I haven't looked into the details but nicely conceived. Working on similar projects, we were worried about the CPOF by using blockchain.info and I've done some work allowing interface to Electrum servers instead of bc.i. However, it can be problematic when combined with Tor, so I'm not sure I'd recommend it in this case.
For the CPOF issue you can also use eligius_pushtx as a backup. Also, v1.1.7 will probably include a pushtx and fetchtx via some public bitcoind node that I'll run myself and you'll be able to plug in your own node too. What is the problem with my torsetup.py? Just start Tor and run these 31 lines of code and you are anonymous. |
|
|
|
|
It seems politicians will take any risk to distract from domestic (financial) problems these days.
And there would have been a so much more elegant solution for Putin: Enforce an independent Crimea today. In two years let them vote on joining the UDSSR.
|
|
|
|
Interesting theory, but it doesn't jive with all the facts. The rallies correlate very well with Google search activity. If one man or bot was driving these rallies then you would not see the search activity behave in Google the way it has during the rallies. Also without the support of the bot, the market would have severely crashed and stayed down after Mt Gox closed.
Good points. Why should the bot / THK not simply belong to the part of Gox that binds the exchange to their merchant tools? This would be a simple explanation. I can't believe Karpeles would leave everybody in the dark for so long, effectively taking any option of finding the hacker via the blockchain from the customers. |
|
|
|
If timing markets was that easy, why isn't everyone a millionaire already?
Also, why are you leaving out 2011 in your chart?
Back then there were still lunatics who thought Bitcoin could fail  ...why are we not yet bubbling up again?   coz if you look at the graph you yourself provided, it takes at least 6 months between bubbling-ups, not 3  which assumption should make June-August period interesting. But that was the time between the last peaks. We should be on the rise already. Today was not a bad day actually. I just see that from the jag on the 25th of February we are already up almost 50%. OK, from tomorrow on we will officially switch to bubble mode, everybody join the ride and make sure to fasten your seat belts. |
|
|
|
...why are we not yet bubbling up again? |
|
|
|
There is a discussion about air gapping going on here: https://bitcointalk.org/index.php?topic=499711.0This got me the idea of an improvement for the handling of singing in Offbit. The signing code should be saved to a separate USB stick and never touch anything but the freshly booted live CD system. The transport data should be saved on another USB stick because it comes from the online system. This makes it impossible to alter the signing code. It does not really need a change to Offbit next to guide text maybe. 1.) Launch offline system from boot CD 2.) Insert offline USB stick with offbit_mktx2_offline.py on it and start 3.) Remove mktx2_offline USB stick 4.) Insert online USB stick with transport data from online computer and copy/paste it 5.) Remove online USB stick (---> no persistent memory) 6.) Insert privkey by hand 7.) Export signed tx via QR code |
|
|
|
Offbit was made for exactly this purpose: https://bitcointalk.org/index.php?topic=488915.0You can use it like this: * pre Bitcoin computer without wifi, bluetooth * pre Bitcoin live CD OS * signing code never in contact with anything but clean OS * only volatile memory in contact with your privkey * all code in Python relatively easy to review without any dependencies to install |
|
|
|
I haven't looked into the details but nicely conceived. Working on similar projects, we were worried about the CPOF by using blockchain.info and I've done some work allowing interface to Electrum servers instead of bc.i. However, it can be problematic when combined with Tor, so I'm not sure I'd recommend it in this case.
This certainly is something to think about. I guess pybitcointools is using bc.i because it is instant on and only takes a page of code or so. They are doing a good job so with Tor it goes ok for me. ### Limitations
* Only small TXs will fit into the QR code. What's the actual limit? There should be a hard limit of about 850 characters (base58). The most I tried it so far was one prevout and three outputs. On small screens like on an very old laptop you might have to reduce the font size to be able to fit the QR code. This could be improved by using quadrants instead of half characters in the ASCII QR code symbols. |
|
|
|
|
You could hash the file and then sign the hash.
