Brain wallet - "used" and "unused" adress

[craked]

Hi,

I aim to create a brainwallet for long term saving.

I have got two questions : 

1. I read somewhere (bitcoinmagazine.com), that a "used" adress (i.e., that have both received and sended bitcoins) is far less strong than an "unused" adress (ie., that have only received bitcoins, not sended), because in the first case the public adress will be exposed. Do you know why the public adress would be exposed when sending bitcoins, wheras it would not be exposed not when receiving ?

2. When I consult my account on blockchain.info, will then my account be considered as far less strong, because my public adress would have been communicated to a third party ? If the answer is yes, is there a mean of consulting my account while keeping my public key secret ?

Thx all

[odolvlobo]

"Far less" is an exaggeration. "Slightly less" is more accurate. You are confused by the terms. The "bitcoin address" is exposed in order to receive bitcoins. The "public key" is exposed in order to send bitcoins. The "private key" is never exposed.

When you consult a blockchain explorer, you are simply querying about some bitcoin addresses and not exposing anything that is not already public. When you have a blockchain.info account, you are trusting that their software does not reveal your private keys to them.

None of this is related to creating a brainwallet.

[RGBKey]

People say that an address that has sent coins is less secure because you have exposed your public key. Before then, you have not exposed your public key. If people don't have your public key, it's much harder than it already is to crack your private key. Keep in mind that cracking a private key is already a near impossibility.

[jonald_fyookball]

Hi,

I aim to create a brainwallet for long term saving.

I have got two questions :  

1. I read somewhere (bitcoinmagazine.com), that a "used" adress (i.e., that have both received and sended bitcoins) is far less strong than an "unused" adress (ie., that have only received bitcoins, not sended), because in the first case the public adress will be exposed. Do you know why the public adress would be exposed when sending bitcoins, wheras it would not be exposed not when receiving ?

2. When I consult my account on blockchain.info, will then my account be considered as far less strong, because my public adress would have been communicated to a third party ? If the answer is yes, is there a mean of consulting my account while keeping my public key secret ?

Thx all

When Bitcoins are sent on the blockchain, the public key is revealed. This is necessary so that the network can validate the signature and prove the sender controls the address.  No such validation is required to receive.
There is higher security for unused addresses and it is considered 'best practice' not to reuse addresses but that doesn't mean used addresses are insecure.  There are several used addresses out there with huge balances. 

The security for unspent vs spent rises from 128 bits (already beyond brute forcing) to 160 bits, but more importanty, protects against faulty wallet implementations.  Its also better for privacy.

[DannyHamilton]

If you are concerned about security...

DO NOT CREATE A BRAINWALLET.

Your bitcoins will be FAR more vulnerable in a brainwallet than any concern you may have about the public key being exposed.

[tadakaluri]

I would like to know, What is Brain Wallet? and How you saving with that for a long term?

[Quickseller]

If you are creating a brainwallet and it has been previously "used" then you absolutely should not consider sending funds to it. If a brainwallet has been previously used that means that someone else has spent funds from that brainwallet, which means that someone else has access to the private key of the brainwallet you are thinking of using.

With that being said, you really should not use a brainwallet period because with current technology, it is nearly certain that someone will be able to steal your money using software that checks the addresses associated with the private keys of brainwallets at an alarming speed that an attacker will almost certainly be able to steal your money.

[Herbert2020]

I would like to know, What is Brain Wallet? and How you saving with that for a long term?

brain wallet is like a passphrase that you remember which is used to create your bitcoin address (the private key)
read more here:
https://en.bitcoin.it/wiki/Brainwallet

but it can be un-safe because what a human considers random words might not actually be random and can be hacked easily.

[LiteCoinGuy]

Hi,

I aim to create a brainwallet for long term saving.

I have got two questions :  



Thx all

Use a hardware wallet or a service like Xapo.com to store your coins. otherwise i guess you will lose all  

https://bitcointalk.org/index.php?topic=899253.0

[craked]

@ odolvlobo
@ RGBKey
@ jonald_fyookball

Thank you for answers,

I now understand that I was mistaking adress for public key.

As a consequence I understand that it is not compromising to consult adresses on Blockchain.info (I have no Blockchain.info account, I just use it to consult adresses).

[craked]

If you are concerned about security...

DO NOT CREATE A BRAINWALLET.

Your bitcoins will be FAR more vulnerable in a brainwallet than any concern you may have about the public key being exposed.

I dont think my brainwallet will be exposed.

My passphrase is composed of 24 words : 12 words randomly chosen in a 15000 words dictionary (writen on a paper in three differents locations) + a more personal phrase composed of 12 words (not written on paper because I cant forget it).

