nah, Gav addressed this and that's the point of the open surce, you can see the code, and you would just for back to the earlier version. This years 0.8 --> 0.7 for show how quickly this can happen an how transitory its effect was on price
The point made a few pages back was that opensource is a ruse--backdoors in closed source software on the host and client machines bypass the in-between security, rendering the opensource safety net moot. what close source.....and you can air gap |
|
|
|
|
doesn't PPC answer all of these mining problems....?
|
|
|
|
|
i never quite understood why you need the who block chain and not just last part that is large enough to make it hard enough not to duplicate. All unmoved coins beyond this point could just be complied into a continuous space, sort like defraging a HD.....or is that the size of the bloc chain already?
|
|
|
|
|
BTC is a soft weapon for CNY and a way to unwind USD position if it can get into the 10T + mark.
Also I sated in Gox thread CNY was the place to go Magical Tux retorted BTC was fully illegal in CNY.
Well get a load of that volume Magical Tux. Oh and get some think tank help
|
|
|
|
This is crazy. If ECDSA was broken, then bitcoin would be broken and deterministic wallets would be worthless anyway because nobody would care anymore.
By definition a publc key can be made public without causing damage.
The point of using electrum is precisely to be able to sign transactions offline.
If one starts from the assumption that a private key has been leaked then yes the wallet is compromised.
Releasing the public key provides a very signfiicant security feature: the ability for the sender to verify the ownership of the destination address.
Sine the public key can be posted on many different key servers and social networks, the verifier can check all the sources and raise an alert in case it detects some insconsistency.
well no, that's why the whole change address thing is in BTC. If ECDSA is cracked and you have always used new addresses, then you coins are ok, and GAV and co can do an emergency patch, life continues, except fro those of you that had not used change addresses and possibly electrum/deterministic with and spent. |
|
|
|
I sent out PM's to the guys who said they'd help pay for the client upgrade Bounty and I'm waiting to hear back.
I also PM'd Mr. Thomas Nasakioto, and I am patiently waiting for hell to freeze over.
Thomas Nasakioto pm'd me a while back |
|
|
|
1A It is always the second
1B SecureRandom in the Java library is used for the random numbers.
You might be better off getting a copy of the MultiBit code and reading through it for the implementation details - I don't know your programming background but the class names and comments tell most of the story.
ok...so always address number 2 no matter what.... I will read the code, i have coded C++ with open GL (a collision engine...my dream program), and other stuff...but that was years ago so I am sorta rusty thanks |
|
|
|
I'm shocked that not a single person has noticed that ixCoin has [once again] kept up with Bitcoin's massive run while most other coins have been cut in half [again] in just 1 week.
And there has been no hype so ixCoin has some inherent positive correlation tied directly to Bitcoin. Very strange cause it can't be just the merged mining as other merge mined coins are not displaying the characteristics and the same feat.
There is something afoot with ixCoin. It's still under 2 USD cents so it's not too late to accumulate a few thousand coins in case I'm right. Don't bother mining it, it would take most mining rigs a few years to mine just a few thousand ixCoins.
Good luck!
its dropped 40%? |
|
|
|
|
i had 0.05 btc a long time ago and went all in on LTC at $5, and still going long in ltc
|
|
|
|
At the moment I have 0.08 BTC  . I've spent 3 BTC last week, so I need to fill my wallet again. I want to buy a few BTC, but I'll wait for a week or 2 to see what the price does. it could be for 250 USD in 2 weeks  That's why I don't know what to do. The prices were this high in April, and the dropped afterwards. I think the prices will go down a bit when the Chinese stop acting crazy. and everyone keeps waiting for their real estate market to crash, too. yeah and thats not going to happen, you will not convince a single Chinese person or bank or government official to sell any land/property they own for less than they purchased it adjusted for inflation. |
|
|
|
so what's the consensus here? NSA does or does not have a backdoor into SHA-256? that would be pretty worrisome.... thinking this is FUD, though.
