 Show Posts
|
|
Pages: [1] 2 3 »
|
|
1
|
Bitcoin / Project Development / Re: Would you be willing to flip coin / roll dice 256 times for security of funds?
|
on: August 18, 2020, 08:07:02 PM
|
That's cool! Good work! So you use the device to generate a private key and encrypt it with a password. You write the passworded key down (paper wallet) and store it safely as a backup in case you lose the device. When you want to transact, you generate a signing request QR on your computer. The device scans it in and asks you for your password. It then generates a signature QR which you scan using your computer. Your computer adds it to the transaction and broadcasts it. Er, wait, the device wipes its memory every time you use it, so you need to type in your passworded key and password every time. Sounds like a PITA that leads you to leaving your paper wallet lying around (printing a passworded key QR is nice but beyond the paranoia level of this device). The device will have to have the unencrypted private key in memory at some point. How about the device stores the passworded key in volatile memory which gets wiped after a window of time, loses power, or you get the password wrong? It could possibly also be in a TPM of some sort that does the signing, inaccessible to the OS or memory to make it harder to dump from memory if the device is stolen within that window of time. Note that normal RAM isn't truly volatile ( https://citp.princeton.edu/our-work/memory/). You can freeze the device, kill its power, and then boot it from a memory card with a tiny live OS that dumps the raw memory that's still frozen in time from when it lost power. The obvious attack is to steal the device, install a keylogger, and then put it back where you found it.  Maybe having read-only firmware and no USB or memory card ports would help for the above scenarios. |
|
|
|
|
4
|
Bitcoin / Bitcoin Discussion / Re: BitTorrent client and bitcoin blockchain submission idea!
|
on: August 11, 2020, 04:57:47 PM
|
Yeah, baby! This is classic application for cryptocurrencies. It would even better if the original authors got the donations, so they at least get *something* from those pesky pirates. Imagine a decentralized iTunes. As above posters have noted, BitTorrent Inc. is thrashing around this space with their BTT token and I haven't tried it but it's probably junk. Problem: Scanning the whole blockchain for a magnet hash is inefficient. Furthermore, there's no guarantee that the Bitcoin address attached to it is the same as the torrent creator. Solution: The Bitcoin donation address can simply be encoded in the torrent metadata itself, which is hashed into the magnet link by the torrent creator, thus ensuring that they are the ones who inserted the address. {
"announce": "http://tracker.site1.com/announce",
"info": {
"files": [
{"length": 111, "path": ["111.txt"]},
{"length": 222, "path": ["222.txt"]}
],
"name": "my-music",
"piece length": 262144,
"pieces": <binary SHA1 hashes>
},
"donations": {
"xbt": <bitcoin address>,
"xmr": <monero address>
}
} Whaddya know!? Frostwire and qBittorrent already do this! https://blog.frostwire.com/2014/02/27/frostwire-integrates-bitcoin-donations-and-creative-commons-licensing-into-torrent-files/There's also the weakness that the torrent is only hashed with SHA-1, but that's another discussion. References: https://www.bittorrent.com/token/btt/https://en.wikipedia.org/wiki/Torrent_file |
|
|
|
|
5
|
Other / Archival / Re: Experimental Sidechain Network
|
on: August 08, 2020, 06:12:10 PM
|
I still don't understand about this sidechain, what is the convenience offered by sidechain? and does it really work any better than blockchain in general?
