Bitcoin Forum
June 17, 2024, 05:13:46 PM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 [27] 28 29 30 31 32 33 34 35 36 37 38 39 40 41 »
521  Bitcoin / Bitcoin Technical Support / Re: Bitcoin Core won't take my passphrase on: October 21, 2014, 04:57:04 PM
I have the same problem, is there any solution ?

Here are my two posts with my issue

First time i thought the problem is connected to Armory , but now i do not know
https://bitcointalk.org/index.php?topic=56424.msg9263763#msg9263763


https://bitcointalk.org/index.php?topic=34028.msg9271649#msg9271649    Re: Pywallet 2.2: manage your wallet [Update required]

Responded to you in the pywallet thread over here.
522  Bitcoin / Development & Technical Discussion / Re: Pywallet 2.2: manage your wallet [Update required] on: October 21, 2014, 04:51:17 PM
i could load it into bitcoin core but i cant send any bitcoin , passphrase is incorrect ,   available balance shows that probably i did not make any new transaction ( i use the passphrase that i set at pywallet dump recovery , i cant imagine that i modifed passphrase or reencrypted my wallet with bitcoin qt after it loaded)

Earlier versions of pywallet prior to September 8th had a bug which would, under some circumstances, cause it to create a recovered wallet with a password that didn't work in Bitcoin Core. It might be possible that you were affected by this bug.

I'd try this:
  1. Close Bitcoin Core, and then make a backup of all of your current wallet files (preferably onto a different drive or USB stick).
  2. Download the current version of pywallet from here (the download zip button is on the right): https://github.com/jackjack-jj/pywallet
  3. Choose a wallet.dat file that was showing the correct balance in Bitcoin Core, but whose password wasn't working, and run a pywallet recovery on it.
  4. Check if you can send a transaction, or simply sign a message, in Bitcoin Core with the recovered wallet.

Let us know if this works with one of your wallet files, or if it fails with all of them. Good luck.

Edited to add: I agree with those responding to you in the Armory thread that you probably never created an Armory wallet, and that Armory is probably unrelated to any of your Bitcoin funds (because you're able to see your balance in Bitcoin Core).
523  Economy / Service Announcements / Re: GreenAddress: open source multisig wallet service on: October 18, 2014, 05:57:29 PM
I just wanted to share this quick anecdote.

I've been using GreenAddress as my preferred mobile wallet for a little while now, and I've been quite happy with it.

I ran into a small issue on Friday that was preventing me from creating a transaction. It was easy to find a workaround though, so it wasn't tying me up. I did a little bit of troubleshooting, but eventually gave up.

I sent an email to their general support box on a Friday at 6pm (my local time) along with the steps to reproduce the issue, and I explicitly mentioned that it wasn't really affecting me, so it didn't matter how long it might take for a response.

To my surprise, I received a pretty detailed response back by 8am Saturday morning listing out a few different bugs (all relatively minor) that they had found and fixed, as well as an expected release timeframe for the updated version (about a week).

I just wanted to post here to commend them -- I was really impressed that they took the time to read my email and reproduce the issue, and that they got back so quickly (even though it wasn't a big deal to me). All this , and it's a free service.

So anyways, thanks for a great piece of software and a great service!

All the best,
Chris
524  Economy / Service Discussion / Re: Does this simple provably fair scheme work? on: October 18, 2014, 04:46:22 PM
I just noticed this now.

And I just noticed now that we're both responding to a post made in November 2013 Tongue (a spammer necroposted, but the spammer's post was since deleted by the mods).
525  Economy / Service Discussion / Re: Blockchain account not working what happen on: October 15, 2014, 01:08:36 PM
This shouldn't happen... the server for some reason is not sending your browser enough information to permit the login process to complete.

If it continues, you'll either need to submit a support request, or restore the wallet from a backup. To submit a support request, visit: https://blockchain.info/support-desk
526  Bitcoin / Development & Technical Discussion / Re: Difficulty! Do we really need it? on: October 15, 2014, 12:55:47 AM
This is clear and thank you for clarifying! A bit shift modifies possibility by 50%.

