You should never export any private key from your deterministic wallet. If you leak the private keys the other private keys in the deterministic sequence might be calculated
To clarify the private keys alone are not enough. You need the master public key + one or more private keys. But, yes, the risk arising from exposing a private key in a deterministic wallet is greater than doing the same in a non-deterministic wallet. The risk is greater because the master public key is not really protected as such by electrum. Anyone that has access to your system can read the master public key from the wallet file. oh and one more question:
what´s the purpose of the master key?
I realize that: -the seed is needed for generating addresses, recovering the wallet... -the password is needed in order to encrypt the wallet
But what´s the purpose of the master key? Should I make a backup of it? Or what´s the most common usage for it. Do I need it at all?
Bitcoin is based on asymmetric encryption so there are two keys behind every address - private and public. The private key has to be kept secret while the public key can be revealed to the world. You can derive the public key from the private key but not vice versa. The address is a hash of the public key. Stuff encrypted with the public key can only be decrypted with the private and vice versa. Messages signed by the private key can be verified by anyone using the public key. Sending bitcoins is simply signing off ownership using your private key. In Electrum there are two master keys. The master private key and the corresponding master public key. The master private key is used internally in Electrum and is not exposed in the user interface. It is derived from the seed and extended for each address to create address specific private keys. The master public key can be independently extended to arrive at address public keys. The difference is that with the master public key you can only generate public keys and corresponding addresses not private keys. You can use the master public key to create watch only wallets. Unlike bitcoin address public keys the electrum master public key should not be exposed to the world at large because, if it were, people could see all your wallet transactions past, present and future. So exposing the master public key leads to a loss of privacy. But you don't need to backup the master public key to secure your coins. The seed is enough.
|
|
|
is a safe password enough to not get hacked?
lets say you have an account on MTGOX with a password that contains big and small letters extra keys and numbers and is over 20 caracters long
is there still a chance getting hacked?
(except phising,keyloggers)
We are going to see more and more of this as time goes by. The number of noobs that are getting into bitcoin just keeps going up and up so we'll see more coins stolen. People don't like to hear that they are at fault, so the blame will fall on bitcoin and it will have a negative impact on bitcoin's reputation. But, yeah, rich pickings for thieves. Also opens up a door for those who can offer secure wallets. Unfortunately a lot of people have failed in that area so any newcomer will struggle to do it right.
|
|
|
do I understand it correctly that if I remember my 12 word seed I can lose my harddrive, my house can burn down... and I can still restore all of my addresses/coins just by installing electrum on a different client and entering the 12 word seed?
sounds too good to be true tbh
Yes. It's not magic. It's software. You can try it out for yourself if you don't believe us or is it even possible to do the following:
1. download and install electrum on a safe computer 2. generate seed and a few addresses 3. uninstall electrum ...
and just install it again when I need to access my coins?
Yes. You can also install a watch only wallet that will allow you to see all your addresses and transactions without being able to spend any coins. You can install this on your regular computer without risking your money. Or could I even import a single of the addresses into blockchain.info without touching the rest? How would this work? Because obviously I won´t be entering my seed on blockchain.info so how do I prove to the website that I own the address?
Not sure what you mean here. Why would you import into bc.i's my wallet when you can just electrum to send, receive coins? Anyway you can get at the private key of a single address. Just right click on the address in electrum and select the relevant option. If you are going to store a large amount you should setup an offline wallet. That is a wallet on a dedicated computer that stays offline. You can couple this with a watch only wallet on your online computer for handing out addresses. See this page: https://electrum.org/tutorials.html#offline-mpk
|
|
|
I want to have a complete understanding how the electrum client operates. I understand that when you generate your wallet, it provides you with the 12-word-seed as a backup. So if I lose my wallet, I can re-create it with the seed.
My question is, does that re-create an unencrypted version of the wallet?
Yes So if my wallet is encrypted but someone somehow stole my seed, could they steal my bitcoins without knowing my encryption password?
