Search content
Sort by
Showing 13 of 13 results by JDXs
Who would be interested in doing something like this? The idea that many bots were competing for the sum until the entire amount was consumed by fees seems incorrect. If that were the case, my Sparrow Wallet log wouldn’t report that I couldn’t replace the transaction due to the abnormally high fee. This proves that the high fee was set in a single action, not through thousands of small, incremental fees until the entire sum was used up.
Your Sparrow Wallet probably didn't see all "intermediate" fees. I assume the bots who competed to replace your transaction are all very fast, and this happened in a fraction of a second. You only saw the end result.I actually like it when you have powerful options available in a wallet, not that I need all of them, presuming you understand them and know what you're doing. I can't say for me that I'd have any use for such a Sighash option that Sparrow offers in its UI. I also can't say that I understand them confidently.
Maybe it would be good to hide or disable them in UI, unless you turn on power-user mode in settings (makes life for programmer(s) less easy and surely there will be some to complain what is power-user worthy and what not.
So far presented details indicate to me that OP was in panic mode and didn't take the time to investigate the error messages and finally thoroughly check all settings before broadcasting transactions (the sloppiness involved likely due to perceived need to rush it).
It's not my intention to point fingers or blame him. Anybody interested in this particular issue should learn from the chain of bad events.
The mystery of the unknown target address remains that kicked OP out of smooth orbit.
I had a moment of panic, but it didn’t affect the outcome because it started after the second transaction was broadcasted. Nothing I did afterward could have influenced the outcome. Maybe it would be good to hide or disable them in UI, unless you turn on power-user mode in settings (makes life for programmer(s) less easy and surely there will be some to complain what is power-user worthy and what not.
So far presented details indicate to me that OP was in panic mode and didn't take the time to investigate the error messages and finally thoroughly check all settings before broadcasting transactions (the sloppiness involved likely due to perceived need to rush it).
It's not my intention to point fingers or blame him. Anybody interested in this particular issue should learn from the chain of bad events.
The mystery of the unknown target address remains that kicked OP out of smooth orbit.
I made my first transaction of 0.2 BTC, and it went through fine. However, during my second transaction, after broadcasting it, I immediately realized the recipient address wasn’t mine, itwas replaced. Found log from mempool confirmed that the original address I used was correct, but was replaced very quickly. Also Sparrow wallet log posted in my previous post shows that I tried to cancel the transaction using replace-by-fee (RBF), but it didn’t work because the fee was set too high. Sparrow wallet does not allow to set that high fee. It proves that it was set this way by some third side bot. Obviously this happened due to a null sighash, which allowed to replace the transacton outputs.
Who would be interested in doing something like this? The idea that many bots were competing for the sum until the entire amount was consumed by fees seems incorrect. If that were the case, my Sparrow Wallet log wouldn’t report that I couldn’t replace the transaction due to the abnormally high fee. This proves that the high fee was set in a single action, not through thousands of small, incremental fees until the entire sum was used up.
Also, I’ve tried everything to reproduce this situation with the wallet, but I can’t replicate it. My spacebar is still malfunctioning, but there’s no way this would have caused a 'none' sighash to be selected. To choose that, I would have had to press the tab key several times and use the arrow keys to select the 'none' option, which I definitely didn’t do. I don’t think it was a keyboard issue. I’ve done similar transactions many times and have always used the default settings. This part is still unclear to me.
Regarding Foundry USA, I am still waiting for a reply. I sent a message through their website, two emails - one to their general contact and another to their legal department email and also reached out via X (formerly Twitter). It’s been over a week with no reply.
As far as I can tell, there are no laws covering situations like this, especially since I’m not from the USA.
Well, what else could I do in this case?
It is still weird, because I did not even know about this SIGHASH_NONE option until now. I did not even see it during transaction procedure.
Your signature does show that it's Sighash None (0x02).Code:
"txinwitness": ["c5f44fbc794750b099b08bf97ede5cd72f6f382f02bd9ae16d5885a2fde1f0e07c668a4ae3fe340954b30622f971dbca2209d3b3a7ee78984ca0b97a559cb63002"],
If you didn't intentionally selected the option; this may be a case of keyboard tab and arrow keys "accident".
