Hi Flatfly
these nasty hangs that all versions (flatfly and official) after 1.6.2 and up to 1.8 produced on my Win7 32bit, are gone with 1.9
The official 1.9 version works fine, but the deterministic restoration of my (flatfly build) wallet is not working, several change wallets do not show up. Presumably the official version works with a different lookup gap? There is also no option to configure it, not even when importing a private key. Pretty nasty.
Pretty sure that affects every flatfly user with change wallets, who tries to switch to the official download.
So if you could produce a flatfly build of 1.9 that would be great, a donation is ready.
Cheers
Leo
Alright, please find my latest build for 1.9.4 here. After installing, you can try following the below procedure to resolve your issue: 0. Have your wallet seed (12-word passphrase) at hand, you will need it. 1. Make sure Electrum is closed and rename your wallet file from "default_wallet" to something else, such as "default_wallet1". Typically this file will be in "%APPDATA%\Electrum\wallets\" 2. Shift-click the executable to open the console and enter this command (without the quotes) "electrum setconfig gap_limit 20" 3. Start Electrum. In the initial menu, select the option to restore a wallet from seed. 4. Wait for the restore process to complete, and that should be it. If this does not restore your missing addresses, retry the above process with a higher gap_limit value. |
|
|
|
Thanks, we'll check it out. |
|
|
|
There's a better way. Mnemonics.
I made a passphrase of English words from a list of about 54 thousand words. Easy enough to do if you concatenate a bunch of scrabble lists, turn them into comma separated files, import them into a spreadsheet; then use random numbers to select a series of words from the list. For a wordlist of 54k, six words give you about 94 bits of entropy. If you're lazy you can just use the diceware list, but at only 7776 words you will need a longer passphrase. Seven words would give you 90 bits of entropy.
Now for the mnemonics part. Instead of saving the passphrase itself, I'll save something that will remind me of the passphrase.
I'll email myself a story, just a few sentences long. Each sentence will be tailored to jog my memory about one of the words. I'll send this mnemonic to my yahoo and gmail accounts. I'll probably also keep the passphrase or mnemonic on my person. Sewing it into my waistband seems like too much trouble. Probably just write something on a slip of paper and keep in my wallet or passport.
Comments, criticisms, suggestions?
This (diceware style brainwallets) is exactly the approach I recommend. To make it even easier: check out my signature  |
|
|
|
Hi Flatfly
these nasty hangs that all versions (flatfly and official) after 1.6.2 and up to 1.8 produced on my Win7 32bit, are gone with 1.9
The official 1.9 version works fine, but the deterministic restoration of my (flatfly build) wallet is not working, several change wallets do not show up. Presumably the official version works with a different lookup gap? There is also no option to configure it, not even when importing a private key. Pretty nasty.
Pretty sure that affects every flatfly user with change wallets, who tries to switch to the official download.
So if you could produce a flatfly build of 1.9 that would be great, a donation is ready.
Cheers
Leo
Great, I will be sure to make an updated stable build available some time this week so you can give it a go. You'll be able to change the gap limit from the command line (by the way, my builds never change the default gap limit value, so perhaps this is be a more general issue with the wallet structure update in version 1.9.x.) |
|
|
|
Where will it save keys it finds?
It saves all keys in a plaintext file called "dsv_bkp.txt", in the same folder as the executable. |
|
|
|
Been Googling and looking at code for a couple of hours. I've seen a few javascript implementations but honestly I haven't the slightest idea how to port it over. The whole thing's above my head. I'd like to have this in PHP. Can anyone help?
Here's a tiny python implementation that should be much easier to port to PHP: https://github.com/bkkcoins/misc/blob/master/hexwif/hexwif |
|
|
|
When you submit a passphrase to a hashing algorithm, your text must first be unencoded to binary form, right? Then hashed. When I use a utility like bitaddress.org or brainwallet.org, for the purpose of decoding the text into a binary form does it see my passphrase as ASCII, UTF-8, or what? Let's say I create a brainwallet following instructions here: http://www.reddit.com/r/Bitcoin/comments/1bhffb/how_to_create_and_use_an_offlineonly_wallet/I memorize or preserve my passphrase, store bitcoins at the address bitaddress.org generated from the passphrase, and leave them there, untouched, for a long time. Several years from now I decide to retrieve those coins. How can I be sure I will still be able to regenerate my private key? Bitaddress.org and bitwallet.org may be gone; and I don't even know how they used text encoding in the first place. How can I be sure I'll be able use my passphrase to regenerate my private key in the distant future? They are just using plain text - for that matter, perhaps it may help you to look at our 30-line neuron/NoBrainr python script (see signature), which does SHA256(passphrase) and produces identical results to both of these websites. |
|
|
|
|
After a long hiatus, I'm planning (probably in the next few days) to release a new build for Electrum version 1.9.4. For anyone not familiar with these builds, they are basically alternative, independent builds of electrum optimized for windows users.
