Bitcoin Forum

Game change.... ;)

It's a little experiment for testing BOTG (Bitcoin Off-The-Grid).
https://forum.bitcoin.org/index.php?topic=23081.0

For testing purposes the script does not need to be run on a Live CD -it's only a tiny amount of BTC- any popular current Linux distribution should be able to handle it. This will help test the algorithms.

What is does is:
-creates a secure address along with a key by which you can get your money back
-nothing is saved on the computer if it's done using a live CD - all the information to get Bitcoin is "Off-The-Grid" -no internet risks and no way anyone else can know the key!!
-if the script is run on a popular live CD it's immune to viruses, spyware, malware, and keyloggers, etc.
-source code can be read to eliminate doubt about what the script does and since there is no internet, nothing can be shared with another party
-the only method of getting the money back is using the key you manually wrote down -unless some hardware was recording your computer or a camera was recording you, baring having someone take the piece of paper from you, no one can get your BTC

Tip: Using blockexplorer.com can help to see if the BTC is still in that address or not.

To help test this I'm just giving the money away....

To get:
-import private key using sipa's import key function
-re-send the BTC to another address before anyone else claims it (this is only required because many people know the private key - in real life usage only one person will have the key)

I kind of want this tested so I have a really simple way to VERY safely store BTC with no chance of viruses, malware, etc taking it. ;)

So if an address contains BTC take it! casascius- you can take some. LOL. Just leave a bit for the experimenter!

Not sure how long this one will stay in the game but:

Address:
1819MYYLmV8S6hgtcKErZ1FUcUAz5cn9S2
Private Key:
5JE6Wk3v9wMCBEdwZC5CNuYY4y68S1TSkGKCvY9zyysFU7xL3q3

This just gave me an idea, and I don't really know why this popped into my head when I read the OP, but it might be fun to start putting bitcoin wallets (printed private keys) in geocache locations with a few bitcoins in the wallet.  If you hid it in a good spot, and it isn't found for a long time, the person who ultimately finds it could be very, very lucky (or just end up with a worthless piece of paper, depending on the future value).

Yes! I'd geocache for Bitcoins! The ability to print out/write out an address and private key will allow many ways of giving money out and having prizes, scratch tickets, redeemable coupons, etc. You can use physical objects that give the codes needed to get BTC. There could actually be a lot of uses for this.

Which reminds me. Any *good* source for a compiled and patched linux version of Bitcoin that can import private keys. I don't know how many will be able to add this experimental feature and compile it themselves...

Grabbed it (into 1Fa5i8FrZBNecib45SPaaRDLA8EZrbzx3H, combined it with 100.00 from elsewhere to avoid a transaction fee)... thanks for the bitcent!  The 100 BTC came from an address off my Paper Bitcoin Wallet, so I started with a fresh wallet, imported two keys (mine and yours), and then sent the balance to another address (also on my Paper Bitcoin Wallet).

How did you generate the private key?  Did anyone find/fix the bug in my script addition that results in invalid private keys that start with K? (this happens 50% of the time because the leading 00 byte needs to be removed)

By the way, since it is clear not very many people can redeem private keys... I will redeem anyone's private key who is rated, in exchange for ratings, until doing this becomes much easier for everyone else.  It is really easy for me, but it would be nice if MyBitcoin/trading sites allowed you to enter a private key to make a deposit.  If sending me a private key, please encrypt with my PGP key on bitcoin-otc "casascius" and don't forget to send me another address where the BTC should go.

Cool it worked. I just added into the script to watch for a hex that starts with 00. If it does then re-run the script. It would be hard to miss. The PROPER way is to do a loop until that condition is met...If you want to attempt it, feel free then message me, and I'll add it into the script. I'm WAY to tired to mess with code right now.

There is still a problem with 00.  A private key could legitimately start with 00, you don't want a special case where 1 in 256 private keys are unusable and result in someone's bitcoins going into the ether.  The only time you want to shave off 00 is when you have more than 32 bytes (64 characters).

There is a wee bit of difficulty playing ping pong with 0.01 BTC, as a transaction fee must be paid each time it gets swatted to another address... because the system rightfully classifies it as potential penny spam.

