How does wallet encryption disable old wallet?

[rupy]

So I encrypted my wallet and I tried to remove the new wallet before starting the client again (since the client doesn't warn you BEFORE encrypting) and rollback to old wallet, but it was then empty.

So I got really scared! and then put the new encrypted back and that worked fine.

Just had to backup REALLY REALLY fast... since if something happened during those few seconds; poof all BTC gone = NOT COOL!!! hello devs get you heads out of your asses!!!

You need to make this process a 2 phase commit!!!

Ok, but what I wan't to know is HOW does the encryption disable the old wallet? If I install a new client on another computer and use the old unencrypted wallet will it work?

[jackjack]

I didn't really understand what happened to you, but I sure can tell you how encryption works

Unencrypted wallets store addresses like this:

Code:

        {
            "address": "1Cuzj8Js52vsbh2lCuzj8Js52vsbh2l", 
            "private key": "63abd94482dc7bd63abd94482dc7bd63abd94482dc7bd"
        }, 

When you ask Bitcoin to crypt, it takes your wallet and change the form of addresses like that:

Code:

        {
            "address": "1Cuzj8Js52vsbh2lCuzj8Js52vsbh2l", 
            "encrypted private key": "baf730248de6ac78037bd27afd217dbaf730248de6ac78037bd27afd217dbaf730248de6ac78037bd27afd217d"
        }, 

and add encryption info inside the wallet so that Bitcoin knows if the passphrase you provide is correct

The passphrase + the encryption info are the only way to goes from "encrypted private key" to "private key" and "private key" is the only way to redeem your coins

[rupy]

Ok, so old wallet should still work?!

But why does the warning window say: YOUR OLD WALLET WILL STOP TO WORK!!

And when I tried to use the old wallet it really didn't work... so probably the client stores some state as "locked" locally?

My god I hate software that treats users as morons and hides the real inner workings!

[jackjack]

Afaik, yes, a unencrypted backed up wallet will still work
But I may have missed an update that made it otherwise

[Dabs]

When you encrypt a wallet, its throws away all the old unused pre-generated change addresses and makes a hundred new ones.

Before you do anything, you back up your existing wallet.

When you encrypt your wallet, my suggestion would be to just create a brand new wallet, encrypt that, then transfer your coins from the old wallet to the new encrypted wallet.

I'm going to do just that on my next acquisition of at least 1.0 bitcoins. My current wallet has a bunch of dust that I don't mind consolidating. (I wonder if it can be done for free or for a very low transaction fee.)

[rupy]

Ok, why does the client pregenerate addresses?

And still why does the dialogue say "your old wallet won't work anymore" if that's false?

[kjj]

When you set an encryption key for your wallet, all unused keys in it get marked as used, so they won't be handed out to satisfy requests for new addresses.  This is to keep you from getting money sent to potentially unsafe keys.  However, the keys are not marked invalid or discarded, so if you do manage to get one (using pywallet or db_dump or something), you can still use money sent to it.

Now, with all of the keys marked as used, your node needs to generate a bunch of new keys for the keypool, so that it can give you addresses without asking for the encryption key again*.  This means that your wallet now has a bunch of keys in it that are not in the backup you made before encrypting.  If you ask for a new key, and then restore from your backup, any money sent to that key will be lost and gone forever.  So, right about now is a very good time to try to scare you into making a new backup.

The reason the message says that your wallet won't work any more is because people don't want to read a detailed essay on wallet key and backup management.  The message just needs to convince people to make new backups, not necessarily go into all of the gory details about how and why.

If you can think of a concise message (that is also easily translatable) that is likely to get people to make new backups, without technically being a lie, please suggest one.

*  Yes, it needs the encryption key to encrypt your new keys.  It uses AES which is symmetric.  Once your wallet is encrypted, the client is no longer able to generate keys without your help.  Fortunately, the keypool is big enough that for most people, they will provide the encryption key (giving the client an opportunity to safely store the encrypted keys) during normal usage long before the pool of unused keys is depleted.  And yes, there are reasons why the keys aren't stored with public key crypto, which would allow unattended write-only access to the key storage.

