Bitcoin Forum
May 27, 2017, 12:06:35 PM *
News: If the forum does not load normally for you, please send me a traceroute.
   Home   Help Search Donate Login Register  
Pages: [1]
Author Topic: Idea: Make it possible to import public keys  (Read 753 times)
Offline Offline

Activity: 21

View Profile WWW
June 27, 2011, 08:16:20 PM


I was reading through the guides how to set aside some of your bitcoins in a secured wallet. (Works like this: Create a new wallet on a second PC without internet access, create some addresses in it and store the wallet somewhere safe. Later on just send your money to the addresses in that wallet from your day to day wallet to tuck them away. Check with the blockexplorer if your funds arrived at the secured wallet. Never connect your secured wallet with the internet...)

But I found it a bit inconvenient to have to use the blockexplorer to verify whether your funds arrived safely in your secured wallet. So here is the idea:
If I could import the address from the secured wallet into my everyday wallet (but not the private keys!), I could let the bitcoin client take care of monitoring the transactions that concern my secured wallet. This way I could see (an estimate of) the balance in my secured wallet without compromising its security.

I could try coding this, but would you say it might be worth the effort (i.e. would it have a chance to be pulled)?

BTW: A side effect is that this functionality could be used to monitor the balance on arbitrary addresses conveniently with the client, but you can do this currently with the blockexplorer anyway.
Hero Member
Offline Offline

Posts: 1495886795

View Profile Personal Message (Offline)

Reply with quote  #2

Report to moderator
+50% Profit and more via TELEGRAM
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Full Member
Offline Offline

Activity: 198

View Profile
June 27, 2011, 09:45:50 PM

I had a similar problem and wrote a small html page with embedded javascript. It checks the blockexplorer and the exchangerate and produces a nice web page where it lists all my accounts, with my btcs and converted into EUR - without having to start the bitcoin client with my wallet and the private keys.

There are 4 files you need, bitcoin.js with the script funcitonality, config.js (where you should edit the addAccount lines, replacing the FILLIN stuff with your bitcoin addresses, style.css for some cometics and sum.html as main file. I am using a bit of jquery, so you should make sure that all files including jquery_min.js (to be picked at the jquery website) reside in the same directory.

Then just load it with firefox version 3 and confirm the security dialogue. You will have to navigate to about:config and set signed.applets.codebase_principal_support to true as well.

I am including the files below. They are very far from perfect but help me solve my problem. They do not run in firefox 5 (mozilla removed the privilege manager), but version 3.6 is fine for this purpose. Do NOT put the code on a web server, it has security issues if you do not understand what I am doing here.

=== config.js:

// URL of the block explorer
const SERVICE_URL = "";

// URL for the exchange rate
const EXC_RATE = "";

// default exchange rate
const CURR = "EUR";

// default weighting
const WHEN = "24h";

addAccount ("1PFILLIN", "Eligius");
addAccount ("1FILLIN", "Other");
fakeAccount ("1PRCQbVgLkNjUCWafA8UYsmBH1Ay7zyvu8");


=== bitcoin.js

var accounts=[];

function addAccount (address, name) { accounts.push ({address:address , name: name , org:true});}
function fakeAccount (address) {accounts.push ({address:address, name:"other", org: false});}

/// try to log a text in case console.log is defined
function myLog (text) {
  if (console && console.log) {
    try {console.log (text);} catch (x) {}
  } else {
    // alert ("Console not found for logging");

var request = false;
var sumReceived = 0;
var sumSent = 0;
var timesSent = 0;
var timesRcv = 0;
function makeRequest(account, mine, title) {
  url = SERVICE_URL+account;
  // check if we are loading from local file system
  if (!location.href.match(/^file.*$/)) {alert ("Incorrect location for privilege escalation; rejecting; probably attempted attack"); try{alert (location.href);} catch(e){} return;}
  try {"UniversalBrowserRead");} catch (e) {alert("Permission UniversalBrowserRead denied.");}
  var request = false; request = new XMLHttpRequest(); if (!request) {alert('Cannot create XMLHTTP instance');return false;}
  request.title = title;
  request.mine = mine;
  request.account = account;
  request.onreadystatechange =  function () {
    myLog ("readystatechanged: "+ request.readyState + " " + request.status);
    if (request.readyState == 4) {
      if (request.status == 200) {
        myLog ("returned");
        if (!request.mine) {myLog ("Skipping output, not mine"); return;}
        var string = request.responseText;
        var received, sent, rTx, sTx;
        $(string).filter(".infoList").children().filter(":contains('Received BTC:')").each(function(idx,elem){
          received = elem.textContent;
          myLog(" "+elem.textContent);
        myLog ("second");
         $(string).filter(".infoList").children().filter(":contains('Sent BTC:')").each(function(idx,elem){
          sent = elem.textContent;
          myLog(" "+elem.textContent);
        $(string).filter(".infoList").children().filter(":contains('Received transactions:')").each(function(idx,elem){
          rTx = elem.textContent;
          myLog(" "+elem.textContent);
        $(string).filter(".infoList").children().filter(":contains('Sent transactions:')").each(function(idx,elem){
          sTx = elem.textContent;
          myLog(" "+elem.textContent);
        received = received.substring(14);
        sent = sent.substring (10);
        rTx = rTx.substring(23);
        sTx = sTx.substring(19);
        received = parseFloat (received);
        sent = parseFloat (sent);
        rTx = parseInt (rTx);
        sTx = parseInt (sTx);  
        timesSent += sTx;
        timesRcv  += rTx;
        sumReceived += received;
        sumSent += sent;

