Bitcoin Forum

Bitcoin => Bitcoin Discussion => Topic started by: dogisland on November 08, 2011, 03:07:15 PM



Title: For very cautious Bitcoiners - Offline transactions.
Post by: dogisland on November 08, 2011, 03:07:15 PM
I've written up a technique for creating an offline transaction. This is basically a payment instruction created from keys living on a machine that never gets connected to the internet.

Thanks to the guys in the development part of the forum for helping me put this together.

https://strongcoin.com/blog/the_easiest_way_to_create_secure_offline_bitcoin_transactions

Let me know your thoughts.


Title: Re: For very cautious Bitcoiners - Offline transactions.
Post by: casascius on November 08, 2011, 03:25:36 PM
This is fantastic to see.

One thing I would love to see (and might experiment with) would be a C++ implementation of this that uses a console interface (stdin/stdout) to do this very same thing, and which has its own key store.

Result: compile it for any hardware with a serial console interface, it would be a 100% safe ONLINE wallet, especially if the device has its own display and keypad so user can confirm transaction.

Serial is better than network in this case because the attack surface is very small, especially if the device offers no shell capabilities over its serial port. Like those VeriFone credit card machines. Except something this simple could run on the extremely obsolete ones, the kind that go on eBay for well less than $50. (example: VeriFone Omni 3200)


Title: Re: For very cautious Bitcoiners - Offline transactions.
Post by: ThomasV on November 08, 2011, 03:52:58 PM
This is fantastic to see.

One thing I would love to see (and might experiment with) would be a C++ implementation of this that uses a console interface (stdin/stdout) to do this very same thing, and which has its own key store.

Result: compile it for any hardware with a serial console interface, it would be a 100% safe ONLINE wallet, especially if the device has its own display and keypad so user can confirm transaction.

Serial is better than network in this case because the attack surface is very small, especially if the device offers no shell capabilities over its serial port. Like those VeriFone credit card machines. Except something this simple could run on the extremely obsolete ones, the kind that go on eBay for well less than $50. (example: VeriFone Omni 3200)

Electrum is Python, not C++, but it has an option to generate offline transactions from the command line. maybe you can use it ?

example:
Code:
$ python ./electrum.py gentx 19mP9FKrXqL46Si58pHdhGKow88SUPy1V8 0.1
Password:
0100000001c7bc6a8c93d73bdebb6ae19653913b9a8970a1fa7491d010343a6ae5f05969b5010000008c4930460221008471f57ae05f5c31c0fd96e9100e01086d2615710ef2d7e22ffe116193b24b89022100d444591d6ceb8efc0df6beb342791b402bfae8aea26efcf4d2cfeacafa965441014104aba3e1e12ce9bba626716c17e6f56f9c15edd776feefb7005a2806b2e88a223e18fb3cd4153081cf68c22cd766c930d118b49e5b6804e49caed63f9424c4b24dffffffff0280969800000000001976a9146025cabdbf823949f85595f3d1c54c54cd67058b88ac60070b01000000001976a914ddd071f1583fd565f5dc9a416ba1ba83211102d888ac00000000


Title: Re: For very cautious Bitcoiners - Offline transactions.
Post by: casascius on November 08, 2011, 04:50:32 PM
Electrum is Python, not C++, but it has an option to generate offline transactions from the command line. maybe you can use it ?

Probably not on the devices I envision running it on, which will be closer to microcontrollers than computers with support for high-level languages.  I'm not in any hurry, but I will cheer and jump for joy when such a thing comes to be.

If such a thing existed, someone could produce a cheap "secure wallet gadget" which would completely solve the problem of hacking and theft.  Such code could be loaded in moderately cheap off-the-shelf gadgets.

Imagine a bitcoin client where you send bitcoins, and a modified cheapo credit card terminal on your desk says on its display, "You're about to send 20.32 BTC to 1asaskdfljasdflkj...confirm?" and you must press enter before the terminal signs the transaction and the bitcoins can be sent.  There are zillions of refurbished Omni 3200's out there right now for under $50.  With a built-in printer, your bitcoin private keys can be safely backed up in the form of QR-codes on receipt tape with encryption.  You would be safe transacting even with a rooted computer.  This would be a SERIOUS answer to criticism about theft and Bitcoin's security.


Title: Re: For very cautious Bitcoiners - Offline transactions.
Post by: genjix on November 08, 2011, 04:55:50 PM
Quote
One thing I would love to see (and might experiment with) would be a C++ implementation of this that uses a console interface (stdin/stdout) to do this very same thing, and which has its own key store.

I released a tool to do all this a while back:

https://bitcointalk.org/index.php?topic=50721.0

Has Ubuntu, Gentoo and source code packages.


Title: Re: For very cautious Bitcoiners - Offline transactions.
Post by: quartz92 on November 08, 2011, 10:03:54 PM
Quote
One thing I would love to see (and might experiment with) would be a C++ implementation of this that uses a console interface (stdin/stdout) to do this very same thing, and which has its own key store.

I released a tool to do all this a while back:

https://bitcointalk.org/index.php?topic=50721.0

Has Ubuntu, Gentoo and source code packages.

Very useful, thanks


Title: Re: For very cautious Bitcoiners - Offline transactions.
Post by: Red Emerald on November 15, 2011, 01:11:33 AM
Very neat.  How much work would it be to write arbitrary scripts offline and then broadcast them?

I really like the idea of contracts and getting a way to write them easily and securely would be awesome.