Title: Default encryption for wallet.dat Post by: manifold on June 18, 2011, 05:08:16 PM After the latest theft, this question is really important. If the wallet.dat would be encrypted, it wouldn't make it impossible to simply copy the wallet.dat from the disk.
(Even if the wallet.dat is in a truecrypt volume, sometimes you have to mount it, and then it's freely accessible for a trojan) Title: Re: Default encryption for wallet.dat Post by: jackjack on June 18, 2011, 05:15:13 PM Not by default, so as to the natural selection can apply
Title: Re: Default encryption for wallet.dat Post by: opticbit on June 18, 2011, 05:16:48 PM I already remember passwords for friends and family what's one more.
Title: Re: Default encryption for wallet.dat Post by: bcearl on June 18, 2011, 05:17:59 PM I don't want it to be encrypted actually, but I want that feature to be there for others.
Title: Re: Default encryption for wallet.dat Post by: manifold on June 22, 2011, 04:44:20 AM Is here a developer of the default client? Could that be implemented in the next release?
Title: Re: Default encryption for wallet.dat Post by: imperi on June 22, 2011, 04:46:35 AM Is here a developer of the default client? Could that be implemented in the next release? It's open source. Maybe you could implement it and submit a pull request? Title: Re: Default encryption for wallet.dat Post by: Sandoz on June 22, 2011, 04:51:11 AM A developer stated this actually would be their priority for the next version
Title: Re: Default encryption for wallet.dat Post by: phillipsjk on June 22, 2011, 04:53:02 AM Encryption will lead to data-loss when users forget their
The other extreme would be the users using "12345678" as their password: giving them little protection. That said, leaving the wallet.dat unencrypted complicates securely backing up the wallet.dat. If the Drive is not using full-disk encryption, it is too easy to leave clear-text versions scattered around the disk as well. Edit: a (solo) miner needs to use an unencrypted wallet.dat (or more accurately, as least 1 unencrypted private key) to generate the 50 coins they pay themselves when generating a block. Just as important as encryption options may be wallet-splitting options. Title: Re: Default encryption for wallet.dat Post by: bcearl on June 23, 2011, 12:16:56 PM This will trash tons of bitcoins because of users forgetting their passwords.
Title: Re: Default encryption for wallet.dat Post by: Gabi on June 23, 2011, 12:21:47 PM Well better than wallet stole by trojans...
Title: Re: Default encryption for wallet.dat Post by: killer2021 on June 23, 2011, 12:44:18 PM Encryption as an option in the client is what I would recommend. If you want to encrypt then you can. If not, then you don't have to.
Lets face it, security is a major problem for bitcoin. If bitcoin is to go mainstream then the average joe needs to know that their wallet is secure. Encryption is one way of solving that (even if its a mirage). The primary value of money is derived from faith in the currency. Faith that it will hold its value and faith that the merchant up the street will accept it. Title: Re: Default encryption for wallet.dat Post by: DamienBlack on June 23, 2011, 12:46:47 PM The developers are already working on this, of course, and it is a priority for the next release.
You can follow their progress here: https://github.com/bitcoin/bitcoin/pull/232 Title: Re: Default encryption for wallet.dat Post by: Herodes on June 23, 2011, 01:36:07 PM Just tossing in an idea.
What if the user instead of using a password used a private key that was saved separately from the wallet.dat? This private key would be needed to decrypt the wallet when the user wanted to use an adress in the wallet. That way, if the attacker got a encrypted wallet.dat, he would be unable to decrypt it without the proper private key. Preferably the client would show the user a screen for proper handling of private keys and wallet once the client starts up, or preferabbly the first few times, and then later with random intervals. Perhaps a bit annoying, but many people will put convenience over security and not care about securing their wallet, so perhaps reminding them more often would help? There could also be an option screen where this could be turned off perhaps. The private key could then be stored on for example an usb disk or a mobile phone, and just be inserted every time you needed to do a transaction. I do not propose to have the final solution to these issues, as I know people are lazy, forgets easily and a lot of users will forget to back up their private key, or misplace it. I am sure we will see a lot of services and ways to keep the wallet.dat safe pop up in the coming months. But as it is now, and as many people have said, getting access to anyone's coins now is just a matter of getting their wallet.dat just like a physical wallet, but unlike a physical wallet, a bitcoin wallet can exist in many copies. In the event an encrypted wallet that's encrypted with either a password or a private key is stolen, the wallet owner should have enough time to transfer the bitcoins to a new wallet if he notices this has happened, and even if he notices it has happened and he does nothing about it, it is highly unlikely that the attacker will be able to decrypt the wallet he got if it is secured with a very strong password or a very strong private key. So, in my view, encryption of the wallet.dat will prevent some bitcoins from being stolen, but perhaps even more bitcoins will be lost from people forgetting about their passwords or private keys? But I am sure there will spring up companies that take security very seriously and that will hold your private keys for you. I can think of a company which sole purpose is to hold private keys for users, but not handling their wallets. Then it would be nearly impossible for such a company to compromise the wallets of any of its clients, because they do not know which private key belongs to which wallet, so storing keys and wallets separately could be a good idea. Well, that's some rant from me, and I am not a crypto-expert and I am not an expert on user behavior, but is very obvious that no matter the solution we chose to adapt, there will always be cons and pros. Title: Re: Default encryption for wallet.dat Post by: qikaifu on June 23, 2011, 01:46:15 PM You know what, I guess Gavin will chose the last one. He didn't think the encrypt would be his first priority, which was mentioned in one of his blog after the heist of 25k bitcoin.
