Bitcoin Forum

https://blockchain.info/wallet

It's the easiest and safest client to use. You load the webpage, enter your credentials and you have access to your funds. Your coins are not stored anywhere but your head through your password and possibly your email account, if you so choose. You only need to trust your memory and your email account, nothing more.

You don't need an over-engineered feature such as multi-signature transactions. You don't need to keep a Bitcoin private key on your phone, on your computer and with a third-party. You only need yourself. This is sensible design at its finest.

While the interface is far from intuitive and accessible to everyone (especially to newer users), it meets all the functionality that a Bitcoin user needs.

I think Blockchain.info should serve as THE example of what all Bitcoin client developers should strive for in features and functionality. Though, again, the interface needs a lot of work. However, the fact that it works solely in the browser and works on every internet-connected device with no need for any installation is the step forward that everybody needs to take. Blockchain.info has taken the greatest leap forward by using only the browser.

I suggest everybody else do the same. Desktop-based clients are a dead-end path. The browser is the inevitable future.

What are the community's thoughts?

Agreed

Using a nickname during sign-up (or adding it later) is useful then so you don't need to know the exact URL or wallet identifier to access from another computer.

e..g. if your nickname to the account is "satoshi" you would access your wallet at
  https://blockchain.info/wallet/satoshi

Don't forget though -- blockchain.info doesn't store the password so there is no password recovery.

As is stated on the site: 'To avoid any possible monetary loss due to a forgotten password it is recommended you make a paper backup of your wallet's private keys."

+1

Very handy to be able to choose sender and change address.
A few interface kinks here and there, but the client for windows isnt perfect in that aspect either.
Also gets around the "First relayed by" sniffer, so its possible to use bitcoin without having to proxy the client.

The fee is abit steeper than the standard client, fixed at 0.01 even for TX that would be ok without any fee at all (goes to blockchain.info if none is needed for the network afaik).

It may encourage competition which is always a good thing if .01 ever becomes significant enough.

good idea. except that the bitcoin network is gone then. very sad. but we still have our cool browsers to look at meaningless numbers...

No, miners will still charge fees and have incentive to maintain the network through servers. It shouldn't be up to the user to waste their computing power on the network to manage and view their funds. The cost is better burdened upon those managing transactions and mining the currency. It's simply more efficient that way and people can use Bitcoin from any device.

Thank You for the good feedback. I still have big plans for it, wait until Split key is done then it will be easy to use and zero-trust.


I think Desktop clients will still have their place. But the blockchain is reaching a size now where merkel tree pruning or an unspent ledger needs to be implemented ASAP.

This looks great. I'm not an expert, and would like the community to comment on the security of browser-side encryption (I guess this is Javascript based...?)

considering it is up and down today... at least from my location... I'm not so sure an online wallet is the best. But of course there is plenty of room to debate that issue

And a one button click to do a dropbox backup... seems to be working today.  :)

I point new users, who I tell about bitcoin, to here and StrongCoin as good options to keep any bitcoins they get, if they are uncomfortable with installing a client on their own computer. 

I remember something about a 1% fee for their service, but could not find anything on their webpage. Is there a fee?

Yes. Currently .01 BTC. http://blockchain.info/wallet/faq (http://blockchain.info/wallet/faq) Great price for all the features available.

I really don't get what you mean by this. You enter what's on what's on your memory, it's intercepted, your funds are gone. It's not only your memory that you need to trust, but also, for instance, the device you are entering those "credentials".

I like blockchain.info's wallet, but these are two unrelated concepts. Multi-signature transactions allow you to utilize the network's power to protect yourself from those attacks. I can't think of any other way to create a fool-proof measure against compromised devices, can you?

There's the method of not using a compromised device and not making it probable for your device to be compromised in the first place. If you're not spreading how much money you have along with your IP address everywhere, you shouldn't have to worry about people putting keyloggers on your computer and phone.

A hacking independent from this is extremely unlikely if you have sensible security practices...

Maybe this wallet isn't for morons. However, getting multi-signature protection to the average user and morons is a problem unto itself.

As for a simple solution to a compromised device, you can always use a javascript-based virtual keyboard.

Infections don't need to be directed at specific targets, if there is enough incentive it could be common for malicious programs to have this secondary functionality. It's not like there is a limit to how many viruses a machine can hold.


Yes, that's a problem. I think wallets like what bitcoin.info currently provides will be more popular for the near future. However, it's likely that easy solutions for multi-signature transactions will be provided at some point. It would be as easy as current two-factor authentication of bitcoin.info, and I'm sure it will be introduced by them in parallel at some point.


Anything going from your brain into the software can be intercepted. (I suspect mouse+screen-capturing loggers are already all over the place.)

I'm guessing technically you could create a transaction without having to hold the private key in one place at any given time with some cryptographic tricks, but it would be as complicated from the user's perspective. Though it might carry a lower transaction cost. So, you could do without multi-sig I guess...

LOL! srsly!

Interesting idea, I like it.   The more security the better as far as I'm concerned, so multisig will be great once it's up and running.

Good job so far :)

How is this any more secure than any other e-wallet that actually stores the users keys?

You are still dependent on a third-party for security.  Anyone who hacks the server can just serve different JS that records the information
entered into the client and submits it somewhere, then steal all the coins.

It seems to do this securely, one would need to be able to "pin" the code that sees the passphrase.  E.g. a browser extension rather than a web page.

Moreover, just like mybitcoin and other web-wallets, if such a thing happens, there is no way you can know if the service was really hacked or the owner is just running with the coins.

tl;dr wallet security will only come if all the code that sees the passphrase is pinned and cannot be modified easily without approval from many people (e.g. the bitcoin client itself)

This applies to any software that can be altered at the server level. No client protects from this.

