easy offline transactions - 1 BTC bounty

[BkkCoins]

> Since the web page is verified the page it creates for moving offline should be trustworthy to the same level as one that you already have offline that you would paste data into.

You would have to re-verify it each time you use it though, if you think your online machine might be compromised in the future... if you keep it saved locally there is a running possibility of being compromised at a later date. I can imagine with the other approach this verification only needs doing once, so you only need care about being compromised the time at which you download + copy the "signtransaction.html" across to the offline machine. So the window of attack is smaller. (But still sadly present of course.)

Yes. I think ideally then it could create a new text page with only instructions and data which the user can Save As to the offline device. You would only enter the destination address on the offline computer at signing time.

The signing page could have a File Open button that allows selecting the input data file and a send-to address field. It could also have a paste button for those that like to copy+paste but I think users would find it easier to click Open and choose a file. Once loaded a nicely formatted summary would be presented before the user pastes in keys or click to Open a Key File (which could contain multiple keys) making it easy to sign the transaction.

I may still code this up for fun even though it sounds like the bounty is committed already.

[w1R903]

It looks like I may have to run my own node on a VPS earlier for queries to the blockchain for unspent outputs, and then to broadcast the signed tx.  I'm running into problems now with the cross-domain requests to blockchain.info, even through it was working before.  I suspect that since both brainwallet and I are using YQL to query the blockchain.info API, we might be running into some kind of API limits set by Ben.  I've put in a support request to blockchain.info about the issue, and also asked here on the forum.

While I could change the code to use blockchain explorer's API (they use a different format), I hesitate to do so since we could run into the same issue with them.  

Meanwhile, I've put up some UI improvements to the github repo.

EDIT: Having looked into the blockchain.info situation further, it's clear that we're being blocked.  This is probably because brainwallet and I are both using YQL (Yahoo) to access blockchain.info client-side (otherwise we run into cross-domain issues).  As such, to blockchain it looks like one requester, and so we're rate limited as soon as brainwallet is.  It's possible we're running into daily limits, since I had only run 2-3 requests today when it stopped working.  In any case, I'm concerned the same could happen with block explorer API, so I'm looking into hosting this API myself.  Unfortunately, I had forgot that bitcoind client does not catalog the unspent outputs of every address -- just those from the local wallet.dat -- so there is no rpc command to simply fetch the outputs for a given address. As such, I have to build up that database myself.  I've started on this today and will try to get it done in the next day or two.

[xDan]

> I'm feeling more and more that the appropriate place to enter the destination address and transaction amount may be in the offline component.  Is convenience the main reason you want to enter the address and amount in the online component?

Yes, it was... it seems easier to copy + paste the destination address on the online machine. Also it seems conceptually simpler (at least to me) that all you are doing offline is the "signing". I could live with the other approach though.

Anyway, it's a great job you're doing, looks really nice too.

When you think it's ready enough, I'll send you the 1 BTC bounty using it


BkkCoins, the more options we have to do this the better, of course!

[BkkCoins]

It looks like I may have to run my own node on a VPS earlier for queries to the blockchain for unspent input, and then to broadcast the signed tx.  I'm running into problems now with the cross-domain requests to blockchain.info, even through it was working before.  I suspect that since both brainwallet and I are using YQL to query the blockchain.info API, we might be running into some kind of API limits set by Ben.  I've put in a support request to blockchain.info about the issue, and also asked here on the forum.

While I could change the code to use blockchain explorer's API (they use a different format), I hesitate to do so since we could run into the same issue with them.  

Meanwhile, I've put up some UI improvements to the github repo.

EDIT: Having looked into the blockchain.info situation further, it's clear that we're being blocked.  This is probably because brainwallet and I are both using YQL (Yahoo) to access blockchain.info client-side (otherwise we run into cross-domain issues).  As such, to blockchain it looks like one requester, and so we're rate limited as soon as brainwallet is.  It's possible we're running into daily limits, since I had only run 2-3 requests today when it stopped working.  In any case, I'm concerned the same could happen with block explorer API, so I'm looking into hosting this API myself.  Unfortunately, I had forgot that bitcoind client does not catalog the unspent outputs of every address -- just those from the local wallet.dat -- so there is no rpc command to simply fetch the outputs for a given address. As such, I have to build up that database myself.  I've started on this today and will try to get it done in the next day or two.

