Bitcoin Forum

Allow bitcoin to export wallet file with encryption.

Question: Can we use the built-in Bitcoin public-private key infrastructure.  And use a Elliptic curve encryption?

It would be an internal thing inside bitcoind?

Executable via bitcoind JSON call (so also - from command line)?

No need to make GUI button for it?

How the password should be proivded? On cmd line is very bad - unless its a pubkey (opengpg)?

i can haz 50btc nao? :D

"Elliptic curve encryption" don't allows encrypt anything. It is may be used only for signs.

Actually, I really like the idea of a GUI button. Encryption is possible with other tools (encrypted filesystems are nice, and easy to manage with freeotfe (windows) or cryptkeeper (linux desktops and similar). While it would be nice to have a one stop shop, or a second layer of encryption, its not necissary.

Frankly, I think this is a far more useful tool than tends to get credit. I don't have a lot of bitcoins, but, enough that I would be quite unhappy to lose it all (especially given their current sell prices). I don't really need immediate access to ALL of my coins.

Now, I can easily split out my coins, by firing up a new instance, with its own wallet, making an account, and transfering my funds there, and saving that wallet.... but... that is a lot of workaround for want of an export function. I would much rather, make a new account, transfer funds, then export that account (or the old one).

Of course, adding encryption directly would have its benefits too. Instead of just allowing a whole wallet to be "locked" why not allow it on a per account basis. So, Account "spending" is not password protected and has a few coins in it.... account "savings", encrypted right in the wallet. I can access it almost as easily, but, not quite. Maybe encrypt the account numbers with it, so someone who gets ahold of it can't even determine what accounts are there (so as to try and figure out which one to target).

All in all, thats a minor problem, I am much more interested in the ability to export part of a wallet and save it.

Also.... password on the command line is "bad" but... not THAT bad. Especially in these days of individual desktop machines. I would hope that anyone working on a shared/public machine knows the risks, and knows why to avoid password on the command line. So its a good reason not to rely on it or use it in many circumstances but, its not really a good reason not to have it available.

How is this bountied project coming along?

I see there is now an export wallet function, but does it encrypt?

Or does adding the encrytian remain to be done still?

-MarkM-

care to elaborate?
ecc can be used with every algorithm of which security depends on discrete logarithm being difficult. This can be either for encryption or signing.

@OP: why not use symmetric encryption instead? Public-private key cryptography doesn't make any sense in this situation.

Public-private key cryptography allows Bitcoin to generate new address without requesting the passphase.

It is also useful in for 'backups' when the backup op doesn't have access to the private keys.  This is useful if there is multiple wallets.

I still don't quite get the idea (why this would be so much better when backup-ing ones wallet)
edit: ah, I think I got it. You wouldn't have to keep your private key on the same computer to create new backups, is that it? That does make sense.
Why ecc specifically? I assume speed/key length are not of great concern here? Not that it's a problem, I'm just interested why :)

Yep, Key length is useful to be short, because many people might want to keep a printout of their private key in their fire safe.

So they can backup from anywhere know the only copy of the key is in a secure location.

fair enough, all valid points :) I can try and come up with something that can be put in cron, but I really don't have the time for anything super fancy right now.