The CryptoLab

Technology for the Crypto Culture

The CryptoLab is your crypto technology resource. It is designed to help you navigate the ever-changing crypto and blockchain technology. I provide education and consulting services and relevant resources related to the technological aspects of the crypto space.

Register For Free Today! Join us on Telegram – CryptoLab

**Education opportunity coming this Fall: Cyber Security. Details coming soon.**

Latest stories

My VPN Thoughts


There are a ton of great articles out there about a VPN. I’m not going to try and compete with what they have to say. I think having a VPN is an important part to anyone’s online security. I have a VPN connected to each one of my running computers when I’m home or away from home. I use my VPN on my iPhone when I want semi-complete privacy. When I’m working out, my gym doesn’t need to know what music I stream, nor do they need to see I just made a transfer of fiat from one bank account to another. Those are my thoughts, but they don’t have to be yours.

At the end of my VPN rant, there are a few linked articles I’d recommend reading. They have some good information that you might find helpful.

I decided to go full time VPN after my local fiber provider was sold to a much bigger company. I had met the owner and knew his company was not mining my data and selling it. But I couldn’t say the same for our new fiber provider. AT&T, Xfinity, Cox, Frontier, HughesNet, etc, do collect and sell your data. Your data is just another revenue stream for them. I’m a private person and I expect my data to be mine and no one else’s.

I’ve had quite a few people ask me about who I’d recommend as a VPN provider. If you would have asked me a few months ago I would have said NordVPN. They have been great for years. I can’t say that anymore. Not that Nord has changed, or that they are a bad company. But a company doesn’t know what it doesn’t know. They didn’t realize that there was a back door into one of their servers. You can read from both angles below:

NordVPN confirms it was hacked

Why the NordVPN network is safe after a third-party provider breach

This fall I sat under the silver maple in my back yard. I pondered about life and technology. I came to the conclusion that if I wanted to be my own crypto exchange, be my own bank, I also needed to be serious about securing my own data. I decided to become my own VPN provider. Why would I want to be my own VPN provider? So I know exactly who is and who is not looking at my data.

Some of us understand Sutton’s Law. Why would someone rob a bank? Cause that’s where the money is. The same goes for VPN and Data. Someone uses a VPN to secure their data and keep it private. That’s not illegal, but some would like it to be. When you use a large VPN provider everyone knows where you’re coming from. There are companies that sell IP ranges of IP Proxies and VPN providers. Clause D made a statement in Telegram that struck a note with me. “I used VPN for a few years and now, NordVPN. But from what I know already I feel it’s almost pointless, and using a VPN might actually attract additional attention – like a honey pot.” – Clause D.

There are countless examples out there about Big Tech saying one thing publicly and doing another thing privately. I personally experienced these types of business practices and it became the norm. It’s what you had to do if you wanted to remain “part of the team”. The question is, can you trust what a company says. That’s for each one of us to decide on our own.

There is one more experience that has forever changed my view on power. I was working for a small company that its main focus was communication via the internet. A couple times a year we would be contacted by the Secret Service or FBI due to some type of threat made via our service. It became pretty routine. The law enforcement agency would call and tell me what they needed, I would ask for a subpoena, I would give them the information they wanted, I would get a copy of the subpoena and our deal was done. We felt the subpoena would cover us for handing over someone else’s private data to law enforcement. We felt we couldn’t be sued by our client or our client’s clients for the information we disclosed. This procedure morphed over the years. I got a call from an FBI agent, he informed me on what he needed, I asked for a subpoena, ect. Three days went by, no subpoena, I called. Four more days went by, still no subpoena, I finally got him on the phone. I asked him where the subpoena was, I was informed that they would no longer need to get a subpoena for me. That he just needed the Patriot Act. He told me to read it. I told him I wanted the subpoena he promised me. He told me to read the Patriot Act and he would email me the link. That was it, and the conversation was over.

The next time they asked for something, I told them I needed something first. That didn’t work either. Instead of a call, I had people knocking on my door. Lesson learned and noted.