Is it possible to use the stratum protocol from JS to access any of the Electrum servers? Electrum servers can provide all the info needed for building trx. You can query irc dynamically to get a list of them and since there are quite few you have redundancy you couldn't get with your own or blockchain.info. I don't know if cross sites issues prevent this. You could run an Electrum server or proxy to one.

[w1R903]

Is it possible to use the stratum protocol from JS to access any of the Electrum servers? Electrum servers can provide all the info needed for building trx. You can query irc dynamically to get a list of them and since there are quite few you have redundancy you couldn't get with your own or blockchain.info. I don't know if cross sites issues prevent this. You could run an Electrum server or proxy to one.

Thanks for the tip -- I'm very interested in this possibility.  So I can query Electrum for the unspent outputs of an arbitrary address, not just the addresses in the wallet? Is this part of the Electrum API documented anywhere?  Again, I appreciate the information.

[BkkCoins]

Is it possible to use the stratum protocol from JS to access any of the Electrum servers? Electrum servers can provide all the info needed for building trx. You can query irc dynamically to get a list of them and since there are quite few you have redundancy you couldn't get with your own or blockchain.info. I don't know if cross sites issues prevent this. You could run an Electrum server or proxy to one.

Thanks for the tip -- I'm very interested in this possibility.  So I can query Electrum for the unspent outputs of an arbitrary address, not just the addresses in the wallet? Is this part of the Electrum API documented anywhere?  Again, I appreciate the information.

I think so but haven't coded any tests. I don't think the server has any knowledge of the wallet. It just receives an address to get the history for. Electrum works with normal key/addresses as well as deterministic addresses so it should handle either. I have looked at the server source code to understand and check the code. I believe the API is quite simple but I'm not sure it's documented. It's been a while since I looked. My recollection is there is only 2 or 3 API calls and one of them is a history call that returns history for an address. The client uses this to update the wallet with the info needed to make transactions and show a balance.

I ran my own Electrum server for a few months. It's basically a slightly patched bitcoind with a thin layer on top for Electrum. It does take somewhat more disk space.

I'm quite curious about this so if you can wait a bit I'm going to go and see how it works.

[BkkCoins]

Thanks for the tip -- I'm very interested in this possibility.  So I can query Electrum for the unspent outputs of an arbitrary address, not just the addresses in the wallet? Is this part of the Electrum API documented anywhere?  Again, I appreciate the information.

I did a little exploring with a test python script. I didn't get far with JS because I'm just not familiar with using sockets there and my brief trial just confused me. Seems like using a socket and tcp would bypass cross site limitations but I'm unsure. Electrum servers also support HTTP mode as well but I'm guessing there is cross site issues (maybe). The server API is very simple as seen below.

Anyway, I did have some success with the script below and it shows the bare bones (no error checking) steps to access an Electrum server and get trx details. It could have been very simple except the trx data is returned in a BCD stream and so you need to pull in some bitcoin stuff to decode it. I think this could be simplified.

Anyway, just for example purposes, this takes an address and dumps it's outputs available for making a transaction. Relatively few JSON calls gets what I presume is sufficient data, since Electrum appears to be able to sign and send with this info.

Code:

#!/usr/bin/env python

host = "electrum.slush.cz"
port = 50001
addr = '---insert bitcoin address here---'

import sys, socket, json
from bitcoin import Hash, hash_encode

def deserialize_tx(tx_hash, tx_height, raw_tx):
    assert tx_hash == hash_encode(Hash(raw_tx.decode('hex')))
    import deserialize
    vds = deserialize.BCDataStream()
    vds.write(raw_tx.decode('hex'))
    d = deserialize.parse_Transaction(vds)
    d['height'] = tx_height
    d['tx_hash'] = tx_hash
    return d

s = socket.socket( socket.AF_INET, socket.SOCK_STREAM )
s.settimeout(2)
s.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1)

