Bitcoin Forum
November 22, 2017, 12:05:52 PM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 »  All
  Print  
Author Topic: Wallet per user  (Read 1307 times)
madmadmax
Hero Member
*****
Offline Offline

Activity: 740



View Profile
February 08, 2013, 04:07:42 PM
 #1

How can you create a wallet for every separate user and encrypt every wallet with a different hash?

EDIT: Just realized you can write an app to shutdown the daemon and replace the wallet.dat file but it seems it would slow overall performance drastically...








       ▄▄▄▄▄               ▄▄▄▄▄
   ▄▄█▀▀▀▀▀▀██▄        ▄▄█▀▀▀▀▀▀▀█▄
 ▄██▀        ▀██▄    ▄██▀         ▀█▄
██▀            ▀██▄  ▀▀             ██
██               ▀██        ▄▄▄▄▄▄▄▄██
██                ▀██▄      ▀▀▀▀▀▀▀▀▀▀
 ██▄          ▄██   ▀██▄          ▄▄▄
  ▀██▄      ▄██▀      ▀██▄▄     ▄██▀
    ▀▀██████▀▀          ▀▀██████▀▀


Unchained Smart Contracts
Decentralized Oracle
Infinitly Scalable
Blockchain Technology
Turing-Complete
State-Channels



                 ▄████▄▄    ▄
██             ████████████▀
████▄         █████████████▀
▀████████▄▄   █████████████
▄▄█████████████████████████
██████████████████████████
  ▀██████████████████████
   █████████████████████
    ▀█████████████████▀
      ▄█████████████▀
▄▄███████████████▀
   ▀▀▀▀▀▀▀▀▀▀▀

             ▄██▄
     ▄      ▐████   ▄▄
   █████     ██████████
    █████████████████▀
 ▄████████████▀████▌
██████████     ▀████    
 ▀▀   █████     ██████████
      ▀████▌▄████████████▀
    ▄▄▄███████████████▌
   ██████████▀    ▐████
    ▀▀▀  ████▌     ▀▀▀
         ▀███▀
f


1511352352
Hero Member
*
Offline Offline

Posts: 1511352352

View Profile Personal Message (Offline)

Ignore
1511352352
Reply with quote  #2

1511352352
Report to moderator
Join ICO Now Coinlancer is Disrupting the Freelance marketplace!
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1511352352
Hero Member
*
Offline Offline

Posts: 1511352352

View Profile Personal Message (Offline)

Ignore
1511352352
Reply with quote  #2

1511352352
Report to moderator
1511352352
Hero Member
*
Offline Offline

Posts: 1511352352

View Profile Personal Message (Offline)

Ignore
1511352352
Reply with quote  #2

1511352352
Report to moderator
1511352352
Hero Member
*
Offline Offline

Posts: 1511352352

View Profile Personal Message (Offline)

Ignore
1511352352
Reply with quote  #2

1511352352
Report to moderator
DannyHamilton
Legendary
*
Offline Offline

Activity: 1988



View Profile
February 08, 2013, 04:28:31 PM
 #2

Not sure what you are trying to do, but it sounds like the method you are choosing may not be the best way to go about it.

madmadmax
Hero Member
*****
Offline Offline

Activity: 740



View Profile
February 08, 2013, 04:38:45 PM
 #3

Not sure what you are trying to do, but it sounds like the method you are choosing may not be the best way to go about it.

Since every user has his own password I want to have separate wallets all encrypted with the users password








       ▄▄▄▄▄               ▄▄▄▄▄
   ▄▄█▀▀▀▀▀▀██▄        ▄▄█▀▀▀▀▀▀▀█▄
 ▄██▀        ▀██▄    ▄██▀         ▀█▄
██▀            ▀██▄  ▀▀             ██
██               ▀██        ▄▄▄▄▄▄▄▄██
██                ▀██▄      ▀▀▀▀▀▀▀▀▀▀
 ██▄          ▄██   ▀██▄          ▄▄▄
  ▀██▄      ▄██▀      ▀██▄▄     ▄██▀
    ▀▀██████▀▀          ▀▀██████▀▀


Unchained Smart Contracts
Decentralized Oracle
Infinitly Scalable
Blockchain Technology
Turing-Complete
State-Channels



                 ▄████▄▄    ▄
██             ████████████▀
████▄         █████████████▀
▀████████▄▄   █████████████
▄▄█████████████████████████
██████████████████████████
  ▀██████████████████████
   █████████████████████
    ▀█████████████████▀
      ▄█████████████▀
▄▄███████████████▀
   ▀▀▀▀▀▀▀▀▀▀▀