These are my experiences that I can talk about. But what about the ones that no one can talk about? Have you ever heard of a Gag Order, a National Security Letter? If a company is hacked and your data is stolen, you legally need to be notified. But no so if it’s your own government. Secret F.B.I. Subpoenas Scoop Up Personal Data From Scores of Companies

So why my VPN rant?

** Update: I had this article 95% complete and was ready to make it public. However, Claus posted an article that I just had to read. It led me down hours worth of rabbit holing. After that read I’ve come to the conclusion that I won’t be renewing my NordVPN service. There were too many things I stumbled accross which left more questions than answers. You can go rabbit holing too if you want (see links below). You can also read how US Senators Demand Probe of Foreign VPNs Over Spying Risk . I don’t feel the need to turn this article more negative then it already is. This information is not to induce fear, but to educate so you can make your own decision based on knowledge. Don’t listen to me, don’t listen to a YouTuber, listen to your inner voice. I feel that always leads anyone on their best path.

These two three examples convinced me of the following:

I have distrust of Big Tech.I expect that my personal data will be shared if asked for by any law enforcement agency.I’m not sure I should trust my VPN provider. **

My Solution

So that’s why I’ve been running my own VPN servers for the last 6 months. I’m a small target, not a big one like NordVPN or other VPN provider. No one has a clue I’m running my own VPN.

I have a connection in the USA (one that I connect to 24x7x365). I have a connection in London. At this point I feel I’m covered in whatever I need to do. But time will tell, and I’ll let you know how it’s working out.

Helpful Articles

This article came to the same conclusion I had this summer –

What is a VPN –

Best VPN Services 2019 –

5 Eyes, 9 Eyes, & 14 Eyes Countries – What You NEED to Know –

Why you might be a moron – Humor Helps –

Rabbit Holing with NordVPN

There appears to be some good evidence on this site worth reading and verifying for yourself. This was my starting point.

Tesonet with the CEO named removed from the page. The letter has the same date.

Tesonet with the CEO named on from the page. The letter has the same date.

I investigated the NordVPN ordeal. Here is what I found. from VPNTorrents

ProtonVPN and Tesonet from ProtonVPN

Wyoming Secretary of State CloudVPN, Inc.

Who really owns NordVPN? – Tefincom S.A., according to my NordVPN receipt.

Tefincom S.A. owns NordVPN. Alina Gatsaniuk ( Linkedin Page ) is the Director & Secretary. She is also the Director & Secretary for 5 other companies. Her page shows she is 32yrs old and lives in Kiev, Ukraine and not Panama. To get an idea of what some companies registered in Panama are designed for, watch The Laundromat on Netflix.

It’s pretty easy to state that Tefincom S.A. in a Panamanian shell company. My latest invoice (2019) from NordVPN stated they were in Nicosia, Cyprus. If they have a shell company in Panama, but offices in Cyprus, what jurisdiction would they really fall under?

Everyone Loves Images In a Webpage

This gives you a visual idea of how a VPN might help protect you.

ADA Cardano Incentivized Testnet


ADA Incentivized Testnet – what is it and how to get it

UPDATE Snapshot Taken – November 29, 2019:

The balance snapshot was taken on November 29 at 12:00 UTC. If you had ada in a mainnet Daedalus or Yoroi wallet at the time, you will soon be able to delegate your stake to earn real ada rewards on the Incentivized Testnet. First, there will be a brief interim period to allow stake pool operators to set up before the Incentivized Testnet wallets are released and delegation begins. To learn how to operate a stake pool on the Incentivized Testnet, please visit our testnet website.

Cardano Announcement – November 27, 2019:

The full balance snapshot has been scheduled for November 29 at 12:00 noon UTC. If you wish to participate in the Incentivized Testnet and earn real ada rewards, you must ensure that your mainnet ada funds are in either a Daedalus or Yoroi wallet at the time of the balance snapshot.

