were right regarding MetaSafe (https://bitcointalksearch.org/topic/metasafe-closed-ignore-5238941). After speaking
with some cryptographers and good people, I understood that I was contributing to the
problem. I would like to send you my personal apologies for having too much confidence in a topic where I taught I was understanding it very well.
Thanks again for contributing, spending your prestigious time and reading about my topic.

I will work towards deleting whatever is on metasafe's website right now and move its services towards something that is more useful.

Regards,
Cristianoff

The highest contribution to advice was received from the Ethereum Ecosystem Support. Their main job is to provide feedback, direction,
facilitate collaboration, connect projects working on the same topic, etc. You can read more about them here
https://ecosystem.support/faq/

Topic Closed.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

I had removed this topic from my Watchlist because it felt like I was talking to a wall. When I mentioned randomness for instance, OP posted "add wealth wealth wealth wealth wealth wealth wealth wealth wealth wealth wealth" as a seed phrase example.
However, CristianOff sent me a PM so I'll respond again.

You've edited all your posts, so if anyone wants to know what you initially posted, see View all unedited (or deleted) posts in [METASAFE] A standard for seed phrases.

I can't help but think you've only changed your mind because you received negative feedback. I tried to tell you it's a bad idea, but you seemed to be mocking me so I gave up.

Quote from: CristianOff on April 14, 2020, 09:58:22 PM

After discussing with different cryptographers and few members of the ethereum foundation

Again: I can't help but think you only say this because RHavar told you to do so. You make it sound like you've talked to at least four different people about this, who are they, and are they willing to confirm your conversation here?

Quote from: RHavar on April 14, 2020, 02:00:45 AM

While I'm almost completely sure you know what you wrote is just nonsense to try legitimize a scam

Denying or ignoring valid arguments is something I've seen many scammers do. The red warning is deserved.

CristianOff

member

Activity: 421

Merit: 97

After discussing with different cryptographers and few members of the ethereum foundation I realized
I was following the wrong direction.

Soon MetaSafe will change for the better. I will close this topic as for now.

RHavar

legendary

Activity: 1463

Merit: 1886

While I'm almost completely sure you know what you wrote is just nonsense to try legitimize a scam, part of me kind of wonders if it's possible that you just are misguided. If so, I'd strongly recommend you try talk your idea over with some cryptography guys. Bug some one like gmaxwell, who always seems down to talking shop. I've spent hundreds or possibly thousands of hours on this sort of stuff (e.g. even written a implementation of bip39 for generating mnemonics)

CristianOff

member

Activity: 421

Merit: 97

After discussing with different cryptographers and few members of the ethereum foundation I realized
I was following the wrong direction.

Soon MetaSafe will change for the better. I will close this topic as for now.

RHavar

legendary

Activity: 1463

Merit: 1886

I don't want to say you're a scammer without proof, but with the practices you are preaching -- the net result is going to be the same regardless of your intentions.

Like you are literally recommending people to use your website to generate seeds for cold storage and the likes (?!).

And I assume it's all just a rouse to try sell a value-add-on but checking for duplicate mnemonic words and the like doesn't increase security at all .. in fact it just lowers it by reducing the search space. If you don't intuitively understand this, you should be staying miles away from anything security related :/

CristianOff

member

Activity: 421

Merit: 97

After discussing with different cryptographers and few members of the ethereum foundation I realized
I was following the wrong direction.

Soon MetaSafe will change for the better. I will close this topic as for now.

CristianOff

member

Activity: 421

Merit: 97

After discussing with different cryptographers and few members of the ethereum foundation I realized
I was following the wrong direction.

Soon MetaSafe will change for the better. I will close this topic as for now.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: CristianOff on April 09, 2020, 07:04:59 PM

Split the file into smaller files (we haven't estimated yet how long this will take)

This takes only seconds, see split command.

CristianOff

member

Activity: 421

Merit: 97

After discussing with different cryptographers and few members of the ethereum foundation I realized
I was following the wrong direction.

Soon MetaSafe will change for the better. I will close this topic as for now.

CristianOff

member

Activity: 421

Merit: 97

After discussing with different cryptographers and few members of the ethereum foundation I realized
I was following the wrong direction.

Soon MetaSafe will change for the better. I will close this topic as for now.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: CristianOff on April 08, 2020, 03:06:40 PM

I don't see the problem with new industry standard.

The problem is claiming you made a new standard. You didn't set a standard.

Quote

don't leave seed phrases to the randomness

That is exactly how all private keys keys (or seed phrases) should be generated! Anything else is less secure.

Quote

I use a script to generate random seed phrases just like myEtherwallet does when you create a wallet. It created over 100 million seed phrases which are then analyzed.

So basically you're reducing the pool of possible random seed phrases by 20%. That's less secure. You don't get to cherry pick randomness.

Quote

Let's say your seed phrase is "add wealth wealth wealth wealth wealth wealth wealth wealth wealth wealth wealth".

Are you mocking me or yourself? You shouldn't make up seed phrases on your own, humans are terrible at generating random data.

CristianOff

member

Activity: 421

Merit: 97

After discussing with different cryptographers and few members of the ethereum foundation I realized
I was following the wrong direction.

Soon MetaSafe will change for the better. I will close this topic as for now.

Csmiami

copper member

Activity: 1652

Merit: 1325

I'm sometimes known as "miniadmin"

Quote from: CristianOff on April 08, 2020, 03:06:40 PM

I can guarantee you that nobody will store or read your data.

There is however a small problem with that sentence.

Promises/guarantees require trust, and seeds should be trusted to.... no one. Even if what you claim is true; there are way too many things that could go wrong in the process: the user may have a keylogger installed, he may be using some kind of public/open internet network... Even if the users doesn't loose the funds because you stole the seed, that user would have lost the funds because of your service (and some really bad security practices), and there'd be no way of knowing whether you were the ones responsible for that or not.

I rather have a "maybe not that secure" seed on a paper sheet inside a safe that is 10 meters below the ocean, than a "most likely compromised while making sure it's a safe seed" seed

CristianOff

member

Activity: 421

Merit: 97

After discussing with different cryptographers and few members of the ethereum foundation I realized
I was following the wrong direction.

Soon MetaSafe will change for the better. I will close this topic as for now.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: CristianOff on April 08, 2020, 12:49:58 PM

I want to announce the new industry standard for generating seed phrases / mnemonics.

Your website was created 19 days ago, and you already claim to be "the new industry standard"? My scam-radar just got activated.

Where did you get "over 100 million user seed phrases" to analyze?

Quote

No Word Repetition
No Pairs Of Words Or Consecutive Words Starting With The Same Letter
No More Than 4 Words Coming From First 10% Of All 2048 BIP39 Word List

None of this makes anything more secure. The best you can do is generate seed words based on random data. By "selecting" and excluding certain words, you remove a very large part of the randomness.
Can you please not spread FUD against randomness based on math?

Quote

You would be surprised to find out that your mnemonic is not the most secure. Nearly 20% are not and you may be that one.
There is an analyser free to use on any mnemonic

If the user is an idiot and enters his mnemonic on a website, then indeed, it is no longer secure!

Big warning: Private keys and seed words are only as safe as the method you use to create them. Online services are terrible, and computers with internet connection shouldn't be considered safe either.
Create and keep your seeds offline!

CristianOff

member

Activity: 421

Merit: 97

After discussing with different cryptographers and few members of the ethereum foundation I realized
I was following the wrong direction.

Soon MetaSafe will change for the better. I will close this topic as for now.

Massive thanks and my apologies to LoyceV and Rhavar who were right.

Topic: [METASAFE] Closed / Ignore (Read 379 times)