             ▄██▄
     ▄      ▐████   ▄▄
   █████     ██████████
    █████████████████▀
 ▄████████████▀████▌
██████████     ▀████    
 ▀▀   █████     ██████████
      ▀████▌▄████████████▀
    ▄▄▄███████████████▌
   ██████████▀    ▐████
    ▀▀▀  ████▌     ▀▀▀
         ▀███▀
f


edd
Donator
Legendary
*
Offline Offline

Activity: 1386



View Profile WWW
February 08, 2013, 04:42:49 PM
 #4

Not sure what you are trying to do, but it sounds like the method you are choosing may not be the best way to go about it.

Since every user has his own password I want to have separate wallets all encrypted with the users password

So you basically want individual encrypted wallets for several people all located in the same place but only accessible with their own unique password?

Still around.
madmadmax
Hero Member
*****
Offline Offline

Activity: 740



View Profile
February 08, 2013, 04:44:14 PM
 #5

Not sure what you are trying to do, but it sounds like the method you are choosing may not be the best way to go about it.

Since every user has his own password I want to have separate wallets all encrypted with the users password

So you basically want individual encrypted wallets for several people all located in the same place but only accessible with their own unique password?

Yes, neither the hashes or the passwords will be stored at the same machine








       ▄▄▄▄▄               ▄▄▄▄▄
   ▄▄█▀▀▀▀▀▀██▄        ▄▄█▀▀▀▀▀▀▀█▄
 ▄██▀        ▀██▄    ▄██▀         ▀█▄
██▀            ▀██▄  ▀▀             ██
██               ▀██        ▄▄▄▄▄▄▄▄██
██                ▀██▄      ▀▀▀▀▀▀▀▀▀▀
 ██▄          ▄██   ▀██▄          ▄▄▄
  ▀██▄      ▄██▀      ▀██▄▄     ▄██▀
    ▀▀██████▀▀          ▀▀██████▀▀


Unchained Smart Contracts
Decentralized Oracle
Infinitly Scalable
Blockchain Technology
Turing-Complete
State-Channels



                 ▄████▄▄    ▄
██             ████████████▀
████▄         █████████████▀
▀████████▄▄   █████████████
▄▄█████████████████████████
██████████████████████████
  ▀██████████████████████
   █████████████████████
    ▀█████████████████▀
      ▄█████████████▀
▄▄███████████████▀
   ▀▀▀▀▀▀▀▀▀▀▀

             ▄██▄
     ▄      ▐████   ▄▄
   █████     ██████████
    █████████████████▀
 ▄████████████▀████▌
██████████     ▀████    
 ▀▀   █████     ██████████
      ▀████▌▄████████████▀
    ▄▄▄███████████████▌
   ██████████▀    ▐████
    ▀▀▀  ████▌     ▀▀▀
         ▀███▀
f


DannyHamilton
Legendary
*
Offline Offline

Activity: 1988



View Profile
February 08, 2013, 05:17:02 PM
 #6

You're talking about separate users of a Windows computer in your household?  I think that the standard installation of Bitcoin-Qt already has separate wallets and seperate copies of the blockchain for each user, doesn't it?

madmadmax
Hero Member
*****
Offline Offline

Activity: 740



View Profile
February 08, 2013, 05:37:26 PM
 #7

You're talking about separate users of a Windows computer in your household?  I think that the standard installation of Bitcoin-Qt already has separate wallets and seperate copies of the blockchain for each user, doesn't it?

It has "accounts" which is an arbitrary implementation of bitcoin-qt, you cannot however encrypt individual users and you cannot let every user download his wallet file if need be.








       ▄▄▄▄▄               ▄▄▄▄▄
   ▄▄█▀▀▀▀▀▀██▄        ▄▄█▀▀▀▀▀▀▀█▄
 ▄██▀        ▀██▄    ▄██▀         ▀█▄
██▀            ▀██▄  ▀▀             ██
██               ▀██        ▄▄▄▄▄▄▄▄██
██                ▀██▄      ▀▀▀▀▀▀▀▀▀▀
 ██▄          ▄██   ▀██▄          ▄▄▄
  ▀██▄      ▄██▀      ▀██▄▄     ▄██▀
    ▀▀██████▀▀          ▀▀██████▀▀