Yes, but the hash target doesn't necessarily move from 135 bits to 136 bits, it moves from 135.1 to 135.4.

Just a question if you know for sure. When calculating the total difficulty of a chain we count the values of the actual hashes or the difficulty targets in the blocks?

The total difficulty of a chain (for the purposes of determining which chain is longest) is the sum of the difficulty targets, and has nothing to do with the "luck" of the miners / block hashes.
527  Other / MultiBit / Re: Soooo I have $100 stuck in my wallet on: October 15, 2014, 12:30:49 AM
I have a multibit wallet I created a few weeks ago and fat fingered the password after I transfered the bitcoin I found that out! I tried every password I could think of and then some..  Embarrassed I assume there is no getting it back?

That depends on how much you remember about the password... if it's long enough and you don't remember much or anything about it, there's pretty much no chance.

If you do remember a lot about the password, you can try to use a tool that will go through various combinations to recover it. One such option is btcrecover (I'm the dev of that tool, so naturally I'm biased), it's a free & open source password recovery tool you could try. You will need to do a bit of reading to get it set up and running though. The Tutorial and the Quick Start are here: https://github.com/gurnec/btcrecover/blob/master/TUTORIAL.md#btcrecover-tutorial

If you have any questions about it, feel free to ask.

There are also people in the Services forum who offer assistance with password recovery, so you could check there too.

Good luck...
528  Other / Off-topic / Re: Am I the only girl on here? : ( on: October 15, 2014, 12:03:15 AM
What's with the Mexican flag?
...

It is an italian flag...

Um not quite, the Italian flag is a much lighter shade of green....

It seems to be missing the coat of arms of Mexico... we're not going to have another big argument here, are we? Wink
529  Bitcoin / Development & Technical Discussion / Re: Difficulty! Do we really need it? on: October 14, 2014, 11:54:43 PM
...
btchris does not find any problem with using the number of initial zero bits as a measure of proof of work.
...

Please don't paraphrase what I said... what I said was "we already have a way to slow down hash generation: increase the difficulty. Keep in mind that difficulty is not a bit count [emphasis added], it's more finely granular than that."

In other words, I completely agree with deepceleron.
530  Bitcoin / Development & Technical Discussion / Re: Difficulty! Do we really need it? on: October 14, 2014, 09:31:19 PM
Bitcoin is just fine but talking about ways to improve it by relaxing some requirements in favor of a simpler behavior (such as using some external time references widely available over the internet)  i think always helps.

I have to disagree with you, but this part is a matter of opinion.

I think Bitcoin should strive to be as decentralized as possible. It's not perfectly decentralized now, but I see no reason to add additional potential points of failure or points of control. Rather I'd prefer the opposite -- remove what few remaining centralized points are left.

It is obvious that you do not forward anything received before you double check it and compare it in case of block hash with your own best result. So a modest performance node can only flood minor performance nodes.
Sorry if i did not mention that but i was aware of this practice and should not change it.

I suspect that the majority of nodes on the network are not miners, and therefore have no concept of best-block-so-far-in-my-pool, and remain susceptible to a DoS.

What is the max range of possible  bit transitions? 128
Is it easy to generate them? not so straight
Is it easy to count them? yes simpler than generating a random one of them or calculating a hash

I think you just described a PoW system... hard to generate and easy to verify. How this add-on PoW is any improvement of the PoW already in use?
531  Bitcoin / Project Development / Re: 2^256 Deep Space Vagabond on: October 14, 2014, 07:28:09 PM
TL/DR

If you can clean it up into a short list of direct questions i can reply, but i am not reading through that entire mess to find the questions.

Thank you.

Cryptography is a complex subject, and cannot always be discussed in 5-word sentences (I even bolded the parts that actually needed addressing). I will try, but you may not like the results.

1. You claim nearly all CSPRNG is flawed. Then, as a workaround, you recommend vanitygen, which uses a.... CSPRNG (a fairly common one, OpenSSL). Can you explain the difference?

2. Your dartboard scheme for creating entropy is slow and biased, the sort of thing no cryptographer would ever come up with. Why did you?