Another 0.01 to move around in the game...

Address:
1FhANknfz5k4g3X3mLcekpwxikRKJavKbF
Private Key:
5J2PLx7Bu8hBAEjpJ3pzJ2wo2DVVrymZN7Jtqo1MBFsF3EzD4v3

Ok. As it is the user just re-runs the script to avoid the problem for now. They are told not to use the key if it starts with 00 as it's not working right now...how much should I spend to move around?

Here are two new 0.01's sent into addresses generated by your script:

 
5JPrWUqLodNbyN8Xt2qfX4tgVcSjC9u6kh6QAS5nNsJMuDfH7PN
1DvXZ7Uc1Gsk5rqZENvcJd2p5YUF8ya68K
 
5JcrEEsm5v6KL9zFAh6UAy1QqaNrV4j1XtZczWbLEY5YhMKL6Uz
1K7nQP7qWy58jhtuHVHsCmgNoJaEoZrjtQ

There's still a problem, in that any private key that legitimately starts with 0000 thru 007F will still get misprocessed, because it will be spit out as a 62-character string.

The criterion you need to look for is not whether the private key starts with 00, but rather, whether it is exactly 64 characters long.  This HAS to work 100% of the time; having it make people lose funds, even if rarely, is inviting disaster and liability.

Or a low-level rootkit.


LiveCD is *not* enough!  You should re-flash the BIOS/mb firmware/EFI firmware/etc if you want to be really certain of a secure system (or start with pristine hardware from a trusted (and competent) manufacturer [which is still no guarantee]).

Read this:
http://www.awgh.org/archives/27

Also, access to source is not enough either if the compiler or interpreter (or any layer under them or your program) is compromised:
http://cm.bell-labs.com/who/ken/trust.html

This is overkill and totally unnecessary.  If the computer doesn't have a network connection, there's no way for the malware to get the stolen keys off the system.

BIOS/firmware viruses are extremely unlikely to take hold.  Every different kind of motherboard and computer has a different BIOS and there is no practical way for a virus writer to make a virus compatible with very many of them, let alone all of them.  If someone were to try, more than likely they would damage a few systems (like CIH virus from ~2000) and would definitely get noticed and made extinct quickly.

tl;dr - this is NOT a concern.

As a close second however, if a binary of OpenSSL on a rigged disc image were modified to generate random numbers that appear random, but are in fact are rigged to be predictable by an algorithm known by the scammer in advance.  Or if the kernel were modified to offer predictable numbers through /dev/random.  This COULD BE a concern.  A mitigating solution would be to have the user mash a long random string (hundreds of characters) on the keyboard and have the keypair generated based off a hash of that string, so someone could test the same string on a known reference build and ensure the same input results in the same output when run on a known clean build.  At which point they could vouch for the hash of the ISO file as being safe.

Are you saying that it is possible to generate private bitcoin keys totally offline and only bring them online when ready to recover the funds?  It was my understanding previously that the client had to be brought online at least once to download the blockchain and only then could the client create new 'valid' keys which the bitcoin network would recognize (based on a HOWTO guide I saw a few days ago for creating an offline wallet).

Also, while yes, the EFI rootkit or compiler/interpreter hacks are highly unlikely, with a sufficiently motivated attacker and a sufficiently high-value target it is not out of the question (just take Stuxnet for example).

Yep...

Sweet! :-)

You don't even have to bring private keys online to recover the funds. You could sign transactions offline and then publish them from a different computer.

I really like this idea.

Someone should grab all three:

5J2PLx7Bu8hBAEjpJ3pzJ2wo2DVVrymZN7Jtqo1MBFsF3EzD4v3
1FhANknfz5k4g3X3mLcekpwxikRKJavKbF

5JPrWUqLodNbyN8Xt2qfX4tgVcSjC9u6kh6QAS5nNsJMuDfH7PN
1DvXZ7Uc1Gsk5rqZENvcJd2p5YUF8ya68K
 
5JcrEEsm5v6KL9zFAh6UAy1QqaNrV4j1XtZczWbLEY5YhMKL6Uz
1K7nQP7qWy58jhtuHVHsCmgNoJaEoZrjtQ

and put the 0.03 BTC somewhere all together...