[rupy]

Ah, thx big time!

How about:

You ask for the password every time you generate new addresses (instead of pregenerating 100 without knowing AT ALL how many will be ever needed) and at that time say "we will ask you for your password to encrypt this/these address(es), this also means you have to backup your wallet.dat file IMMEDIATELY AFTER before ANY payment is made to the new address(es)".

BEFORE encryption occurs so the user can CHOOSE what to do with a NO/CANCEL button!!!

Also again, why didn't the old wallet work? If it should still work, it should still work. I'm a grownup and I know that if I don't delete my old unencrypted wallets and someone steals them from me I can only blame myself. I mean I'm the one pressing "encrypt", I know that means I'm encrypting.

The ONLY thing in the whole world that matters is that I don't loose my coins, ONLY in a far away second place comes the fear of someone stealing them!!!

So in retrospect wallets should NOT include any other information than I told the software to store there. IE private keys, no history, no pregenerated keys, no nothing else but the private keys I want to be there. PERIOD

Since the size of the wallet grows with each transaction now, noobs will think they need to rebackup after each transaction, that has to stop. So lets keep the transaction history somewhere else ok?

It's REALLY REALLY crucial to get this right for future user adoption since loosing your wallet is the only real "flaw" of BTC.

This is unacceptable user experience if you want anyone other but hardcore linux nerds to use BTC.

[Jokah]

I encrypted my wallet and forgot my password. I removed the wallet from the bitcoin folder and replaced with a new one. I then re downloaded the block chain and that worked for me. 

[DannyHamilton]

You ask for the password every time you generate new addresses (instead of pregenerating 100 without knowing AT ALL how many will be ever needed)

Bitcoin-Qt pregenerates addresses so that you don't have to create a new backup after EVERY transaction that you create.  Bitcoin-Qt needs a new address for the "change" from the transaction.

and at that time say "we will ask you for your password to encrypt this/these address(es), this also means you have to backup your wallet.dat file IMMEDIATELY AFTER before ANY payment is made to the new address(es)".

This would be impossible, since Bitcoin-Qt is creating the address specifically as a place to send the "change".

BEFORE encryption occurs so the user can CHOOSE what to do with a NO/CANCEL button!!!

I don't understand how this could work.

Also again, why didn't the old wallet work? If it should still work, it should still work. I'm a grownup and I know that if I don't delete my old unencrypted wallets and someone steals them from me I can only blame myself. I mean I'm the one pressing "encrypt", I know that means I'm encrypting.

The only reason it wouldn't have worked would be if you had already created a transaction sending some bitcoins after encrypting the wallet.  In this case the "change" would be sent to one of the new encrypted addresses in the new wallet that don't exist in the old unencrypted wallet.

The ONLY thing in the whole world that matters is that I don't loose my coins, ONLY in a far away second place comes the fear of someone stealing them!!!

Then it would be a good idea to learn how the wallet works BEFORE you make a decision to use it.

So in retrospect wallets should NOT include any other information than I told the software to store there. IE private keys, no history, no pregenerated keys, no nothing else but the private keys I want to be there. PERIOD

Then you shouldn't be using the Bitcoin-Qt reference client.  This wallet has a built in feature that sends change to a brand new address that it doesn't tell you about.

Since the size of the wallet grows with each transaction now, noobs will think they need to rebackup after each transaction,

And if it didn't pre-generate addresses, they would.

that has to stop. So lets keep the transaction history somewhere else ok?

Nah, it's not a bad thing if noobs are creating a lot of backups.  It's much better than them creating no backups.

It's REALLY REALLY crucial to get this right for future user adoption since loosing your wallet is the only real "flaw" of BTC.

I agree.  Fortunately there are several wallet options available.  Each user is welcome to do their own research and choose the wallet that best suits their needs.  Hopefully in the future there will be more options.

This is unacceptable user experience if you want anyone other but hardcore linux nerds to use BTC.

I agree.  The Bitcoin-Qt client is designed for the best possible security and reliability of the bitcoin network.  The user functions are minimal and sufficient for technically inclined people.  Those who are not technically inclined would be better served by an alternate wallet.