The codebase is the same as the main github repo, only the toolchain and building process is different (documented higher in this thread.) The result is a much leaner build (around 6.5 MB vs 20MB for the standard build), the "Plastique" PyQT style and a Python debugging console for stderr output.
Note: The current build (1.7.4), released in May, still works fine.
|
|
|
|
Mersenne Twister? That was definitely a pretty poor choice for a cryptographic RNG... Are you aware of any flaws with python's randrange? I'm not aware of any flaws with python's randrange. But I haven't reviewed the code for it, either. I'd say it's misleading to say that there are only 25 lines of code to review. Yes, of course all applications re-use existing code to a certain extent. Perhaps I should have said 25 "unique" or "non-library" lines of code. That said, I don't think there are many open-source projects that receive more expert scrutiny than Python, and especially its security related libraries. I for one consider it even more trustable and robust than any major web browser. Also, there's a new bounty program that gives you nice rewards (starting at USD 5000, IIRC) for finding a security bug anywhere in Python (and reporting it responsibly.) I'm still looking for something really simple that runs on stock ubuntu and can give me a private key in WIF format and a public address, given a sha256 hash.
So far it looks like bitaddress.org in offline mode is going to be the best I can do.
I'm surprised you couldn't find any such tools. I thought I'd seen some on this forum. Actually, this should be rather quick to cook up in a few lines of Python as well. I guess it would take me a day or two to do it, if you're ok with the ecdsa dependency - it's much smaller than the bitaddress source code anyway. [EDIT] Just some additional info on the python ecdsa library that we are using: it is part of the official python repository, it is maintained by a non-anonymous Mozilla engineer it is getting close to 200,000 downloads per month it is extensively used by Electrum it is very small [EDIT2] Check out the hexwif script by bkkcoins on github. It's just 10 lines and has no dependencies, but only outputs the WIF - for the bitcoin address you would still need to use ecdsa. |
|
|
|
This rare address is only 32 characters long. Not so rare.. Addresses shorter than 33 characters will start with one or more "1"s. A leading 1 in a Bitcoin address represents a direct encoding of a leading 00h byte in the underlying hash. The reason all Bitcoin addresses start with 1 is because the network ID byte of Bitcoin is 00.
I just made some 32 character addresses:
Address:
11111PXVCnuZsHwrHTn3ukmsadDEfzxs
111114YNgH3Pkj8dgZ3zP7DLC4jHzNQz
11111enRSTZqB4Y77sa9rWMKzANNxbCw
Damn! Then I guess the search for the 31-character address is on... |
|
|
|
Thanks for that.  Now do people believe that bitcoin-qt.exe is accessing my floppy drive?  F, G and S are also valid & writeable drives. I'm not really familiar with Windows debugging but it looks like the call chain that generated this activity is bitcoin-qt->advapi32.dll->perfdisk.dll. Possibly an API32 function to get connected drives or similar? Just a long shot, but advapi32 mostly contains crypto related primitives, including the strong RNG. I'm guessing it's just trying to poll various sources of physical entropy (including disk drive performance counters) |
|
|
|
Introducing a new category of oddities: unusually short addresses. There are extremely rare. Example: 111JBiUzfCz8zcehARF9DBhd7D8wsEWG (32-character address - owner: flatfly)
12345678901234567890123456789012
Proof of ownership: Message: This rare address is only 32 characters long. Signature: HOMVCVk1NnskQUUIP4fYrWnf3uIMcJ6InKS/2TiKsuC7KE9EyK78TvSTMX2n9IDew7VD0KJPBXSdzdxzJdulLuc= |
|
|
|
He just found a weak brain-wallet Not by using a random number generator. no What's the public hash of the address you found? Even with everything that everyone says about hashes, we did get a duplicate GUID one time where I used to work. It caused major issues but from everything we could investigate, we really did get a duplicate. It's the only place where I have used GUIDs where it has happened, but it did happen once. Nobody believes me and I have been called a thousand names on forums for mentioning it, but I can assure you it happened to us once. A SHA256 collision is billions of times less likely than duplicate GUIDs. |
|
|
|
As I'm not tech savvy enough to boot my computer from a live version of Ubuntu to generate a wallet through bitaddress.org, I considered going the way:
1. Go to bitaddress.org with a non jailbroken iPad
2. Turn off wifi
3. Make a brainwallet with a random phrase of +100 letters, numbers and symbols
4. Write down private key on a piece of paper, proceed to do several backups
I will safe the public key on a computer and then send funds from a bitcoin exchange.. This way my private key cannot get hacked, unless sombody has remote access to my iPad while offline, but from my understanding that should not be possible on an IOS tablet.