        try{$("#last").remove();} catch (x){} // before append, remove a last line (if exists)
        try{$("#curr").remove();} catch (x){} // before append, remove a last line (if exists)
        $("#mytable").append("<tr>" + "<td class='c1'>"+ request.title + "</td><td>" + request.account + "</td><td class='c2'>" + received + "</td><td>" +rTx + "</td><td class='c3'>" + sent + "</td><td>" +sTx+  "</td><td class='c4'>" + (received-sent) + "</td></tr>" );  
        finalize();  // calculate overall sums
     // alert(string);
      } else {
        alert('There was a problem with the request:'+request.status);
        console.log (request);
  try {'GET', url, true);} catch (e) {alert ("Exception on opening XHR"); alert(e);}
  try {request.send(null);} catch(e) {alert ("Exception on sending XHR"); alert (e);}
  try { ("UniversalBrowserRead");}
  catch (e) {alert ("error on reverting");}
function finalize() {
  $("#mytable").append("<tr id='last' style='font-weight:bold;'>" + "<td>"+ "Totals in BTC"+ "</td><td></td><td>" + sumReceived + "</td><td>" + timesRcv + "</td><td>" +sumSent + "</td><td>" +timesSent+ "</td><td>" + (sumReceived-sumSent) + "</td></tr>");
  $("#mytable").append("<tr id='curr' style='font-weight:bold;'>" + "<td>"+ "Totals in "+ CURR +" of "+ WHEN + "</td><td></td><td>" + sumReceived*exRate + "</td><td></td><td>" + sumSent*exRate + "</td><td></td><td>" + (sumReceived-sumSent)*exRate + "</td></tr>");

function dobit () {
  for (var i = 0; i < accounts.length; i++) {makeRequest (accounts.address,,;} }  

// get the exchange rate
function exRate() {
  // standard start
  if (!location.href.match(/^file.*$/)) {alert ("Incorrect location for privilege escalation; rejecting; probably attempted attack"); try{alert (location.href);} catch(e){} return;}
  try {"UniversalBrowserRead");}  catch (e) {alert("Permission UniversalBrowserRead denied");}
  var request = false; request = new XMLHttpRequest(); if (!request) {alert('Cannot create XMLHTTP instance');return false;}
  request.onreadystatechange =  function () {
    myLog ("readystatechanged: "+ request.readyState + " " + request.status);
    if (request.readyState == 4) {
      if (request.status == 200) {
        myLog ("returned exchange rate");
        var string = request.responseText;
        var exch = JSON.parse (string);
        exRate = exch[CURR][WHEN];
        } else {
        alert('There was a problem with the exchangerate request request:'+request.status);
  // standard end
  try {'GET', EXC_RATE, true);} catch (e) {alert ("Exception on opening XHR"); alert(e);}
  try {request.send(null);} catch(e) {alert ("Exception on sending XHR"); alert (e);}
  try { ("UniversalBrowserRead");}  catch (e) {alert ("error on reverting permission at exRate()");}
=== sum.html

<title>Bitcoin Summary</title>
<script src="jquery_min.js"></script>
<LINK REL=StyleSheet HREF="style.css" TYPE="text/css" MEDIA=screen>

<table id="mytable">
<tr id="row"><td class='c1'>Account</td><td class=''>Address</td><td class='c2'>BTC Rcvd</td><td>Tx Rcvd</td><td class='c3'>BTC Snt</td><td>Tx Snt</td><td class='c4'>BTC Total</td></tr>

<script src="bitcoin.js"></script>
<script src="config.js"></script>


=== style.css

html table tr td {font-family:verdana,sans-serif; font-size:smaller;}

#row {font-weight:bold; background-color:Aquamarine;}

#mytable {width:100%;}

tr {background-color:Bisque;}

.c1 {}

.c2 {}

.c3  {}

.c4  {}

#last {background-color:Aquamarine;margin:10px 0px 0px 0px;}

#curr {background-color: LightPink;}

=== and jquery_min.js from the jquery site

Enjoy !

Offline Offline

Activity: 1526

Democracy is vulnerable to a 51% attack.

View Profile WWW
June 27, 2011, 11:03:16 PM

Once we get a good split of public/private keys in the client, I think the next step will be the ability to export, import, and delete public keys, private keys, and transactions.

I'm sure you were all with me until I said transactions. But think how useful this could be. You have a secure machine that has the private key to your savings account on it. You want to pay out some money, so you command the pay out on the secure machine. Then you export the transactions. You take the transactions to a machine that's online but doesn't have the private key to your savings account. You import the transactions. Done.

I am an employee of Ripple. Follow me on Twitter @JoelKatz
1Joe1Katzci1rFcsr9HH7SLuHVnDy2aihZ BM-NBM3FRExVJSJJamV9ccgyWvQfratUHgN
Offline Offline

Activity: 21

View Profile WWW
June 28, 2011, 08:01:17 PM

Thanks for your answers!

@Forp: Gave me a way to achieve what I wanted much easier than what I intended to do. I am sure I will give your java scripts a try soon! Thanks!

@JoelKatz: Yep, I can see that this is the bigger picture and export/import of transactions makes a lot of sense. With this approach one can even withdraw money from the secured wallet without ever exposing any private key to the internet. Very cool, thanks!
Pages: [1]
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!