3. You claim that "paperwallets" are superior because they use entropy from a mouse. You cite a bunch of wallet clients you claim to have found "through heavy testing" to be faulty, and yet every one that you cited also uses real-world entropy, just like "paperwallets". Armory, in particular, uses mouse input plus several other sources of real-world entropy. How could a cryptography expert miss this fact?

4. You've made extraordinary claims. If you are unwilling or unable to provide extraordinary proof (which is understandable for a work-in-progress), you will likely be ridiculed unless you can at least provide extraordinary professional credentials for your "few dozen mathematicians, statisticians, and even a half dozen cryptographers with over 45 years combined education." Why have you done neither?

Is that better?
532  Bitcoin / Development & Technical Discussion / Re: Difficulty! Do we really need it? on: October 14, 2014, 06:54:02 PM
thanks for replying.

Flooding with fake blocks or transactions does not depend on the form of the hash.
What prevents me generating 1000's of fake blocks starting with zeros?

A node does not send a recently received block (or rather, it does not notify connected nodes that it has a new block to send) until after it has fully verified the block, including the hash target, so the only way to flood the network with blocks is if you can generate them (with the current difficulty).

As I understand it in your proposal, every X minutes, all nodes will need to see all potential blocks before a consensus can be achieved, which seems to be open to DoS.

Putting a node to also count bit transitions slows down desired hash generation and may help against ASICs monopoly.

Adding a new restriction to the target hash would slow down hash generation, but we already have a way to slow down hash generation: increase the difficulty. Keep in mind that difficulty is not a bit count, it's more finely granular than that.

[edit]
If counting bit transitions is simpler than hash evaluation then once you have a really 'good' valid block it makes it faster to drop fake blocks
by simple bit transitions counting

I'm afraid I don't understand what you're saying here.
533  Other / Beginners & Help / Re: Proof of Work and Proof of Stake explained for beginners on: October 14, 2014, 05:45:38 PM
Nice production values, and easy to understand, but I can't say much positive about the content of the latter half of the video.

For one thing, it's very one-sided, claiming that proof-of-stake is strictly superior to proof-of-work. The link to the forums below isn't very useful, either. I might suggest a more recent thread which includes more enlightened views on proof-of-work and proof-of-state (and proof-of-idle too): https://bitcointalk.org/index.php?topic=776541.0

There's also a strong implication that Bitcoin is on its way towards switching to a proof-of-stake system, which seems extremely unlikely to happen given the problems it has (see that link for details).
534  Bitcoin / Electrum / Re: HELP! ELECTRUM WALLET EMPTY! on: October 14, 2014, 05:05:32 PM
Addresses are there (though I have little way of telling if they're the same addresses...)

Why can't you tell if they're the same? Couldn't you look up some of the addresses in a block explorer to check if they have any transactions (that match up with what you remember)? If they don't have any transactions, it seems likely that you typed in the wrong seed.

Also, be sure to read the rest of this thread if you haven't already...
535  Bitcoin / Development & Technical Discussion / Re: Difficulty! Do we really need it? on: October 14, 2014, 04:54:31 PM
A hash is just a big integer (in this context), there's no need to do something this complicated if all you're after is changing the hash-target scheme to an exactly-one-block-per-unit-time scheme. Just compare the hash's integral values, and the value closest to zero wins.

However do you think it's a good idea for the Bitcoin network to flood itself with one or two hundred fully solved blocks every 10 minutes? How would you implement an anti-DOS scheme to prevent an attacker from flooding the network with thousands or millions of solved-with-low-difficulty blocks?
536  Bitcoin / Armory / Re: Armory - Discussion Thread on: October 14, 2014, 04:14:36 PM
Alan, what do you think of "Hash Hyena" claims?

He basically says that he is generating trillions of addresses non stop and getting a few collissions that will grow over time. His logic is that the entropy of Armory, Bitcoin Core, Multibut, Electrum etc. (and generally any other wallet that uses a RNG based on software) is flawed and results in a highly reduced keyspace, which will result in collissions with enought computing power and space devoted to private keys bruteforcing.

