|
It goes in the .bitcoin directory in your home directory. Dirs that start with a '.' are hidden. You can see them with 'ls -a'.
Yes, you just need the wallet.dat. The rest will be automatically downloaded.
|
|
|
|
|
That's what I'd recommend: use one address per sale. Then you don't get a big long list back. You just get (usually) one transaction, and you deliver the goods when it confirms. If any unexpected transactions come in you should notice it in your net balance.
Also check out 'listsinceblock <blockhash> <confirmations>'.
|
|
|
|
An address doesn't have a discrete number of confirmations. Only a transaction does. Try this: bitcoind gettransaction <txid> |
|
|
|
|
You can get DSL compatible surge suppressors, but DSL modems are almost as cheap. Let it be your surge suppressor unless this is a frequent problem in your area.
|
|
|
|
|
JSON is great for simple data, especially just arrays of numbers.
YAML is great for rich complex data, but it requires a smarter parser. I love the human readability though.
Both are much more fun to use than XML.
|
|
|
|
|
It's no technicality. It works just fine.
Again, this will fully use all of JUST the inputs (not the whole balance of A).
|
|
|
|
|
Close. It will take all the coins from certain prior outputs in address A - but not necessarily the whole balance since there may be other transactions - and send them all to X and B. It already does this routinely.
It is not possible to spend only part of a transaction. You have to generate change unless you're spending the exact amount of one of the prior outputs.
|
|
|
|
Task #1: user@host:~$ gpg --import
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.19 (MingW32)
mQENBE/VLUUBCACvd4lw8GpmiHJ0ru+C5HuWd9EJ/quCZ1tgqg+9JOUf+7ZJCxFf
qgbfEA7K6kMu0ine0423LvfKUtvZhBAsCSvsvpaBrv/nEF41YFn6e61CzE9tBuTQ
JqTuV8GoVw+1ZimiTbtLtqh+X2t5bX2wOrSuWARHCC+voNrlcLjKirJwWIVCy59b
8rUMt6iyk5Y+jn3CgXeyzuYI3+PfXIfiCvdvqksfM5H0DuzophY2TSh15+f9SJTb
ulwRvb6tnL47dJmFT6n96QuhMBHVrcfYyIhciARCN14k/R4zfMNtk5K+oTIhNiJ0
SfpZJ0EaZfPpS7pZPvMgDsF17MBNkTK/vXc5ABEBAAG0OVRhbmdpYmxlIENyeXB0
b2dyYXBoeSBMTEMgPGluZm9AdGFuZ2libGVjcnlwdG9ncmFwaHkuY29tPokBOAQT
AQIAIgUCT9UtRQIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQKLtxX8Js
F80T0Af+PVIoDi2Lxm0vQlqYDQ6hVjPO7I2J1KEomDc2OuFi0D+IcAMUI6EgVmoC
1dIcy5dt/Pxz1XgvqHVF64SnVxKjDarC7beCGqHDi3wlahL4NnTdRkYuRjMt95Ib
JSpST7bKd0AuNsnk5K7KIgRjTNoODwp4XMj9H3fLXo/aL3gOpGGkzKQFHKoz9R8B
h1nqzEsyB/Rn1oYG6uc8LwnQIyID6/9vyXyJmCVD/+a8AytUmpqPRUiC3jVUbBRK
rhhwTGqoPR1mOs13najWA7Qq2KNu5Dhyh7DMOdlxVHvGkW2Yl2BlHdS6Qyz3UZ1a
KCqEJyoXPpD3dCASdKLy5YCPkHd3/bkBDQRP1S1FAQgAr4O3FjnlSuPp8Z/IGIUw
hpxqsBOb6DD0o0POae2/ifWWOHu/P2Wo1KKUDku0CQQ1xuMOkWquHv2j3nvoXJ12
tcIXUK/SCyMYlyomQ6SOYwyg7yQH0N04Ui4RZyChtMg43twVneqGkZGFEaQ16KC3
c/8Y4IJk2DzlCCE545XyarPlnzzBf4rNtpUPY0qV88roM6lpMj3YW9WUH/3nExyD
9+oFDXNh37p9mVAnXXmKvTqC6rSVsNwq7i7XtCKOdXqvcbFshGpc4yiHRuCCmwQd
XzQIJYwvGWAGnGQIL7YGptgk2qzKgL4mWbbUO1hdWLXYM+5Y4532I0oHT85CI3Dg
KQARAQABiQEfBBgBAgAJBQJP1S1FAhsMAAoJECi7cV/CbBfNvuwH/j+GR00kowuC
4r8FR/RoYJzBYDabvn+ir3EV1hirAuPM3qnttLDYQZYFCNc9cS4UCFdOOuY+B3EY
A6go/MfqT4tXAdSaIe/QrVKqU0zGwg0ADpONP1cS9+ICP50LRY05tU51OuajBjrP
4s/mfmfkcg9HkEpGmmoUiKe0zZbsfmkCXUNUfH8KMXEpy35ln3OwCCNQ/WOCufyN
/eI+9kvjfRwUv8A08tSkPWrk9rgup9o2uQ5KDDDKEIFB+UNkk6ad6HRklrma6kYN
BD6UahqOTUrBTlx2cN7MQfAON/ljc8cEUQdAHcVB316LoBJpHluLLTpX9hp61F2R
zYO1TlHfpVc=
=ZBEc
-----END PGP PUBLIC KEY BLOCK-----
gpg: /home/user/.gnupg/trustdb.gpg: trustdb created
gpg: key C26C17CD: public key "Tangible Cryptography LLC <info@tangiblecryptography.com>" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
user@host:~$ gpg