try:
	s.connect(( host.encode('ascii'), int(port)))
	s.settimeout(60)
	print "connected to", host, port
except:
	print "cannot connect to", host, port
        sys.exit(1)
	
method = 'server.version'
params = ["1.6.1","0.6"]
mid = 0
request = json.dumps( { 'id':mid, 'method':method, 'params':params } )
s.send(request+'\n')
r = json.loads(s.recv(1024))
print json.dumps(r)

method = 'blockchain.address.get_history'
params = [addr]
mid += 1
request = json.dumps( { 'id':mid, 'method':method, 'params':params } )
s.send(request+'\n')
r = json.loads(s.recv(1024))
print json.dumps(r)

for tx in r['result']:
	method = 'blockchain.transaction.get'
	params = [tx['tx_hash'], tx['height']]
	mid += 1
	request = json.dumps( { 'id':mid, 'method':method, 'params':params } )
	s.send(request+'\n')
	r = json.loads(s.recv(1024))
	print deserialize_tx(tx['tx_hash'], tx['height'], r['result'])

Example output,

Code:

connected to electrum.slush.cz 50001
{"id": 0, "result": "0.7"}
{"id": 1, "result": [{"tx_hash": "d4375a543afe4da893faacad120e0d0d30daf3452fa8d66142170a7e835f59c3", "height": 229437}, {"tx_hash": "b135c1e8940df7ab0f53a52c3aaffd56ecd1b503a5013dfc97d9265e683f1e5e", "height": 230077}]}
{'tx_hash': u'd4375a543afe4da893faacad120e0d0d30daf3452fa8d66142170a7e835f59c3', 'inputs': [{'sequence': 4294967295L, 'prevout_hash': 'e3067055031b8323219b5a3264cb42ca939a4f362321960a9d31d079a154e719', 'address': '17WdqD9ns1xQXgpLsyHKTiKAhW5SAiPzBo', 'prevout_n': 1}], 'outputs': [{'index': 0, 'raw_output_script': '76a914638c8d46f2752a13032305a74ee1ff145163af6d88ac', 'value': 17499492569L, 'address': '1A5NGhwhJ9hm9K7q6hSRcd3SRJHVChBrKW'}, {'index': 1, 'raw_output_script': '76a91473385c7083e101175aa3300fec561f54233d318988ac', 'value': 15166296, 'address': '1BWEE6g3NYpCLNkBapwZuLFxcKgKSasTEe'}], 'height': 229437, 'version': 1, 'lockTime': 0}
{'tx_hash': u'b135c1e8940df7ab0f53a52c3aaffd56ecd1b503a5013dfc97d9265e683f1e5e', 'inputs': [{'sequence': 4294967295L, 'prevout_hash': '9bb2161d9cc82e748dc679636de240bacb1fef3dd88f850765fc6eb07b1a5466', 'address': '1ApT5D6JLAgDbcXr37U9fWFXSBdu3egWTz', 'prevout_n': 1}], 'outputs': [{'index': 0, 'raw_output_script': '76a91473385c7083e101175aa3300fec561f54233d318988ac', 'value': 18531493, 'address': '1BWEE6g3NYpCLNkBapwZuLFxcKgKSasTEe'}, {'index': 1, 'raw_output_script': '76a914b8bad5e01745ca39a8175223daacc9355b1bd7d488ac', 'value': 438817991, 'address': '1Hqm9rPQP67EjyayXTay1sqgAcxUXbYF1X'}], 'height': 230077, 'version': 1, 'lockTime': 0}

[xDan]

Any update on this? Has not being able to rely on BlockChain.info caused a lot of problems?

(thought I'd test it and maybe try sending the 1 BTC, alpha quality or not, however the transaction data request did not seem to work.)

Shall I pester BlockChain.info and ask if they will support jsonp?

[calian]

OK, any updates? I'll add 0.5 btc to the bounty if it is able to do the following:

Create transactions from one or multiple inputs to one or multiple outputs (at least 20) and control where the change is sent. Also it needs to automatically calculate and include the correct fee (or at least prompt and give the option to include the correct fee).