You see, when that drop-down menu (screenshot below) is highlighted by the tab key, even not expanded,
pressing down button (e.g.: when navigating via keyboard) will select the next option which is SigHash None.
-snip-
It is still weird, because I did not even know about this SIGHASH_NONE option until now. I did not even see it during transaction procedure.
why would sparrow wallet use sighash_none? that's just like submitting a blank check to anyone to fill in their name... It is still weird, because I did not even know about this SIGHASH_NONE option until now. I did not even see it during transaction procedure.
i thought sparrow wallet was supposed to be a good wallet but if it's doing that kind of thing then i'm not so sure anymore.So there shouldn't be any issue unless the user experimented on the option.
But Sparrow must add warnings in other Sighash flags than just "Recommended" in Sighash All option.
Screenshot:
https://www.talkimg.com/images/2024/09/15/B88qC.png
Code:
2024-09-12 15:45:43,902 WARN [Thread-55] c.s.s.n.TcpTransport [null:-1] No response from server, setting read timeout to 8 secs
2024-09-12 15:45:51,962 WARN [Thread-52] c.s.s.n.TcpTransport [null:-1] No response from server, setting read timeout to 16 secs
2024-09-12 15:46:08,013 WARN [Thread-55] c.s.s.n.TcpTransport [null:-1] No response from server, setting read timeout to 34 secs
2024-09-12 15:46:42,063 WARN [Thread-52] c.s.s.n.TcpTransport [null:-1] No response from server, setting read timeout to 34 secs
2024-09-12 15:47:16,114 WARN [Thread-55] c.s.s.n.TcpTransport [null:-1] No response from server, setting read timeout to 34 secs
2024-09-12 15:47:50,166 WARN [Thread-58] c.s.s.n.TcpTransport [null:-1] No response from server, setting read timeout to 34 secs
2024-09-12 15:48:24,216 WARN [Thread-61] c.s.s.n.TcpTransport [null:-1] No response from server, setting read timeout to 34 secs
2024-09-12 15:48:58,267 WARN [Thread-52] c.s.s.n.TcpTransport [null:-1] No response from server, setting read timeout to 34 secs
2024-09-12 15:49:32,318 WARN [Thread-63] c.s.s.n.TcpTransport [null:-1] No response from server, setting read timeout to 34 secs
2024-09-12 15:50:06,369 WARN [Thread-55] c.s.s.n.TcpTransport [null:-1] No response from server, setting read timeout to 34 secs
2024-09-12 15:50:40,420 WARN [Thread-58] c.s.s.n.TcpTransport [null:-1] No response from server, setting read timeout to 34 secs
2024-09-12 15:57:24,011 ERROR [JavaFX Application Thread] c.s.s.t.HeadersController [null:-1] Error broadcasting transaction
com.sparrowwallet.sparrow.net.ServerException: Retries exhausted
at com.sparrowwallet.sparrow@1.9.1/com.sparrowwallet.sparrow.net.ElectrumServer.broadcastTransaction(Unknown Source)
at com.sparrowwallet.sparrow@1.9.1/com.sparrowwallet.sparrow.net.ElectrumServer.broadcastTransactionPrivately(Unknown Source)
at com.sparrowwallet.sparrow@1.9.1/com.sparrowwallet.sparrow.net.ElectrumServer$BroadcastTransactionService$1.call(Unknown Source)
at com.sparrowwallet.sparrow@1.9.1/com.sparrowwallet.sparrow.net.ElectrumServer$BroadcastTransactionService$1.call(Unknown Source)
at javafx.graphics@18/javafx.concurrent.Task$TaskCallable.call(Unknown Source)
at java.base/java.util.concurrent.FutureTask.run(Unknown Source)
at javafx.graphics@18/javafx.concurrent.Service.lambda$executeTask$6(Unknown Source)
at java.base/java.security.AccessController.doPrivileged(Unknown Source)
at javafx.graphics@18/javafx.concurrent.Service.lambda$executeTask$7(Unknown Source)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.base/java.lang.Thread.run(Unknown Source)
Caused by: com.sparrowwallet.sparrow.net.ElectrumServerRpcException: Retries exhausted
