Bitcoin Forum

There are a number of "online wallet services" for Bitcoin. The premise is that you send them your coins, and they provide a web-based interface with which to spend your coins. The problem is that these services are acting as banks, but without sufficient auditing, security, or credibility. There are three things that can go wrong with an online wallet service, and they add up to a major risk for anyone keeping money in one.

First, the wallet service might get hacked by a malicious third party. If you keep your bitcoins on your own computer, then they can be stolen if your computer is compromised; if you keep them in an online wallet service, then they can be stolen if *either* your computer is compromised *or* the online wallet service is compromised. And the wallet services are big, obvious targets for attackers.

Second, the wallet service might be doing "fractional reserve"; that is, they may not keep the actual balance on hand to back all their deposits. In this case, everything would seem to be fine until a bunch of people tried to make withdrawals at once, and then they'd discover that there wasn't actually any money there. Regular banks do this, and loan out the extra money; a wallet service could do fractional reserve, but take the extra money as profit. Regular banks have deposit insurance, which is essentially a guarantee by the US government that if everyone tries to withdraw at once and there isn't enough money there, the government will print more to cover the lost balances. In exchange, the bank is subject to a reserve requirement, which is a percentage of all deposits that they have to keep on hand, and audits.

Finally, the wallet service might just steal your money. They could just pack up and disappear one day. Alternatively, a wallet service that wanted to make money this way could keep up pretenses for awhile by disabling accounts a few at a time, or by losing a small fraction of transactions, and by blaming problems on outside attacks.

Seriously, keep your Bitcoins in your own possession. Don't recommend online wallet services to people. And don't expect online wallet services to cover for user-interface or other deficiencies the current Bitcoin client has - those need to be addressed in the client, not by a third-party service.

Speaking as someone who is actively working on setting up an online wallet. I can understand your concerns. It's also our biggest challenge (to build trust)

As someone who is obviously against the idea. What would make you feel more comfortable with the idea?

Actions we are going to take:

1. Make it clear whose behind it.
2. Clarify how our system works and what safe guards are in place
3. How we plan on making money

Funny, just minutes after you wrote that is this:
  "I think some centralized service is good for the bitcoin community".
  - http://forum.bitcoin.org/index.php?topic=26264.0

For the No.1:

1) Be a U.S. citizen
2) Register a company in U.S.
3) Tell people your exactly background information.
4) Post 1 of your pictures is good for building trust.

conclusion: transfer your personal creditability to your service.

Of course, you have to do a good job on 2. and 3.

Most of us using this forum are old enough and smart enough to be able to handle risk analysis on our own. We can determine what we consider a safe amount to put into online wallets, and can even point all this out when recommending them to others.

*bump*

I'd just like to point out that MyBitcoin's disappearance was foreseeable, and foreseen. Anyone who kept a significant amount of money there, didn't do their due diligence.

Seriously? You expect bitcoins business to register in a country where the chance of being shut down in the future is that high?

Bitcoin business should be registering in tax havens where money printing is not a tradition.

Agreed. With this thread being up for close to a month now I would say that anyone who lost bitcoins at mybitcoin.com is at fault for their own losses.

There were too many warning signs of fraud.

Plus it seems contradictory to keep one's wallet/coins on a third party server. The whole idea of bitcoin is to be and decentralized and storing your coins on a central server defeats one of the main beauties of the design of bitcoin.

What a shame....

We registered where our company is located,  Pottsville, PA USA.    Our clients know who we are,  can verify an address, etc...  considering it's plastered all over there that it's a Yooter InterActive Company.

I want to be able to buy Yuengling for bitcoins.

I want to be able to buy Yuengling for bitcoins.
[/quote]

the brewery is across the street.. literally smell hops each time I go to work.

Exactly.

Side note: I can't help but wonder why so many people seemed to prefer mybitcoin over instawallet. Because it had a password? Both were e-wallets, and not worth keeping a lot of bitcoins in.

I wish you and all your customers good luck.

Would offering wallet.dat download (or alternatively, a gpg-encoded text file with private keys) by a good idea? So that even if your site goes offline - for example, if your servers are nuked or taken - I still have the private keys for my own addresses and can use them in a local client, and spend the coins.

This won't help against you purposeful stealing the coins, but will give reassurance against loss or destruction.

Assuming you're an honest individual I can still forsee the following problems.

1. How can you protect the bitcoin private keys in the wallet from...

a. Disgruntled employees (assuming you'll need employees)
b. Someone at the data center where your servers are hosted.
c. The backups you'll need to make. Who holds these ?

2. You're going to be constantly under cyber attack.

a. Who examines your code ?
b. Your software stack i.e. the 3rd party libraries you use how will you check that no-one inserts a specific attack on your site via a library upgrade.
c. How about your personal computers a hacker could gain access and use a keylogger to get root passwords ?

3. If you do well you'll be holding a significant amount of cash for other people that can easily be transferred and anonymized. You've also made yourself public on your site.

It's possible someone could attack you personally to get at the bitcoins. Have you thought about that ?

It might also be interesting to make a personal wallet webservice for micro-payments. Only allow a certain maximum BTC per user, so that it is not used as long-term storage for large amounts of coins.

Users should then be actively encouraged to only use the service for web payments.

This will limit the risk a bit...

Not giving you my private keys for storage, but using the data stored with you together with my local secret every time a key is needed.

This would be similar to how LastPass handles passwords (they're not stored with them, yet it's "like" if they were) and give the same security as Wuala has over Dropbox (employees cannot, ever, see your content).

But how would you see that work with a web service? You could implement a large part of the Bitcoin protocol in JS, but if it is served from the wallet provider, it could steal any key that you enter by injecting a keylogger into the JS as well.

