My (and many others') rant about Bitcoin-QT

[whiskers75]

TLDR: Bitcoin-QT needs to make addresses and their uses clearer if it wants to be widely adopted.

How many panic posts do we get on here with a person confused with addresses thinking "they've been hacked!!!!111!!"? Quite a lot. Bitcoin-QT's "keypool" was not a good idea, and it should either be disabled by default, removed, or given a way to be managed easily, as this leads to the question: "I thought 1whiskrpGeZVd5ormX2ihifc9uB2YSz82 was my bitcoin address, but I sent BTC to it and it's gone! Why?" Bitcoin-QT does not let me see (if I wanted to) ALL my bitcoin addresses (+ keys) plus every other address I ever received BTC to or sent BTC from. More control is needed, and this leaves me firmly in the hands of Electrum and blockchain info (plus every other easy-to-manage wallet out there.)

[/rant]

[1715334051]

1715334051

[1715334051]

1715334051

[1715334051]

1715334051

[Frozenlock]

Bitcoin-qt requires you to download the blockchain.

Just by this measure, I would consider bitcoin-qt to be for advanced users.

[wumpus]

To be concrete: what are you trying to do?

How do you get from "I cannot list all addresses" to "I've been hacked!!!"?

Unless keys disappear from your wallet, which is impossible with the Satoshi client as it doesn't support deleting private keys, none of the things you mention should result in losing coins.

Anyway, if the address stuff confuses you, there is good news: The eventual goal is to abstract addresses (which are indeed a confusing concept, in retrospect "one-time paying codes" would have been better) away completely through the payment protocol, so you can pay to persons/merchants instead of random codes.

Showing addresses (both receiving and sending) encourages re-use, which is bad enough, and showing 100's of them isn't going to make it any better, I'm afraid it's only going to make people more confused (why do I have so many addresses?).

[DeathAndTaxes]

Well keypool is a great idea, otherwise the first time you send a tx any backup would become obsolete.  Without a keypool (or deterministic wallet) to avoid fund loss would require continually backing up after every single transaction.

The issue isn't the keypool, the "issue" is that the QT wallet shows users some of their addresses and then (for their own good?) hides some of them.  A user seeing they have 100 addresses and seeing their coins sent to one of their 100 addresses is going to be less confused then a user seing they only have 10 addresses (because the QT wallet "helps" by hiding the other 100) and then seeing their funds go to an address "not" in their wallet.

Abstracting information from users is a good design choice.  Even if the unused keys in the keypool are hidden ONCE AN ADDRESS HAS FUNDS it shouldn't be hidden from the user.

i.e. user sends 1 BTC using 10 BTC output, 9 BTC is sent to unused keypool address 123.  As soon as the tx is created address 123 should be added to the list of addresses.  If the developers wants to it could have the word "change" next to it with a "?" for more info.  Hiding addresses which have been sent funds is just a recipe for fund loss.

[wumpus]

If the developers wants to it could have the word "change" next to it with a "?" for more info.  Hiding addresses which have been sent funds is just a recipe for fund loss.

Sounds like a good idea, maybe with a checkbox "show change addresses", or a separate debug window that can show it all to nosy users.
I've already proposed that before, but never got around to making it.
If someone is bored and feels like implementing it, be my guest

[tmbp]

Bitcoin-qt is for services, not for users.

[noedaRDH]

Can anyone tell me if I get this right? What if I have a bunch of offline cold wallets. If I were to spend all the coins one of these wallets, don't I just put the corresponding wallet.dat file in the right directly and let BitcoinQT do its thing (with -rescan)? Or do I have to do something else to make sure I don't lose the coins?

[Loozik]

I too have a few questions. I am a non-techie newbie. I will appreciate answering.

A. CASE #1

1. At the moment I can see 2 addresses in my Bitcoin-Qt. Let's assume the balance in my Bitcoin-Qt is BTC 10.

2. When I send BTC 1 to a friend of mine, the remaining  BTC 9 is sent to another address of mine (the one I can't see within a pool of about 100 addresses sitting hidden in wallet.dat) - am I correct?

3. Is blockchain.info the only place I can check to which address BTC 9 were sent? What if blockchain.info is down? Is there a way to check from within Bitcoin-Qt to which address BTC 9 were sent?

--------------------------------------------------------------------------------------

B. CASE #2

1. I am given a present, a print-out from bitaddress.org - an address with BTC 5 in it and a private key to this address.

2. The moment I import the private key from the print-out in my Bitcoin-Qt:
a) BTC 5 is added to the balance in my Bitcoin-Qt, and also
b) the address from the print-out is added to a pool of addresses in my wallet and no-one else can use this address but me - I am correct?

--------------------------------------------------------------------------------------

C. CASE #3

1. There is / are account(s) in a wallet. There are addresses in accounts - I am correct?

2. When I pay BTC 1 somebody for a service, the remaining BTC 9 are sent to a hidden address. These BTC 9 are sent internally to the same account as the original BTC 10 or to a new account?

