It is entirely possible that I should look at bitcoin addresses beyond the first three characters and everyone should ignore this thread.
168JPchhq3U8GMj89ht21FYPV9eX3Xf3kp != 168hbE5b23GprdVS1xovBXfUhpXGVJyKhX
LOL yeah human nature to do that! Whenever I see a bitcoin address I wonder whether I've seen it before because the first few digits look familiar! |
|
|
|
Compressed addresses can reduce your fees by half, in addition to the reduction in blockchain size. I don't know if the status of Electrum has changed in a year, it seems not:
Electrum does support compressed keys now. Since 1.9 I think. In other news, I have gotten Python-only BIP38 passphrase encryption running from a single script. That's native AES, PBKDF2, SCrypt; at least Python includes SHA1 and 2. It takes about nine minutes to produce the encrypted private key on one core of Core2Quad 2.8GHz...
Why is this slower than the bitaddress implementation? Both python and javascript are interpreted languages so they should be equally fast, right? |
|
|
|
So if I download it now, it would be much safer? No the use of mt_rand continues which is why I too encountered it. Wait for the developer to respond. Oh. I thought on the ticket it said that it removed all instances of mt_rand. That's a pull request by another forum member. He's requesting zamgo to incorporate this change in his script. And BTW that pull request does not address the use of mt_rand that I've reported above. No wait it does. But still hasn't been included in master branch. |
|
|
|
So if I download it now, it would be much safer? No the use of mt_rand continues which is why I too encountered it. Wait for the developer to respond. |
|
|
|
The private keys generated by this script are not safe. You can see on line 240 of phpcoinaddress.php that mt_rand is used to generate the private key. That function is not safe for cryptographic use: for ($i = 0; $i < 32; $i++) { $privBin .= chr(mt_rand(0, $i ? 0xff : 0xfe)); }
Caution
This function does not generate cryptographically secure values, and should not be used for cryptographic purposes. If you need a cryptographically secure value, consider using openssl_random_pseudo_bytes() instead.
http://php.net/mt_RandThis is the same problem that was found in bitfreak's shopping cart script: http://www.mail-archive.com/bitcoin-development@lists.sourceforge.net/msg03064.html |
|
|
|
I'm running Debian 7. I'm not having any problems.
My wife is running Debian 7, she is having problems.
The only difference is that I've been running previous versions of Qt and already had the entire blockchain downloaded.
She, on the other hand, is running Qt for the first time and attempting to download the entire blockchain. It gives her errors and has recently started crashing at start up. She's only about 1/2 way through downloading the blockchain.
Verifying the blockchain can be very resource intensive. It is akin to running a burn test on your system. It stresses the CPU and hard disk. So I imagine the problem is with the hardware. Maybe the CPU is overheating? Install lm-sensors to check the cpu temp. It could also be that there are bad sectors on your wife's hard drive. Use badblocks to scan for that. |
|
|
|
You can choose your own seed from the dictionary that electrum uses: https://github.com/spesmilo/electrum/blob/master/lib/mnemonic.pyOther words don't work. Electrum is great for offline use. You don't have to set your own seed to use it offline. Just run it as you would on an online system and it will generate a truly random seed for a new wallet. Much better than a human generated seed. I do not trust the random generator from my computer In that case you need to look at generating an electrum seed using dice. Search the forums. There are a few guides on how to do that. |
|
|
|
I see, thanks.
So even if the change address does not show up in the Electrum wallet for whatever reason, it could eventually be found/generated deterministically by increasing the gap limit?