gpg: Go ahead and type your message ...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Tangible Cryptography says Hello World!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (MingW32)
iQEcBAEBAgAGBQJP1sfwAAoJECi7cV/CbBfNzQ4H/15I822E9XlwuCyL7ttIon0w
Tangible Cryptography says Hello World!
nazKrGaqTxFaBm9BSOQ0HuUTm1E2fl+rSVj6Kcd0KW/2krZL88PTpNCHm+R5o7rn
UpAKyRMtmk40gGvC/eJueV8TOabmflKpQ7Je2GMNm8UYkRiJfmjk41mUigx67JCa
xgmBjO7Li30pAON1ktT64XmpKf7g1uVjvY7hA5d0jtnA4PbTdiOpmPrTJXIZmx/a
TQmh2VKyWtAhN09VY49oE1gB6B4TLoCuwkJDIQWPw3KiJLM27+5zg6755s2tA6eW
FTQUEQXgNHWKwTkjKdJpifbnMVl8X4/ZO2PB+oEx/H0xnnqydWIuvGpEeRaQ3Jk=
=rNIP
-----END PGP SIGNATURE-----
gpg: Signature made Mon Jun 11 21:39:12 2012 PDT using RSA key ID C26C17CD
gpg: Good signature from "Tangible Cryptography LLC <info@tangiblecryptography.com>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 3AF3 01A1 91EC E112 621C ACC0 28BB 715F C26C 17CD No bounty required. |
|
|
|
https://bitcointalk.org/index.php?topic=52155.0;allhttps://bitcointalk.org/index.php?topic=60703.0;alltl;dr: You need to find a problem that is: 1) very hard to solve (about 20,000 GPU-hours per solution); 2) trivial to verify it was done correctly (less than 1 GPU-second per check); 3) politically neutral (we have to agree on the problem being solved, and some people will object to using their GPUs to solve some problems). No one knows a useful problem in this category, so we're using SHA256. Feel free to suggest something better, but criteria #2 is the hard one.
|
|
|
|
|
Correct. It's safe against viruses and hacking. Someone coming to physically steal it is only a concern if you have a really large account.
|
|
|
|
|
It's fine to leave it plugged in. It only authenticates when you touch the button.
|
|
|
|
You might want to reorder that to make it find adjacent _keys_ on the keyboard, not adjacent letters in the alphabet. Just reordering the string won't help. It would need to generate groups by adjacency, which will require a considerably more clever algorithm than the double-nested-loop exhaustive search above. By all means post it if you have one. I'm done for the day.  |
|
|
|
Here's an updated version which will try double substitutions. This is a large keyspace and will take a long time - figure about a month for a 30 character password at 10 guesses per second. Beyond there you'll have to use either riX's approach where you assume that fumbles will be to adjacent keys, or employ a GPU for more brute force. #!/usr/bin/ruby -w
passphrase = "oops"
def test(phrase)
print phrase, "\t"
system("./bitcoind", "walletpassphrase", phrase, "20")
case $?.exitstatus
when 0
puts "Found it! #{phrase}"
exit 0
when 127
puts "bitcoind not found in current dir"
exit 1
end
end
def scramble(passphrase)
characters = " !\"\#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~"
list = []
# transpose adjacent chars
(passphrase.length - 1).times do |i|
testphrase = passphrase.dup
testphrase[i] = passphrase[i+1]
testphrase[i+1] = passphrase[i]
list << testphrase
end
# delete one char
passphrase.length.times do |i|
testphrase = passphrase.dup
testphrase = testphrase[0,i] + testphrase[(i+1)..-1]
list << testphrase
end
# substitutute one char
passphrase.length.times do |i|
characters.chars.each do |c|
testphrase = passphrase.dup
testphrase[i] = c
list << testphrase
end
end
# insert one char
(passphrase.length + 1).times do |i|
characters.chars.each do |c|
testphrase = passphrase.dup
testphrase.insert(i, c)
list << testphrase
end
end
return list.uniq
end
list1 = scramble(passphrase)
list1.each { |i| test i }
list1.each { |i| scramble(i).each { |j| test j }}
puts "No luck."
