Your application doesn't work properly

[benjamindamm]

I can enter as private key what I want, your tool generates some fantasy address. Once used, the money was transferred to Nirvana.

Either you produced junk or you're a fraud. Anyway, you get rid of your money.

[NxtChg]

The tool doesn't generate "fantasy" addresses, it generates addresses based on the password you enter.

Can you clarify please what happened?

[benjamindamm]

Then excuse my reaction. But I can enter a simple "A" as my private key and get an address with a completely different key.

How can it be that your tool generates the following address from an A?

public: GTxqwPw3rvhoc5ApZquTU5yABhkb173WGr private: Kyhru8AUcYjrWqcyfd6TxYArukGkGkBCcjmU8reeZNqWcEXViYriGi

I used my private key of the BTG address for the transfer and the amount landed on a completely different one.

I can give you all the details. The private key is: 5JoTijF4MVRCqH4Sn73ps6oSMLo9mS78TdArUJkFnftKEw3neFz

But the destination address is not where it should go.

The amount went to GM2mcHXb6hWg7h3ZK23dh1RqAdqgC9m1ky. I don't know why.

As far as I am concerned, this behaviour is accepted. But if you give a valid address and the money goes somewhere else, this is not expected behavior. And at first I have to assume you're transferring it to your wallet.

Maybe you can find out why the amount instead of AJxiqf4GSzZXrBxFwj3rR8M2j4yXaHY8i2 landed at GM2mcHXb6hWg7h3ZK23dh1RqAdqgC9m1ky. What's the correlation?

Maybe you can fix it. At least so no one else makes the same mistake.

[NxtChg]

How can it be that your tool generates the following address from an A?

Easily. It won't be secure, of course, but generating a key is possible from any arbitrary password.

I used my private key of the BTG address for the transfer and the amount landed on a completely different one.

I am still not clear what exactly happened. Which version did you use - BTC/BCH or BTG?

The address for your private key is 1GpiMpXUJZHQzzR9QLtwAUyX5csTSGuik7. What you showed doesn't look like a valid address.

What address did you send the money to?

[benjamindamm]

AJxiqf4GSzZXrBxFwj3rR8M2j4yXaHY8i2 is a valid address. I already transfered funds to that address.

I used BTG. So then how its possible to send funds to AJxiqf4GSzZXrBxFwj3rR8M2j4yXaHY8i2 and they were send to GM2mcHXb6hWg7h3ZK23dh1RqAdqgC9m1ky?

Take a look at the last transaction. https://btgexplorer.com/address/GZfdmwrRHQti5TiSLHZ3bFKQznfJTvtYWf

How is it possible to generate that new address by pressing send?

Thats why I said phantasy address. Generating public addresses from any passphrase, ok. But on outgoing transactions? How can the address change this way?

[NxtChg]

So you entered your private key and then sent from TSBW to AJxiqf4GSzZXrBxFwj3rR8M2j4yXaHY8i2? And the money instead went to GM2mcHXb6hWg7h3ZK23dh1RqAdqgC9m1ky, correct?

[benjamindamm]

Exactly. I already gave you that private key: Kyhru8AUcYjrWqcyfd6TxYArukGkGkBCcjmU8reeZNqWcEXViYriGi

Anyway the funds are lost.

[NxtChg]

Do you have any browser extensions installed that might be suspicious? I.e. modify the addresses in JS after you pasted it?

[benjamindamm]

You're alluding to a clipboard Trojan. I've never noticed that before. And I've done a lot of transactions on this PC. The address was sent in exactly the same way. I use a browser without extensions for transactions.

Maybe it's because the recipient is a Segwit address. But the question is, where does this other address come from? If it was a Trojan, the money would have been moved further. But it rests on the "fantasy address".

And the recipient's address is a valid one. Just as I can scroll through the code, do you validate addresses on outgoing transactions?

This is the API you use right? https://blockexplorer.com/api/tx/send

In that case, they've come up with the address.

So if you want an application that works properly. Go get yourself a segwit address and transfer a small amount to that address. I think you will see the same behaviour I saw.

You can get one e.g. from here: btgwallet.online Or somewhere else.

Anyway if its not fraud, it's still scam cause your funds will go anywhere. Just like if they don't recognize the address, they will send it anywhere.

[NxtChg]

Well, the code on the server is not modified. I am now trying to verify that there is no bug in the code...

[benjamindamm]

What is interesting, if I type my valid address into btgexplorer.com it comes up with a 0.00 balance thats not right. If I try same address on https://btgexp.com everything is right.

So it looks like they cant handle that address, whats ok in a way. But like I mentioned before, its unlikely to send the funds anywhere else. I thought maybe they made a new public address of my address thinking that could be a fault by user to type a private key instead of an address. But this makes no sense at all. And If I try to use my address as a private key, I get an error.

[NxtChg]

So this might be a block explorer issue? I am checking the code, everything seems to work correctly, it creates a proper transaction with a valid address. I used BTG version to sell all my coins, never had an issue with it...

[NxtChg]

Well, I don't know what went wrong, but I am happy to compensate you the full amount. Do you have a Bitcoin Cash address?

[benjamindamm]

Have you ever used a segwit address? For the moment I dont want to try that again. So if that tool fits your needs ok. But if that happens more than once eveybody would get angry.

[NxtChg]

No, I haven't tested it for SegWit addresses, I should just probably delete it, BTG seems like a dead coin anyway.

So do you have a Bitcoin Cash address I could send the refund to?

[benjamindamm]

Sure that would be very kindful. I dont know if its dead. It was easy to mine at home. But that is also a segwit address. 1Nxgzf4J3tYduB5jmTgjaVmLAFitctxiwB Thank you for your time. I hope you can fix that or as you mentioned delete the btg feature.

[NxtChg]

Well, let's see what happens :)

[NxtChg]

Sent 0.02 BCH there, check if it arrived: https://cashexplorer.bitcoin.com/tx/6b8c2162b83487266357ac853cd909c5d741d39071d2a6a43620d6afc2ccaf15

[benjamindamm]

Yes it worked. Thanks a lot. Btw. do you implemented that stuff by yourself or is this a fork of something?

[NxtChg]

It is a simplified version of coinb.in.

[volbil]

I'm not sure if it's related to this issure, but tsbw works not really well with segwit addresses (few my coins go to wrong address because of this issue, but it's not a big deal lol) ¯\(ツ)/¯

[NxtChg]

Yes, TSBW has no special support for SegWit.