Yes The seed allows you to recreate the wallet in full. If you want to be even more specific about it, you need the seed + the algorithm to derive private keys from that seed i.e. the electrum software. The purpose of the wallet password is to encrypt the wallet file on your hard drive. In case somebody were to get access to the wallet file on your hard drive they would still need to know the password in order to decrypt the wallet. The wallet password does not protect the seed paper backups in any way just the wallet file.
|
|
|
Post the receiving address here or look it up on blockchain.info to see the status of the transaction.
|
|
|
Hey everybody, this post could technically be filed under the Bitcoin section, but I have only 1 BTC and LTC wallet, and the rest are alt currencies. I also have a feeling my issue isn't with any particular currency, but moreso the way I'm downloading or accessing my wallets. Here is my issue below.. I use an encrypted IronKey flashdrive for all my wallets. When I originally downloaded the wallets, it was on my laptop. I believe I saved the initial folder just in my 'Downloads' tab, and when I unzipped them, I did so in the flash drive. When I plug my flash drive into my laptop, voilla, there are my coins in all their glory. When I plug my flash drive into my desktop, dud, all my wallets appear to be brand new. No coins, no transaction history, no wallet address, etc... My question is what can I do so I can simply plug my flash drive into ANY computer and all my coins will be there? That was my intent in using the flash drive in the first place If it helps at all, I've done wallet backups to the cloud via Google Drive, I don't really ever save anything to my computer's hard drives, only cloud, cloud backups, and external Seagate drive. First by wallet I mean the file that holds your private keys not the client software that you use to access that file i.e. not bitcoin/litecoin-qt You do realize that your wallet is the key to spending your coins? Plugging your wallet into all sorts of computers is just asking for trouble. Anyway FYI your wallet is currently on your laptop not on your flash drive. The only thing on your flash drive is the software. You can find out the location of your wallet on your laptop's hard drive by referring to this page: https://en.bitcoin.it/wiki/Data_directoryThe file is wallet.dat For bitcoin, Electrum has a portable build that you could try. Another possibility is blockchain.info's mywallet (can't believe I am saying this ). Don't know about litecoin. Fact remains portable wallets are a bad idea. Once your coins are gone they are gone. No central authority to turn to for justice.
|
|
|
It is possible to import a private key into an offline computer using electrum? Or does it only do offline signing for keys derived from it's seed?
Yes you can do this. Once you've imported the private key you have to create a seedless version of the wallet. This can only be done via the command line: Or with a specific wallet file: electrum -w my_wallet deseed
The it will create a .seedless file that will be a watching only wallet for use on your online system. Thank you so much! So every time I import a key I have to re-create the wallet for the online computer? Is there a way to just import the address on the online computer that matches the private key to the offline one? BE CAREFUL https://github.com/spesmilo/electrum/issues/225#issuecomment-32087172An easier way. Switch to console tab and do this: wallet.storage.put( 'imported_keys', {'1933phfhK3ZgFQNLGSDXvqCn32k2buXY8a' : '', '17ewBhK712mY2E4uPAbinThibdY2LRyabd' : '', '1FeexV6bAHb8ybZjqQMjJrcCrHGW9sb6uF' : '' } )
|
|
|
It is possible to import a private key into an offline computer using electrum? Or does it only do offline signing for keys derived from it's seed?
Yes you can do this. Once you've imported the private key you have to create a seedless version of the wallet. This can only be done via the command line: Or with a specific wallet file: electrum -w my_wallet deseed
The it will create a .seedless file that will be a watching only wallet for use on your online system.
|
|
|
Let me ask a simple question:
If I get some bTC in my wallet on my computer, encrypt the wallet to a different password, back up the wallet using the standard method on the wallet client, and put that dat file in a USB or another offline computer, does that constitute a cold-storage?
I mean my main computer will still have the wallet and btc in them.
Let us know.
No it doesn't. Cold storage is where the private keys never touch an online computer. Meaning you generate the wallet on an offline computer. The satoshi client makes this hard. You should use something like armory or electrum that offer offline wallets and offline transaction signing.
|
|
|
And the wallet was not emptied, with more than 100 BTC left not taken, Weird!
There's a possible explanation for that. They stole from an old copy of your wallet. Since then you've sent coins to other people (normal spend transactions) and the change has gone to new addresses (and corresponding private keys) that are not present in the old copy of the wallet that the thief has. So consider where you backed up your wallet in the past. I had an email sent to me with a withdrawal confirmation at 21:44, that i tried to cancel but there was an error.
