Show Posts
TradeFortress? Is that you?
No.
I'd like to use Tor with Javascript disabled for all my bitcoin transactions, but I can't find any online wallet out there that will both allow the import of private keys and work without Javascript? Anyone know of one? It can be a wallet, exchange, tumbler, anything really that would allow me to send BTC from an imported paper wallet.
Give up on this online wallet thing. The death of Inputs.io should have killed this being a desirable thing.
What you can do though is fire up a local client and route your computer's connection to the internet through tor when you want to fire up your Bitcoin client. As bad as online wallets have been on the clear web, tor wallets have an even worse history.
It doesn't have to be a tor wallet necessarily. It can be a clearnet wallet that will work with tor and without javascript.
The only web wallet vaguely worth trusting anymore is blockchain.info, and only because it uses javascript to ideally allow you sole access to your private keys hough it is still potentially vulnerable to malicious javascript.
Here's a bit of a primer on why you don't want a random third party having your private keys, one on what constitutes a wallet, what happened to the last web wallet that tried the secure shared wallet model, and finally some extra credit reading because reading is informative.
Any time you don't have sole access to your private keys you don't have Bitcoin. How closely what you have to Bitcoin depends on the reliability of the counterparty to which you have made a deposit. Web wallets have been unreliable. Tor web wallets have been especially unreliable.
Honestly I don't really know that using tor to send a bitcoin transaction provides especially more privacy. Saying a BTC transaction was sent by IP address X is a daunting task to prove. More so than which pool relayed a new block first and even that is a challenging problem.
Here's a bit of a primer on why you don't want a random third party having your private keys, one on what constitutes a wallet, what happened to the last web wallet that tried the secure shared wallet model, and finally some extra credit reading because reading is informative.
Any time you don't have sole access to your private keys you don't have Bitcoin. How closely what you have to Bitcoin depends on the reliability of the counterparty to which you have made a deposit. Web wallets have been unreliable. Tor web wallets have been especially unreliable.
Honestly I don't really know that using tor to send a bitcoin transaction provides especially more privacy. Saying a BTC transaction was sent by IP address X is a daunting task to prove. More so than which pool relayed a new block first and even that is a challenging problem.
I don't plan on trusting anyone. What I intend to do is generate a bunch of offline wallets by (for instance) downloading the html of bitaddress.org and using it at an offline computer. I'll transfer BTC to them and keep them offline until I need them. When I do need them I want to import the private key to an online wallet and immediately send out all the BTC in to a cashout account. The odds of that site being hacked or disappearing in the 2-3 minutes it will take me to do this are fairly low.
As far as using Tor, I want to err on the side of caution. Losing the BTC in any given wallet is less important to me than compromising my anonymity. That's why I'm paranoid about not using Javascript, given what happened with Tormail. I'm don't know much about Tor other than the basics though. Do you know of a way to route an local wallet client through Tor that would provide security comparable to using Vidalia with Javascript disabled?
And getting back to my original question, does ANYONE know of an online wallet that will work without Javascript, or does one not exist?