The NSA has no need to put a backdoor in SHA-256 when all they need to do is backdoor the developers.  For the most part, the primary developers all: - are married
- have children
- have established careers with companies or academic institutions which are not easy to replace
Those three things are notable because those characteristics make them more vulnerable to extortion and blackmail than they might otherwise be. Backdooring SHA-256 is presumably difficult. On the other hand, threatening a core developer or two until they play ball is easy. Then their handlers just need to tell them to backdoor bitcoin in two steps: First, build a trackable alternative to Bitcoin's most troublesome (from the NSA's perspective) features, such as the ability to send funds to an arbitrary public key. Next, deprecate and remove the old function so that users no longer have the ability to avoid tracking. nah, Gav addressed this and that's the point of the open surce, you can see the code, and you would just for back to the earlier version. This years 0.8 --> 0.7 for show how quickly this can happen an how transitory its effect was on price |
|
|
|
Hi Jubalix, To answer your questions in order: [1] If there is a single address in the wallet, it is used as the change address. If there are two or more addresses in the wallet the _second_ one is used. (This was added so that when people do a private key import, one of their addresses is used as change). [2] The unspent transaction outputs are chosen by age so you cannot choose a specific output to use. [3] - answered in [1] [4] The change address is not deterministic no. All the private keys in MultiBit are randomly generated. [5] There is no keypool [6], [7], [8] What is in all the files and directories is covered in detail in the help here: https://multibit.org/en/help/v0.5/help_fileDescriptions.htmlThanks for very good answers. Two other thing [1A] if I have say 5 addresses is the 5 th address used as the change address, so in general terms the 'nth' address is always the change address? [1B] What is the rand number/gen system for keys? [1B] |
|
|
|
Let be realistic CNY is a different social os, fraught with issues,
however, they are less likely to kill an enterprise that makes them money and gives the potential openings in emerging areas and outs they want.
Bitcoin is fully illegal in China, and our negotiations with the local government so far have been without success. Either way let's be realistic here. Most of our customers are located in countries such as US, Europe and others. Running away to Vietnam or China would make it basically impossible for us to receive or send funds to anyone in those countries. back to JPY....a nightmare for the US to try and enforce anything at all or at least quickly and not always on the friendliest terms with regional neighbors Japanese government is friendly to US, and also implements things such as FACTA. Also the US government can pressure any bank worldwide by threatening of cutting them off USD. A bank in any country that can not transfer USD anymore is of no use to anyone. US government has been doing this so far to get accounts held by "terrorists" (people linked to North Korea, mafia, actual terrorists, etc) and while Bitcoin is still too small to get this kind of response, it's a good idea to stay friendly with the US govt. at this point and let Bitcoin grow and gain in legitimacy. Anyway none of this advice is actually applicable as it would shut us from our customers, makes us unable to hold any USD and potentially limit our transfer solutions to non-conventional methods (liberty reserve, webmoney, etc...). We are doing our best to see Bitcoin grow as an actual alternative to the existing system, but until Bitcoin is large enough to stand on its own, we need the current system to accept and support us. Ok necroposting much, but may I point out how that volume on "Bitcoin is fully illegal in China," btcnCNY 42K v Gox 32K last 24Hrs |
|
|
|
|
I am seeking a current update or official resource on
[1] the mechanism of the change address and
[2] how to choose which address payment comes from
[3] Which address is the change address
[4] are addresses deterministic, are they planned to be in the future?
[5] is the a key pool (hidden until exported)
[6] what are in the folders
key backup
rolling backup
wallet backup
wallet unec backup
[7] what are in the files .info, .key and . wallet
[8] in relation to [6] and [7] Does this get rewritten after I encrypt, and are the files writen over so the prior version could not be recovered from my HD or do I have to copy these encrypted files to USB and security wipe HD to be sure
|
|
|
|
[1] Can anyone speak to the issue, if I use a deterministic wallet (eg electrum) and I spend from one address, then the ECDSA is all what is needed to be cracked, can that private key be used to access the rest of the address even though Unspent.
