Matthew N. Wright (OP)
Untrustworthy
Hero Member
 Offline
Activity: 588
Merit: 500
Hero VIP ultra official trusted super staff puppet
|
 |
May 24, 2013, 06:43:15 AM |
|
I'm working on a project now that unfortunately has hit a snag in my new philosophy of not requiring trust. I went to someone whom I know has dealt with this problem before (Mike Caldwell / Casascius), but am disappointed to find that he agreed with me that basically there is no way around needing trust for it.
So since I don't want anyone to have to trust me personally to create a private key and store it, I'd prefer asking the community who they feel comfortable doing it for them. Who do you trust most to create a key for you?
(I'll be in contact with the winner of the poll to work with them to outsource key generation to them directly.)
|
|
|
|
|
|
|
|
|
|
|
|
|
The block chain is the main innovation of Bitcoin. It is the
first distributed timestamping system.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
franky1
Legendary
 Online
Activity: 4200
Merit: 4412
|
|
May 24, 2013, 12:21:46 PM |
|
i would prefer a very simple code that people can input a bunch of randomness into a variable and it gives the output of a private and public key.
basically just the brain wallet section of bitaddress, without the extra functions or html code.
wrote in:
PHP
Python
VB.NET
C++
Javascript
Java
etc
then people can themselves play with whatever they like as a random number/word/phrase etc to link to the input variable. and play with how to display the output variables.
|
I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER.
Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
|
|
|
Matthew N. Wright (OP)
Untrustworthy
Hero Member
Offline
Activity: 588
Merit: 500
Hero VIP ultra official trusted super staff puppet
|
|
May 24, 2013, 12:27:43 PM |
|
i would prefer a very simple code that people can input a bunch of randomness into a variable and it gives the output of a private and public key.
basically just the brain wallet section of bitaddress, without the extra functions or html code.
wrote in:
PHP
Python
VB.NET
C++
Javascript
Java
etc
then people can themselves play with whatever they like as a random number/word/phrase etc to link to the input variable. and play with how to display the output variables.
I'd prefer that too but it's not an option for various reasons. |
|
|
|
|
xrp123
|
|
May 24, 2013, 12:40:31 PM |
|
I trust coinbase!
|
|
|
|
|
Sukrim
Legendary
Offline
Activity: 2618
Merit: 1006
|
|
May 24, 2013, 12:47:39 PM |
|
Why is this key needed? To have an address that the client has no access to (yet)? To hold funds in escrow?
For the first part, something similar to pooled vanity mining might be useful, in the second case there's no way around it I fear (you could look into time locked transactions maybe).
|
|
|
|
TheKoziTwo
Legendary
Offline
Activity: 1552
Merit: 1047
|
|
May 24, 2013, 01:02:07 PM |
|
Well, my first choice is https://www.bitaddress.org, but from what I can tell you won't be able to use that, so my second vote goes to mt.gox. |
|
|
|
|
Jace
|
|
May 24, 2013, 01:07:02 PM |
|
User input like passphrases and mouse movement, random keystrokes, /dev/random, cpu tick count, hashed all together with multilevel nested Sha256.
With "multilevel nested hash" I mean NestedHash(data,level) := { x=data; while((level--)>0) x=Hash(x)+data; return Hash(x) }
So NestedSha256(data,0) would be Sha256(data), NestedSha256(data,1) would be Sha256(Sha256(data)+data), NestedSha256(data,2) would be Sha256(Sha256(Sha256(data)+data)+data), et cetera. Unlike the default double hashing that is used by Bitcoin (i.e. DoubleHash(x) = Hash(Hash(x))) this doesn't reduce entropy.
|
Feel free to send your life savings to 1JhrfA12dBMUhcgh85wYan6HL2uLQdB6z9
|
|
|
Matthew N. Wright (OP)
Untrustworthy
Hero Member
Offline
Activity: 588
Merit: 500
Hero VIP ultra official trusted super staff puppet
|
|
May 24, 2013, 02:29:50 PM
Last edit: May 24, 2013, 03:39:54 PM by Matthew N. Wright |
|
Why is this key needed? To have an address that the client has no access to (yet)?