Yes it can be found deterministically but not by increasing the gap limit. The gap limit that you can set only affects addresses in the main wallet. The gap limit for change addresses is fixed at 3. So you just run that create_new_address(1) command to generate new change addresses. But yeah the point is that the seed and a copy of the electrum is all you really need. |
|
|
|
If I set up an Electrum wallet from a brain wallet seed, do a transaction where a change address is created, then delete the wallet file, will the change addresses always be recreated from seed? I'm concerned after reading this: http://www.reddit.com/r/Bitcoin/comments/1bd1d1/i_think_i_just_lost_90btc_are_they_stolen_help/If Electrum acts as I have described above, can someone explain what is different about Multibit that they would have lost their change address private key? Was a completely new wallet created just for the change address? That guy lost coins because he went the manual paper wallet route. You are relying on a full fledged offline wallet so you won't face this problem if you are careful. You need two things: - The seed - A copy of electrum to recreate the wallet from seed. Now as far as new change addresses go you might need to give electrum a little hint that it should generate those addresses. It can always do that as long as you have the seed. It just needs a little push in the right direction: https://bitcointalk.org/index.php?topic=344115.msg3690179#msg3690179 |
|
|
|
You can choose your own seed from the dictionary that electrum uses: https://github.com/spesmilo/electrum/blob/master/lib/mnemonic.pyOther words don't work. Electrum is great for offline use. You don't have to set your own seed to use it offline. Just run it as you would on an online system and it will generate a truly random seed for a new wallet. Much better than a human generated seed. |
|
|
|
Multibit has its own forum and you are supposed to post in that. It says so in the sticky in this forum. Anyway I've seen a lot of people complaining about this recently and the recommendation has always been to do this: https://multibit.org/help_resetBlockchain.html |
|
|
|
Thanks Abdussamad and nawazish1 I still have my old computer and its all setting is also ok now what is next step for recovering all data from old account to in new waiting for this
What do you think I've written above?? |
|
|
|
|
Another thing you should know is that the slight security risk I talked about can turn into a major problem in certain situations. The android and blockchain.info RNG bugs, for example, only hit addresses that were reused.
|
|
|
|
You can use a BIP32 wallet. It allows you to create several branches derived from a master key.
Frankly I just don't get these DIYers who try to concoct their own schemes for storing coins. Why bother? Do you really enjoy mucking about at such a low level? Best to outsource this job to a bitcoin client like electrum or armory.
The whole ethos of open source and bitcoin is DIY. There is no Nanny to look after your coins with bitcoin, so developing a further understanding of such 'low level' things is important for all bitcoiners at this stage. Or should we call keep our keys on a webwallet instead? I don't want a hierarchical deterministic wallet as if the master key is lost I still lose the wallet. What I am aiming for is a 'Canary' address such that if someone finds / cracks the secret key it will be obvious as the address will be emptied. This will then warn me to apply whatever processes I need to the secret key to reconstruct a 2nd secret key for a futher address that holds the bulk of the coins. The base information and entropy for the 2nd address is based off the 1st secret key, which will need to be secured, so won't be susceptible to brute force attacks in the same way a brain wallet would. However the process of conversion of the 1st key to the 2nd key will be a brain based solution. Can you see how that might be useful long term for securing keys? Oh and yes, I do enjoy this kind of mucking about! BTC  The last guy who tried to muck about when he had no clue: https://bitcointalk.org/index.php?topic=360183.msg3883662#new |
|
|
|
I'm contemplating obtaining a physical bitcoin QR code address such as this idea: http://imgur.com/a/dHSCBor this commercially available process: http://www.plaquemaker.com/Titanium/Titanium-Tags.htmlBefore I pull the trigger on one of these kinds of solutions, I need to better understand how to use the address correctly. My understanding is that when BTC is used from an address, then the address should not be used anymore for security reasons. If that is the case, then using a single address to receive funds is confusing to me. I prefer to use Coinbase to handle my spending BTCs. If I use a single address to receive funds within Coinbase, and that money is spent later, will the original address still be safe to use? Will Coinbase automatically handle that address safety? Are there any other considerations I should understand before I spend money making a physical QR code address? Thanks Address reuse is bad for the following reasons: - Security is lowered slightly. - Your privacy takes a massive hit. Remember all bitcoin transactions are public information. If you reuse the same address over and over again everyone can tell how much money you are receiving and spending. So IMO making a physical QR code is a bad idea if it encourages you to reuse addresses. And don't even think about using an address that belongs to coinbase. There are so many things that could go wrong with that. What are you going to do if coinbase shuts down? Or gets hacked? What if you need to prove ownership of the address by signing a message? The way I see it in future the payments gateway that the bitcoin-qt team is developing will solve this problem for you. Maybe then you'll have a URL or something that you can safely share with people without loosing out on privacy. |
|
|
|
|
You can use a BIP32 wallet. It allows you to create several branches derived from a master key.
Frankly I just don't get these DIYers who try to concoct their own schemes for storing coins. Why bother? Do you really enjoy mucking about at such a low level? Best to outsource this job to a bitcoin client like electrum or armory.
|
|
|
|
|
Depends on your needs. If you are just starting out you will likely start with blockchain.info mywallet. If you are smart you will move from that to a desktop client. Then you might switch clients depending on your needs.
A better question would be what are you looking for in a wallet?
|
|
|
|
|
Show Posts