See: https://bitcointalk.org/index.php?action=profile;u=380718;sa=showPosts
...
...
On that note, Armory uses Crypto++ was is considered a cryptographically-secure RNG (X9.17 with OS-provided seeding).  On top of that, Armory pulls in system files, mouse clicks, keypresses, and a desktop screenshot, to add to the Crypto++ RNG entropy pool.  I made sure when selecting these sources that it would guarantee at least 256 bits of entropy to be added to the pool even if Crypto++ was really weak.
...

It's rather telling that he claims a "paperwallet" (I assume he means bitaddress.org) has a safer RNG for key generation than Armory (which, among others, has undergone "heavy testing" by his team) because "paperwallet" uses mouse input....
537  Bitcoin / Project Development / Re: 2^256 Deep Space Vagabond on: October 14, 2014, 03:49:30 PM
Hash Hyena, I have a couple of questions / points which I hope you can address. The first is related to your interim key generation recommendations.

"any other" RNG does not really solve the problem as we have found through heavy testing that Armory, Electrum, MultiBit, and just about every other wallet client out there has the same problems. The problem really is ANY RNG that is based on software.
1: use vanitygen to generate an address which falls far out of reach of the clustered address space, for example, the odds of your address eventually becoming part of someones catalog if it starts with 11121******************* is 667% more likely to happen then if your address starts with 1iBPq******************* for example.

Given that vanitygen is just another CSPRNG, and therefore flawed by your reasoning, why would you recommend it over any of the others you mention above (all of which use, exclusively or at least in part, the same OS-provided source of entropy)? In fact, vanitygen intentionally decreases entropy when it throws out generated keys which do not match the predetermined pattern, which would (slightly) decrease the security of the generated keys.

2: Use real world high entropy sources, a deck of cards, Hexadecimal dice, numbers and letters pulled from a hat. Myself personally and a few of the guys already on the team for this project we throw darts at a very large dart board that we made that has 0-9, a-f listed about 400 times each in a random pattern on a 4' X 4'  custom dart board we made. The entropy is higher if you are drunk when throwing the darts as your hand eye coordination makes it like trying to hit a moving target  Wink

First of all... how did you generate the random pattern of digits on your dartboard to begin with?

Regardless, any single set of random data is of course itself randomly biased, including your dartboard, and re-using it naively like this (I assume you don't create a new dartboard for each throw) combined with human bias will introduce that bias into its output. For example, it's very likely that there exists a hex digit on your dartboard which occurs less frequently on the periphery than it does towards the middle. Since I presume you'd avoid aiming your darts such that they might miss the dartboard, this hex digit is more likely to occur in your generated output.

In fact, a much better approach which would lead to less biased random numbers (assuming that the individual target boxes are small enough) would be to use a regular repeating pattern for the dartboard, where each 4x4 section contains exactly all 16 hex digits. How is it that nobody on your team caught this?

(This is to say nothing of the fact that throwing 64 darts at a dart board is silly-inefficient compared to just shuffling (well) a deck of cards...)


Next, moving back to your assessment of alternative clients:

"any other" RNG does not really solve the problem as we have found through heavy testing that Armory, Electrum, MultiBit, and just about every other wallet client out there has the same problems. The problem really is ANY RNG that is based on software.

Paperwallet is a better source as it uses coordinates of a mouse on the screen so it has i direct input which affects the output. Something like that built into a wallet client would not be feasible as no person is going to sit behind a PC at bitpay and wiggle a mouse every time someone needs a payment address generated.

First it should be noted that all of the clients you mention above (including BitAddress.org, which is I assume the paper wallet to which you refer) begin with the same source of OS-provided entropy (/dev/random on Linux/BSD or CryptGenRandom on Windows). Even though these two sources of entropy are in part provided by deterministic processes, they also use external human-influenced sources to maintain their internal state, e.g. the starting of programs, the initiating of or receiving of network traffic, the timings of writing to or reading from disks, etc. It is inaccurate to claim that the wallet clients you mentioned do not use significant amounts of human-source entropy.