[2] Thus would it be safer if I use multibit or the QT- client, as the issue is in the random generation only but the second "vulnerability" is not an issue as those addresses are not deterministic.
A follow on question
[3] Where is the best place/software to generate the safest addresses keys (so the best random generator), as I like the electrum interface and could always import keys?
[I don't really trust any web based generation mechanism, I imagine ot would have to be open source and the run on an air gapped computer]
I have tried to raise this in the electrum sub boards, and the answer was not as definitive as I would have hoped.
It would seem the return address feature was sufficiently needed for satoshi and others to include it in bitcoin.
Thanks in advance.
1. I like random wallets. 2. I like QT, and I think it is safer as far as wallets are concerned, provided you take all the other usual precautions. 3. I use vanitygen that allows compressed keys. You can also use bitaddress offline, but vanitygen is much faster and you can make 1jubalix keys if you wanted, for example. 4. It wasn't phrased as a question, but I use Coin Control so I can pick my change or return address. coin controll? is that a function of qt? |
|
|
|
ppc will be around, its made to be around.....longer than BTC
Do what now? does not rely that much on mining for security long term and other features. |
|
|
|
|
[1] Can anyone speak to the issue, if I use a deterministic wallet (eg electrum) and I spend from one address, then the ECDSA is all what is needed to be cracked, can that private key be used to access the rest of the address even though Unspent.
[2] Thus would it be safer if I use multibit or the QT- client, as the issue is in the random generation only but the second "vulnerability" is not an issue as those addresses are not deterministic.
A follow on question
[3] Where is the best place/software to generate the safest addresses keys (so the best random generator), as I like the electrum interface and could always import keys?
[I don't really trust any web based generation mechanism, I imagine ot would have to be open source and the run on an air gapped computer]
I have tried to raise this in the electrum sub boards, and the answer was not as definitive as I would have hoped.
It would seem the return address feature was sufficiently needed for satoshi and others to include it in bitcoin.
Thanks in advance.
|
|
|
|
The NSA created Bitcoin and used ECDSA in it because they already had it broken.
This risk is already mitigated for any bitcoin address that has not been used for spending (i.e. its public key is not yet known). Even if ECDSA is broken wide open, it doesn't really matter with respect to bitcoins that have been received at addresses that have never been used for spending, because the corresponding ECDSA public key is not known and cannot be determined without also breaking both RIPEMD160 and SHA256 simultaneously. Can anyone speak to the issue, if I use a deterministic wallet (eg electrum,) and I spend from one address, thus ECDSA is all that is needed to be cracked, can that private key be used to access the rest of the address even though Unspent. Thus would it be safer if I use multibit or the QT, as the issue is in the random generation only but the secon vulnerability is no their as those addresses are not determanisitc. Where is the best place to generate the safest addresses keys, as I like the electrum interface and could always import keys. I have tried to raise this in the elctrum sub boards, and the answer was not as definitive as I would have hoped. |
|
|
|
so a qt-wallet/multibit, has 3 sets of codes to crack to get through if unspent (1 being ECDSA)?
is this correct?
what do you mean by "sets of codes" ? IF i dont leak my MPK and they crack ECDSA then can this be used against unspent addresses?
not to my knowledge. both the master public key and a leaked private key are needed. what I mean is [ DO NOT POST SESC LINKS ] DO NOT POST SESC LINKS [/url] "Quote from: anti-scam on September 05, 2013, 09:48:25 PM The NSA created Bitcoin and used ECDSA in it because they already had it broken. This risk is already mitigated for any bitcoin address that has not been used for spending (i.e. its public key is not yet known). Even if ECDSA is broken wide open, it doesn't really matter with respect to bitcoins that have been received at addresses that have never been used for spending, because the corresponding ECDSA public key is not known and cannot be determined without also breaking both RIPEMD160 and SHA256 simultaneously." So it Appears that RIPEMD 160 and SHA 256 Need to be cracked simultaneously if the address has not been spent from. |
|
|
|
|
Show Posts