How did you try to cancel the withdrawal? Don't tell me you clicked on the link in the email?!! If you did that you CONFIRMED the withdrawal instead of canceling it. To cancel the withdrawal you do nothing and ignore the email.
|
|
|
As you may have noticed, it is possible to bypass this protection; if you restore your wallet from a hexadecimal string, any string length will be accepted. However, this will only work with hexadecimal inputs. Thus, if you absolutely insist on using an arbitrary phrase as seed, you will need to hex-encode it yourself. Consider this as a protection.
I am not a cryptographer (what are some good sources to learn some very basic concepts? Maybe one good article for noobs), so this is a basic question: let's say I used my own passphrase and I am happy with it, my passphrase is (obviously) the quick brown fox jumps over the lazy dogthen how do I hex-encode it to become an Electrum seed? Here you go: https://www.google.com.pk/search?q=letters+to+hexand just for fun, can I also convert it for Electrum style 12 words?
Easiest way for you is to create a new wallet and use the restore function. Paste in the hex and then view the seed to get the electrum words. edit: python is not my strong suit so I am sure this can be done in the electrum console as well. But to do it in the Linux shell you just run python, then do "import electrum", and then "electrum.mnemonic.mn_encode( '34343' )" ofcourse replacing the numbers wiht your hex. Edit2: Yeah you can do it in the electrum console too. Just type import electrum first and then the rest.
|
|
|
This one over the other. This one has an amazing laser that goes pew pew! Jesus... 94$ for 8gb? I mean, it looks nice and everything, but that's too much. Might as well just buy a cable lock ,then wrap it around and use it to lock my 10$ flash drive. Both the aegis one and this one appear to have been made in the same Chinese factory. They look almost the same. BTW 15 decimal digits is not enough entropy.
|
|
|
This contest is now halted and I am deciding what to do because there were no participations for more than one year and I completely forgot about this.
LOL instead of $50 you now have to fork over $4000
|
|
|
What does var_dump($op) give you?
|
|
|
Im really not versed in Linux. If anyone with a repuation would offer a service to have a look if anything could be done ill take it. Ive also been contacting some data recovery companys but I dont know if they would even know how to recover wallet.dat .
Contact professional data recovery companies and they'll figure it out for you. Lost bitcoin wallets are making the mainstream news these days so no doubt these data recovery companies must have heard about them ages ago.
|
|
|
Oh that's so sad! I liked the newbie forum.
|
|
|
Thank you for an intelligent response. You don't have to pay the fee do you? And $1 to send nearly $800 doesn't seem too bad to me. Yes. It forces me to pay the fee when I try to send. I guess the coins are "new" <--- nice arbitrary rule? If Bitcoin has any hope of being used for daily commerce this ridiculous "must be 6 months old" rule needs to be eliminated as well. 1 day not six months. 24 hours for a fee-less 1 bitcoin transaction. More for a smaller transaction. And either way, a dollar is fucking ridiculous for sending 1 bitcoin.
Is it a dollar? Or 8 cents. How about you clarify what you are talking about first? Tell us the fee in bitcoins. And FYI the fee does not increase based on the amount of the transaction. It is based on the size of the transaction in bytes. Correct. I want to do it 100% free of charge. Like I can through my Bank: That entity which Bitcoin is supposed to be so much better than, because it brings us lower cost/free transactions.
With the evil, inferior, (soon to be destroyed by Bitcoin?) CHASE bank, I can transfer an unlimited dollar amount between my own bank accounts for free.
I can also now send up to $5000 to anyone else in the world with a CHASE bank account, 100% free of charge, instantly. I pay one of my vendors this way monthly. We dumped Paypal because of it.
LOL that's totally untrue. US only may be free but not worldwide. SWIFT wires are extremely costly and so is western union. CHASE or whatever does NOT have its own system for global money transfer despite whatever marketing told you. It uses SWIFT like everyone else. If you are not paying a fee then your vendor is and he's transferring that cost on to you in what he's charging you. No one is getting a free lunch. Another thing you should be aware of your bank is transferring debt. Bitcoin is asset based. As long as you control the private key you own the coins regardless of what anyone else does.
|
|
|
The seed is used to calculate your private keys. From your private keys they derive the public key and the address which is a hash of the public key. Bitcoin is a ledger based payment system. All transactions are stored in the ledger called the blockchain. Electrum does not require you to have a local copy of the blockchain. Instead it queries 3rd party electrum servers for transaction data using your addresses. You can find out which server you are connected to by clicking on the green icon in the bottom right or switching to the console tab of the electrum window.
|
|
|
|