I have been reading more about the fees to better understand this.
The user is prompted to confirm the fee before the transaction is sent.
from
https://en.bitcoin.it/wiki/Transaction_feesThis is only true in bitcoin-qt if the fee is more than the fee amount set in the client. IMO this should always be true even if the fee amount is 0.
This is not true at all for bitcoind, there is no check, no confirmation, no message, just the fee is paid even if it is more than the amount set by settxfee. Changes regarding this have been discussed in other places on the forum.
I know the points I make above relate to a documentation issue on the wiki, and not a software issue, but it's still representative of the point I'm trying to make:
To be absolutely certain of the amount about to leave your wallet you must always check the transaction fee setting before making a transactionFor now, this is just a fact of life, and one which I doubt most people even consider when using bitcoin. In bitcoind, there is no way to check the current state of the transaction fee setting, so it must be set each time.
Thanks deathandtaxes for clarifying why this is the way it is. Hopefully the suggestions about making fees more transparent are considered, because as it stands, I am seeing a disaster waiting to happen to an unsuspecting user.
I should say, I personally have no doubts that my particular usage of bitcoin is secure from this perspective. I understand the risks involved with this, however I doubt most people appreciate this small aspect of the client that I stumbled over. Hopefully this thread will make more people aware of it, and possibly improve the way the client communicates this point with the user. I would hate to read one day that some new user in a shared environment accidentally lost a load of btc because someone changed their fee setting. This is not so hard to believe given the current way the client is implemented.
As an exercise for those who doubt this is actually a problem, look at the confirmation message below, and tell me exactly what the balance will be after the transaction if my current balance is 50 BTC. You can't, unless you are 100% confident of what the tx fee setting is. A big improvement (but still imo not an actual solution to the notion of 'balance security') would be for the message box to say '... and the fee will be X'. Ask yourself, if you were using your bank website, and you didn't know how much fees you were about to pay for your next transaction, and that fee might be $1000, would you still use it?
edit:
How do you know the client is actually the client? How do you know the legit client hasn't been modified in memory? How do you know the attacker isn't intercepting and modifying any warnings or messages from the client? How do you know the attacker isn't modifying your input (you send coins to 123... attacker modifies that so client sends them to 1456.... then attacker intercepts and modifies the GUI so you see coins sent to 123...)?How do you know no parameters in the client have been modified? How do you know there is no other process watching the client? watching the I/O? etc.
Those are all security jobs for the OS. If the OS is compromised or has a flawed security model then trying to make it secure at the client level is just going to fail.
I appreciate this, however crypto and security is not about absolutes, it is about
appropriate security, and it seems appropriate that the fee setting should not be able to be arbitrarily changed. I find it hard to believe that a client could not implement an appropriate solution that would enable this to be the case (even if at the OS level it's still considered insufficient). The current solution seems to not be appropriate for the amount of damage that could be caused by this.
edit 2:
Again, I understand your point that this is the role of the OS and that any measure to secure this in the client is just 'feel-good', and I agree with you that proper OS security is the way to go for solving this issue, but I can't shake the feeling that if the client could incorporate a solution to prevent the majority of attackers from exploiting this, why wouldn't it? Why leave this to chance? It still wouldn't stop people who have better understanding from manipulating it, but it would at least stop any old grunt from changing it. It all comes back to the actual real world use cases for this software, and people right now are definitely susceptible to this kind of thing, whereas even a 'feel-good' measure would prevent 99% of the likelihood of it happening. I suppose another way of putting it is: should bitcoin have an encrypted config?