It's so altcoins can share hashrate, instead of being vulnerable to 51% attacks by big miners from other coins. |
|
|
|
|
7
|
Other / Off-topic / Re: password generator site
|
on: August 07, 2020, 07:21:44 PM
|
Guys, guys! If you need to generate random passwords just use your operating system's built-in tools. From the Mac or Linux terminal: LC_ALL=C tr -cd \!-~ < /dev/urandom | head -c 42 From Windows Powershell: [Reflection.Assembly]::LoadWithPartialName("System.Web")
[System.Web.Security.Membership]::GeneratePassword(42, 0)
And if you INSIST on doing it from a web browser, just copy-paste this into a text file and rename it random.html, but keep in mind your "Free VPN" or whatever browser extensions are probably sending all your passwords to China anyway. <script>
var bytes = new Uint8Array(420);
window.crypto.getRandomValues(bytes); // supposed to be cryptographically secure
document.write(
[...bytes]
.filter(x => 33 <= x && x <= 126) // filter out non-ascii character codes
.map(x => String.fromCharCode(x)) // map character codes to characters
.join('') // join characters into string
);
</script> |
|
|
|
|
9
|
Other / Off-topic / Re: password generator site
|
on: August 06, 2020, 08:04:17 AM
|
Don't use a password generator website. Thousands of Bitcoins have been stolen this way. Even if you use if offline, it is HIGHLY LIKELY to give you intentionally or unintentionally predictable output. Don't use a super-strong random password without a physically secured, but weakish-password, backup wallet. Thousands of Bitcoins have been lost this way. You are HIGHLY LIKELY to forget any password that's strong enough to not be brute-forced. DO focus on the basics of "security" = "something you have" + "something you know". Assume that, tonight, Russian hackers will whack you on the head, give you password amnesia, steal your airgapped computer, start grinding it with a supercomputer, and burn your house down with everything in it to hide the evidence.  |
|
|
|
|
10
|
Bitcoin / Development & Technical Discussion / Re: Chain Archaeology revisited -- Any more known miners for sub 1000 blocks?
|
on: August 05, 2020, 07:15:37 PM
|
I'm not a C++ expert, but according to the source code for Bitcoin v0.1.0, the nonce starts at 1 and then increments after every attempt (line 2297, main.cpp). HOWEVER, contrary to the comments in that thread, it looks like the nonce gets reset to 1 EVERY time a new block is found or accepted, whether self-mined or from the network. That means the nonce slopes are mysterious because they don't start from 1 every time a block is found!
Maybe they were running a version older than 0.1.0, which is possible because the genesis block is from Jan 3, 2009 at 6:15:05 AM UTC. Or maybe the extra miners were custom mining clients (likely Satoshi) that didn't reset the nonce.CORRECTION: It's the global bnExtraNonce (put in the coinbase's scriptSig) that gets incremented and doesn't reset for the uptime of the v0.1.0 client (see posts below). main.cpp lines 2183-2361 (file timestamped Jan 7, 2009, 9:00:00 AM UTC) bool BitcoinMiner()
{
printf("BitcoinMiner started\n");
SetThreadPriority(GetCurrentThread(), THREAD_PRIORITY_LOWEST);
CKey key;
key.MakeNewKey();
CBigNum bnExtraNonce = 0;
while (fGenerateBitcoins)
{
Sleep(50);
CheckForShutdown(3);
while (vNodes.empty())
{
Sleep(1000);
CheckForShutdown(3);
}
unsigned int nTransactionsUpdatedLast = nTransactionsUpdated;
CBlockIndex* pindexPrev = pindexBest;
unsigned int nBits = GetNextWorkRequired(pindexPrev);
//
// Create coinbase tx
//
CTransaction txNew;
txNew.vin.resize(1);
txNew.vin[0].prevout.SetNull();
txNew.vin[0].scriptSig << nBits << ++bnExtraNonce;
txNew.vout.resize(1);
txNew.vout[0].scriptPubKey << key.GetPubKey() << OP_CHECKSIG;
//
// Create new block
//
auto_ptr<CBlock> pblock(new CBlock());
if (!pblock.get())
return false;
// Add our coinbase tx as first transaction
pblock->vtx.push_back(txNew);
// Collect the latest transactions into the block
int64 nFees = 0;
CRITICAL_BLOCK(cs_main)
CRITICAL_BLOCK(cs_mapTransactions)
{
CTxDB txdb("r");
map<uint256, CTxIndex> mapTestPool;
vector<char> vfAlreadyAdded(mapTransactions.size());
bool fFoundSomething = true;