at com.sparrowwallet.sparrow@1.9.1/com.sparrowwallet.sparrow.net.SimpleElectrumServerRpc.broadcastTransaction(Unknown Source)
... 12 common frames omitted
Caused by: com.sparrowwallet.sparrow.net.ServerException: Retries exhausted
at com.sparrowwallet.sparrow@1.9.1/com.sparrowwallet.sparrow.net.RetryLogic.getResult(Unknown Source)
... 13 common frames omitted
Caused by: java.lang.IllegalStateException: Unable parse a JSON response: {"error":"sendrawtransaction RPC error: {\"code\":-26,\"message\":\"insufficient fee, rejecting replacement eca2ffb44d7e916b64466251c222d0da8078e6da1e1fa1b534a9a6270ca134f3; new feerate 0.00050315 BTC/kvB <= old feerate 7.91448300 BTC/kvB\"}","id":23,"jsonrpc":"2.0"}
at simple.json.rpc.client@1.3/com.github.arteam.simplejsonrpc.client.builder.RequestBuilder.executeAndConvert(Unknown Source)
at simple.json.rpc.client@1.3/com.github.arteam.simplejsonrpc.client.builder.RequestBuilder.execute(Unknown Source)
at com.sparrowwallet.sparrow@1.9.1/com.sparrowwallet.sparrow.net.SimpleElectrumServerRpc.lambda$broadcastTransaction$15(Unknown Source)
... 14 common frames omitted
Caused by: com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of `com.github.arteam.simplejsonrpc.core.domain.ErrorMessage` (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('sendrawtransaction RPC error: {"code":-26,"message":"insufficient fee, rejecting replacement eca2ffb44d7e916b64466251c222d0da8078e6da1e1fa1b534a9a6270ca134f3; new feerate 0.00050315 BTC/kvB <= old feerate 7.91448300 BTC/kvB"}')
at [Source: UNKNOWN; byte offset: #UNKNOWN]
at com.fasterxml.jackson.databind@2.13.2/com.fasterxml.jackson.databind.exc.MismatchedInputException.from(Unknown Source)
at com.fasterxml.jackson.databind@2.13.2/com.fasterxml.jackson.databind.DeserializationContext.reportInputMismatch(Unknown Source)
at com.fasterxml.jackson.databind@2.13.2/com.fasterxml.jackson.databind.DeserializationContext.handleMissingInstantiator(Unknown Source)
at com.fasterxml.jackson.databind@2.13.2/com.fasterxml.jackson.databind.deser.std.StdDeserializer._deserializeFromString(Unknown Source)
at com.fasterxml.jackson.databind@2.13.2/com.fasterxml.jackson.databind.deser.BeanDeserializerBase.deserializeFromString(Unknown Source)
at com.fasterxml.jackson.databind@2.13.2/com.fasterxml.jackson.databind.deser.BeanDeserializer._deserializeOther(Unknown Source)
at com.fasterxml.jackson.databind@2.13.2/com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(Unknown Source)
at com.fasterxml.jackson.databind@2.13.2/com.fasterxml.jackson.databind.deser.DefaultDeserializationContext.readRootValue(Unknown Source)
at com.fasterxml.jackson.databind@2.13.2/com.fasterxml.jackson.databind.ObjectMapper._readValue(Unknown Source)
at com.fasterxml.jackson.databind@2.13.2/com.fasterxml.jackson.databind.ObjectMapper.readValue(Unknown Source)
at com.fasterxml.jackson.databind@2.13.2/com.fasterxml.jackson.databind.ObjectMapper.treeToValue(Unknown Source)
... 17 common frames omitted
2024-09-12 15:58:08,013 ERROR [JavaFX Application Thread] c.s.s.t.HeadersController [null:-1] Error broadcasting transaction
com.sparrowwallet.sparrow.net.ServerException: Retries exhausted
It basically shows issued with connections and that I tried to cancel the transaction once I noticed that it went to some wrong address. 2024-09-12 15:45:51,962 WARN [Thread-52] c.s.s.n.TcpTransport [null:-1] No response from server, setting read timeout to 16 secs
2024-09-12 15:46:08,013 WARN [Thread-55] c.s.s.n.TcpTransport [null:-1] No response from server, setting read timeout to 34 secs