Thank you.

[charleshoskinson]

I'm making a lecture tonight on bitcoin-QT and I'd love to include a structured criticism section in the lecture. What would you guys say are the five biggest weaknesses of bitcoin-QT:

https://www.udemy.com/bitcoin-or-how-i-learned-to-stop-worrying-and-love-crypto/

[gweedo]

I'm making a lecture tonight on bitcoin-QT and I'd love to include a structured criticism section in the lecture. What would you guys say are the five biggest weaknesses of bitcoin-QT:

https://www.udemy.com/bitcoin-or-how-i-learned-to-stop-worrying-and-love-crypto/

There are no weakness, there are inconveniences but weakness would suggest it can be hacked and it really can't be hack.

[charleshoskinson]

There are no weakness, there are inconveniences but weakness would suggest it can be hacked and it really can't be hack

This reminds me of a quote from one of the devs of internet explorer saying that if IE 6 is used properly it is almost unhackable. There is a world of difference between proper use and actual use. I'm discussing weaknesses in terms of useability or encouraging potentially unsafe behavior.

The key pool purge after encryption is an example on a weakness in my opinion for those backing up their wallet. 

[gweedo]

There are no weakness, there are inconveniences but weakness would suggest it can be hacked and it really can't be hack

This reminds me of a quote from one of the devs of internet explorer saying that if IE 6 is used properly it is almost unhackable. There is a world of difference between proper use and actual use. I'm discussing weaknesses in terms of useability or encouraging potentially unsafe behavior.

The key pool purge after encryption is an example on a weakness in my opinion for those backing up their wallet. 

That is an inconvenience, not a weakness. This is why newbies shouldn't be making classes, now your going to spread false information to people who will think your an expert. Thank you for spreading misinformation.

[charleshoskinson]

That is an inconvenience, not a weakness. This is why newbies shouldn't be making classes, now your going to spread false information to people who will think your an expert. Thank you for spreading misinformation.

Gweedo my goal is to help people understand how Bitcoin works. Maybe one day, i'll be as knowledgeable and wonderful as you, but until then I'm simply going to continue working hard and answering as many questions as I can. You may have also noticed that I have reached out to many experts within the community including Wladimir J. van der Laan to help me edit and refine my content.

In all the software projects I've worked on, weaknesses are not just considered security flaws. If I build a system that requires my users to do something cumbersome to be safe, then most users will not do it. I am truly sorry such a concept is lost to you. I am also sorry that I have offended you in some way by building a free course with members of this community.

[gweedo]

That is an inconvenience, not a weakness. This is why newbies shouldn't be making classes, now your going to spread false information to people who will think your an expert. Thank you for spreading misinformation.

Gweedo my goal is to help people understand how Bitcoin works. Maybe one day, i'll be as knowledgeable and wonderful as you, but until then I'm simply going to continue working hard and answering as many questions as I can. You may have also noticed that I have reached out to many experts within the community including Wladimir J. van der Laan to help me edit and refine my content.

In all the software projects I've worked on, weaknesses are not just considered security flaws. If I build a system that requires my users to do something cumbersome to be safe, then most users will not do it. I am truly sorry such a concept is lost to you. I am also sorry that I have offended you in some way by building a free course with members of this community.

No I was very happy you changed it from that greedy $9 to free, and even gave it to some friends. But now your just saying the software has weaknesses it clearly doesn't have a weakness, if it did I be the first one on a soapbox screaming about it. Weakness in software development means that it can be hacked. This is an inconvenience that is necessary so a hacker couldn't take advantage. So I think you need more refinement and more information before making insane comments, that discredit you and your course.

Also your failing at your goal as in to help people if your going start saying misinformation.

Also I am sorry but since I work for my self and I been working with bitcoin for the last 2 years, I doubt you be as knowledgable as me, but you can try. I am probably more than 3/4 to the 15,000 hours to be an expert on bitcoin.

[charleshoskinson]

No I was very happy you changed it from that greedy $9 to free, and even gave it to some friends. But now your just saying the software has weaknesses it clearly doesn't have a weakness, if it did I be the first one on a soapbox screaming about it. Weakness in software development means that it can be hacked. This is an inconvenience that is necessary so a hacker couldn't take advantage. So I think you need more refinement and more information before making insane comments, that discredit you and your course.

You know you're right. How about I explain the formal definition as described by CWE -[http://cwe.mitre.org/] for a mainstream course designed for average everyday people. Let's spend hours using highly technical language and very precise definitions so everyone can be an armchair software engineer by the end of the course. Yes you are correct about your use of weakness. I fundamentally disagree with weaknesses being used in this sense and some members of the software development community agree with a broader notion. If I engineer my UI in a way that encourages the user to do something that could result in a hacker exploiting the software, then it is a weakness. It is not in a technical sense you are correct. But the end result is the same, the user gets screwed. Look at windows vista and UAC. Go ahead and google it. This is a the very first result: http://www.petri.co.il/disable_uac_in_windows_vista.htm. UAC was meant to correct issues windows xp had and it was so poorly designed that users turned it off. All that code was wasted.