This bounty is good til the end of May 2013. PM me if you complete it so I can pay, using the software of course.

[Polvos]

Ok, let's get this done. I'll add 1BTC to the bounty for something noob friendly like bitaddress.com. When the page is ready, please send me a PM with a link to it and I will pay the bounty to the coder. We really need it.

[jackjack]

Wasn't that supposed to be a software?

[Polvos]

Wasn't that supposed to be a software?

Isn't better a web page with javascript like the bitaddress example? You can use it online searching for unspent outputs in blockchain.info and use it  offline after that for signing the transaction with your private key. I'm not a coder, but those are my thoughts. I'm sorry to say this, but I used your python pywallet and I found it very noob unfriendly. At least, as a no coder I found very unpleasant learning how to install python in order to start using your software.

[Polvos]

Brainwallet is really good:

http://brainwallet.org/#tx

But I'd like a more user friendly way of selecting unspent outputs for one or more adresses, and most important, a noob friendly way to prevent loosing the change as a transaction fee. I don't know how, maybe asking for the noob user to select a predefined change address before building transactions. It won't be a bad idea if we add some tutorial or help to guide people in what they are doing too. Even warning them about the dangers of forgetting the change address or not counting the BTC in Satoshis.

I can tell you that, even knowing how to use brainwallet, I'm always panicking about all the mistakes I can make and end up injecting my private key in blockchain.info and doing the transaction from there.

[xDan]

Brainwallet.org is good, it's not offline though, that was the problem for me.

w1R903's work done already is very good. Almost feature complete, except for the requesting of necessary block chain data. It requires relying on a remote server which seems to make this a harder problem to solve than I expected.

Maybe if someone else can fix w1R903's implementation to work (e.g. connecting to Electrum servers if that is possible!?) the bounty could be split 50-50? (Since, technically my bounty could be considered expired anyway since it's past april...)

(and it seems w1R903 has gone AWOL)

just a thought...

[Emergenz]

The first prototype of w1R903's bitcoin-secured seems to work fine. I tried to make it more straightforward to use.

Online part:
http://offlinewallet.appspot.com/

Offline part:
http://offlinewallet.appspot.com/signtransaction.zip

[calian]

The first prototype of w1R903's bitcoin-secured seems to work fine. I tried to make it more straightforward to use.

Online part:
http://offlinewallet.appspot.com/

Offline part:
http://offlinewallet.appspot.com/signtransaction.zip

OK, I haven't tried it yet but where do you enter the change address? Or does it just send the change back to the original address?

[calian]

Brainwallet.org is good, it's not offline though, that was the problem for me.

Brainwallet is offline. You just save the complete webpage and copy it over to your offline machine. I noticed he's added multiple output addresses as well. The only thing it's lacking now is multiple input addresses and I don't know if it can calculate the proper fee.

[TheButterZone]

Don't recommend using it anymore because of non-fee calculation and /pushtx being fucked up, but if you have to, download the source, not the website (the site could be easily hacked, redirected, recoded to steal your BTC). Source: https://github.com/brainwallet/brainwallet.github.com/archive/master.zip

[CIYAM]

Brainwallet is offline. You just save the complete webpage and copy it over to your offline machine. I noticed he's added multiple output addresses as well. The only thing it's lacking now is multiple input addresses and I don't know if it can calculate the proper fee.

It does not work offline for raw tx's as it cannot determine the inputs (you need a blockchain for that).

It also cannot calculate a correct fee.

[xDan]

The first prototype of w1R903's bitcoin-secured seems to work fine. I tried to make it more straightforward to use.

Online part:
http://offlinewallet.appspot.com/

Offline part:
http://offlinewallet.appspot.com/signtransaction.zip

Thanks. That does seem to work.

I sent w1R903 his 1 BTC as a test:
https://blockchain.info/tx/a0333dcedebe862471f427ee728c43d7368d62cf4456b4d9af9fc3cad9676855

Will test further...

Edit:

Anyone else testing this, you might want to use a service such as this:
https://coinb.in/decode-raw-transaction.html

...to validate the final transaction. (Before sending it via https://blockchain.info/pushtx )