It's should be relatively easy with pybitcointools or on linux command line:
shasum -a 256 yourfile
Then you can use bitcoind or bitcoin-qt to sign.
|
|
|
|
they are still being robbed  |
|
|
|
Minimalistic offline key generation, offline TX signing and Tor protected TX broadcasting. Keep your private key at a reasonable distance from online systems and any persistent storage such as hard drives, USB sticks.Will run on Python 2.7.x without installation of additional dependencies so it can be run from most Linux live CDs. Torified data retrieval/broadcasting through blockchain.info via pybitcointools. https://github.com/bithobbes/offbitNo need to trust me. You can compare the libraries to the original ones. The actual code is very short. readme.md: offbit
======
v0.001
2014 hobbes / bitcointalk
https://github.com/bithobbes/offbit
Basic off grid Bitcoin storage and TXs. Helps with hodling. Tor protected retrieval/broadcasting via blockchain.info.
Alpha software. Nothing guaranteed. Maximum recommendend amount: see version number.
https://www.gnu.org/copyleft/gpl.html
### Files
* offbit_keygen_offline.py - generate (mnemonic) privkeys
* offbit_mktx1_online.py - start transaction (also broadcast)
* offbit_mktx2_offline.py - sign transaction
### How to use
Generate (mnemoic) privkeys via offline keygen, load them and keep them safe (bring one half to the bank). Then:
1. Optional: Start Tor Browser to set up a Tor socket to be used by offbit.
2. Use mktx1 to create a transaction.
3. Save offbit data to a USB stick (text file).
4. Move the stick into an old offline computer, booted from a Linux Live CD (knoppix.org). Needs Python but no WiFi, no bluetooth.
5. Start mktx2 and feed it the data (currently a manual process).
6. Remove the USB stick so that there is no persistent data (no USB stick, no harddrive, no SD card)
7. Verify the TX, enter your privkey and sign.
8. Transport the signed transaction to the online computer via QR code (designated reader, synced clipboard or manually)
9. Broadcast the signed transaction by finishing mktx1
You will be guided through the steps.
Step 8. works completely automatic with Windows/ClipSync & Android/ZXBarcodeScanner.
### QR Code Scanner
Use only open source Zebra Crossing Barcode Scanner as the other scanners sniff your data (hurting your privacy).
Helpful options:
* inverted image scan (negative)
* copy to clipboard (automatically on scan)
### Clipboard syncing
* Windows & Android: ClipSync (data stays within you local WiFi)
hint: will only sync when clipboard content has changed (will not sync on the second scan when scanning twice)
* Linux & Android: ?
* Mac & iOS: ???
### Limitations
* Only small TXs will fit into the QR code.
### Todo
* add manual random data for tx generation
* encrypt offbit transport data
* check if TX to publish matches original TX
* find open source clipboard local sharing software
### Based on
* https://github.com/vbuterin/pybitcointools (thanks vitalik!)
* https://github.com/unapiedra/pyqrnative
* https://github.com/spesmilo/electrum (mnemonic.py)
offbit_keygen_offline.py - generate (mnemonic) privkeys len(wordList): 1626
Enter some random characters and press <enter>.
3764bc5r7w8cr6wc9
Enter a title for this paper wallet and press <enter>.
hodl
working...
--------------------------------------------------------------------------------
hodl
Electrum 1.x seed part 1 of 2 copy A
rootAddress: 1BLfktq4TVtwyV1TdeRH839xJLXQLpr6nm
decision society situation circle size grief close shall relationship desire inn
ocence roll
--------------------------------------------------------------------------------
hodl
Electrum 1.x seed part 1 of 2 copy B
rootAddress: 1BLfktq4TVtwyV1TdeRH839xJLXQLpr6nm
decision society situation circle size grief close shall relationship desire inn
ocence roll
--------------------------------------------------------------------------------
hodl
Electrum 1.x seed part 2 of 2 copy A
dress voice smile tide sometimes since anywhere lick horrible clearly everyone s
way
--------------------------------------------------------------------------------
hodl
Electrum 1.x seed part 2 of 2 copy B
dress voice smile tide sometimes since anywhere lick horrible clearly everyone s
way
--------------------------------------------------------------------------------
Press <enter> to show verification data. <ctrl-c> to exit.
1st half of offbit_mktx1_online.py Tor socket found. Your IP seems to be: 123.123.123.123
About to query inputs from blockchain.info
Enter address to spend from:
(Normal address or Electrum root address.)
1JEiV9CiJmhfYhE7MzeSdmH82xRYrbYrtb
Number of previous outputs: 2
balance: 0.0004
availableBalance: 0.0003 (balance - fee)
Enter target address:
1AGNa15ZQXAZUgFiqJ2i7Z2DPU2J6hW62i
Enter amount to spend in Bitcoin:
(maximum: 0.0003)
0.0001
Add another target address or press <enter> to continue.