2024-09-12 15:46:42,063 WARN [Thread-52] c.s.s.n.TcpTransport [null:-1] No response from server, setting read timeout to 34 secs
2024-09-12 15:47:16,114 WARN [Thread-55] c.s.s.n.TcpTransport [null:-1] No response from server, setting read timeout to 34 secs
2024-09-12 15:47:50,166 WARN [Thread-58] c.s.s.n.TcpTransport [null:-1] No response from server, setting read timeout to 34 secs
2024-09-12 15:48:24,216 WARN [Thread-61] c.s.s.n.TcpTransport [null:-1] No response from server, setting read timeout to 34 secs
2024-09-12 15:48:58,267 WARN [Thread-52] c.s.s.n.TcpTransport [null:-1] No response from server, setting read timeout to 34 secs
2024-09-12 15:49:32,318 WARN [Thread-63] c.s.s.n.TcpTransport [null:-1] No response from server, setting read timeout to 34 secs
2024-09-12 15:50:06,369 WARN [Thread-55] c.s.s.n.TcpTransport [null:-1] No response from server, setting read timeout to 34 secs
2024-09-12 15:50:40,420 WARN [Thread-58] c.s.s.n.TcpTransport [null:-1] No response from server, setting read timeout to 34 secs
2024-09-12 15:57:24,011 ERROR [JavaFX Application Thread] c.s.s.t.HeadersController [null:-1] Error broadcasting transaction
com.sparrowwallet.sparrow.net.ServerException: Retries exhausted
at com.sparrowwallet.sparrow@1.9.1/com.sparrowwallet.sparrow.net.ElectrumServer.broadcastTransaction(Unknown Source)
at com.sparrowwallet.sparrow@1.9.1/com.sparrowwallet.sparrow.net.ElectrumServer.broadcastTransactionPrivately(Unknown Source)
at com.sparrowwallet.sparrow@1.9.1/com.sparrowwallet.sparrow.net.ElectrumServer$BroadcastTransactionService$1.call(Unknown Source)
at com.sparrowwallet.sparrow@1.9.1/com.sparrowwallet.sparrow.net.ElectrumServer$BroadcastTransactionService$1.call(Unknown Source)
at javafx.graphics@18/javafx.concurrent.Task$TaskCallable.call(Unknown Source)
at java.base/java.util.concurrent.FutureTask.run(Unknown Source)
at javafx.graphics@18/javafx.concurrent.Service.lambda$executeTask$6(Unknown Source)
at java.base/java.security.AccessController.doPrivileged(Unknown Source)
at javafx.graphics@18/javafx.concurrent.Service.lambda$executeTask$7(Unknown Source)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.base/java.lang.Thread.run(Unknown Source)
Caused by: com.sparrowwallet.sparrow.net.ElectrumServerRpcException: Retries exhausted
at com.sparrowwallet.sparrow@1.9.1/com.sparrowwallet.sparrow.net.SimpleElectrumServerRpc.broadcastTransaction(Unknown Source)
... 12 common frames omitted
Caused by: com.sparrowwallet.sparrow.net.ServerException: Retries exhausted
at com.sparrowwallet.sparrow@1.9.1/com.sparrowwallet.sparrow.net.RetryLogic.getResult(Unknown Source)
... 13 common frames omitted
Caused by: java.lang.IllegalStateException: Unable parse a JSON response: {"error":"sendrawtransaction RPC error: {\"code\":-26,\"message\":\"insufficient fee, rejecting replacement eca2ffb44d7e916b64466251c222d0da8078e6da1e1fa1b534a9a6270ca134f3; new feerate 0.00050315 BTC/kvB <= old feerate 7.91448300 BTC/kvB\"}","id":23,"jsonrpc":"2.0"}
at simple.json.rpc.client@1.3/com.github.arteam.simplejsonrpc.client.builder.RequestBuilder.executeAndConvert(Unknown Source)
at simple.json.rpc.client@1.3/com.github.arteam.simplejsonrpc.client.builder.RequestBuilder.execute(Unknown Source)
at com.sparrowwallet.sparrow@1.9.1/com.sparrowwallet.sparrow.net.SimpleElectrumServerRpc.lambda$broadcastTransaction$15(Unknown Source)
... 14 common frames omitted
Caused by: com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of `com.github.arteam.simplejsonrpc.core.domain.ErrorMessage` (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('sendrawtransaction RPC error: {"code":-26,"message":"insufficient fee, rejecting replacement eca2ffb44d7e916b64466251c222d0da8078e6da1e1fa1b534a9a6270ca134f3; new feerate 0.00050315 BTC/kvB <= old feerate 7.91448300 BTC/kvB"}')
