Bitcoin Forum
May 19, 2019, 11:50:19 PM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: How safe is the first address in the standard client?  (Read 1752 times)
El Cabron
Gnomo
VIP
Hero Member
*
Offline Offline

Activity: 840
Merit: 1000



View Profile
September 29, 2012, 03:52:10 PM
 #1

Hello all.

If the first thing I do is encrypt my wallet will my first address be secure? I'm talking about the address that is already there when I load it up. To be safe will I not need to generate a new address and use that?

If this is true should we make a note of this somewhere? Not everyone is tech savvy and we all overlook things like this from time to time.

Also there should be a way to get rid of the unsafe or address we just no longer want.

Thanks.

Sorry El Cabron, you are banned from posting or sending personal messages on this forum.
Trolling
https://bitcointalk.org/index.php?topic=622250.msg7030081#msg7030081
1558309819
Hero Member
*
Offline Offline

Posts: 1558309819

View Profile Personal Message (Offline)

Ignore
1558309819
Reply with quote  #2

1558309819
Report to moderator
1558309819
Hero Member
*
Offline Offline

Posts: 1558309819

View Profile Personal Message (Offline)

Ignore
1558309819
Reply with quote  #2

1558309819
Report to moderator
1558309819
Hero Member
*
Offline Offline

Posts: 1558309819

View Profile Personal Message (Offline)

Ignore
1558309819
Reply with quote  #2

1558309819
Report to moderator
BITDEER BTC/BCH ETH LTC ZEC DASH START MINING BTC NOW
WITH NEW GENERATION S17 ANTMINER!
Highly Reduced Electricity Fee $0.067/T/DAY! GET STARTED
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1558309819
Hero Member
*
Offline Offline

Posts: 1558309819

View Profile Personal Message (Offline)

Ignore
1558309819
Reply with quote  #2

1558309819
Report to moderator
hamdi
Hero Member
*****
Offline Offline

Activity: 784
Merit: 500



View Profile
September 29, 2012, 04:22:07 PM
 #2

best practice is to create all important addresses via bitaddress.org or vanitygen.

then send all coins to new cold-storage addresses from time to time and start a new wallet file.

Mike Hearn
Legendary
*
expert
Offline Offline

Activity: 1526
Merit: 1008


View Profile
September 29, 2012, 04:30:27 PM
 #3

Huh? I don't know what hamdi is talking about.

Encrypting the wallet encrypts all keys in it at the time, not just new ones. If it worked the way you described it would be very confusing indeed!
Pieter Wuille
Legendary
*
qt
Offline Offline

Activity: 1050
Merit: 1006


View Profile WWW
September 29, 2012, 04:51:35 PM
 #4

If you have a backup of a wallet that was made before encrypting it, people who find the file will at most have access to funds sent to addresses that were obtained before encryption.

Once you encrypt, all private keys are encrypted (also those of old addresses), and the key pool is flushed (the corresponding keys are not deleted, but requests for addresses after encryption will always return addresses that were created after encryption). So to be safe from crashes, make sure you always make a (new) backup after encrypting.

aka sipa, core dev team

Tips and donations: 1KwDYMJMS4xq3ZEWYfdBRwYG2fHwhZsipa
Pieter Wuille
Legendary
*
qt
Offline Offline

Activity: 1050
Merit: 1006


View Profile WWW
September 29, 2012, 04:59:16 PM
 #5

But if someone send to that old address later if can be stolen right?

Yes:
Quote
If you have a backup of a wallet that was made before encrypting it, people who find the file will at most have access to funds sent to addresses that were obtained before encryption.

It would be best just to make a whole new wallet if we ever had unencrypted address?

In general, yes. But if you need to keep the old addresses alive anyway (because people may still send coins to them), the only alternative is keeping them in a separate wallet. That is not safer than keeping them around in the newly-encrypted wallet.

aka sipa, core dev team

Tips and donations: 1KwDYMJMS4xq3ZEWYfdBRwYG2fHwhZsipa
Realpra
Hero Member
*****
Offline Offline

Activity: 819
Merit: 1000


View Profile
September 29, 2012, 05:00:10 PM
 #6

FYI I never use the address generated before encryption, in fact I mark it as "unsafe".