Can anybody tell me if this would be a bulletproof way to generate a private key?
How can it be a "brainwallet" if it is 100 random characters? 1. You can only remember that if you have super human memory, or they are not really random. 2. a private key is one third of that length - so why not just remember the private key if your memory is so good? 3. this passphrase length is absolute overkill. In practice it won't protect you more than a 15-20 character random password - it will just increase the risk of you forgetting it at some point. |
|
|
|
I know one of NoBrainr's selling points is its reduced size, however: is there any chance to get BIP38 encryption into the mix? Being able to generate an encrypted privkey from real life entropy would be really nice. Right now bitaddress.org doesn't support encrypting arbitrary keys so we can't generate a key with NoBrainr and feed it to ba.org to encrypt it.
The BIP38 spec is still not final and has been reported to be a little flaky on slower devices. We have no plans to implement this right now, although it certainly has a lot of potential. |
|
|
|
Mersenne Twister? That was definitely a pretty poor choice for a cryptographic RNG... Are you aware of any flaws with python's randrange? Electrum is using it too, IIRC. EDIT: Electrum seems to be using the ecdsa randrange. This is a well-known brainwallet limitation that affects all commonly used brainwallet generators [...] At least NoBrainr provides random generation for brainwallets, which the other approaches don't, and provides strong 90-bit + keys Electrum provides a whole wallet, and an easily memorable, strongly generated, 128 bit key which also has strengthening to help preserve security even if someone shoulder surfs the key. Electrum has an enormous number of users. Certainly Electrum is a great client, but the latest versions have been a little unstable, the codebase is growing at fast rate and hard to constantly review, and wallets generated with it unfortunately can't be used in other clients (yet.) That said, of course I'm not claiming that NoBrainr can compete with a full-fledged client. |
|
|
|
|
Bitcoin-Qt uses Windows performance counters as a source of entropy for random number generation.
I think this is why you see this happening, although I'm not sure why it would need to stop and start the service all the time.
|
|
|
|
I got vanity gen, but when I run the application the CMD just opens and closes repeated.
Could anyone help me?
First open a command prompt (cmd.exe) then launch vanitygen from there. |
|
|
|
 Did you even click the link? Diceware is no software. It's just a list of words and you use simple dice (yes offline dice lol) to pick random words. You don't even have to use that word list. Nothing is safer for picking pass-phrases. Not any kind of computer or software. Edit: If worried about forgetting it, you can write it down (in stone/metal maybe?) & split pass-phrase into 3 pieces and bury it in different locations. Not only it's cool (hidden treasure) it's also healthy as probably you'll spend weeks digging trying to find all the pieces. Ok, I thought a programm would pick out words  I'm aware that pass phrasses are safe and good passwords but I think I have a hard time remembering it. I have now made 4 addresses. Some with words that make sense for me. The most important thing will be that it is sufficient long. So at least 20 letters which gives at least 20^36 entropy (I don't use capital letters who does?). And now I also printed it and put it into a safe of a person which is reliable.(in the case I forget or pass away) Sorry, that's 36^20, not 20^36 - which is still strong enough, assuming characters are picked randomly. If not, I would expect a hack sooner or later. Just a friendly heads-up. |
|
|
|
Given that doing it purely by hand s practically unfeasible, how about this as a next best option: using our NoBrainr python script (only 25-30 lines of code) on an offline raspberry pi? This can be used with or without dice.
Can I ask why you promote nobrainr so much? Lots of people share scripts on this site but I've never seen someone promote their opensource script quite as much as you do. Because I think it can help users and hits a sweet spot between security and transparency? Also, I only mention it when it's appropriate to. Although now you mention it, you may be right, I seem to be a little obsessed with it! Probably due to the fact that I have a little too much free time on my hands right now. Won't last for long, though... |
|
|
|
|
Show Posts