Enter target address:
Offbit data:
(Transport safely to offline system. Keep the '!' at the end.)
{"amounts": [10000], "source": "1JEiV9CiJmhfYhE7MzeSdmH82xRYrbYrtb", "u": [{"out
put": "41efd332db50d2fd7941979f21827cc4851a361c4dcdd9e6430ff940f9e7bc04:59", "va
lue": 20000}, {"output": "debbacc8a949c86ea61aa6b7c03f47cb36b9759ab207ba28ef9a69
a46eed5b93:54", "value": 20000}], "targets": ["1AGNa15ZQXAZUgFiqJ2i7Z2DPU2J6hW62
i"]}!
Waiting for signed tx in clipboard (no carriage returns allowed).
Press <ctrl-c> to cancel.
offbit_mktx2_offline.py
Enter offbit data:
{"amounts": [10000], "source": "1JEiV9CiJmhfYhE7MzeSdmH82xRYrbYrtb", "u": [{"out
put": "41efd332db50d2fd7941979f21827cc4851a361c4dcdd9e6430ff940f9e7bc04:59", "va
lue": 20000}, {"output": "debbacc8a949c86ea61aa6b7c03f47cb36b9759ab207ba28ef9a69
a46eed5b93:54", "value": 20000}], "targets": ["1AGNa15ZQXAZUgFiqJ2i7Z2DPU2J6hW62
i"]}!
Number of previous outputs: 2
balance: 0.0004
availableBalance: 0.0003 (balance - fee)
tx summary:
Sending 0.000200BTC to 1JEiV9CiJmhfYhE7MzeSdmH82xRYrbYrtb (change)
Sending 0.000100BTC to 1AGNa15ZQXAZUgFiqJ2i7Z2DPU2J6hW62i
fee: 0.0001
Check balance and targets. Remove your data source (USB-stick).
Press <enter> to proceed, <ctrl-c> to cancel.
Enter private key or (double) Electrum seed:
2nd half offbit_mktx2_offline.py
█▀▀▀▀▀█ █▀ ▄▄█▄▀▄▀▀ ███ █ ▄██ ▄▀ █ █▀ █▄▄▄▄▀ ▄ ██ ▀▄ █▀▀▀▀▀█
█ ███ █ ▄▄▄▀▀█▄▄██▄██▀▄▀▄███▄▄▄█▄██▄██▄█ ▀ ▀ ▀▄▄ ▀▀▀▄█▄▀ █ ███ █
█ ▀▀▀ █ █▀▀██ ▄█▀▄▄██▄█▀▄██▀▀▀█▀▀███▄ ▄▀█▀▄▀▄ █ ▄▄ ▀ █ ▀▀▀ █
▀▀▀▀▀▀▀ █▄▀ █ █▄▀ █ ▀▄▀▄█▄█▄▀▄█ ▀ █ █ █▄▀▄▀▄█ █▄▀ █▄█▄█▄█ ▀▀▀▀▀▀▀
▀▄█▀ █▀█▄ ▀█ ▀▄▀ ▀ █▄██▀▄ ▀▄▀▀██▀█▄▄▀███▄▄ █ █▀▀█▄▄▄ ▀▄▄▀▄█▀
▀█▄ ▀█▀▀ ██▄▀█▀▀█▄ █▄█▀▀▀▀▄█▄ ▀▄██▄ ▄▀▄▀▀▀ ▀▄▀▄▄█▀▀ ▀▄▀▀▄ ▄▀▀▄
█▄▀▄▄▀▀▀▀▀██ ▀ ▄▀█▀▄ ▀▀▀▀▀ █▀ ▄ ▄▄▀▀▀█▄█ █ █ ▀█▄█ ▀█▄▀▀▀██▀▀
█▀█ █▄▀▄▀██▀█ ▀ ▄█ ██▀▄ ▄▄ ██▄█▀▄▄█ ▀▀▀█▄▄ █ ▄ ▀▀ ▄▀▀▄ ▄█▀█ ▀▀
▀██▄ █▀█ ▀▄ ▄▄ █▀▄█ ▄█▀ █▀▀█ ▀▀██▀▄▀ ▀ ▄▀███▄█▄▄▀▀ █▀▀▀█▄ ▀▀▀▀
▄██▀▀█▀▀ ▄ ▀▄ ██ ▀▄█▄▄▀▄▄█▀ █ █ ▄█▀▄ ███▀▄▀ ▄ ▀▀█▄█▄██▄ ▀ █ ▄
▄ █▀█▄▀▄ ▄██▄ ▄▀▄▀▄▀███ ▀ ▀██▄▀▀▀ ▄ ▀▀ ▄ ▀█ ▄ █▀▄▄█ ▀▀ ▀▄
▀ █▄ ▀▀▀▄ ██ ▄▄ ▄▄▀█▄█ █▀ ██ ▄█ ▀▄█▄ ▄▀ █▄▀ ▀ ▄▄ █▀ ▄▄ ▀▀▄█▀ █
▄ ▄▀▀▀▀ █ ▀▄ █▄▀▀▀██ ▀ ▀▄█▀ ▀█▄█▀▀▀███ ▀█ █ ██▄▄▄ █▄▄ █▀▀ ▀▄
▄ ▀▀█▀▀ █▀▄▄████▄█▀ ▀▀ ▀▀▀▀▀ █▄ ▄▄▀ ▀▀▄▄▄█▀▄▀▄▄▀ ▄█▀▀ ▀███▀▄▀▀▀█
