safety question: Importing a private key into bitcoin-qt

[kittycatman]

I was reading about brain wallets, and saw an example of a private key for a phrase like "password". Just for fun I imported it into my bitcoin-qt wallet, and saw a bunch of new entries (deposits and withdrawls) that took place over the last year. I think my total balance even went up by 1 satoshi.

I forgot about it, but recently have seen a few deposits (and instant withdraws) happen, and it got me thinking: is it dangerous to have this in my wallet?  Would bitcoin-qt ever send change to this address, or does bitcoin-qt ALWAYS use a new address for change?

should I be paranoid and make a new wallet, or is it harmless to have this in there?

[asically]

Send what change? Isn't the issue with when/if you try to spend em?

[kittycatman]

If I have my own bitcoins, lets say 10, and I spent 1, the remaining 9 get sent to a "change address". not a lot of people know about this. these change addresses arent listed in your address book but they ARE in your wallet.dat. I think they are generated on the fly but I'm not sure

my concern is, would it ever get sent to this address I've imported (that people clearly are monitoring as it's been posted publicly)

[Birdy]

As far as I know, bitcoin-qt creates a new address every time (/takes one from the pool of new addresses).
I wouldn't like to have a public address in my wallet though, so confusing with the in and outputs (but you may be fast enough to snatch one of those xD).

[cp1]

even if it uses a new address it just seems like a mistake waiting to happen.  who knows what the default will be in the next version.

[scintill]

Well, after seeing my client get painfully slow after importing the "correct horse battery staple" known private key, with its thousands of transactions and even more outputs of everyone spamming satoshis and trying to spend them, I would recommend against doing stuff like this just for usability.  (That's right, ~0.3 BTC sitting in a known brainwallet, but the outputs are so small I estimated a megabyte or two to create a transaction to spend them all, and the client went comatose every time I'd try to sign a worthwhile-sized transaction for them.)

After digging in the source, I will tentatively say it looks like imported keys never go into the keypool, which is where change addresses are drawn from.  Just keep this in mind: nobody designed it to securely handle the situation of a known private key.  IMO that seems reason enough to not chance it.  cp1 has a good point about different versions behaving differently, too.

[kittycatman]

After digging in the source, I will tentatively say it looks like imported keys never go into the keypool, which is where change addresses are drawn from.  Just keep this in mind: nobody designed it to securely handle the situation of a known private key.  IMO that seems reason enough to not chance it.  cp1 has a good point about different versions behaving differently, too.

I assumed that with things like cassius coins, people now expect an imported key to be "safe to import", and future versions would try to keep it this way... I admit though it's probably better to start fresh and not take any chances...  I just wanted to see if this was URGENT , or safe to do "in the next few weeks"

[scintill]

I assumed that with things like cassius coins, people now expect an imported key to be "safe to import", and future versions would try to keep it this way... I admit though it's probably better to start fresh and not take any chances...  I just wanted to see if this was URGENT , or safe to do "in the next few weeks"

Yeah, but most of the developers don't like making private key fiddling "easy" because they feel (correctly, IMO) it's inherently unsafe and confusing to most users.  See here and here.