El Cabron (OP)
Gnomo
VIP
Hero Member
 Offline
Activity: 840
Merit: 1000
|
 |
September 29, 2012, 03:52:10 PM |
|
Hello all.
If the first thing I do is encrypt my wallet will my first address be secure? I'm talking about the address that is already there when I load it up. To be safe will I not need to generate a new address and use that?
If this is true should we make a note of this somewhere? Not everyone is tech savvy and we all overlook things like this from time to time.
Also there should be a way to get rid of the unsafe or address we just no longer want.
Thanks.
|
|
|
|
|
|
|
You get merit points when someone likes your post enough to give you some. And for every 2 merit points you receive, you can send 1 merit point to someone else!
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
hamdi
|
|
September 29, 2012, 04:22:07 PM |
|
best practice is to create all important addresses via bitaddress.org or vanitygen.
then send all coins to new cold-storage addresses from time to time and start a new wallet file.
|
|
|
|
|
Mike Hearn
Legendary
Offline
Activity: 1526
Merit: 1128
|
|
September 29, 2012, 04:30:27 PM |
|
Huh? I don't know what hamdi is talking about.
Encrypting the wallet encrypts all keys in it at the time, not just new ones. If it worked the way you described it would be very confusing indeed!
|
|
|
|
|
|
Pieter Wuille
|
|
September 29, 2012, 04:51:35 PM |
|
If you have a backup of a wallet that was made before encrypting it, people who find the file will at most have access to funds sent to addresses that were obtained before encryption.
Once you encrypt, all private keys are encrypted (also those of old addresses), and the key pool is flushed (the corresponding keys are not deleted, but requests for addresses after encryption will always return addresses that were created after encryption). So to be safe from crashes, make sure you always make a (new) backup after encrypting.
|
I do Bitcoin stuff.
|
|
|
|
Pieter Wuille
|
|
September 29, 2012, 04:59:16 PM |
|
But if someone send to that old address later if can be stolen right?
Yes: If you have a backup of a wallet that was made before encrypting it, people who find the file will at most have access to funds sent to addresses that were obtained before encryption.
It would be best just to make a whole new wallet if we ever had unencrypted address? In general, yes. But if you need to keep the old addresses alive anyway (because people may still send coins to them), the only alternative is keeping them in a separate wallet. That is not safer than keeping them around in the newly-encrypted wallet. |
I do Bitcoin stuff.
|
|
|
|
Realpra
|
|
September 29, 2012, 05:00:10 PM |
|
FYI I never use the address generated before encryption, in fact I mark it as "unsafe".
I keep my wallet.dat encrypted at all times and my backups are encrypted password RAR files of said ecrypted wallet spread across my devices and email accounts.
I have also double checked the backup wallets work and were not corrupted in the process.
I would like to generate my own keys with my own fully understood software and store on paper only until first usage, but I'm not that far yet.
|
|
|
|
sunnankar
Legendary
Offline
Activity: 1031
Merit: 1000
|
|
September 29, 2012, 05:02:47 PM |
|
best practice is to create all important addresses via bitaddress.org or vanitygen.
then send all coins to new cold-storage addresses from time to time and start a new wallet file.
I need to trust a 3rd party to be safe? No. You can both generate addresses and create transactions completely offline with the javascript files. Go ahead and play around with it. Create the address then import it into Blockchain.info, etc. Then you can create and push an offline generated transaction. |
|
|
|
|
Fjordbit
|
|
September 29, 2012, 05:10:23 PM |
|
Huh? I don't know what hamdi is talking about.
Encrypting the wallet encrypts all keys in it at the time, not just new ones. If it worked the way you described it would be very confusing indeed!
Well in the past I made back up of wallets that I did not encrypt. If they were found could they take my BTC? Yes, they can take up to the first 100 addresses because they were pregenned. I'm considering starting over myself. |
|
|
|
|
|
Pieter Wuille
|
|
September 29, 2012, 05:16:27 PM |
|
Yes, they can take up to the first 100 addresses because they were pregenned.
I'm considering starting over myself.
So, I need to encrypt. Then generate 100 address that are not safe and then generate a good one?? That can't be right... No, as I said, the key pool is flushed when encrypting. This means that any new address you request after encrypting is guaranteed to never have touched disk in unencrypted form (since 0.5.0). |
I do Bitcoin stuff.
|
|
|
BC12345
Newbie
Offline
Activity: 57
Merit: 0
|
|
September 29, 2012, 05:40:34 PM |
|
Yes, they can take up to the first 100 addresses because they were pregenned.
I'm considering starting over myself.
