Bitcoin Forum

The hardest part is it would have to be someone that is trusted.

All the site would do is have the user enter a private key and a forwarding address. (of course it has to be ssl!!!) Website then imports key and forwards the money! Simple and effective. I know of some people who use private keys for savings but there is no convenient way to cash BitBills, the paper wallets, keytags, etc. For a small fee I'm sure some would use it just for it's ease of use. Of course once the main Bitcoin has an import key button the business would go away. It would even be great if some of the Ewallets implemented it.

Excellent idea... I've been trying to think of a good way to do this, and I think you hit the nail on the head.

Also, it'd be helpful if the website could also confirm the number of bitcoins at the address of the private key before sending.  Say someone wanted to buy something from you with bitcoins, but didn't bring along their computer/wallet to transfer them.  Instead, they brought along a private key associated with an address that is loaded with 5 BTC.  You couldn't just check the address, because you would have no way of knowing whether the private key he had was associated with that address, or even whether the private key is valid.

Of course, the buyer couldn't trust that you didn't save the private key either, so at the point that you scan and enter the private key, the coins would have to be sent SOMEWHERE - either back to the buyer, or to you if the amount is acceptable for the sale.

Even better - integrate firstbits into said website.  Then, you don't have to type in the full address you want to forward the coins along to.  Especially helpful for doing it on a mobile, which is the likely platform that would be used to scan and process a QR code anyway.

Perhaps the final piece of the puzzle is an easier way to load up a private key with coins.  I think a local script or executable would be best for that though - make sure that the private key isn't being transferred over the internet.

See my thread on BOTG. It's a script to make very secure private keys.
https://forum.bitcoin.org/index.php?topic=23081.0

The only way would be for the seller to attempt to send to themselves at a different address. They would still have to wait for a confirmation to guarantee they'll get the money.

Well that's exactly what I mean.  Once you enter the private key on the receiver's computer, they need to be sent to a new private key, regardless of which party ends up with the coins.  If the buyer and seller mutually agree to not do the sale, the holder of the coins can simple send them to a new address from the already-loaded webpage.  And since the transaction processing is done through the website, it could only allow one transaction per private key, to avoid the other person trying to send the coins to his own wallet and possibly getting priority on the transaction.

The only way the non-owner could potentially scam is if they quickly imported the private key into their own wallet, did a -rescan, then sent a transaction, but my bet is on the website transaction going through first.

Does anybody know if this has been implemented anywhere yet? I'll gladly send a donation to the person who puts up a web site like this.

We're working on exactly this, and it should be available sometime next week on the Bitbills website.

I was going to ask if it would only work for bitbills private keys, then realized that was a dumb question.  :P

Great to hear, thanks!

I figured that "COMING SOON!" flash area was for something very similar to this.  It seems I was right. :)

I hope it will accept private key input in both base58 and hex format. My one-time hand-encoding (see sig link) of private keys works on the hex key and not the base58 one.

It's not a dumb question, private keys can be encoded in a variety of ways.
/me looks for his bitbill to tear it apart

You can convert your private keys from a format to another with pywallet

Maybe you can, but I can't. I'm a stupid Windows plug-and-play type user. My hand-coded SpruceCode stuff is aimed at people who aren't computer geeks and don't trust themselves with anything particularly complex on their computer. To get Bitcoin into the mainstream requires it to be usable by mainstream people. Who aren't all computer geeks!

Windows-R
Enter
cmd
Enter
one line copypasted + your private key
Enter
Done

My grandma did that once, that didn't even kill her

That sounds easy. I could do that. :)

But this?


Ahem.

Getting Python+deps is beyond the average user.

Perhaps make a bundle Windows installer for it?  I know Inkscape requires Python and it contains its own copy of Python with all the needed deps in it's installer.

Perhaps even make an option not to unpack and just to use the local Python for power-users.

Do you want the web interface? nope
Do you want to sign messages? nope

Yeah, I forgot the download part, is it that hard?


When dealing with Bitcoin I think binaries are not a good idea


I don't see how http://sprucecodes.com/one-time.htm is simple and installing 1 exe + downloading a file is horribly impossible

The thing is I didn't realise I didn't need those packages. I don't know the first thing about python.

I will stretch to going to a web page, choosing between a few download options (like Win32, Win64, Mac OSX etc.), and downloading some *.exe file, assuming the whole thing seems to be from a trustworthy source. I will scan the download, then expect to double-click on it and it will install and be usable with a somewhat-intuitive interface. That includes having options for an icon on my desktop. I am not going to whip open a terminal window and start using a command line interface.

I understand that makes me some kind of non-tech dweeb but that's the way it is. Sorry. And I am a lot more tech-savvy than an average user. My sister freaks out at the idea of downloading *any* software. I spent an hour recently talking a friend through downloading and installing the regular bitcoin client: "What do you mean, 'open up a new browser window'?" etc.

The vast majority of people download the bitcoin client as a binary.

I think if the source can be trusted, and the option to compile from source is available, there is no issue with binaries.  Particularly if they can be verified with hashes/sigs to have not been modified since the trusted source put them up.