Unchained Smart Contracts
Decentralized Oracle
Infinitly Scalable
Blockchain Technology
Turing-Complete
State-Channels



                 ▄████▄▄    ▄
██             ████████████▀
████▄         █████████████▀
▀████████▄▄   █████████████
▄▄█████████████████████████
██████████████████████████
  ▀██████████████████████
   █████████████████████
    ▀█████████████████▀
      ▄█████████████▀
▄▄███████████████▀
   ▀▀▀▀▀▀▀▀▀▀▀

             ▄██▄
     ▄      ▐████   ▄▄
   █████     ██████████
    █████████████████▀
 ▄████████████▀████▌
██████████     ▀████    
 ▀▀   █████     ██████████
      ▀████▌▄████████████▀
    ▄▄▄███████████████▌
   ██████████▀    ▐████
    ▀▀▀  ████▌     ▀▀▀
         ▀███▀
f


DannyHamilton
Legendary
*
Offline Offline

Activity: 1988



View Profile
February 08, 2013, 06:24:29 PM
 #8

You're talking about separate users of a Windows computer in your household?  I think that the standard installation of Bitcoin-Qt already has separate wallets and seperate copies of the blockchain for each user, doesn't it?

It has "accounts" which is an arbitrary implementation of bitcoin-qt, you cannot however encrypt individual users and you cannot let every user download his wallet file if need be.
Are you trying to create a web hosted wallet service like https://blockchain.info/wallet or are you just trying to allow multiple people who are sharing a computer each have their own wallet on that computer?

deepceleron
Legendary
*
Offline Offline

Activity: 1512



View Profile WWW
February 08, 2013, 06:57:59 PM
 #9

If you are talking about different users in a household, you only need create other user accounts in your operating system. Locking down/encrypting user directories is optional depending on how much you trust local users.

Bitcoin stores it's data in a user's profile on both Windows and Linux (probably Mac too). If someone logs in with a different user name and launches Bitcoin, it will create a new %APPDATA%\Bitcoin for that account with it's own wallet, blockchain, etc. You can speed up the initial download by doing a copy %APPDATA%\Bitcoin\BLK*.DAT C:\Users\LittleJohnny\AppData\Roaming\Bitcoin to each additional user account's profile.

madmadmax
Hero Member
*****
Offline Offline

Activity: 740



View Profile
February 08, 2013, 10:08:40 PM
 #10

You're talking about separate users of a Windows computer in your household?  I think that the standard installation of Bitcoin-Qt already has separate wallets and seperate copies of the blockchain for each user, doesn't it?

It has "accounts" which is an arbitrary implementation of bitcoin-qt, you cannot however encrypt individual users and you cannot let every user download his wallet file if need be.
Are you trying to create a web hosted wallet service like https://blockchain.info/wallet or are you just trying to allow multiple people who are sharing a computer each have their own wallet on that computer?

I am looking for something more geared towards blockchain.info although not the same at all, performance wise it should be just as efficient as a commercial product.








       ▄▄▄▄▄               ▄▄▄▄▄
   ▄▄█▀▀▀▀▀▀██▄        ▄▄█▀▀▀▀▀▀▀█▄
 ▄██▀        ▀██▄    ▄██▀         ▀█▄
██▀            ▀██▄  ▀▀             ██
██               ▀██        ▄▄▄▄▄▄▄▄██
██                ▀██▄      ▀▀▀▀▀▀▀▀▀▀
 ██▄          ▄██   ▀██▄          ▄▄▄
  ▀██▄      ▄██▀      ▀██▄▄     ▄██▀
    ▀▀██████▀▀          ▀▀██████▀▀


Unchained Smart Contracts
Decentralized Oracle
Infinitly Scalable
Blockchain Technology
Turing-Complete
State-Channels



                 ▄████▄▄    ▄
██             ████████████▀
████▄         █████████████▀
▀████████▄▄   █████████████
▄▄█████████████████████████
██████████████████████████
  ▀██████████████████████
   █████████████████████
    ▀█████████████████▀
      ▄█████████████▀
▄▄███████████████▀
   ▀▀▀▀▀▀▀▀▀▀▀

             ▄██▄
     ▄      ▐████   ▄▄
   █████     ██████████
    █████████████████▀
 ▄████████████▀████▌
██████████     ▀████    
 ▀▀   █████     ██████████
      ▀████▌▄████████████▀
    ▄▄▄███████████████▌
   ██████████▀    ▐████
    ▀▀▀  ████▌     ▀▀▀
         ▀███▀
f


gweedo
Legendary
*
Offline Offline

Activity: 1246


Java, PHP, HTML/CSS Programmer for Hire!