unsigned int nBlockSize = 0;
while (fFoundSomething && nBlockSize < MAX_SIZE/2)
{
fFoundSomething = false;
unsigned int n = 0;
for (map<uint256, CTransaction>::iterator mi = mapTransactions.begin(); mi != mapTransactions.end(); ++mi, ++n)
{
if (vfAlreadyAdded[n])
continue;
CTransaction& tx = (*mi).second;
if (tx.IsCoinBase() || !tx.IsFinal())
continue;
// Transaction fee requirements, mainly only needed for flood control
// Under 10K (about 80 inputs) is free for first 100 transactions
// Base rate is 0.01 per KB
int64 nMinFee = tx.GetMinFee(pblock->vtx.size() < 100);
map<uint256, CTxIndex> mapTestPoolTmp(mapTestPool);
if (!tx.ConnectInputs(txdb, mapTestPoolTmp, CDiskTxPos(1,1,1), 0, nFees, false, true, nMinFee))
continue;
swap(mapTestPool, mapTestPoolTmp);
pblock->vtx.push_back(tx);
nBlockSize += ::GetSerializeSize(tx, SER_NETWORK);
vfAlreadyAdded[n] = true;
fFoundSomething = true;
}
}
}
pblock->nBits = nBits;
pblock->vtx[0].vout[0].nValue = pblock->GetBlockValue(nFees);
printf("\n\nRunning BitcoinMiner with %d transactions in block\n", pblock->vtx.size());
//
// Prebuild hash buffer
//
struct unnamed1
{
struct unnamed2
{
int nVersion;
uint256 hashPrevBlock;
uint256 hashMerkleRoot;
unsigned int nTime;
unsigned int nBits;
unsigned int nNonce;
}
block;
unsigned char pchPadding0[64];
uint256 hash1;
unsigned char pchPadding1[64];
}
tmp;
tmp.block.nVersion = pblock->nVersion;
tmp.block.hashPrevBlock = pblock->hashPrevBlock = (pindexPrev ? pindexPrev->GetBlockHash() : 0);
tmp.block.hashMerkleRoot = pblock->hashMerkleRoot = pblock->BuildMerkleTree();
tmp.block.nTime = pblock->nTime = max((pindexPrev ? pindexPrev->GetMedianTimePast()+1 : 0), GetAdjustedTime());
tmp.block.nBits = pblock->nBits = nBits;
tmp.block.nNonce = pblock->nNonce = 1;
unsigned int nBlocks0 = FormatHashBlocks(&tmp.block, sizeof(tmp.block));
unsigned int nBlocks1 = FormatHashBlocks(&tmp.hash1, sizeof(tmp.hash1));
//
// Search
//
unsigned int nStart = GetTime();
uint256 hashTarget = CBigNum().SetCompact(pblock->nBits).getuint256();
uint256 hash;
loop
{
BlockSHA256(&tmp.block, nBlocks0, &tmp.hash1);
BlockSHA256(&tmp.hash1, nBlocks1, &hash);
if (hash <= hashTarget)
{
pblock->nNonce = tmp.block.nNonce;
assert(hash == pblock->GetHash());
//// debug print
printf("BitcoinMiner:\n");
printf("proof-of-work found \n hash: %s \ntarget: %s\n", hash.GetHex().c_str(), hashTarget.GetHex().c_str());
pblock->print();
SetThreadPriority(GetCurrentThread(), THREAD_PRIORITY_NORMAL);
CRITICAL_BLOCK(cs_main)
{
// Save key
if (!AddKey(key))
return false;
key.MakeNewKey();
// Process this block the same as if we had received it from another node
if (!ProcessBlock(NULL, pblock.release()))
printf("ERROR in BitcoinMiner, ProcessBlock, block not accepted\n");
}
SetThreadPriority(GetCurrentThread(), THREAD_PRIORITY_LOWEST);
Sleep(500);
break;
}
// Update nTime every few seconds
if ((++tmp.block.nNonce & 0x3ffff) == 0)
{
CheckForShutdown(3);
if (tmp.block.nNonce == 0)
break;
if (pindexPrev != pindexBest)
break;
if (nTransactionsUpdated != nTransactionsUpdatedLast && GetTime() - nStart > 60)
break;
if (!fGenerateBitcoins)
break;
tmp.block.nTime = pblock->nTime = max(pindexPrev->GetMedianTimePast()+1, GetAdjustedTime());
}
}
}
return true;
} Reference: https://satoshi.nakamotoinstitute.org/code/ |
|
|
|
|
11
|
Bitcoin / Bitcoin Technical Support / Re: [overview] Recover Bitcoin from any old storage format
|
on: August 05, 2020, 04:35:29 PM
|
Missing storage format: 32 bytes of raw binary. Since random data is incompressible, it even remains unchanged if your wallet is in an (unencrypted) zip file. If your wallet is on an old hard drive or USB stick, back up and scan a raw image of the ENTIRE DRIVE. Even if your wallet is encrypted or damaged, you might just find your private key in a chunk of an invisible cache or page file somewhere else on the disk! As a last resort, I made a highly optimized tool to exhaustively scan a raw disk image for a binary private key, using a sliding window of 32 bytes. It still took *months* to scan a big hard drive, though. To be sure, I recommend making a disk image using ddrescue with SystemRescueCd, then make a backup of that image, then scan the image.