And what exactly is a balance snapshot? A balance snapshot is a record of all ada on the network at a particular point in time. That record will then be used to replicate ada balances on the Incentivized Testnet, so users can delegate or operate stake pools with an amount of testnet ada equivalent to their real ada.

After the balance snapshot is taken, there will be a brief period during which the Cardano Foundation will work with stake pool operators to help set up their pools and debug any network issues. Once we’re happy that the network is stable and there are sufficient reliable stake pools, the rewards phase of the Incentivized Testnet will begin for delegators. A new version of the testnet wallets will be made available with which users can explore core functions and ensure their testnet ada balances are displaying correctly before rewards are rolled out. As always, we’ll be sharing progress updates along the way to keep you informed.

For now, anyone interested in taking part in this testnet MUST:

Be aware the balance snapshot will be happening on November 29, at 12:00 noon UTC.And ensure that your ada is in either a Daedalus or Yoroi wallet before November 29.

We’ll be back soon with more updates!

Cardano Announcement – November 15, 2019:

We are pleased to announce that the Daedalus & Yoroi (Shelley Testnet) Balance Check wallet is now available for download! Follow the instructions on IOHK’s website for Daedalus and EMURGO’s Q&A tutorial video for Yoroi wallet to check if your ada balance has been correctly captured as we head toward the rollout of our Incentivized Shelley testnet

For Daedalus Wallet:

For Yoroi Shelley Testnet wallet: Chrome:


EMURGO’s Yoroi Balance Check Tutorial Video + Q&A:

Shelley mainnet goes live: an Incentivized Testnet that all ada holders can join to earn real ada rewards. Rewards earned from the Incentivized Testnet will be transferred to the mainnet. The ada earned from delegating your stake or operating a stake pool are real and will be transferred to the mainnet when it goes live.

Anybody that holds ada at the time of the balance snapshot can participate in the Incentivized Testnet. But you’ll need to ensure that you are holding it in either a Daedalus or Yoroi wallet.

Cardano Incentivized Testnet Site

What’s Next?: If you had ada in a Daedalus or Yoroi wallet when the balance check snapshot was taken at 12.00 UTC on November 12, you’ll soon be able to check your testnet balance. Special balance check versions of Daedalus and Yoroi will be available in the next few days, where you’ll be able to validate that your mainnet ada balance was accurately captured. Sign up to our mailing list to be notified when the new wallet clients are available, or check back here.

Password Managers


According to Verizon’s 2017 Data Breach Investigation report, 81% of data breaches are caused by poor credential management. Account breaches can happen when using weak passwords or reusing old passwords/sharing passwords across accounts. A password manager simplifies your online life by remembering your passwords for you and alleviating these poor habits. It will help to manage your logins, it’s easy to have a strong, unique password for every online account and improve your online security.

What is a password manager?

A password manager is a software application that stores, retrieves, and manages complex passwords, storing them in an encrypted format. Password managers store login information and automatically enters them to log you into your online accounts.

Why use a password manager?

A password manager makes your internet experience easier and safer. With a password manager to manage your logins, it’s easy to have a strong, unique password for every online account and improve your online security. It stores login information of various accounts and automatically enters them into web forms to save you time. This helps prevent:

The need to remember multiple passwords.Poor password behavior such as low complexity or one repeated password for multiple sites.Attacks like keystroke logging.

Why not use your browser to store passwords?

Most modern browsers offer a rudimentary password manager. This is the option that Chrome or Firefox might give you when you enter your credentials into a website. This is an easy option but is very limited in its functionality and security level.

The reason security experts recommend you use a dedicated password manager comes down to focus. Web browsers have other priorities that haven’t left much time for improving their password manager. For instance, most of them won’t generate strong passwords for you, leaving you right back at “123456.” Dedicated password managers have a singular goal and have been adding helpful features for years now. Ideally, this leads to better security.