View Profile WWW
February 08, 2013, 10:32:39 PM
 #11

You're talking about separate users of a Windows computer in your household?  I think that the standard installation of Bitcoin-Qt already has separate wallets and seperate copies of the blockchain for each user, doesn't it?

It has "accounts" which is an arbitrary implementation of bitcoin-qt, you cannot however encrypt individual users and you cannot let every user download his wallet file if need be.
Are you trying to create a web hosted wallet service like https://blockchain.info/wallet or are you just trying to allow multiple people who are sharing a computer each have their own wallet on that computer?

I am looking for something more geared towards blockchain.info although not the same at all, performance wise it should be just as efficient as a commercial product.

If your trying to create a blockchain.info like site, I highly discourage it cause the reasons blockchain.info is so good is the hybird wallet system, which I don't think you have full grasped the concept of yet from this thread.

Want to earn 2500 SATOSHIS per hour? Come Chat and Chill in https://goseemybits.com/lobby
madmadmax
Hero Member
*****
Offline Offline

Activity: 740



View Profile
February 09, 2013, 01:00:38 PM
 #12

You're talking about separate users of a Windows computer in your household?  I think that the standard installation of Bitcoin-Qt already has separate wallets and seperate copies of the blockchain for each user, doesn't it?

It has "accounts" which is an arbitrary implementation of bitcoin-qt, you cannot however encrypt individual users and you cannot let every user download his wallet file if need be.
Are you trying to create a web hosted wallet service like https://blockchain.info/wallet or are you just trying to allow multiple people who are sharing a computer each have their own wallet on that computer?

I am looking for something more geared towards blockchain.info although not the same at all, performance wise it should be just as efficient as a commercial product.

If your trying to create a blockchain.info like site, I highly discourage it cause the reasons blockchain.info is so good is the hybird wallet system, which I don't think you have full grasped the concept of yet from this thread.

I know exactly how a hybrid wallet system works, unless you are talking about Belgian Canaries I know exactly what you're talking about.

As to having a system like I want it seems that exporting the private keys to a wallet files would be easier and faster as well.








       ▄▄▄▄▄               ▄▄▄▄▄
   ▄▄█▀▀▀▀▀▀██▄        ▄▄█▀▀▀▀▀▀▀█▄
 ▄██▀        ▀██▄    ▄██▀         ▀█▄
██▀            ▀██▄  ▀▀             ██
██               ▀██        ▄▄▄▄▄▄▄▄██
██                ▀██▄      ▀▀▀▀▀▀▀▀▀▀
 ██▄          ▄██   ▀██▄          ▄▄▄
  ▀██▄      ▄██▀      ▀██▄▄     ▄██▀
    ▀▀██████▀▀          ▀▀██████▀▀


Unchained Smart Contracts
Decentralized Oracle
Infinitly Scalable
Blockchain Technology
Turing-Complete
State-Channels



                 ▄████▄▄    ▄
██             ████████████▀
████▄         █████████████▀
▀████████▄▄   █████████████
▄▄█████████████████████████
██████████████████████████
  ▀██████████████████████
   █████████████████████
    ▀█████████████████▀
      ▄█████████████▀
▄▄███████████████▀
   ▀▀▀▀▀▀▀▀▀▀▀

             ▄██▄
     ▄      ▐████   ▄▄
   █████     ██████████
    █████████████████▀
 ▄████████████▀████▌
██████████     ▀████    
 ▀▀   █████     ██████████
      ▀████▌▄████████████▀
    ▄▄▄███████████████▌
   ██████████▀    ▐████
    ▀▀▀  ████▌     ▀▀▀
         ▀███▀
f


DannyHamilton
Legendary
*
Offline Offline

Activity: 1988



View Profile
February 09, 2013, 03:47:49 PM
 #13

I see that you "want to have separate wallets all encrypted with the users password"

Wouldn't that require that they send you their password in order to decrypt and use the wallet?  That seems like a significant security flaw.  I'd think it would be better to create a database that contains a user identifier and bitcoin address as a primary key along with a column for the encrypted password.  Then any new bitcoin address can be generated and the private key can then be encrypted on the user side.  Having the bitcoin addresses would allow you to show balances, and any time the user needs/wants to send a transaction, you can supply them with the encrypted password only.  The users client program can decrypt the private key locally and sign the transaction.  That way you never have access to the user's private keys or password.

