BTCapsule is a Bitcoin Time Capsule to leave your private keys as an inheritance

[BlackHatCoiner]

BTCapsule creates two encrypted text files called year.txt and keys.txt that are stored in the same folder. The year.txt is encrypted, so that nobody can change the year after it’s created.

Why would keys.txt be encrypted? Do you imply that the private keys that are used to decrypt these two files... are also encrypted?

When you run the program a second time, it checks to see if these files exists, decrypts the year.txt, checks the year, and then encrypts it again.

This sounds like you don't understand what you're programming.

I believe in capitalism

If you believe capitalism, you should be obsessed with conquering on competition. Your work reveals the exact opposite. There's no reason one would put it above Timelock. You should give a solution to another problem.

[BTCapsule]

BTCapsule creates two encrypted text files called year.txt and keys.txt that are stored in the same folder. The year.txt is encrypted, so that nobody can change the year after it’s created. When you run the program a second time, it checks to see if these files exists, decrypts the year.txt, checks the year, and then encrypts it again.

I understand that program creates this files but what sources it uses to fetch exact time information for year.txt file?
Even if it is encrypted it has to use computer time (either from BIOS or from system) or something that is coming from internet connection.
I can't trust this until I see some proof, since this is closed source and it can't be verified in any way.

I updated the OP to show where the time sources are coming from. The time source is from the internet using the Network Time Protocol.

I’m giving the idea of making it open source serious consideration. I may start a new thread about this, but I have a question. If my code is open source, and that potentially makes it easier for a hacker to exploit the program only if they are in possession of the thumb drive, do you think this would give people more confidence to purchase it?

BTCapsule creates two encrypted text files called year.txt and keys.txt that are stored in the same folder. The year.txt is encrypted, so that nobody can change the year after it’s created.

Why would keys.txt be encrypted? Do you imply that the private keys that are used to decrypt these two files... are also encrypted?

When you run the program a second time, it checks to see if these files exists, decrypts the year.txt, checks the year, and then encrypts it again.

This sounds like you don't understand what you're programming.

I believe in capitalism

If you believe capitalism, you should be obsessed with conquering on competition. Your work reveals the exact opposite. There's no reason one would put it above Timelock. You should give a solution to another problem.

The keys.txt file is the file that stores your private keys. That’s why it’s encrypted. The encryption key is stored on the executable.

I understand that Timelock is great, but it requires the recipient to possess the private keys. Also, if the shit hits the fan, then the original owner of the Bitcoin doesn’t have access to their coins.

Like I said above, I may start a new thread on this, but I’m wondering if I make BTCapsule open source, and it could potentially make it easier for someone to locally hack it, would this be something you’re interested in?

[BlackHatCoiner]

The encryption key is stored on the executable.

A third party can access the decryption key with just a decompiler.

I understand that Timelock is great, but it requires the recipient to possess the private keys.

It requires the recipient to possess the recipient's private keys. Not the sender's.

Also, if the shit hits the fan, then the original owner of the Bitcoin doesn’t have access to their coins.

You'll have to be more precise. What does "shit hits the fan" mean for the sender?

Like I said above, I may start a new thread on this, but I’m wondering if I make BTCapsule open source, and it could potentially make it easier for someone to locally hack it, would this be something you’re interested in?

No. I'm not interested into spending time involving into a faulty project. Timelock is superior in every aspect.

[o_e_l_e_o]

I understand that Timelock is great, but it requires the recipient to possess the private keys. Also, if the shit hits the fan, then the original owner of the Bitcoin doesn’t have access to their coins.

You don't understand how timelock works. None of this is accurate.

To use a timelocked transaction for inheritance purposes, then I would create a transaction sending my coins to one of your addresses. I change the timelock field to a date (in Unix time) in 10 years, 20 years, 50 years, whatever. I sign the transaction, and I give it to you. You can do nothing with that transaction until after the date I set has past. If you try to broadcast it, it will be rejected by the network. After the date has passed, you can broadcast it and take your inheritance. There is zero trust involved. You can decode the transaction to see exactly what it is doing and when it can be spent, and there is no chance of anyone being able to take the coins before the date I set as the transaction remains invalid until that date. No one needs access to anyone else's private keys.

There is also no "shit hits the fan" scenario. At any time I like, I can change my mind and move/spend my coins in a regular transaction, which would invalidate the timelocked transaction you are holding.

The whole process is completely transparent, completely trustless, and completely free.

[LoyceV]

Let me start by repeating: Verify. Don't trust.

More sources for UTC time

I have added multiple sources for checking UTC time online. I will now post them, as I’m not concerned about them being hacked. Time is now coming from the Network Time Protocol from various sources. These are the sources, in order of possible failure:

So this means spoofing the DNS is enough to change the date and decrypt the keys?

The program is very simple. Move it to a thumb drive, turn off your internet, and enter a future year and your private keys.