[redsn0w]

If you are concerned about security...

DO NOT CREATE A BRAINWALLET.

Your bitcoins will be FAR more vulnerable in a brainwallet than any concern you may have about the public key being exposed.

I dont think my brainwallet will be exposed.

My passphrase is composed of 24 words : 12 words randomly chosen in a 15000 words dictionary (writen on a paper in three differents locations) + a more personal phrase composed of 12 words (not written on paper because I cant forget it).

Are you sure? You should improve your security...

[craked]

I would like to know, What is Brain Wallet? and How you saving with that for a long term?

I aim at saving a very tiny fraction of my savings in a brain-wallet, mostly for fun.

Long term means for me 10-20 years.

[Blazr]

Please listen to me and do not create a brainwallet. You will end up getting robbed.

What you need to do is not be so paranoid and keep things simple.

Only install stuff from trustworthy sources, stay away from pirated software, keep all of your software updated, install an anti-virus and use any Bitcoin client from bitcoin.org. I highly recommend electrum.

IMPORTANT: Make sure you back up your Bitcoin wallet because that is the biggest reason people lose their BTC, much more people forget to backup and lose BTC then have their BTC stolen by hackers and scammers combined. Also make sure you regularly check your backups are still there and still work.

[Blazr]

My passphrase is composed of 24 words : 12 words randomly chosen in a 15000 words dictionary (writen on a paper in three differents locations) + a more personal phrase composed of 12 words (not written on paper because I cant forget it).

This isn't what most people call a "brainwallet". This is just a normal wallet. Many wallets give you the option of getting a mnemonic seed (a list of words) that you can use to recover your wallet if you lose access to it. electrum does this. These are a really good idea. Though I would recommend keeping an encrypted copy of the wallet as well as the paper words, makes it easy to check your balance and such and also never try to make up your own words.

[craked]

If you are concerned about security...

DO NOT CREATE A BRAINWALLET.

Your bitcoins will be FAR more vulnerable in a brainwallet than any concern you may have about the public key being exposed.

I dont think my brainwallet will be exposed.

My passphrase is composed of 24 words : 12 words randomly chosen in a 15000 words dictionary (writen on a paper in three differents locations) + a more personal phrase composed of 12 words (not written on paper because I cant forget it).

Are you sure? You should improve your security...

I am pretty sure that I cannot remember 12 words randomly chosen (that is why I wrote them on paper),

but I am 100% sure that I can remember a more personal phrase (because it was designed to be easy to remember).

Unless, of course, if I get seriously sick, or die.

[craked]

My passphrase is composed of 24 words : 12 words randomly chosen in a 15000 words dictionary (writen on a paper in three differents locations) + a more personal phrase composed of 12 words (not written on paper because I cant forget it).

This isn't what most people call a "brainwallet". This is just a normal wallet. Many wallets give you the option of getting a mnemonic seed (a list of words) that you can use to recover your wallet if you lose access to it. electrum does this. These are a really good idea. Though I would recommend keeping an encrypted copy of the wallet as well as the paper words, makes it easy to check your balance and such and also never try to make up your own words.

Yes it is,

mine is a real brain-wallet.

I generated my adress/keys with the brain-wallet.org java applet, after having ramdomly chosen words by rolling real dices (+ more personnal phrase).

[craked]

Please listen to me and do not create a brainwallet. You will end up getting robbed.

What you need to do is not be so paranoid and keep things simple.

Only install stuff from trustworthy sources, stay away from pirated software, keep all of your software updated, install an anti-virus and use any Bitcoin client from bitcoin.org. I highly recommend electrum.

IMPORTANT: Make sure you back up your Bitcoin wallet because that is the biggest reason people lose their BTC, much more people forget to backup and lose BTC then have their BTC stolen by hackers and scammers combined. Also make sure you regularly check your backups are still there and still work.

I understand what you mean,

but I participate in bitcoin with a brain-wallet because this is fun,

whereas using a software and making backups is not fun.

I dont think my bitcoins will be stolen, and even if they are, I would not mind much, because it is only a tiny fraction of my savings.

[craked]

Please listen to me and do not create a brainwallet. You will end up getting robbed.

I want to be sure to understand :

I have calculated that my passphrase has an real entropy far beyond 160 (12*log2(15000)=166, not to mention my 12 extra personnal words for which entropy is obviously more difficult to evaluate),

then, why concretely would my private key be less secure than a common private key held with a software like Electrum ?

[DannyHamilton]

I am pretty sure that I cannot remember 12 words randomly chosen (that is why I wrote them on paper),

Then this is not a "brainwallet".

As long as your 12 words were truly randomly chosen, and you didn't add any personal bias into the decision, it should be at least as safe as the paper.