If on the other hand you plan to send the user the entire encrypted wallet, and have them decrypt it locally (and use it decrypted locally), then there isn't any need to "write an app to shutdown the daemon and replace the wallet.dat file"  Since the user will be using the wallet on their end, you don't need a daemon at all.

madmadmax
Hero Member
*****
Offline Offline

Activity: 740



View Profile
February 09, 2013, 04:09:33 PM
 #14

I see that you "want to have separate wallets all encrypted with the users password"

Wouldn't that require that they send you their password in order to decrypt and use the wallet?  That seems like a significant security flaw.  I'd think it would be better to create a database that contains a user identifier and bitcoin address as a primary key along with a column for the encrypted password.  Then any new bitcoin address can be generated and the private key can then be encrypted on the user side.  Having the bitcoin addresses would allow you to show balances, and any time the user needs/wants to send a transaction, you can supply them with the encrypted password only.  The users client program can decrypt the private key locally and sign the transaction.  That way you never have access to the user's private keys or password.

If on the other hand you plan to send the user the entire encrypted wallet, and have them decrypt it locally (and use it decrypted locally), then there isn't any need to "write an app to shutdown the daemon and replace the wallet.dat file"  Since the user will be using the wallet on their end, you don't need a daemon at all.

Obviously I wouldn't send the raw password over the network, I would send a salted bcrypt hash over RSA-2048 in a secured connection. I wouldn't store the wallet on the users side not because of a possible security flaw on the server side but because the average gullible user needs to be protected from himself, in addition to having the option to run on the deep-web in the future.








       ▄▄▄▄▄               ▄▄▄▄▄
   ▄▄█▀▀▀▀▀▀██▄        ▄▄█▀▀▀▀▀▀▀█▄
 ▄██▀        ▀██▄    ▄██▀         ▀█▄
██▀            ▀██▄  ▀▀             ██
██               ▀██        ▄▄▄▄▄▄▄▄██
██                ▀██▄      ▀▀▀▀▀▀▀▀▀▀
 ██▄          ▄██   ▀██▄          ▄▄▄
  ▀██▄      ▄██▀      ▀██▄▄     ▄██▀
    ▀▀██████▀▀          ▀▀██████▀▀


Unchained Smart Contracts
Decentralized Oracle
Infinitly Scalable
Blockchain Technology
Turing-Complete
State-Channels



                 ▄████▄▄    ▄
██             ████████████▀
████▄         █████████████▀
▀████████▄▄   █████████████
▄▄█████████████████████████
██████████████████████████
  ▀██████████████████████
   █████████████████████
    ▀█████████████████▀
      ▄█████████████▀
▄▄███████████████▀
   ▀▀▀▀▀▀▀▀▀▀▀

             ▄██▄
     ▄      ▐████   ▄▄
   █████     ██████████
    █████████████████▀
 ▄████████████▀████▌
██████████     ▀████    
 ▀▀   █████     ██████████
      ▀████▌▄████████████▀
    ▄▄▄███████████████▌
   ██████████▀    ▐████
    ▀▀▀  ████▌     ▀▀▀
         ▀███▀
f


DannyHamilton
Legendary
*
Offline Offline

Activity: 1988



View Profile
February 09, 2013, 04:22:20 PM
 #15

Obviously I wouldn't send the raw password over the network, I would send a salted bcrypt hash over RSA-2048 in a secured connection . . .
If you don't send the raw password over the network, how are you going to encrypt or decrypt the wallet? Don't you need the actual encryption password to do that?

madmadmax
Hero Member
*****
Offline Offline

Activity: 740



View Profile
February 09, 2013, 04:49:06 PM
 #16

Obviously I wouldn't send the raw password over the network, I would send a salted bcrypt hash over RSA-2048 in a secured connection . . .
If you don't send the raw password over the network, how are you going to encrypt or decrypt the wallet? Don't you need the actual encryption password to do that?

http://en.wikipedia.org/wiki/Hash_function

http://en.wikipedia.org/wiki/Bcrypt








       ▄▄▄▄▄               ▄▄▄▄▄
   ▄▄█▀▀▀▀▀▀██▄        ▄▄█▀▀▀▀▀▀▀█▄
 ▄██▀        ▀██▄    ▄██▀         ▀█▄
██▀            ▀██▄  ▀▀             ██
██               ▀██        ▄▄▄▄▄▄▄▄██
██                ▀██▄      ▀▀▀▀▀▀▀▀▀▀
 ██▄          ▄██   ▀██▄          ▄▄▄
  ▀██▄      ▄██▀      ▀██▄▄     ▄██▀
    ▀▀██████▀▀          ▀▀██████▀▀