I will not use the term nor did I intend to do so in a technical sense here. I was merely trying to collect people's frustrations with bitcoin-qt so I could make sure new users don't experience the same problems you had. Get off your damn high horse and stop being an ass. I'm trying to help this community.

[wumpus]

A. CASE #1

1. At the moment I can see 2 addresses in my Bitcoin-Qt. Let's assume the balance in my Bitcoin-Qt is BTC 10.

2. When I send BTC 1 to a friend of mine, the remaining  BTC 9 is sent to another address of mine (the one I can't see within a pool of about 100 addresses sitting hidden in wallet.dat) - am I correct?

3. Is blockchain.info the only place I can check to which address BTC 9 were sent? What if blockchain.info is down? Is there a way to check from within Bitcoin-Qt to which address BTC 9 were sent?

Why are you (as a newbie) concerned what address the coins are on? I'm sorry to say this, and I'm willing to explain how it works, but to normal users the wallet should be an opaque abstraction. Usually when people want to work with individual addresses, they're doing something dangerous or wrong.
You can be assured that the change will go to a private key under your control, otherwise you would no longer see it in your balance.

B. CASE #2

1. I am given a present, a print-out from bitaddress.org - an address with BTC 5 in it and a private key to this address.

2. The moment I import the private key from the print-out in my Bitcoin-Qt:
a) BTC 5 is added to the balance in my Bitcoin-Qt, and also
b) the address from the print-out is added to a pool of addresses in my wallet and no-one else can use this address but me - I am correct?

This is true if the sender of the address hasn't stored it somewhere, or it didn't get intercepted (privkeys, like any digital data, can be copied arbitrarily in transfer). If you generated it yourself with an offline tool you can assume this is safe.

So: Import only private keys of which you are sure no one else has them. Otherwise, importing addresses can be risky (as the address will be in two wallets, there's no saying what can happen, but the other person can spend them too and your balance can get corrupted).

For transfers of coins use a transaction, do not ferry around privkeys.

And whatever you do, never export addresses as a means of sending coins.

1. There is / are account(s) in a wallet. There are addresses in accounts - I am correct?

2. When I pay BTC 1 somebody for a service, the remaining BTC 9 are sent to a hidden address. These BTC 9 are sent internally to the same account as the original BTC 10 or to a new account?

I don't know this. TBH, I've never liked the account system much. It is an accounting mechanism and not an isolation mechanism, the addresses give the wrong indication: they are just receiving addresses for that account, they to not necessarily contain all its coins!. It's also not exposed in the UI.
In an upcoming Bitcoin-Qt (either 0.9 or 0.10) we are going to support true multiple wallets, which provide the isolation that you want here.

I will not use the term nor did I intend to do so in a technical sense here. I was merely trying to collect people's frustrations with bitcoin-qt so I could make sure new users don't experience the same problems you had. Get off your damn high horse and stop being an ass. I'm trying to help this community.

Warning users against some bad practices with Bitcoin-qt is good. For example, please warn them that messing around with importing/exporting private keys is dangerous (see above) and a recipe for coin loss or theft.

It's also perfectly fine to recommend another client to newbies, as long as you also warn of their respective risks (for example, theft with online wallets) as well.

[charleshoskinson]

John could you help answer this question on stackexchange?

http://bitcoin.stackexchange.com/questions/10117/are-change-addresses-visible-from-the-gui-in-the-bitcoin-qt-client/10140?noredirect=1#comment13366_10140

[wumpus]

John could you help answer this question on stackexchange?

http://bitcoin.stackexchange.com/questions/10117/are-change-addresses-visible-from-the-gui-in-the-bitcoin-qt-client/10140?noredirect=1#comment13366_10140

Sipa is correct there.

[charleshoskinson]

The addresses appeared in the GUI list of receiving address, with no description against them. I've run several versions of the client over time starting from something like 0.3, and as far as I'm aware new addresses have continued to appear in the list occasionally up to at least version 0.7 There's about 10 there now that I didn't create, and I've re-labelled several more for use too. Thanks for your answer!

This is the weird part

[wumpus]

The addresses appeared in the GUI list of receiving address, with no description against them. I've run several versions of the client over time starting from something like 0.3, and as far as I'm aware new addresses have continued to appear in the list occasionally up to at least version 0.7 There's about 10 there now that I didn't create, and I've re-labelled several more for use too. Thanks for your answer!

This is the weird part

That indeed sounds weird.

The old UI (wxbitcoin) used to generate new, unlabaled addresses in some circumstances. With Bitcoin-Qt this should not be happening.

The wallet starts with one receiving address, and all receiving addresses after that should be manually created. If receiving addresses still appear out of the blue with 0.8.x this is a (minor) bug. To be able to fix it I need a way to reproduce it.