Why my choice is LastPass

Most modern browsers offer a rudimentary password manager. This is the option that Chrome or Firefox might give you when you enter your credentials into a website. This is an easy option but is very limited in its functionality and security level.

One master password is all you need to remember to access all of your accounts! Just don’t forget that password. LastPass does not store your password anywhere so you’ll be 100% responsible to keep your password safe.

You can bring your passwords with you to any platform: web, desktop, and mobile. Compatible with every major OS: Windows, Mac, and Linux. LastPass even has a command line application. The passwords on one platform sync in real time on every other platform. This means, for example, if you change a password for a webpage on your web browser, it will automatically update the password on your tablet and mobile LastPass account.

LastPass is secure. The latest algorithms (AES-256, PBKDF2 SHA-256, and salted hashes) are used to encrypt passwords. LastPass never sees your passwords in plaintext and your master password never leaves your machine.

Your passwords are encrypted and decrypted at the device level. Your master password, and the keys used to encrypt and decrypt data, are never sent to LastPass’ servers, and are never accessible by LastPass. This means even if your LastPass data is intercepted or compromised, your passwords are still safe. LastPass employs a ‘zero-knowledge’ model: all sensitive data is encrypted locally at your device with a key that is never transmitted to the host (LastPass). As such, even under government subpoena, LastPass could only turn over an encrypted blob with no key. This serves to protect your data from internal and external threats alike. This is why it is not guaranteed that your account will be recoverable if your Master Password is lost.

Additionally, adding a 2FA software or hardware solution will provides an extra layer of security for your LastPass account. I personally have implemented a YubiKey hardware key. My secondary choice is a Google 2FA software solution. You can find out more information about the 2FA solutions later in the “Securing With 2FA” section.

Compatible 2FA Software

Compatible 2FA Hardware

LastPass has support for various fingerprint readers, including Windows Biometric Framework, as a Premium feature. Once enabled, you can use the Fingerprint reader to login to the LastPass browser extension, rather than having to enter the Master Password. This includes Master Password re-prompts as well.

Change a site’s password with a single-click. LastPass’s Auto-Password Change currently supports 75 of the most popular websites. Learn more about generating a password.

LastPass helps you make better passwords with their Password Generator. The generator can be adjusted for length, types of characters, readability, pronounceability, and other options.

Password Generator

What information do I store in LastPass?

Besides storing passwords, I’ve learned to store many critical documents. I use it to store a scannable library card, driver’s license, passport, credit card numbers, birth certificates, etc.

How much is LastPass?

Besides storing passwords, I’ve learned to store many critical documents. I use it to store a scannable library card, driver’s license, passport, credit card numbers, birth certificates, etc.

They have free and paid versions. If I’m using something like LastPass every day (I use it multiple times a day) I always try to support software companies using their paid versions. It promotes further development and you typically get a better version of the software. Using the family version allows you to share login information with other family members very easily. When you share information with family members, you can show or block the password for that site.

If you like my work and want to support further published docs, please consider using my affiliate link for LastPass: 

A great article by Freedom Of The Press Foundation Choosing a password manager

LastPass (official) Video Tutorials: 

YouTube Video Tutorial for LastPass 

Adding DTA to Klaytn Wallet


After you do your native DTA token swap at any of the exchanges, you will need to move your DTA (native) to one of the online wallets. This will focus on getting into the Klaytn Wallet. You can create your own Klaytn wallet by visiting . Setting up a wallet is easy. Just follow the simple online creation tool. After you have your wallet established, you will need some extra information to show you DTA (native) in the klaytn wallet. It’s a similar process of adding an ERC20 token in MEW.

Please refer to the DTA Token Swap page for more information on the native token swap.

You will need this information to Add the DTA (native) token to the Klaytn Wallet.