Many people think temporarily "turning off the internet" is enough, and you can safely go online again after you've entered the private keys. It would be trivially easy for malware to wait in the background and empty all funds the moment your computer gets online again. To be completely safe way, you should run Live Linux on an air-gapped system without persisent storage, and wipe it when you're done. But I wouldn't use this program anyway, it adds risks instead of removing risks.

It's an interesting way to guarantee some kind of "inheritance" to a particular family member.

I understand that Timelock is great, but it requires the recipient to possess the private keys. Also, if the shit hits the fan, then the original owner of the Bitcoin doesn’t have access to their coins.

See Using Locktime for inheritance planning, backups or gifts for a much better solution.

[dkbit98]

I updated the OP to show where the time sources are coming from. The time source is from the internet using the Network Time Protocol.

So this means that if I don't have active internet connection than I can't use BTCapsule at all?
It's not that hard to set up fake NTP server that is showing wrong time and using that server will fool BTCapsule and alleged timelock.
You can manually select NTP server in your operation system, so this means you can have any time you want, if you know how to do it.

I’m giving the idea of making it open source serious consideration. I may start a new thread about this, but I have a question. If my code is open source, and that potentially makes it easier for a hacker to exploit the program only if they are in possession of the thumb drive, do you think this would give people more confidence to purchase it?

Maybe it makes it easier for someone to clone your work, but you can also make it with readable only license, so that code can be inspected and verified.
Someone could hack your program even if it's closed source, just look the history of all commercial programs, with their cracks and hacks.

[DaveF]

Let me start by repeating: Verify. Don't trust.

More sources for UTC time

I have added multiple sources for checking UTC time online. I will now post them, as I’m not concerned about them being hacked. Time is now coming from the Network Time Protocol from various sources. These are the sources, in order of possible failure:

So this means spoofing the DNS is enough to change the date and decrypt the keys?

Don't even need to spoof DNS run a NTP server locally and change the hosts file.
Even if you change the NTP servers it checks it's just adding the step of installing wireshark and looking at what NTP servers are queried and putting them in the hosts file.

Anything that at any time needs an outside service that is an open standard is never going to be secure.

-Dave

[dkbit98]

Anything that at any time needs an outside service that is an open standard is never going to be secure.

Maybe he can use some system of measuring time based on Bitcoin blocks instead of using NTP servers.
This probably won't be so precise in terms or world clock, but it would be much harder to attack or hack, but I am not sure if this can even be created.
I am not a coder and I won't pretend to understand how to do this, I am just proposing a wild idea.

[BTCapsule]

Let me start by repeating: Verify. Don't trust.

More sources for UTC time

I have added multiple sources for checking UTC time online. I will now post them, as I’m not concerned about them being hacked. Time is now coming from the Network Time Protocol from various sources. These are the sources, in order of possible failure:

So this means spoofing the DNS is enough to change the date and decrypt the keys?

Don't even need to spoof DNS run a NTP server locally and change the hosts file.
Even if you change the NTP servers it checks it's just adding the step of installing wireshark and looking at what NTP servers are queried and putting them in the hosts file.

Anything that at any time needs an outside service that is an open standard is never going to be secure.

-Dave

Please see my reply to PrivatePerson here:

https://bitcointalk.org/index.php?topic=5416534.msg61100414#msg61100414

I was indeed able to run a local NTP server and change the host file to exploit the program. This has been fixed. Thank you for helping me find this issue.

[DaveF]

Let me start by repeating: Verify. Don't trust.

More sources for UTC time

I have added multiple sources for checking UTC time online. I will now post them, as I’m not concerned about them being hacked. Time is now coming from the Network Time Protocol from various sources. These are the sources, in order of possible failure:

So this means spoofing the DNS is enough to change the date and decrypt the keys?

Don't even need to spoof DNS run a NTP server locally and change the hosts file.
Even if you change the NTP servers it checks it's just adding the step of installing wireshark and looking at what NTP servers are queried and putting them in the hosts file.

Anything that at any time needs an outside service that is an open standard is never going to be secure.

-Dave

Please see my reply to PrivatePerson here:

https://bitcointalk.org/index.php?topic=5416534.msg61100414#msg61100414

I was indeed able to run a local NTP server and change the host file to exploit the program. This has been fixed. Thank you for helping me find this issue.

As examplens said in the other thread relying on a specific IP address or set of them is not ideal. Also, IPv6 may actually get more and more traction with ISPs so you are going to have to deal with that. Although as others have mentioned a timestamp from the blockchain would be better, I am not 100% sure that it is going to be viable since if there is enough money involved people could probably put enough time into playing with local copies of the blockchain. And once again relying on external sources is going to mean that you are going to maintaining this software forever since services and APIs and whatever else are going to come and go and change how they work.

Don't get me wrong, it's a good idea but I think it's going to be a much bigger project then what it is now to cover all the possibilities. Kind of like a 3 of 4 multisig wallet. You need 3 of 4 things to prove the date

-Dave