It could work with the native clients though, to have it use a wallet on a storage provider (with encrypted private keys) instead of a local one. Would be a matter of generalizing the DB backend. This would also protect against wallet loss if the local machine is formatted.

That's the most common argument leveraged against LastPass, and it's indeed valid (see below). The solution, so far not implemented anywhere, is to sign a hash of the JS snippet in question and have that verified by the client. When the code needs an update it has to be vetted before clients approve a new hash or signature.

I believe this is on its way into the HTML specifications but I haven't looked for some time. If we control the client implementation (Android, PCs) it's however implementable already today.



In the LastPass case, they are considered trusted (reputation, company) and the architecture is meant to protect against hacking instead. They take great care to make sure their systems serving up the JS in question aren't easily manipulated, and if a hacker were to extract their databases they still cannot do anything with them since everything is encrypted and only the end users have the corresponding keys.

Where can one get a security architect for this kind of job?

I thought Microsoft has depleted the supply by dragging all the good people into the Midori project... :P

Seriously, someone who can manage a 100.0% flawless system for all the running time -- those people are rare to come by. One contact of the private keys with a hacker, and your entire company is history. And possibly the responsible people as well, if the amount of value lost was high enough for people to get violent.

Anyone thinking of developing or using an online wallet service should be thinking about offline reserves, as discussed here: https://bitcointalk.org/index.php?topic=34011.0

That's what Webcoin (http://bitcointalk.org/?topic=7357.0) is. (server-side node, client-side crypto/wallet)


Basically true, but there are remedies. Also, it's not as bad as having your data on the server. If the server turned evil, they could only steal from people as they logged in. Anybody could monitor them (by looking at changes in the code they send out) and blow the whistle before they can steal from a majority of their customers (most users don't log in all that often.)

Anybody with HTTPS webspace can also host the actual JS application themselves. Then they only have to trust their own server security. You could even make a self-contained package containing a simple webserver that just serves the app locally.

Obviously, that's still not a satisfactory solution for mainstream users. So in the future, we envision using an authenticator. This could be a software authenticator or a hardware authenticator. The authenticator would be where the actual cryptography takes place and the browser based application only is responsible for the managing the wallet data. It would send the final, serialized transaction to the authenticator for signing. The authenticator would have a separate window pop up (in the software case) or a display with yes/no buttons (in the hardware case). It would parse the actual transaction as serialized for signing and display exactly what the signature would allow (Bitcoin has things like blank checks, so it would be a bit of a challenge to allow maximum flexibility while still making sure the authenticator "understands" what he's signing.)

Both authenticators could offer the same standardized protocol, which could be supported by any kind of client.



Someone implemented this for their own webservice cryp.sr: https://github.com/cortesi/apphash

I don't like the approach too much. Browsers are extremely complex software, so I don't see how this type of hashing could possibly be secure. Anything that allows the injection of some JavaScript would completely break the security. And if you're going to have to install some extra piece of software anyway, you might as well go the authenticator route, which is much cleaner because it also protects against all kinds of accidental spending, UI failures and other bugs in the (validated) software.

Flexcoin announced a security breach today, so: Bump. Guys, using or telling people to use an Online Wallet Service is Not Okay. Not MyBitcoin, not Flexcoin, not StrongCoin, not Coinbase. The only reason a web site should ever have access to your bitcoins is if that website sold them to you, in which case you should transfer them to your own wallet prompty, or if you are using them to pay that website for something, in which case you shouldn't be expecting them back.

Source?

You do realize how sites like StrongCoin and Blockchain.info work, right? You keep control of your keys, not them.

Originally in this thread, it seemed like there were folks who weren't wanting to make this distinction. It's an important one though, and one that still needs to be pointed out. A site you interact with where you keep your own keys is still a risk (they could potentially change their code to access your keys,) but on a far different level than one where you don't.

And if the claim is that none of them, even those, are worth using, then I'll it should be asked again:

How do you spend bitcoins away from home without using a site like that, or an app (subject to the same issues?)

It's all a risk calculation. Keep the bulk of your coins in at least one offline savings address, and only keep what you can afford to lose on anything that's not a full node.

All that said... I do agree that keeping coins in an exchange or "bitcoin bank" is just begging for trouble.

Here is some general (read: industry standard) advice.

Run suPHP and don't allow any permissions on your server other than 644/files and 755/folders.
Keep EVERYTHING updated CONSTANTLY - have someone whose job it is to make sure this is done around the clock
Run mod_sec and be very careful about what you decide to whitelist
Take advantage of services like http://sitelock.com and http://sucuri.net/
Force HTTPS and use a trusted SSL from a company like Comodo
Don't run any services that you don't need (disable ftp if you're not going to use it for example)
PAY ATTENTION to what is happening on your network. Many attacks not first try instant successes and if you're reading your logs and watching traffic you will catch these things

These are basic tips that will go a very long way to keeping your site/server secure. Most people are compromised because they are lazy and don't pay attention.

There has been quite some progress in this area since this thread was originally discussed.

Here is a quick write-up regarding what I consider to be best-in-class security for web-based clients:

https://ripple.com/wiki/User:Justmoon/Secure_Bookmarklet

Note that the document above deals only with the code delivery problem (i.e. the server can send you a version of the client that steals your keys). This seems to be the key issue that web wallets need to solve.

Note also that a web client like this actually provides better security in this particular area than a downloadable wallet like bitcoin-qt, because it makes independently verifying the client much quicker and much more user-friendly and it is therefore significantly more likely that any given user will actually bother to do it.