exit 1
|
|
|
|
Here, I whipped up something quick and dirty. Just fill in your passphrase as close as you can remember, and make sure bitcoind is in the current dir. It should print lots of "The wallet passphrase entered was incorrect" if it's working. #!/usr/bin/ruby -w
passphrase = "oops"
characters = " !\"\#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~"
def test(phrase)
print phrase, "\t"
system("./bitcoind", "walletpassphrase", phrase, "20")
case $?.exitstatus
when 0
puts "Found it! #{phrase}"
exit 0
when 127
puts "bitcoind not found in current dir"
exit 1
end
end
# transpose adjacent chars
(passphrase.length - 1).times do |i|
testphrase = passphrase.dup
testphrase[i] = passphrase[i+1]
testphrase[i+1] = passphrase[i]
test testphrase
end
# delete one char
passphrase.length.times do |i|
testphrase = passphrase.dup
testphrase = testphrase[0,i] + testphrase[(i+1)..-1]
test testphrase
end
# substitutute one char
passphrase.length.times do |i|
characters.chars.each do |c|
testphrase = passphrase.dup
testphrase[i] = c
test testphrase
end
end
# insert one char
(passphrase.length + 1).times do |i|
characters.chars.each do |c|
testphrase = passphrase.dup
testphrase.insert(i, c)
test testphrase
end
end
puts "No luck."
exit 1 Good luck! edit: This also requires a running bitcoind. 1. set "rpcpassword=somerandomcrap" in .bitcoin/bitcoin.conf 2. run "./bitcoind -daemon" 3. run "./bitcoind getinfo" until it starts returning data instead of errors 4. then run the script above. |
|
|
|
|
Keeping the pubkeys in plaintext encourages people to do their daily read-only operations (verifying received coins) without having to keep the decrypted private keys or password in memory.
The point of encryption is to prevent stolen coins, not to protect your identity. If you want identity protection use a separate whole-file encryption system such as GPG or TrueCrypt.
|
|
|
|
The encrypted wallet format only encrypts the seckeys, nothing else. You can dump them with bitcointools: https://github.com/gavinandresen/bitcointoolsez1btc: to export the full encrypted seckeys, just make this change to wallet.py: diff --git a/wallet.py b/wallet.py
index a41d3a6..9eae0ad 100644
--- a/wallet.py
+++ b/wallet.py
@@ -224,7 +224,7 @@ def dump_wallet(db_env, print_wallet, print_wallet_transactions, transaction_fil
print(" Created: "+time.ctime(d['created'])+" Expires: "+time.ctime(d['expires'])+" Comment: "+d['comment'])
elif type == "ckey":
print("PubKey "+ short_hex(d['public_key']) + " " + public_key_to_bc_address(d['public_key']) +
- ": Encrypted PriKey "+ short_hex(d['crypted_key']))
+ ": Encrypted PriKey "+ long_hex(d['crypted_key']))
elif type == "mkey":
print("Master Key %d"%(d['nID']) + ": 0x"+ short_hex(d['crypted_key']) +
", Salt: 0x"+ short_hex(d['salt']) + Then run "./dbdump.py --wallet | grep PriKey". That will give you the full list, and you can pick which one you want to share. |
|
|
|
|
Rather than giving your whole wallet over to someone, just extract one keypair, preferably one for an address with 0 balance. They can then crack it, but won't have access to all of your funds when they succeed.
|
|
|
|
|
Do you remember any part of your password? How many characters was it? Any other aspects, like all-lowercase, or made of several words, or was it just random?
If we can narrow it down some it might be possible to brute force it.
|
|
|
|
|
Show Posts