 :) :) :)

I like this idea. Would you be so kind as to start a new tread since it's your idea? Geocaching is an established niche market.

Up for anyone who wants to take it...you can keep it!

Private key: 5J2PLx7Bu8hBAEjpJ3pzJ2wo2DVVrymZN7Jtqo1MBFsF3EzD4v3
Address: 1FhANknfz5k4g3X3mLcekpwxikRKJavKbF
0.01 BTC

Private key: 5JPrWUqLodNbyN8Xt2qfX4tgVcSjC9u6kh6QAS5nNsJMuDfH7PN
Address: 1DvXZ7Uc1Gsk5rqZENvcJd2p5YUF8ya68K
0.01 BTC

Private key: 5JcrEEsm5v6KL9zFAh6UAy1QqaNrV4j1XtZczWbLEY5YhMKL6Uz
Address: 1K7nQP7qWy58jhtuHVHsCmgNoJaEoZrjtQ
0.01 BTC

Private key: 5JMuVG4V4qVS5a2BxMox4Sp6ri43fp3MbVFxiz6HD4bHwXHHr1T
Address: 1P4FmFtzW17ixx5e29JZ8H2LW5SkP5FcjE
0.05 BTC

Thanks ;)

http://blockexplorer.com/address/1FhANknfz5k4g3X3mLcekpwxikRKJavKbF
http://blockexplorer.com/address/1DvXZ7Uc1Gsk5rqZENvcJd2p5YUF8ya68K
http://blockexplorer.com/address/1K7nQP7qWy58jhtuHVHsCmgNoJaEoZrjtQ
http://blockexplorer.com/address/1P4FmFtzW17ixx5e29JZ8H2LW5SkP5FcjE

Had a big 0.0195 tx fee on one of the sends, oops!

Round 1 Complete.

Round 2 started:  http://forum.bitcoin.org/index.php?topic=24350.0

Thanks for that. I tried feebly to get one of those payouts using the default client on a LiveCD (can't compile). It made me realize how limited the default client really is. The problem of transferring coins from a "tainted" private key made me realize it is possible to build a wallet-less miner as well.

A miner just needs to know an address to send the coins to as well as a source of entropy (such as intermittent network connections). The miner then generates a throw-away private key/address pair. Upon coin creation, the coins are spent in the same transaction block to the destination address. As has been noted in other threads, the destination wallet does not even have to be on an Internet-connected computer.
Edit: To avoid refunded coins (and a non-empty virtual wallet), Transaction fees should be payed out of fees paid to the miner in the transaction block; likely (approximating) a user-configurable percentage. Errata: miner processing the transaction can decide which transactions are included or not: no fees necessary.

Cool. If you are going to continue it though, the whole point was to use the script to test it. Then post it here. Then we can see how much it was tested.

Just consider the other post an alternate chain.   Here's a continuation of the original BOTG.... using both versions of the code posted:


0.0105 BTC up for grabs
  Hint:
  1EqfXf6Ezu2Rzh5HiK8BjKgJkPvzsZNffq
  5J3zUDkpkVTFo89rZkyTFNVvsMpPWT6EE7anqKfmNwiaDh2wpSQ


0.0105 BTC up for grabs
  Hint:
-----BEGIN EC PARAMETERS-----
BgUrgQQACg==
-----END EC PARAMETERS-----
-----BEGIN EC PRIVATE KEY-----
MHQCAQEEIMJE+6kerMEQ1nRbxSet7pgq5rZQdIE8wRvQBie5QVpEoAcGBSuBBAAK
oUQDQgAEhBwf9vvO8Mp7Aw1Ifls3OtGYjip95f4NteFfdizjqxmxOO2OJoxIkv7E
rjW10K6BZLzc21O+043/k1EzLId40w==
-----END EC PRIVATE KEY-----

If you posted the data.pem file after the script it won't match. The data in data.pem is pretty much useless after. Rather than delete the file the script overwrites it with another key in case someones distribution is saving to disk. I'll edit the script to delete it after the write over in case people who look for it thinking it's useful.