█▄▄▄▀█▀█▀██ ▀▀█ ▄ ▄ ███ ▀█▀▄ ▀█▀▀▄▄▄ ▀ ▄▀▀██▄▀ ▀█▄▄ █ █▄▄ ▀▄▄█
▀ █▀▀▀█ █▄█▀▄██ ▄ ▀▀█ ▀▄▄ █▀▀▀█▀▀▀█▄▄█▀█ ▄ █▀ █▀ █▄██▀▀▀████
▄▄█ ▀ █ █▄▀▄█ █▄▄ ▄█▄█ █▄ █ ▀ █▀ █ ▀██▄▄ ▀▀▀▄█▀██▄█▀█ ▀ █▀█ ▀
██▀▀█▀▀▀█ ▄ ▀▄▄██ ▀ ▀██ ▀ ████▀█▀▀▄▀ ▄▄▀▀▄█▀ ▀█ ▀█ ▄██▀▀█ ▀▀
█▀ ▄ █▀▀▄▄▀▄▀██▀▄▄▀ █▄ ▀ ▄▄█▀█ █▄▀█▀█▄█▄▄▀ ▀ █ ██ ▄ ▄ █ ▀ ▄█
█ █▄█ ▀▀▀▄ █▄▄▀▀█ █▄▀▄▄▀▀▀▄█▀▄ ██ ▀ ▀▀▄█▄▀▀█ ▀ ██▄█▄████▄▀ █
█ ███ ▀█▄ ▀▀▀ ▄ █ ██▄▄▄███▄ ▀ ▀▀█▄ ▀▄ ▀ ▀▄▄█ ▄▀▀▄▄▀ ▄█▄█▀▀ █▄
▄ ▀▄█▀▀▀▄█ ██▀▀ ██ ▀ ▀█▀ ▀▀▄ ▄▄█▄ ▀ ██▄▀ ▀▄█ ▄ ██████▀▀█ ▄ ▄█▄▄ ▄
▄▀█▄ ▀▄█ ▀ █ ▄▀▀██▀▄▄ ▀ ▀ █ ▀█▄▄█▀▀▀▄▄▄▄ ▀▄█ █▀██▀▄▀███▀▀██
▀ █▀ ▀▀▄▀█▄█▄▀▀█ ▄▀▀▄▄▀▀▄█▄▀██▀█▄▀▀█▄ ▄█ ▀ ▄▀▄▄▀▀▄▄▀▄██▄ ▀▀█
▀▄▄▄█ ▀▀██▄▀█▀ ▄ ▄ ▀▄▀█▀████▀█▀█▄█████▄▄▄▀▀▀▄▄ █▀██ █▀▄▄ ▄ ▀▀▄▄▄
█▄█ ▀█ ▀ █▀█▀ █▀█▀▀▄▄▀█▄██ ▀█▀▀█ ▄▄▀█▄▄▄▄███ ██▀▀█ ████▀▄▀▀█
█▀▀ ▀▄▄▀ ▄▄ ▀█▄█ ▄ ▄▄▄█▀▀▀█ ▀█ ▄ ▄ ▀▄▀▀▀▀██ ▀ █▄▄ ▄ ▄▀██▄▄
▄ ▀█ ▀▀▀ ▀███ ▀█▄▄█ ▄▀ ▀▄▀ ▀▄▄▄▀█▀▀███ ▀█▄█▄▄▄▄▀█ ▄ ▄▄
▀▀ ▀ ▀▀█ █▄ ▄▀█▄ ▄▄ █ █ ▄▀▀▀ █▀▀▀██ ▄▀██▄█ ▄ █▄▀▀██▄▄▀█▀▀▀█▀ ██
█▀▀▀▀▀█ █▄██ ▄▀ ▄█▄▀▀▀▄ ▀▀▄█▀█ ▀ █▀▄▀ █▄▄▀ █▀▀▄▄▀▄█ ▄▀▄█ ▀ █▀ ▀▄
█ ███ █ ▄▄▄█▄▄██▀██▄ █▀▀ ▄█▄███▀██▀▀██ ▀▀ █ █▀▀▄█▄ ▀ █▀▀████▀▀
█ ▀▀▀ █ ▀▀█ ▄▄▀▄█ ███ ▀▀█ ▀ ▄█ █▄▀▀ ▄█▀██ ▄█▀ █ █ █▀█ ▄▀▀█▄▄ ▄▀
▀▀▀▀▀▀▀ ▀ ▀▀ ▀▀▀ ▀ ▀ ▀ ▀ ▀▀▀▀▀▀ ▀ ▀ ▀▀▀ ▀▀▀
|
|
|
|
For very obvious reasons, gox price is *justifiedly* decoupled from stamp price.
If however the situation on gox continues, I don't think stamp will entirely stay unaffected. Not for practical reasons so much as for psychological reasons: gox price is still quoted in the world, and at some point, the nervousness will translate into selling pressure on stamp as well. Not enough to go sub 500 maybe, but enough to bring the two exchanges a bit more in line.
So, short term: if Gox enables BTC withdrawals, Stamp will go down because arbitrage. If Gox doesn't enable withdrawals, Stamp will go down because Gox dying will bring everyone down. It looks to me like we are out of short-term scenarios where Stamp price goes up? Most of the time the artificially high Gox price has kept prices on other exchanges high. If Gox goes to 1000+++ tomorrow once/if they reenable withdrawals then it might even pull up the other exchanges a good bit. |
|
|
|