at [Source: UNKNOWN; byte offset: #UNKNOWN]
at com.fasterxml.jackson.databind@2.13.2/com.fasterxml.jackson.databind.exc.MismatchedInputException.from(Unknown Source)
at com.fasterxml.jackson.databind@2.13.2/com.fasterxml.jackson.databind.DeserializationContext.reportInputMismatch(Unknown Source)
at com.fasterxml.jackson.databind@2.13.2/com.fasterxml.jackson.databind.DeserializationContext.handleMissingInstantiator(Unknown Source)
at com.fasterxml.jackson.databind@2.13.2/com.fasterxml.jackson.databind.deser.std.StdDeserializer._deserializeFromString(Unknown Source)
at com.fasterxml.jackson.databind@2.13.2/com.fasterxml.jackson.databind.deser.BeanDeserializerBase.deserializeFromString(Unknown Source)
at com.fasterxml.jackson.databind@2.13.2/com.fasterxml.jackson.databind.deser.BeanDeserializer._deserializeOther(Unknown Source)
at com.fasterxml.jackson.databind@2.13.2/com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(Unknown Source)
at com.fasterxml.jackson.databind@2.13.2/com.fasterxml.jackson.databind.deser.DefaultDeserializationContext.readRootValue(Unknown Source)
at com.fasterxml.jackson.databind@2.13.2/com.fasterxml.jackson.databind.ObjectMapper._readValue(Unknown Source)
at com.fasterxml.jackson.databind@2.13.2/com.fasterxml.jackson.databind.ObjectMapper.readValue(Unknown Source)
at com.fasterxml.jackson.databind@2.13.2/com.fasterxml.jackson.databind.ObjectMapper.treeToValue(Unknown Source)
... 17 common frames omitted
2024-09-12 15:58:08,013 ERROR [JavaFX Application Thread] c.s.s.t.HeadersController [null:-1] Error broadcasting transaction
com.sparrowwallet.sparrow.net.ServerException: Retries exhausted
Since all spent as fee let's hope Foundry USA will return it
https://x.com/mononautical/status/1834196815786225822
Well, this is about my case. Based on that post, my transaction had SIGHASH_NONE, which means anyone could have spent the change. I reached out to the support channel for Sparrow Wallet on Telegram, and they explained that, because of this, bots were able to take control of the transaction.
Most likely:
- some bot used RBF to send the money to itself.
- then another bot did the same.
they kept doing it, reducing the amount (an RBF requirement) until there was almost nothing much to transfer, everything became fee.
It is still weird, because I did not even know about this SIGHASH_NONE option until now. I did not even see it during transaction procedure.
Well, this is about my case. Based on that post, my transaction had SIGHASH_NONE, which means anyone could have spent the change. I reached out to the support channel for Sparrow Wallet on Telegram, and they explained that, because of this, bots were able to take control of the transaction.
Most likely:
- some bot used RBF to send the money to itself.
- then another bot did the same.
they kept doing it, reducing the amount (an RBF requirement) until there was almost nothing much to transfer, everything became fee.
It is still weird, because I did not even know about this SIGHASH_NONE option until now. I did not even see it during transaction procedure.
I know Ventoy and use it myself to easily boot various systems from ISO files. Very convenient tool.
I still don't quite see the need to store the mnemonic recovery words even on an encrypted flash medium. Your wallet and appimage files for the wallet software belong there because of the non-persistance of the live Linux you fire up.
Having the mnemonic recovery words on digital media, I think always poses the risk to mess up in some or another way.
