Bitcoin Forum

Bitcoin => Bitcoin Discussion => Topic started by: bitrebel on August 06, 2011, 12:36:35 AM



Title: Question about Bitbills and Wallet Security
Post by: bitrebel on August 06, 2011, 12:36:35 AM
If I understand this correctly, Bitbills has a great system, but they only hold the Private Key, and not the whole Wallet.dat file?

If I understand correctly, this means all wallets are actually held by bitbills, correct?

If this is correct so far, then how come someone doesn't just place the whole wallet file on a data storage card, then the whole bitcoin will be contained right there, essentially?

Then, when you trade cards, you actually trade the bitcoin.

Am I way off the mark? Would this not work?

This is the same for their bank card, correct? You can load and reload the card, but the wallet.dat file is still kept on their servers. So, this is ultimately unsafe, correct?


Title: Re: Question about Bitbills and Wallet Security
Post by: julz on August 06, 2011, 01:28:26 AM
If I understand this correctly, Bitbills has a great system, but they only hold the Private Key, and not the whole Wallet.dat file?
If by 'they' - you mean the card, not the company - then yeah.. seems right so far.
Each bitbill holds the private key only (hidden so that revealing it wrecks the card).   There is no longer any corresponding 'wallet'.
The corresponding address is printed openly on the card so you can verify in the blockchain that the card is worth it's face value.

If I understand correctly, this means all wallets are actually held by bitbills, correct?
I don't think it makes sense to say this.
When buying bitbills you're trusting that they keep no copy of the private key.


If this is correct so far, then how come someone doesn't just place the whole wallet file on a data storage card, then the whole bitcoin will be contained right there, essentially?
Then, when you trade cards, you actually trade the bitcoin.
Am I way off the mark? Would this not work?
That'd work.  But there's no need for a whole wallet.


This is the same for their bank card, correct? You can load and reload the card, but the wallet.dat file is still kept on their servers. So, this is ultimately unsafe, correct?
As above - no wallet or private key is kept for the bitbills or their bank cards... assuming we trust bitbills to have a secure process of generating the private key and ensuring nobody takes a photo of it etc.

Lose the card - any money loaded on it is lost forever.

I think it's a good bet that bitbills is trustworthy in this regard - in that even one proven violation would potentially ruin their business.
I would like to see more contact and business information on their website though.

EDIT:  In short - the bitbills company could go out of business - and your bitbills cards would still hold the bitcoins just fine.


Title: Re: Question about Bitbills and Wallet Security
Post by: bitrebel on August 06, 2011, 01:44:03 AM
If I understand this correctly, Bitbills has a great system, but they only hold the Private Key, and not the whole Wallet.dat file?
If by 'they' - you mean the card, not the company - then yeah.. seems right so far.
Each bitbill holds the private key only (hidden so that revealing it wrecks the card).   There is no longer any corresponding 'wallet'.
The corresponding address is printed openly on the card so you can verify in the blockchain that the card is worth it's face value.

If I understand correctly, this means all wallets are actually held by bitbills, correct?
I don't think it makes sense to say this.
When buying bitbills you're trusting that they keep no copy of the private key.


If this is correct so far, then how come someone doesn't just place the whole wallet file on a data storage card, then the whole bitcoin will be contained right there, essentially?
Then, when you trade cards, you actually trade the bitcoin.
Am I way off the mark? Would this not work?
That'd work.  But there's no need for a whole wallet.


This is the same for their bank card, correct? You can load and reload the card, but the wallet.dat file is still kept on their servers. So, this is ultimately unsafe, correct?
As above - no wallet or private key is kept for the bitbills or their bank cards... assuming we trust bitbills to have a secure process of generating the private key and ensuring nobody takes a photo of it etc.

Lose the card - any money loaded on it is lost forever.

I think it's a good bet that bitbills is trustworthy in this regard - in that even one proven violation would potentially ruin their business.
I would like to see more contact and business information on their website though.

EDIT:  In short - the bitbills company could go out of business - and your bitbills cards would still hold the bitcoins just fine.


Thanks Julz, your last sentence sums up my concerns. But the whole post was helpful.
I think more people should use this system if they are newbies and do not trust holding them.


Title: Re: Question about Bitbills and Wallet Security
Post by: nmat on August 14, 2011, 01:58:07 AM
Has anyone tried to tamper these cards?

Is it possible to open the card with a scalpel, remove the code and glue everything back together? I don't really know how are these cards made (I don't have even one) so I am just speculating...


Title: Re: Question about Bitbills and Wallet Security
Post by: BusmasterDMA on August 14, 2011, 04:12:08 AM
If I understand correctly, this means all wallets are actually held by bitbills, correct?
The only substantial pieces of information contained in the wallet.dat are the private keys.  If one knows a private key, one knows everything needed to construct a wallet.dat file.

In theory Bitbills could also keep a record of the private key.  I'm in no way accusing them of actually doing so.  But it should be noted that if they were to take the unscrupulous action of recording private keys, they could spend the coins at any point in time before you transfer them.


Title: Re: Question about Bitbills and Wallet Security
Post by: BitcoinBug on August 14, 2011, 07:15:24 AM
Has anyone tried to tamper these cards?

Is it possible to open the card with a scalpel, remove the code and glue everything back together? I don't really know how are these cards made (I don't have even one) so I am just speculating...

It is not possible, I tried and failed.


Title: Re: Question about Bitbills and Wallet Security
Post by: PLATO on August 14, 2011, 07:28:47 AM
if you have the private key there's some way to derive the public key. idk if the QR code printed on the front is a public key or an address. (the address is a base58 encoded hash of the pubkey, iirc)


Title: Re: Question about Bitbills and Wallet Security
Post by: BitcoinBug on August 14, 2011, 11:12:39 AM
The owner was guest on The Bitcoin Show:
http://onlyonetv.com/2011/07/the-bitcoin-show-episode-023/
... and seems trustworthy. I don't understand website contact secrecy either.


Title: Re: Question about Bitbills and Wallet Security
Post by: Gabi on August 14, 2011, 03:48:22 PM
Remember that the creator of bitbills can know all the private keys of the bitbills created by them and it can be a scam, maybe one day they just move all the BTC of these private keys in another wallet and ta-dah, all bitbills are worth 0.

Better to specify it, remember, TRUST NO ONE