Title: Re: Default encryption for wallet.dat Post by: ErgoOne on June 23, 2011, 01:55:44 PM I would build in default encryption using a strong algorithm such as AES, with options to switch to other types of encryption if the user desires. Having an unencrypted wallet is like having a car with no locks. :/ Thieves are still responsible when they steal, but you sure posted a welcome sign on the door! Until this flaw in the Bitcoin software is fixed, I've put my wallet (still empty, but not for much longer) on a purpose-build Jetico Bestcrypt volume, along with the Bitcoin program, and protected it with a unique passphrase of unusual length. That's a nuisance, but a whole lot safer than otherwise. Please note that even an encrypted volume doesn't protect you against a password-stealing trojan or other types of malware; that's why I favor having the Bitcoin software do encryption on the fly. It can protect your wallet better than just using a third-party encryption program. However, third-party is better than nothing.
For those who prefer to support open source, Truecrypt works as well for this purpose. I've been using Bestcrypt since the late 1990s, when Truecrypt wasn't even a gleam in anybody's eye, and trust it, so I've stuck with it. ;) Title: Re: Default encryption for wallet.dat Post by: dukejer on June 23, 2011, 02:02:11 PM Whenever new private keys are generated they should mandatory have the option to send the keys to a removable device unencrypted clear text for safe keeping. Then the private keys in the wallet should be encrypted in the wallet and in memory and only unencrypted at the time Bitcoins are sent. If someone forgets their password they should be able to re-import the private key from a removable device and then set a new password on the private keys for the wallet.
-Dukejer. Title: Re: Default encryption for wallet.dat Post by: em3rgentOrdr on June 23, 2011, 02:13:47 PM This will trash tons of bitcoins because of users forgetting their passwords. Maybe each bitcoin client could have a unique code built in to decrypt with by default so that the wallet.dat stays encrypted on the hard drive but users wouldn't need to remember their password if they use their same client. Title: Re: Default encryption for wallet.dat Post by: SlipperySlope on June 23, 2011, 02:50:48 PM The problem of lost passwords for default-encrypted wallet.dat files is already solved by existing online password storage services...
For example: http://www.passpack.com/en/home/ One can easily image an entrepreneur on this forum offering such a service tailored for, and marketed to, bitcoin clients. Title: Re: Default encryption for wallet.dat Post by: FooDSt4mP on June 23, 2011, 02:51:56 PM This will trash tons of bitcoins because of users forgetting their passwords. Maybe each bitcoin client could have a unique code built in to decrypt with by default so that the wallet.dat stays encrypted on the hard drive but users wouldn't need to remember their password if they use their same client. How do you keep this unique code from the hackers? If they can access your wallet.dat, they can get at this code too. Title: Re: Default encryption for wallet.dat Post by: em3rgentOrdr on June 24, 2011, 12:14:09 AM This will trash tons of bitcoins because of users forgetting their passwords. Maybe each bitcoin client could have a unique code built in to decrypt with by default so that the wallet.dat stays encrypted on the hard drive but users wouldn't need to remember their password if they use their same client. How do you keep this unique code from the hackers? If they can access your wallet.dat, they can get at this code too. Well, I was thinking of mechanism that uses the so-called "Trusted Computing Module" in your motherboard, or uses a secure key generated by your CPU's unique private key. Title: Re: Default encryption for wallet.dat Post by: dukejer on June 24, 2011, 02:10:02 PM Well, I was thinking of mechanism that uses the so-called "Trusted Computing Module" in your motherboard, or uses a secure key generated by your CPU's unique private key. I think this could be a problem if something goes wrong with the CPU or motherboard the wallet might not be able to be unencrypted. -Dukejer Title: Re: Default encryption for wallet.dat Post by: phillipsjk on June 29, 2011, 04:06:43 PM I have had a slight change of heart on this topic:
A miner does not need a decrypted wallet.dat because it is possible to make a wallet-less miner (https://forum.bitcoin.org/index.php?topic=23521.msg302418#msg302418) Quote from: phillipsjk A miner just needs to know an address to send the coins to as well as a source of entropy (such as intermittent network connections). The miner then generates a throw-away private key/address pair. Upon coin creation, the coins are spent in the same transaction block to the destination address. As has been noted in other threads, the destination wallet does not even have to be on an Internet-connected computer. Edit: |