How about Tails with an encrypted persistant partition for your cold wallet side setup? This is what I use. I have a good and fast USB3 microSD card reader and I feed it with Samsung Edurance Pro microSD cards (those are durable and last long with quite some write endurance).
Never forget to backup such important setups. No backup, no mercy!
Agree, Ventoy is the best thing for bootable USB drives ever. I still don't quite see the need to store the mnemonic recovery words even on an encrypted flash medium. Your wallet and appimage files for the wallet software belong there because of the non-persistance of the live Linux you fire up.
Having the mnemonic recovery words on digital media, I think always poses the risk to mess up in some or another way.
How about Tails with an encrypted persistant partition for your cold wallet side setup? This is what I use. I have a good and fast USB3 microSD card reader and I feed it with Samsung Edurance Pro microSD cards (those are durable and last long with quite some write endurance).
Never forget to backup such important setups. No backup, no mercy!
The real question for me is how another address ended up in the transaction. If I was hacked, why wasn't the entire amount sent to that address? I tried to cancel the transaction, but the replace-by-fee attempt failed. The block explorer says it was spent as a fee—does that mean I managed to stop it from going to the hacker's address, but instead it got spent as a fee? If so, how is that even possible? I double-checked, and Sparrow Wallet doesn't allow a fee higher than 8k sats... This is what I don't understand at all.
This is (for me) the more interesting and tricky part to dissect and understand what was going on.I always store it in encrypted digital form and have never encountered any issues. It also allows for multiple backup copies. I only use a Live CD for securely signing transactions. Using a persistent partition in this scenario is a bad idea. If you need one for other purposes, an SD card could wear out quickly and isn't very fast. An SSD is a much better option.
Also, just noticed this post from Binance...
https://x.com/binance/status/1834834513702117720
Could it be my case?
https://x.com/binance/status/1834834513702117720
Could it be my case?
That is a typical clipboard malware case, in yours it's nothing like that, the funds didn't get drained to another address, more like the old paper wallets and no change adress, besides it would have affected your first transaction also if it was some kind of malware, but linux, offline signing...doubt it!
That’s when things went wrong. Although the address I entered was correct, I received a transaction error. I tried again, and it worked. After completing the transaction, I noticed the recipient address was not mine. In a panic, I tried to cancel the transaction. Sparrow Wallet allows this, but I’m not sure what fee I selected—I think the fee slider was set to about $10 with a 1-block confirmation. I confirmed, but Sparrow Wallet gave me a transaction error.
This chain of errors is weird, even if it was malware it shoudn't have gotten an error for a legitimate transactions, it's just the destination that is getting replaced, I'm really curious on your first tx that you tried to broadcast, and who is this bc1qhvppc7apsykmas05aj46xs6ws6qm8h5ytmtg7f that the dust got sent to, did you actually try to this address at all at any steps?
So OP is one of those who spam dust on the Bitcoin blockchain for financial gain. Now my sympathy suddenly turned into a feeling of sweet justice.
Right now if we go by the malware exploit scenario, it seems the attacker is the one that is involved in rune minting, not OP, benefit of doubt till anything else comes to light
Thanks for explaining more in details what happened, quite a story. Well, panic is rarely a good advisor in crypto, but some bad things happened before you panicked already.
OK, so you use some sort of cold wallet setup where you sign a transaction on a live Linux that you boot up and which shouldn't be online to remain cold. I assume this live Linux isn't persistent or is it?
The part I don't understand and which kicked off a stream of bad events: why do you have your unencrypted seed phrase (the mnemonic recovery words as I assume) on a SD card? Likely out of convenience to re-create your wallet on the "cold" live Linux?
This is bad, especially when you apparently loose control and the SD card can become "hot" on an online system.
The next bad thing was to deviate from your usual transaction transfer and signing process.
Linux Live has no persistence, otherwise it doesn't make sense to use it. However, I’m using the same laptop to load live system and my normal system. But all the disks on it are encrypted. There is no interaction between the persistent system and the Live CD system. I’m using a Ventoy USB drive with a live ISO image. I checked it, and aside from Ventoy configs and the ISO image, there are no other files. OK, so you use some sort of cold wallet setup where you sign a transaction on a live Linux that you boot up and which shouldn't be online to remain cold. I assume this live Linux isn't persistent or is it?
