Currently, we can not copy private key. Can you fix it? Also, dropped transactions are being re-broadcasted indefinitely. Please don't re-broadcast transaction, instead, show a warning when transaction is dropped.

Congrats dude!

That is interesting to know.

Edit: 1) Put app on http://allcydia.com/ 2) crack DRM 3) app will work.

可唔可以在手機程式中加入一個監控其他錢包的功能. 例如paper wallet.
假如在paper wallet 上有任何交易可以馬上通知使用者!

剛下載了來試用 介面不錯. 比Hive wallet 要好多

1，无法导出私钥，钱包只能在客户端上使用，万一我的手机丢失了，我的钱包也丢失了？

I believe it wasn't known to him or he didn't understand it enough to trust it.  PubKey recovery was certainly known prior to 2009.  There are a number of other "nuts and bolts" decisions (oversights?) which make me thing Satoshi's background was not cryptography.  He probably had exposure to and experience working with cryptography but wasn't a cryptographer.

In addition to PubKey recovery here are just a few other "quirks":
* Transaction Malleability (Bitcoin Specific). It is cumbersome to fix to fix today but with a different txn structure it would be impossible.
* Signature Malleability (ECDSA).  ECDSA can have multiple signatures for the same digest the solution is to either not make the signature part of the txn hash or limit Bitcoin to a single form.
* DER encoding serves no purpose.  Even if OpenSSL was used the DER bits could be striped.
* Lack of Compressed Keys.  Optimally the only valid key would be a compressed key and thus not only is key size reduced but there is only one format to consider.
* Unusual choice of double hashing.  Normally done to prevent length extension attacks which don't exist in Bitcoin.

This isn't to say Satoshi wasn't a genius, the magic in Bitcoin isn't the cryptographic primitives used.  It is in the way he elegantly used existing systems (digital signatures & hashing algorithms) to create a timestamp and consensus finding system that is very simple and yet very difficult to attack.

Proof?

The section 7 of Satoshi's paper is NOT about SPV

It is technically possible with a fork, but that will cause a much bigger problem.

In current design, a node can forget all spent outputs. Also, a node can forget scriptSig after verification, and store the UTXO only. If a new transaction may refer to the information in the historical blockchain, nodes have to store the whole blockchain forever.

Satoshi has already addressed this problem in the section 7 of his white paper: https://bitcoin.org/bitcoin.pdf . Please read before you propose a new "solution".

--------------------

Alternatively, it is possible to calculate the public key with only the signature and the signed message. The trade-off is spending more CPU time.

Read more:
https://bitcointalk.org/index.php?topic=6430.0
http://www.secg.org/sec1-v2.pdf section 4.1.6

Yes and no.

Yes: it is possible to
1) create hard-fork or alt-coin with another protocol
2) use P2PK outputs instead of P2PKH outputs. This saves some space
3) use compression while storing tx data on hard disk

No: it is almost impossible to
1) change the current consensus protocol
2) use P2PK outputs instead of P2PKH outputs because all software works with addresses, not public keys
3) use realtime compression of blockchain because it is economically unreasonable

OK, everything is possible. but this is not reasonable.

好像是以太