SD cards often have "write protection" clips but they are not really safe: http://superuser.com/questions/354473/is-the-lock-mechanism-on-an-sd-card-hardware-firmware-or-software-driver-osA computer with a read only cd drive would be great. edit: Also it should not have wifi integrated. How about this: Boot from LiveCD on a computer with hard drive removed put in usb stick with unsigned tx, copy to ramdisk and remove stick (remove cd if on a system which can write to disk) only then enter privkey / seed create signature transfer signature by hand / qr code put together tx and signature on online system and broadcast If you go through all that you might also consider to store half the key / seed in a bank locker. |
|
|
|
On a related question, will seeds that are more than 12 words (and multiples of 3) always be supported? It came up in this thread where hobbes talks about concatenating 2 wallet seeds to create a 24 word seed: https://bitcointalk.org/index.php?topic=354261.0in version 2.0, the seed phrase will be hashed in order to generate the master public key. thus, any phrase length will be supported. However, in order to recognize seeds from version < 2, I plan to check if the number of words is 12. so it's probably not a good idea to create 24 words seeds now. Maybe you could allow 12 OR 24 words. 24 words allow for safe (??) and simple key splitting. Probably there will have to be an option or some way to tell the program whether the seed is old or new... or will the new seed have a different number of words? |
|
|
|
Hobbes you should see this: On a related question, will seeds that are more than 12 words (and multiples of 3) always be supported? It came up in this thread where hobbes talks about concatenating 2 wallet seeds to create a 24 word seed: https://bitcointalk.org/index.php?topic=354261.0in version 2.0, the seed phrase will be hashed in order to generate the master public key. thus, any phrase length will be supported. However, in order to recognize seeds from version < 2, I plan to check if the number of words is 12. so it's probably not a good idea to create 24 words seeds now. Thank you! Will answer over there. |
|
|
|
|
Show Posts