The part I don't understand and which kicked off a stream of bad events: why do you have your unencrypted seed phrase (the mnemonic recovery words as I assume) on a SD card? Likely out of convenience to re-create your wallet on the "cold" live Linux?
This is bad, especially when you apparently loose control and the SD card can become "hot" on an online system.
The next bad thing was to deviate from your usual transaction transfer and signing process.
As for the SD card encryption, it’s a good question. SD card is typically encrypted as well. A new version of VeraCrypt was released this month after a year of development. I noticed it and decided to re-encrypt it using the new version, just to stay up-to-date in case any bugs were fixed.
For this, I temporarily copied my seed to another SD card in plain form because the full encryption process takes time. I didn’t have the time to wait for the complete formatting, so I postponed it until the night. I live alone, so no one could have touched anything in the meantime. I know...it is a stupid chain of events.
Essentially, I suffered because of my own paranoia. In my effort to keep everything protected with the most up-to-date encryption, I ended up causing a loss instead.
How could this have gone wrong if you haven't deliberately, maybe unknowingly, interfered or constructed the transaction yourself without knowing all required details?
I did not cover the entire story in my first post. Above are more details. The original transaction of 0.2 btc did not have high fee I checked it for sure. The 2nd transaction also did not have high fee, but some error came up and I started to panic..but in any case Sparrow wallet does not allow that high fees, no matter if i sign a transaction offline or transfer directly online. 8k sats is the highest fee which is about 550-600 USD now.Based on the transactions history of the address you sent the coins to, It seems you are always following some kind of pattern.
This is the address you sent the coins to:
https://mempool.space/fr/address/bc1qhvppc7apsykmas05aj46xs6ws6qm8h5ytmtg7f
I don’t know why but it seems there is a kind of pattern: you usually send exactly 330 sats (which happens to be the dust amount for taproot transactions) to that address and the change goes back to the sending address.
Afaik, it’s not possible to disable the change address in Sparrow. So, you need to do that manually by adding the sending address as an output.
Not sure what has gone wrong this time, but if you tell us how you create those transaction (do you use some kind of automated tools?..) then someone may help you figure out what happened.
edit: I believe this has something to do with Ordinals.
No, I didn’t send any 330 sats. What happened is actually more ironic, given that I’m a student at a German university of applied sciences studying computer science. I have experience with crypto and wouldn’t make a simple mistake with the fee. I understand how it works in the background. I also have experience with Linux and usually sign all transactions on an Ubuntu Live system without internet access. I did the same this time using Sparrow Wallet 1.9.1. It’s always been the same wallet software. I broadcasted the signed transaction on my regular system with internet access.This is the address you sent the coins to:
https://mempool.space/fr/address/bc1qhvppc7apsykmas05aj46xs6ws6qm8h5ytmtg7f
I don’t know why but it seems there is a kind of pattern: you usually send exactly 330 sats (which happens to be the dust amount for taproot transactions) to that address and the change goes back to the sending address.
Afaik, it’s not possible to disable the change address in Sparrow. So, you need to do that manually by adding the sending address as an output.
Not sure what has gone wrong this time, but if you tell us how you create those transaction (do you use some kind of automated tools?..) then someone may help you figure out what happened.
edit: I believe this has something to do with Ordinals.
Originally, I had 0.99145586 BTC in address bc1plulf79mdaq5zs2murey923vl3uvj4xnhgg0y64ggxgrvrem6mxqql8hple. I signed a transaction to send 0.2 BTC to my other address bc1q86gqjatdx8hftz34muezq6afjsj90tjlze9vnh. The remaining 0.79145160 BTC was supposed to return to my change address bc1pvxn38z656zd0e3mflyzxx9lu3s0mtgej3d9xndd3f8jwwk7twe5s4zaf0l. It did.
However, a few minutes later, I realized I’d left the SD card with the unencrypted seed phrase in the card reader and system was online. For safety, I decided to move the entire change to a new address derived from another seed phrase that wasn’t potentially compromised. Since the old seed was available on my system with internet access, I skipped the usual offline signing process and sent the transaction directly.