I keep my wallet.dat encrypted at all times and my backups are encrypted password RAR files of said ecrypted wallet spread across my devices and email accounts.

I have also double checked the backup wallets work and were not corrupted in the process.


I would like to generate my own keys with my own fully understood software and store on paper only until first usage, but I'm not that far yet.

Cheap and sexy Bitcoin card/hardware wallet, buy here:
http://BlochsTech.com
sunnankar
Legendary
*
Offline Offline

Activity: 1031
Merit: 1000



View Profile WWW
September 29, 2012, 05:02:47 PM
 #7

best practice is to create all important addresses via bitaddress.org or vanitygen.

then send all coins to new cold-storage addresses from time to time and start a new wallet file.

I need to trust a 3rd party to be safe?

No. You can both generate addresses and create transactions completely offline with the javascript files.

Go ahead and play around with it. Create the address then import it into Blockchain.info, etc. Then you can create and push an offline generated transaction.

Fjordbit
Hero Member
*****
Offline Offline

Activity: 588
Merit: 500

firstbits.com/1kznfw


View Profile WWW
September 29, 2012, 05:10:23 PM
 #8

Huh? I don't know what hamdi is talking about.

Encrypting the wallet encrypts all keys in it at the time, not just new ones. If it worked the way you described it would be very confusing indeed!

Well in the past I made back up of wallets that I did not encrypt.

If they were found could they take my BTC?



Yes, they can take up to the first 100 addresses because they were pregenned.

I'm considering starting over myself.
Pieter Wuille
Legendary
*
qt
Offline Offline

Activity: 1050
Merit: 1006


View Profile WWW
September 29, 2012, 05:16:27 PM
 #9

Yes, they can take up to the first 100 addresses because they were pregenned.

I'm considering starting over myself.

So, I need to encrypt. Then generate 100 address that are not safe and then generate a good one??

That can't be right...

No, as I said, the key pool is flushed when encrypting. This means that any new address you request after encrypting is guaranteed to never have touched disk in unencrypted form (since 0.5.0).

aka sipa, core dev team

Tips and donations: 1KwDYMJMS4xq3ZEWYfdBRwYG2fHwhZsipa
BC12345
Newbie
*
Offline Offline

Activity: 57
Merit: 0


View Profile
September 29, 2012, 05:40:34 PM
 #10

Yes, they can take up to the first 100 addresses because they were pregenned.

I'm considering starting over myself.

So, I need to encrypt. Then generate 100 address that are not safe and then generate a good one??

That can't be right...

No, as I said, the key pool is flushed when encrypting. This means that any new address you request after encrypting is guaranteed to never have touched disk in unencrypted form (since 0.5.0).


But this also means that I have to update my backups everytime I request a new address, right?
Pieter Wuille
Legendary
*
qt
Offline Offline

Activity: 1050
Merit: 1006


View Profile WWW
September 29, 2012, 05:46:35 PM
 #11

But this also means that I have to update my backups everytime I request a new address, right?

You need a backup after every 100 transactions (since there are 100 future keys pregenerated, that are part of the backup), AND immediately after encryption as well (since encryption flushes those 100 keys, for security reasons).

aka sipa, core dev team

Tips and donations: 1KwDYMJMS4xq3ZEWYfdBRwYG2fHwhZsipa
Stephen Gornick
Legendary
*
Offline Offline

Activity: 2506
Merit: 1001


View Profile
September 29, 2012, 08:11:44 PM
 #12

Can you include a FAQ (or a link to it) in the client?

I just added mention of the keypool getting flushed upon encryption:

 - http://en.bitcoin.it/wiki/Wallet_encryption

Unichange.me

            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █


kjj
Legendary
*
Offline Offline

Activity: 1302
Merit: 1001



View Profile
September 30, 2012, 03:50:37 AM
 #13

And there is an open issue in github to add a message indicating that a new backup is needed to the end of the encryption process.

https://github.com/bitcoin/bitcoin/issues/1884

17Np17BSrpnHCZ2pgtiMNnhjnsWJ2TMqq8
I routinely ignore posters with paid advertising in their sigs.  You should too.
runeks
Legendary
*
Offline Offline

Activity: 952
Merit: 1000



View Profile WWW
September 30, 2012, 09:52:20 AM
 #14

Huh? I don't know what hamdi is talking about.