Token Symbol – DTAToken Contract Address – 0x8177ac20455f31d8cb777923f0c632436568c719Decimals – 18

DTA (DATA) put out a comprehensive Kakao Klaytn Wallet User Guide

MED & MEDX token swap


UPDATE: This is the official wallet for the New MED token . You can read all about how to swap using their mediBridge via this article:

ATTENTION: there is a person trying to scam users out of their MED and MEDX. Only use an exchange or the bridge to swap your MED.

mediBridge Swap Period2019.10.08 14:00(KST) ~ 2019.12.07 23:59(KST)After 2019.12.07 token swap through mediBridge will not be possible.

The token swap ratio will be 1 : 0.5.(1 MED, QRC20 token or 1 MEDX, ERC20 token : 0.5 MED Mainnet Coin)

**********Medibloc will be using Tendermint for its own stand-alone blockchain. MedCoin will be running on the Tendermint consensus algorithm. Currently, there is no released wallet.

During the token swap process, MED & MEDX will become one single coin. If you have MED on a Qtum Core wallet you will need to upgrade the wallet to atleast 0.18.1

It appears that MED & MEDX will be running on the Tendermint consensus algorithm.

Qtum Core Wallet Issues?If you’re having issues sending out your MED to Coinrail or whatever exchange you are going to use for the token swap, you are not alone. I had an issue and I’ve heard of a few others with a similar issue in the telegram group. My error message can be found below.

Solution #1My fix was to increase the GasPrice from .00000040 to .00000080. However, the day before I also sent qtum to my MED address. That didn’t seem to fix the issue, but it could have a part in the fix.

Solution #2This was taken directly off the document site QRC20 TokensTo send QRC20 tokens you must have sufficient QTUM coins in the address tied to that token. The web wallet default fee for sending tokens is 0.00000040 gas price x 250,000 gas = 0.1 QTUM plus the default transaction fee of 0.01 QTUM, for a total fee of 0.11 QTUM. You can use these default values unless you understand how to set lower values, but don’t worry, any excess gas will be refunded as a mined amount (the mined amount must mature for 500 blocks before it can be sent or used for gas/fees).

Using online wallet?Solutions:

Docs show how to add a QRC20 token to the online wallet. When you log into this wallet it will NOT show your MED tokens. It’s similar to ETH MEW not showing your ERC20 tokens (and lately LedgerLive) and having to add the tokens in manually. You will need the contact address that can be found below.

MED Contract Hash / ID: 2f65a0af11d50d2d15962db39d7f7b0619ed55aeHere is a link to also verify that you are using the correct contract MED Contract URL

Token Swap Using Coinrail

Coinrail appears to be the offical exchange for US token holders. You will need to move both your tokens to Coinrail for the swap. You can sign up for an account at Coinrail as a US citizen. To be able to withdrawal coins you will need to be a “Level 2 Authentication”. This authentication level will allow you to withdrawl up to 20,000,000 KRW daily. That equates to about USD$ 16,730.

I have sucessfully sent both my MED & MEDX to Coinrail. They are sitting there waiting for the process to start on September 30, 2019. More updates to follow.

If you have issues with the registraion email link, contact me directly in Telegram

I’ve recieved an answer to my questions I sent to Coinrail. I asked them if they could guarantee that if I was coming from the US that I would have no issues taking the new coins off the exchange after conversion. Their answer was “we cannot say you nothing about that for now. You can check the list by email and notice.”

If you wait a bit I can run through the process first and let you know if I run into any snags. Either way I’d would create an account at Coinrail to start.

Free Crypto Coins


Free Coins

Earn free coins by using the links below. Don’t have a Coinbase account? Open A Coinbase Account.

EOS – earn up to $50 in EOS from Coinbase

XLM – Stellar Lumens – earn up to $50 in XLM from Coinbase

XLM – Stellar Lumens – earn multiple airdrops from Keybase

BAT – Basic Attention Token – earn up to $10 in BAT from Coinbase

XTZ – Tezos – earn up to $6 in XTZ from Coinbase

DAI – earn up to $20 in DAI from Coinbase

OXT – Orchid – earn up to $40 in OXT from Coinbase

BitCoin Black from Bitcoin Black

Recent Posts

Recent Comments