Next, let's move on more specifically to your assertion that "through heavy testing that Armory ... has the same problems." Given that Armory gathers entropy from some of the same sources [github.com] as "paperwallet" (in fact it gathers entropy from many more human-influenced sources than "paperwallet"), can you explain why Armory has a flawed CSPRNG, whereas "paperwallet" does not?


Given that you've said
there are about a dozen of us [developers] working on this now, along with a few dozen mathematicians, statisticians, and even a half dozen cryptographers with over 45 years combined education
I find it extremely discouraging that you can make such basic errors as those outlined above. The net effect is to make me exceedingly skeptical of not only your overly-broad claims (which cannot be proven nor refuted due to their vague nature), but also of your abilities as mathematicians and cryptographers and even your intentions. Posting your team's professional qualifications (names, degrees, and peer-reviewed publications) would go a long way toward alleviating some of these concerns, even if you choose not to be more specific regarding these alleged vulnerabilities still under investigation.

I also hope that you can specifically address the questions above.
538  Bitcoin / Bitcoin Technical Support / Re: Encrypted wallet.dat, lost password, any solutions? on: October 14, 2014, 12:20:11 PM
Btcrecover seems the very best password recovery tool, the tool set is impressive. Did anyone go through the code to check that it doesn't do anything malicious?

I'll take that as a compliment Wink

But as far as I know, nobody has done so. The Python code is long (approaching 4k lines mostly in a single file) and complicated, and "evolved" into its current somewhat messy state (as opposed to being well planned out, sorry...).

However I did write some "extract" scripts that are short and fairly easy to understand documented here: https://github.com/gurnec/btcrecover/blob/master/extract-scripts/README.md. The idea was that you could run one of the extract scripts directly on your wallet file, copy/paste the base64-encoded results into a VM w/o network access, and then not worry about what btcrecover might do with it (assuming you read and understood the short extract script). At worst, it could waste a bunch of CPU/GPU time, but at least it couldn't steal you wallet.

Of course, all that only really helps if you're already somewhat of a "techie" who knows how to set up a VM. I suspect that many people who choose to run btcrecover are not techies, and are putting themselves at risk (speaking as objectively as I can, of course as the code monkey who wrote it, I claim it's perfectly safe Smiley ).

I recommend you to to write a dedicated post for your tool, I think it deserves it!

Yes, I was going to suggest this same to you. I found your soft quite useful for some recovery works I'd done, including the recovery scripts. Sometime later I missed the link and I went quite mad looking back to the old posts, so it will be quite useful if there is a thread for your great app. And Thanks!

You're welcome, and thank you for the kind words.

I'll definitely be starting a new thread (in the Tech Support section). I'm waiting until I have a bit of time to finish up some documentation on Unicode support, and then I'll start one. Thanks for the advice!
539  Bitcoin / Development & Technical Discussion / Re: The "you cant kill Bitcoin argument" on: October 14, 2014, 03:41:16 AM
It's possible using DPI equipment at ISP.
For example China right now can ban bitcoin in their country if they would want to. Same way as they banned tor and i2p.

They attempt to block Tor, but that doesn't mean they're successful. See obfsproxy.
540  Other / Off-topic / Re: bitXOR - A generic file encryption method originally designed for my bitcoin wallet on: October 14, 2014, 03:33:12 AM
Thanks for the feedback! I didn't necessarily intend to give off the message that this should be used, however I do understand how what I wrote can be interpreted that way. Could you possibly explain how the implementation of the passphrase is naive and doesn't add any additional security?

If you have both of the "xor" files, file.x and file.y, than the additional "key" is simply an XOR cipher with a static repeating key on top of that. To quote Wikipedia:
Quote
By itself, using a constant repeating key, a simple XOR cipher can trivially be broken using frequency analysis.

I didn't make up this crypto system, I've seen a very very similar form of cryptography applied by a reasonably reputable company.

Scary, but unfortunately not surprising...

I'll remove this project from my website and github when I get the chance. I apologize for spamming the site with an allegedly unsafe piece of software. I won't make anymore cryptography based programs.

That would probably be best. Remaining open to constructive criticism is always a good thing.
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 [27] 28 29 30 31 32 33 34 35 36 37 38 39 40 41 »
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!