You can do an MD5 checksum of the JS if you are that paranoid.

Again, the "over-engineered" multisig makes it possible. You can use separate services and/or devices for each element. A system with two or more points of failure provides much more reliability and security than one with single point of failure.

It still remains to be an overengineered solution for something that can be solved with MD5 checksums and an additional accessory.

+∞

http://www.matasano.com/articles/javascript-cryptography/

Javascript has serious flaws but they can be fixed. If we are going to bring Bitcoin to the end-user, we need to do it through the browser. All of Bitcoin's competitors rely soley on the browser and most users aren't going to compromise on that. They do not want to be bothered with software installations for something that has been and should remain seamless all the way through.

I think people deserve the best experience when it comes to Bitcoin. Their idea of best does not entail hobbyist level, military-grade security from back-to-front when it can't even allow the user to easily understand and manage their finances; at least not more easily than what Paypal brings them.

Over-engineered security will be the end of Bitcoin. We have to focus solely on what regular people want and not our scrupulous desires that remain stuck in a hobbyist culture.

Good choice.

You are contradicting yourself. You say this (which I agree with):


But you also say this:


Regular people aren't interested in computers so they don't know how to keep it safe, and they shouldn't have to bother with it. You said it yourself, "they do not want to be bothered with software installations". How do you expect them to keep their computer safe if they shouldn't even be bothered with installing software?

How do i quickly enter 30+ character address into this thing? Manually? Should seller send me an email so i can copy/paste it?

It looks impractical to me as a mobile phone wallet without QR reading ability.

You make things safe without requiring software installations. No contradiction.

It gives you the ability to use a simple identifier. Again, the software has interface issues.

That's not my point. My point is that people who don't want to bother with installing software are the same people that don't want to bother with keeping their computer safe. They want it to just work. Like I want my car to just work.

So you help them with one thing but not with the other.

Because full server hacks are less common than database leaks. To have any significant effect the hacker's malicious code would have to go unnoticed for an extended period of time and it would only effect users who logged in with both their main password and second password during this time. You also can't make your own backup incase the operator ever goes AWOL. I'm not saying it is infallible, but it is better than storing keys.


The first point about TLS doesn't apply, all content is sent over SSL. Also a secure key store is also not needed.

Yes the runtime is malleable but it as not as easy to inject malicious js as that article suggests. Very little user provided data is printed on My Wallet pages and it is checked at multiple points for validity. Anyone is more than welcome to review our server side code for XSS vulnerabilities (https://raw.github.com/zootreeves/blockchain.info/master/WalletServlet.java). The site is vulnerable to malicious browser extensions, if any are discovered I will act accordingly.

The RNG uses the native window.crypto (https://developer.mozilla.org/en/JavaScript_crypto) extension if available and is seeded with every mouse click and key press. I am dubious whether this can actually be exploited in practice.

You can also create a watch only wallet and scan your private keys from a paper wallet in "offline mode", in this case you are protected from any malicious javascript and do not need to trust blockchain.info at all.


You can enter the firstbits which are typically 5-6 characters. Native iPhone app will be available soon.

It would be good if there were a way to sign the JS code and have the browser verify it upon every download. If the signing key is kept offline then even a server compromise would not allow altering the JS code maliciously.

This would not even need to be verifiable by all users. Even a few capable users would be enough to  detect and notify quickly. I don't know if there is browser add-ons for signed code checking but seems like there should be.

You could do it yourself, for instance. Just curl and diff, if false then remote shut down server and alert admin. I'm sure it's already in place, that's why this sort of attack wouldn't affect the server for a long period. If the server is compromised though, the program can stay dormant until a juicy account is online. Potentially the attack wouldn't be worth it.

Still, these are patches to the security concerns we already know of. That's why an elegant and general solution is necessary.

I think the best client is Electrum. It's simple, easy, fast and best of all: it's very easy for me to modify the code to suit my needs. I've modified it to send transactions from any address I want just by having the private key, sending the change to the same address and without needing to import it.

After Electrum, the best one is blockchain.info, I agree. I suggest piuk to add a bigger button for entering the wallet. Each time I want to enter I find a bit difficult to find wallet, then login. Also, when you type the pseudonym in the login field and go to the password field, the login field should change automatically instead me needing to press the button, waiting and then type the password.

Edit: I agree with BitcoinSpinner also being great! I've done half of my transactions to date with it!

Edit 2: My 100th post! Woo!

The best client depends on your use case. IMO there is no silver bullet.
More and more people use their smart devices more than their ordinary computer, and being able to pay (small) amounts with a few clicks is very appealing.
BitcoinSpinner (https://bitcointalk.org/index.php?topic=52674.0) was designed for this purpose, and has some nice features related to this discussion:

• You decide when to update the software
• Back up once and for all using a QR-code
• Ready for use right after installation
• Private key never leaves device
• Server cannot spend your coins

This is certainly true at present BitcoinSpinner is a masterpiece of simplicity and is what I give to anyone I'm showingn bitcoins to.

But I think if you're looking for where your competition will come from it is if blockchain.info releases an android client (assuming all the features from the website carry over).

Good thing I printed my keys  ;)

hey, thanks a lot! I appreciate that!

Since android App is already out, i guess we are close!!!

Agreed bro.. its solid!

If you have a jailbroken iPhone you can download it from the bigboss repo:

http://moreinfo.thebigboss.org/moreinfo/depiction.php?file=blockchainDp

It has now been "In Review" by apple for more than a week, I think they must be trying to consult steve jobs from beyond the grave.

the android app needs
 
- password protection
- email confirmation of payments

really really bad. someone gets hand on my phone, bitcoins are gone.

You can enable email alerts and double encryption in the web interface.