How would the implementation of BIP32 (and possibly BIP39) in 2.0 affect the ability to recover old-style wallets?
I'm also very interested in this question. ISTM the best thing to do would be to keep the ability to recognise old wallet seeds and generate old style address blocks indefinitely. Presumably it's just a short python module that can be retained without significantly bloating the code?
pre 2.0 wallet seeds will continue to be supported. They will be recognized by the number of words in the seed: in version 2.0, the seed phrase will be hashed in order to generate the master public key. thus, any phrase length will be supported.
However, in order to recognize seeds from version < 2, I plan to check if the number of words is 12. so it's probably not a good idea to create 24 words seeds now.
|
|
|
It's like 2013 all over again...
|
|
|
Be aware that you are downloading software form a website (Electrum) and trusting your money to it. Please check the tarball checksum, at the very least, if you intend to use it.
If you want to be hardcore you can verify the gpg sig. This is how I do it in linux: wget https://download.electrum.org/Electrum-1.9.7.tar.gz https://download.electrum.org/Electrum-1.9.7.tar.gz.asc https://github.com/spesmilo/electrum/raw/master/pubkeys/ThomasV.asc gpg --import ThomasV.asc gpg --verify Electrum-1.9.7.tar.gz.asc
This should tell you whether the signature is a "good signature" or not.
|
|
|
I've been recommending this wallet to my less technical friend because it's my understanding that's it's safe even if the site/ company fails. Is it totally true?
I know that armory and paper wallet is probably the safest but for non technical people it's not really easy to setup.
Have your friend use electrum. It's very easy to use. Remind him to a) write the 12 word seed down on a piece of paper and put it in a safe place b) set a decent password. That's all he has to do.
|
|
|
Multiple people could sign the address using their gpg keys. Those signatures could then be published on this forum, the org's site or even in a txt record in the organization's domain name zone.
A script could then be setup on another server that periodically verified all of the above. The purpose of this script would be to automatically warn people in the event the org's servers are compromised. The people at let's talk bitcoin run something like this to watch over their donation addresses.
|
|
|
When you generate a new wallet seed those are the seed-generated addresses for that wallet.
But how do I delete these wallets I only want one for . I want it nice and clean, I right click I dont see an option to remove only can remove teh imported wallet which is exactly ehat I DONT want to do. There is no option to remove an address.
|
|
|
All SPV clients (bitcoinj based) have this behaviour. The reason is that there's no equivalent of the bitcoin-qt key pool, so every time you add an address, you have to make a new backup.
I've started work on integrating HD wallets, but it's a big job and will take a while. Once that work is done bitcoinj will stop reusing addresses, at least on desktop class machines, and MultiBit will pick up that behaviour automatically.
I thought with Electrum it would restore *all* keys, however many there are (as long as they weren't imported keys), from the 12 word "seed"? Electrum does not use bitcoinj. It is based on python libraries. Electrum uses a separate deterministic sequence for change addresses. It's very nice actually.
|
|
|
Hello,
I just bought a extra 2 Bitcoins, do i need to import/export my private key again ore can i let the private key in my usb stick?
All of my coins are in 1 address.
Thx Raymond
If you imported the same key previously you don't have to import it again. What exactly are you trying to do? Maybe we can suggest a better way to do it.
|
|
|
Well it sounds like you are talking about blockchain.info. With bc.i anybody can get at the copy of the wallet. All they need is the wallet identifier. Once they have the copy of the wallet they can brute force it at leisure. Doesn't matter how many passwords you have. So you should use a desktop client like electrum or armory. People who haven't worked on password cracking have this quaint notion of running a little dictionary file through a program... and this would have been accurate in 1990 for someone cracking at your unix-crypt uni shell account. Today the tools are significantly better and have been refined through the disclosure of hundreds of millions of unencrypted passwords and the same kind of statistical tools that power speech recognition and automatic human language transaction. This statistical intelligence gets backed up by the brute force of GPU and FPGA clusters that can try hundreds of million or even billions of attempts per second. https://bitcointalk.org/index.php?topic=311000.msg3346715#msg3346715
|
|
|
It's hard for ordinary users to double spend even 0 confirm transactions. You can try but it's rare for the double spend to succeed.
With that said if time is of the essence I would go with this:
For small amounts 1 confirmation. For medium sized amounts at least 2. For large amounts 3. For massive amounts 6.
Yes, waiting for confirmations is a PITA.
|
|
|
Does a typical Linux live CD distro have enough entropy to generate a secure bitcoin private key? Is this something we should worry about?
|
|
|
You are correct. When I looked at Electrum, I saw that the first address was hidden under "used". It was actually there - but hidden.
So - this does mean that I can always send Bitcoin to this address and I will receive it? Everyone can use a static Bitcoin address - there is no need to change Bitcoin address and there will not be trouble, correct?
Thanks for the fast reply, now I will keep on testing and sending Bitcoins!...
You can reuse addresses but it is not recommended. Address reuse makes it easy for anyone to see all your transactions. Remember bitcoin transactions are public information. You can easily see all transactions on a block explorer site like blockchain.info. So it is better to use a new address per transaction. You can generate unlimited addresses so why limit yourself?
|
|
|
The early adopters are now spending a lot of their coins on bitcoin propaganda because they know that is the best way to increase their wealth.
I don't see a lot of Bitcoin "propaganda", let alone any paid for by "early adopters". It's funny that you should be the one to say that
|
|
|
To be clear: this is a 5-chip unit, so it will hash scrypt at 5 x 300KH/s, right ?
That is correct. Is it? 5x300Kh/s is 1500Kh/s.
|
|
|
It is a bit of a ponzi scheme though isn't it? When the price rises the early adopters get rich at the expense of the new comers. Those early adopters then get to enslave the rest of us. The coins they bought at a $1 or even less are now worth over $800. They don't even have to spend whole coins anymore. Fractions of a coin can buy you a lot of a person's time. The early adopters are now spending a lot of their coins on bitcoin propaganda because they know that is the best way to increase their wealth.
|
|
|
that would be my guess as well but if my wallet was not shared publicy, they would still need both my dropbox username and corresponding pw to obtain access to my wallet.
Maybe they phished you. Maybe someone at drop box stole your wallet. Remember you have no idea who stole your coins. There is just this address you see. Anyone in the world who had access to the file could have stolen it. Cloud backups are supposed to be spread around multiple servers in multiple data centers all in the name of redundancy. How can you secure money in such a system?
|
|
|
if i have an offline wallet, how do i see how much bitcoins is in my wallet? (serious questions) i usually just have it up on my screen minimized and i check it every now and then.
You can install a watch only wallet. You will need a deterministic wallet like Electrum or Armory or the upcoming multibit hd.
|
|
|
Your hard drive is failing. I had this problem when I started with bitcoin too and my knee jerk reaction was to blame the software. Later I found out that my hard drive was probably the cause of it. Heh, on a semi-related note, I used importprivkey yesterday. Took over ten minutes. I was stunned.
It takes that long because it has to scan the blockchain for previous transactions to that address. If you guys want speed switch to a lite client like Electrum.
|
|
|
They already gave 10BTC to a guy for creating the millionth wallet. It was all over reddit. So what you have here is a phishing attempt.
|
|
|
|