That’s when things went wrong. Although the address I entered was correct, I received a transaction error. I tried again, and it worked. After completing the transaction, I noticed the recipient address was not mine. In a panic, I tried to cancel the transaction. Sparrow Wallet allows this, but I’m not sure what fee I selected—I think the fee slider was set to about $10 with a 1-block confirmation. I confirmed, but Sparrow Wallet gave me a transaction error. I switched to another broadcasting server in the properties and tried again, but the same error occurred. By then, the transaction was already confirmed.
I’m not entirely sure what happened or what the recipient’s address was, but it definitely wasn’t mine. The 330 sats you mentioned are not in my wallet, and I don’t know whose wallet they are in. I’ve attached some screenshots if that helps.
This is my wallet:
https://i.postimg.cc/T2K9XQW9/1.png
These are receiving and change addresses I had in my wallet:
https://i.postimg.cc/G36j3YF1/2.png
This is my original transaction of 0.2 btc to my wallet:
https://i.postimg.cc/9z3z3cwv/3.png
This is the transaction of the change
https://i.postimg.cc/7hB879wX/4.png
Also, just noticed this post from Binance...
https://x.com/binance/status/1834834513702117720
Could it be my case?
I got no reply so far. I am trying to find out what happened. Sparrow wallet does not allow to set fee higher than 8,192.00 sats/vB which is 600$ now.
https://ibb.co/tpdqmNs
I used Sparrow wallet and physically does not allow to set that high fee. Could it potentially be a hack? If so it is odd that the entire change was used as a fee. Very strange case.
https://ibb.co/tpdqmNs
I used Sparrow wallet and physically does not allow to set that high fee. Could it potentially be a hack? If so it is odd that the entire change was used as a fee. Very strange case.
Your transaction
https://www.blockchain.com/explorer/transactions/btc/e6d33c70fe78022b6d895e81ad0ab84a33eb1023135f45fa0360249900b4059c
It was confirmed in a block mined by Foundry USA mining pool.
https://www.blockchain.com/explorer/blocks/btc/860996
Your laet hope is contact Foundry USA mining pool and hope that they help you by refund the mistakenly sent fee.
I will try, thank you very much!https://www.blockchain.com/explorer/transactions/btc/e6d33c70fe78022b6d895e81ad0ab84a33eb1023135f45fa0360249900b4059c
It was confirmed in a block mined by Foundry USA mining pool.
https://www.blockchain.com/explorer/blocks/btc/860996
Your laet hope is contact Foundry USA mining pool and hope that they help you by refund the mistakenly sent fee.
⭐ Merited by vapourminer (1)
If you're certain it's a fee, only the miner can potentially return it.
It would be a gesture of goodwill as they're not obligated to do this because in many jurisdictions there's no clear law for bitcoin transactions and also many miners aren't even legal entities.
If you post the TX it helps know who mined the transaction and if they got your BTC as a fee. I've seen many cases of pools returning fees though. It's good publicity for them.
If it was a change address, I would have it in my wallet. My balance is 0. I have several years of experieence with btc. Just not so much with taproot addresses and Sparrow wallet. It would be a gesture of goodwill as they're not obligated to do this because in many jurisdictions there's no clear law for bitcoin transactions and also many miners aren't even legal entities.
If you post the TX it helps know who mined the transaction and if they got your BTC as a fee. I've seen many cases of pools returning fees though. It's good publicity for them.
TXID e6d33c70fe78022b6d895e81ad0ab84a33eb1023135f45fa0360249900b4059c
It says it was fee.
Hi guys, i need help. I did a stupid thing. I sent a part of a bitcoin from my own address to my other address using Sparrow wallet (Taproot addresses if it matters). But somehow I did not notice the fee amount. I used Sparrow wallet dozens of times and fee was always adjusted automatically in reasonable range. Something went wrong this time and i did not notice it. I paid as a fee over 0,7 btc. I can see the wallet address it was sent to. But i do not know how to find out who confirmed this transaction and who got this fee. Is there any way I can try to return it and how? Maybe sent another transaction to same address with a short OP_RETURN message asking to contact me? I was really hoping for that sum to finish my bachelor degree. Any ideas are welcomed. Thank you!