Unchained Smart Contracts
Decentralized Oracle
Infinitly Scalable
Blockchain Technology
Turing-Complete
State-Channels



                 ▄████▄▄    ▄
██             ████████████▀
████▄         █████████████▀
▀████████▄▄   █████████████
▄▄█████████████████████████
██████████████████████████
  ▀██████████████████████
   █████████████████████
    ▀█████████████████▀
      ▄█████████████▀
▄▄███████████████▀
   ▀▀▀▀▀▀▀▀▀▀▀

             ▄██▄
     ▄      ▐████   ▄▄
   █████     ██████████
    █████████████████▀
 ▄████████████▀████▌
██████████     ▀████    
 ▀▀   █████     ██████████
      ▀████▌▄████████████▀
    ▄▄▄███████████████▌
   ██████████▀    ▐████
    ▀▀▀  ████▌     ▀▀▀
         ▀███▀
f


DannyHamilton
Legendary
*
Offline Offline

Activity: 1988



View Profile
February 09, 2013, 09:36:35 PM
 #17

Obviously I wouldn't send the raw password over the network, I would send a salted bcrypt hash over RSA-2048 in a secured connection . . .
If you don't send the raw password over the network, how are you going to encrypt or decrypt the wallet? Don't you need the actual encryption password to do that?
http://en.wikipedia.org/wiki/Hash_function

http://en.wikipedia.org/wiki/Bcrypt
I looked at both links.  I still don't understand how you can encrypt or decrypt the wallet without the password.

gweedo
Legendary
*
Offline Offline

Activity: 1246


Java, PHP, HTML/CSS Programmer for Hire!


View Profile WWW
February 09, 2013, 10:06:53 PM
 #18

Obviously I wouldn't send the raw password over the network, I would send a salted bcrypt hash over RSA-2048 in a secured connection . . .
If you don't send the raw password over the network, how are you going to encrypt or decrypt the wallet? Don't you need the actual encryption password to do that?

http://en.wikipedia.org/wiki/Hash_function

http://en.wikipedia.org/wiki/Bcrypt

Bcrypt is a one way hashing function, you would be better off using private key and public key.

Want to earn 2500 SATOSHIS per hour? Come Chat and Chill in https://goseemybits.com/lobby
DannyHamilton
Legendary
*
Offline Offline

Activity: 1988



View Profile
February 09, 2013, 10:29:04 PM
 #19

Obviously I wouldn't send the raw password over the network, I would send a salted bcrypt hash over RSA-2048 in a secured connection . . .
If you don't send the raw password over the network, how are you going to encrypt or decrypt the wallet? Don't you need the actual encryption password to do that?
http://en.wikipedia.org/wiki/Hash_function

http://en.wikipedia.org/wiki/Bcrypt
Bcrypt is a one way hashing function, you would be better off using private key and public key.
If madmadmax is going to store the users encrypted wallets on his server, and then try and swap them in using bitcoind, how exactly are private and public keys going to keep the user's wallets secure?

gweedo
Legendary
*
Offline Offline

Activity: 1246


Java, PHP, HTML/CSS Programmer for Hire!


View Profile WWW
February 09, 2013, 10:44:03 PM
 #20

Obviously I wouldn't send the raw password over the network, I would send a salted bcrypt hash over RSA-2048 in a secured connection . . .
If you don't send the raw password over the network, how are you going to encrypt or decrypt the wallet? Don't you need the actual encryption password to do that?
http://en.wikipedia.org/wiki/Hash_function

http://en.wikipedia.org/wiki/Bcrypt
Bcrypt is a one way hashing function, you would be better off using private key and public key.
If madmadmax is going to store the users encrypted wallets on his server, and then try and swap them in using bitcoind, how exactly are private and public keys going to keep the user's wallets secure?

First off why would he switch them out each time someone wanted to use it. It take too much time to rescan to have it ready for the user. Easily, you have the user supply a password, hash it, use that hash to create the public key, which then would be used to encrypt the wallet file. Then you do the opposite to decrypt the wallet file. It is kinda encryption 101.

Want to earn 2500 SATOSHIS per hour? Come Chat and Chill in https://goseemybits.com/lobby
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!