So, I need to encrypt. Then generate 100 address that are not safe and then generate a good one?? That can't be right... No, as I said, the key pool is flushed when encrypting. This means that any new address you request after encrypting is guaranteed to never have touched disk in unencrypted form (since 0.5.0). But this also means that I have to update my backups everytime I request a new address, right? |
|
|
|
|
|
Pieter Wuille
|
|
September 29, 2012, 05:46:35 PM |
|
But this also means that I have to update my backups everytime I request a new address, right?
You need a backup after every 100 transactions (since there are 100 future keys pregenerated, that are part of the backup), AND immediately after encryption as well (since encryption flushes those 100 keys, for security reasons). |
I do Bitcoin stuff.
|
|
|
|
|
kjj
Legendary
Offline
Activity: 1302
Merit: 1024
|
|
September 30, 2012, 03:50:37 AM |
|
And there is an open issue in github to add a message indicating that a new backup is needed to the end of the encryption process. https://github.com/bitcoin/bitcoin/issues/1884 |
17Np17BSrpnHCZ2pgtiMNnhjnsWJ2TMqq8
I routinely ignore posters with paid advertising in their sigs. You should too.
|
|
|
runeks
Legendary
Offline
Activity: 980
Merit: 1008
|
|
September 30, 2012, 09:52:20 AM |
|
Huh? I don't know what hamdi is talking about.
Encrypting the wallet encrypts all keys in it at the time, not just new ones. If it worked the way you described it would be very confusing indeed!
Well in the past I made back up of wallets that I did not encrypt. If they were found could they take my BTC? Yes, they can take up to the first 100 addresses because they were pregenned. I'm considering starting over myself. So, I need to encrypt. Then generate 100 address that are not safe and then generate a good one?? That can't be right...  The following should protect you from anyone getting hold of your previous, unencrypted backups: 1. Encrypt wallet 2. Send all your coins to a newly generated address (that now resides in the encrypted wallet) Please someone correct me if I'm wrong here. I've made a simple patch that tries to address this here: https://github.com/bitcoin/bitcoin/pull/1890 |
|
|
|
|
Dabs
Legendary
Offline
Activity: 3416
Merit: 1912
The Concierge of Crypto
|
|
October 01, 2012, 07:17:33 AM |
|
May I make the following suggestion in addition to what was already said.
1. Backup old wallet.
2. Delete old wallet.
3. Run bitcoin and let it create a new wallet, then immediately encrypt it.
4. Backup new encrypted wallet. Take note of an address.
5. Delete new wallet, copy old wallet back.
6. Send all bitcoins to the new encrypted wallet.
Step 6 can be slightly modified so that you can actually send all bitcoins to different addresses in the new encrypted wallet. (You can use pywallet to back a paper backup of the new wallet public keys, and send varying amounts of your bitcoins to many addresses.)
Optionally Step 7 is to make a watching only wallet of the old unencrypted wallet (you can encrypt it too, since you will not be using the old wallet). Just in case someone sends you some coins to any of the old wallet addresses.
Oh yeah, shut down bitcoin when you are backing up or deleting wallets in between steps.
Of course, you could use two instances of bitcoin (or two different machines, virtual or real) to do the above steps.
|
|
|
|
gmaxwell
Moderator
Legendary
Offline
Activity: 4158
Merit: 8382
|
|
October 01, 2012, 10:50:45 AM |
|
Since we do not know what address the coins might go to in the wallet might they go to the very first address, the one that was once unencrypted?
No. Change goes to new addresses. Funds should only go to that first displayed one if you copy that address out of the client and send ones there. |
|
|
|
|
Vandroiy
Legendary
Offline
Activity: 1036
Merit: 1002
|
|
October 01, 2012, 11:20:28 AM
Last edit: October 01, 2012, 11:36:37 AM by Vandroiy |
|
I hope you know the encryption is a security feature against physical theft of the hard drive. NOT against someone who has code execution abilities aside your Bitcoin client.
A person who did the latter will simply load a program that waits until you enter the pass-phrase, then decrypt all keys and send them to the attacker. A simple keylogger does the job. Or modify Bitcoin to replace the next generated transaction with a different one. If an attacker already got this far, it is usually just a matter of time until he finds some way to achieve his goal, and if you use the common operating systems and their "monitoring" features, little chance of noticing him before he's done.
I find the encryption feature rather useless; just enable OS encryption against physical theft. And hope that keys were properly kept away from the swap file, unless that's encrypted too. In Armory, I see the point, because it's designed to run on insecure machines. But in Bitcoin-Qt, it looks like a PR feature. "You can feel safe now, it's encrypted!!"
|
|
|
|
|
|