Another missing storage format: ASN.1 DER. Early versions of Bitcoin used OpenSSL and its related overengineered storage standards. It might be binary, as above, with various leading bytes, or it might be a base64 pem file (with newlines in the middle of it). References: https://github.com/dsharhon/bitcoinj-minimal/blob/master/core/ECKey.java#L66https://en.wikipedia.org/wiki/ASN.1#Example_encoded_in_DERhttps://www.hanselman.com/blog/DecodingAnSSHKeyFromPEMToBASE64ToHEXToASN1ToPrimeDecimalNumbers.aspx |
|
|
|
|
12
|
Bitcoin / Development & Technical Discussion / Re: How to eliminate Large mining pools
|
on: August 04, 2020, 06:20:40 PM
|
According to game theory, vested interests will strive to maintain the security of the network, whether it is a mining pool or a small miner, so the security of the two is equivalent.
Let's take this to the logical conclusion. Communism. No mining rewards at all. Purely deflationary currency. Transaction fees go to nobody. Hodlers are incentivized to mine blocks of transactions because it increases the scarcity value of their own hodlings. However, there's a tragedy of the commons because your hodlings go up in scarcity whether you mine or not. There's nothing new under the sun. Perhaps this can be solved by purging any account that doesn't contribute enough signed mining shares. |
|
|
|
|
13
|
Alternate cryptocurrencies / Altcoin Discussion / Re: Ethereum BIP38 password-encrypted paper wallets
|
on: August 04, 2020, 09:12:37 AM
|
You can make a password-encrypted keyfile  with MyEtherWallet online, or offline with geth https://geth.ethereum.org/docs/interface/managing-your-accountsFor example, you'll get this kind of printable JSON-encoded plaintext keyfile: {
"version": 3,
"id": "4fa372ab-2035-4ede-a302-df4c270a105b",
"address": "fe5bcdeec9b48b63b43d58af8aa78adaad32975e",
"crypto": {
"ciphertext": "9dd28202137a2314ed1ac03569bf285eba31d7f608fb4c8c06fd33bf1b309a01",
"cipherparams": {
"iv": "7c2c4b08137b470b0e4ccc11721b2cf7"
},
"cipher": "aes-128-ctr",
"kdf": "scrypt",
"kdfparams": {
"dklen": 32,
"salt": "de8c8ee7aafceb79682c4ead2128885541c2f903ef048a3ee095770bb2cd6bb8",
"n": 131072,
"r": 8,
"p": 1
},
"mac": "9443d46fba7f19a2af2cfcd11068d0457a5636ec92468328fe4e93ed0f084116"
}
} That is a pretty future-proof way to do it. Be sure to do a test run to make sure you can actually decrypt it afterwards! As an aside, I wonder if there is a way to encrypt a cold wallet with multiple layers of passwords, such that you can be alerted if the first layer is broken and used on a special delayed release contract, giving you a chance to recapture the coins within a certain time period with a backup account... |
|
|
|
|
14
|
Other / Archival / (deleted)
|
on: August 04, 2020, 02:04:37 AM
|
|
(self-deleted: too confusing. rewrite in-progress in altcoin discussion)
|
|
|
|
|
16
|
Other / MultiBit / Old Wallet Format Circa May 2011
|
on: December 15, 2018, 04:31:24 AM
|
Hey guys, I have an image of a partially corrupted hard drive that might have a MultiBit wallet on it from May 2011. Does anyone know the wallet format that I should scan for? It would be from version 0.1.x or 0.2.x, but I can’t find any binaries of those online. I take it that it used a serialized format, but anything more specific would be very helpful. Magic bytes? Was it plaintext? JSON? XML? Update: I traced it back to using version 0.1 or 0.2 of the bitcoinj library, which I found sort of a mirror of here: https://github.com/bitcoin-labs/bitcoinj-minimal/blob/master/core/Wallet.java |
|
|
|
|