Encrypting the wallet encrypts all keys in it at the time, not just new ones. If it worked the way you described it would be very confusing indeed!

Well in the past I made back up of wallets that I did not encrypt.

If they were found could they take my BTC?



Yes, they can take up to the first 100 addresses because they were pregenned.

I'm considering starting over myself.

So, I need to encrypt. Then generate 100 address that are not safe and then generate a good one??

That can't be right...

Huh
The following should protect you from anyone getting hold of your previous, unencrypted backups:

1. Encrypt wallet
2. Send all your coins to a newly generated address (that now resides in the encrypted wallet)

Please someone correct me if I'm wrong here.

And there is an open issue in github to add a message indicating that a new backup is needed to the end of the encryption process.

https://github.com/bitcoin/bitcoin/issues/1884
I've made a simple patch that tries to address this here: https://github.com/bitcoin/bitcoin/pull/1890
Dabs
Staff
Legendary
*
Offline Offline

Activity: 2324
Merit: 1140



View Profile
October 01, 2012, 07:17:33 AM
 #15

May I make the following suggestion in addition to what was already said.

1. Backup old wallet.
2. Delete old wallet.
3. Run bitcoin and let it create a new wallet, then immediately encrypt it.
4. Backup new encrypted wallet. Take note of an address.
5. Delete new wallet, copy old wallet back.
6. Send all bitcoins to the new encrypted wallet.

Step 6 can be slightly modified so that you can actually send all bitcoins to different addresses in the new encrypted wallet. (You can use pywallet to back a paper backup of the new wallet public keys, and send varying amounts of your bitcoins to many addresses.)

Optionally Step 7 is to make a watching only wallet of the old unencrypted wallet (you can encrypt it too, since you will not be using the old wallet). Just in case someone sends you some coins to any of the old wallet addresses.

Oh yeah, shut down bitcoin when you are backing up or deleting wallets in between steps.

Of course, you could use two instances of bitcoin (or two different machines, virtual or real) to do the above steps.

Escrow Service (Services) - GPG ID: 32AD7565, OTC ID: Dabs
All messages concerning escrow or with bitcoin addresses are GPG signed. Please verify.
CompTIA A+, Microsoft Certified Professional, MCSA: Windows 10; Windows Server 2012, MCSE: Cloud Platform and Infrastructure; Productivity; Messaging
gmaxwell
Moderator
Legendary
*
qt
Offline Offline

Activity: 2730
Merit: 2253



View Profile
October 01, 2012, 10:50:45 AM
 #16

Since we do not know what address the coins might go to in the wallet might they go to the very first address, the one that was once unencrypted? 
No.

Change goes to new addresses. Funds should only go to that first displayed one if you copy that address out of the client and send ones there.
Vandroiy
Legendary
*
Offline Offline

Activity: 1036
Merit: 1000


View Profile
October 01, 2012, 11:20:28 AM
Last edit: October 01, 2012, 11:36:37 AM by Vandroiy
 #17

I hope you know the encryption is a security feature against physical theft of the hard drive. NOT against someone who has code execution abilities aside your Bitcoin client.

A person who did the latter will simply load a program that waits until you enter the pass-phrase, then decrypt all keys and send them to the attacker. A simple keylogger does the job. Or modify Bitcoin to replace the next generated transaction with a different one. If an attacker already got this far, it is usually just a matter of time until he finds some way to achieve his goal, and if you use the common operating systems and their "monitoring" features, little chance of noticing him before he's done.

I find the encryption feature rather useless; just enable OS encryption against physical theft. And hope that keys were properly kept away from the swap file, unless that's encrypted too. In Armory, I see the point, because it's designed to run on insecure machines. But in Bitcoin-Qt, it looks like a PR feature. "You can feel safe now, it's encrypted!!"
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!