Excellent test case for this scenario. Let's say that's exactly what it's for and that key needs to be printed physically and stored in an envelope. The problem is that the person giving the envelope can cheat and change the contents, and there is no way to prove what's in it without opening it. So, you need a third party that both has experience in bitcoin security and a business reputation of greater value than the temporary key. My question is then, whom would you trust to make that key for you? |
|
|
|
phillipsjk
Legendary
Offline
Activity: 1008
Merit: 1001
Let the chips fall where they may.
|
|
May 24, 2013, 03:20:19 PM |
|
I have thought about producing Bitcoin checks; contracting out the printing. I think to provide a secure mechanism you need to prove two things: - That there is no way that you, your equipment, or contractors can know the private key.
- That when examining a suspect document, you know whether or not you printed it (or if it is a fake).
Proving the first point involves generating the private key with a secure offline printer and computer. Documents should be kept under seal at all times. Cameras (including cell phones and video cameras) are not allowed in the printing room. Hopefully the private keys should be long enough that nobody can memorize them just by glancing at them. The printer memory should be wiped after every run. This involves knowing a lot about how the printer works. Proving the second point involves applying some kind of mark to the document that uniquely identifies the printer. I was thinking silk-screen with the date placed over top of a seal that you scratch off. Used silk-screen would be damaged and kept under lock and key so that they can be retrieved in the case of a dispute. |
James' OpenPGP public key fingerprint: EB14 9E5B F80C 1F2D 3EBE 0A2F B3DE 81FF 7B9D 5160 |
|
|
DannyHamilton
Legendary
Offline
Activity: 3360
Merit: 4570
|
|
May 29, 2013, 12:52:13 AM |
|
Why is this key needed? To have an address that the client has no access to (yet)?
Excellent test case for this scenario. Let's say that's exactly what it's for and that key needs to be printed physically and stored in an envelope. The problem is that the person giving the envelope can cheat and change the contents, and there is no way to prove what's in it without opening it. So, you need a third party that both has experience in bitcoin security and a business reputation of greater value than the temporary key. My question is then, whom would you trust to make that key for you? I'd need an audit of the software and business practices by trusted third parties, AND an insurance policy from a globally recognized underwriter before I'd trust a private key that anyone else had access to. |
|
|
|
|
01BTC10
VIP
Hero Member
Offline
Activity: 756
Merit: 503
|
|
May 29, 2013, 12:55:22 AM |
|
blockchain.info for small amount wallet.
No one for saving wallet.
|
|
|
|
|
kodo
Newbie
Offline
Activity: 42
Merit: 0
|
|
May 29, 2013, 01:38:17 AM |
|
Blockchain info is storing my 300 bitcoins  they can completly be trusted because they couldnt steal your keys if they wanted to. |
|
|
|
|
John (John K.)
Global Troll-buster and
Legendary
Offline
Activity: 1288
Merit: 1225
Away on an extended break
|
|
May 29, 2013, 01:40:37 AM |
|
Probably blockchain.info for trivial amounts, and Armory for everything else.  |
|
|
|
|
TippingPoint
Legendary
Offline
Activity: 905
Merit: 1000
|
|
May 29, 2013, 01:44:25 AM |
|
|
|
|
|
|
|
nimda
|
|
May 29, 2013, 01:49:43 AM |
|
You're making it hard to solve this problem by not telling us the problem, but I think there might be a trustless solution to this. See for example vanitypool, which allows vanity mining for custom addresses, and only the client gets the full private key.
So, given the customer's public key, it's probably possible to generate an address that you do not have control over, but that the customer will have control over once you give them your own part of the secret.
Ask one of the core devs or someone who worked on the vanitypool spec.
|
|
|
|
|
kodo
Newbie
Offline
Activity: 42
Merit: 0
|
|
May 29, 2013, 02:11:12 AM |
|
BLOCKCHAIN 4 LYFE
|
|
|
|
|
|
|
|
CasinoBit
|
|
May 29, 2013, 05:42:10 AM |
|
I do not understand the concept of golden coins, I assume this is what you want.
Bitcoin is a natural commodity in within itself, no need to inscribe it on another one.
|
|
|
|
|
|
Poll
