Bitcoin Forum
November 14, 2018, 08:06:30 AM *
News: Latest Bitcoin Core release: 0.17.0 [Torrent].
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Making a friend a Bitcoin address with Bitcoin Core client?  (Read 64 times)
BiGsy
Newbie
*
Offline Offline

Activity: 22
Merit: 0


View Profile
December 20, 2017, 07:25:25 AM
 #1

I had a friend who asked me to buy him some Bitcoin when it flew through 10k USD and I did. He is a bit of a hermit that doesn't trust any corporation (wallet apps etc). He doesn't have a PC and he asked if I could make him a Bitcoin address with my Core client, dump his paid share into it and pass on an encrypted copy of the private key. I said no worries at the time. Now a potential fork is upcoming I want to get it into his own address. I've poked around the core client and I'm a bit worried whether I can do this. It is just as simple as creating a new receiving address, send his funds to that address and then retrieve the private key at console? Can I then disconnect this receiving account from my client, even with funds in it? and will this cause any on chain issues with him accessing it later with his private key? Any advice would be appreciated. Cheers.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1542182790
Hero Member
*
Offline Offline

Posts: 1542182790

View Profile Personal Message (Offline)

Ignore
1542182790
Reply with quote  #2

1542182790
Report to moderator
OmegaStarScream
Staff
Legendary
*
Online Online

Activity: 1470
Merit: 1129


Hire BOUNTYPORTALS>Bounty management goo.gl/XKv9TK


View Profile
December 20, 2017, 07:37:28 AM
 #2

Creating a receiving address and exporting the private keys should be sufficient yes. I don't think It's possible to disconnect/remove a specific address though. If he don't have a PC, he could use Mycelium for android and buy a hardware wallet since the amount is big.

LoyceV
Legendary
*
Offline Offline

Activity: 1302
Merit: 2251


Self-made Legendary!


View Profile WWW
December 20, 2017, 12:48:11 PM
 #3

~ he asked if I could make him a Bitcoin address with my Core client, dump his paid share into it and pass on an encrypted copy of the private key. I said no worries at the time. Now a potential fork is upcoming I want to get it into his own address.
You're using a hot wallet for long-term storage, that isn't a best practice.

I don't think It's possible to disconnect/remove a specific address though.
Correct. All you can do is change the address label to something like "zzzDONOTUSE".
As an alternative, you can create a new wallet.dat before doing all this, so that his new private key is not a part of your own wallet. But it will still be a hot wallet.

Any advice would be appreciated. Cheers.
My advice would be to create a paper wallet (bitaddress.org). Take all safety precautions: run it from an offline Linux LIVE CD, use a cheap laser printer, don't show anybody the private key and QR-code, and tell him to store it safely.
You could print several backups (more risk of exposure but less risk of losing them), and/or BIP38-encrypt them (safe against theft, but you absolutely must remember the password).

A properly made paper wallet is considered cold storage, a can't be stolen by any online hacker.

Quote
Now a potential fork is upcoming
Did you do all this before or after the Cash/Gold forks?

BiGsy
Newbie
*
Offline Offline

Activity: 22
Merit: 0


View Profile
December 20, 2017, 01:34:06 PM
 #4

Creating a receiving address and exporting the private keys should be sufficient yes. I don't think It's possible to disconnect/remove a specific address though. If he don't have a PC, he could use Mycelium for android and buy a hardware wallet since the amount is big.

Thanks for the suggestion. He doesn't want me to use any 3rd party to make his wallet. I just tested making a new address and dumping priv key and to my surprise, it was different to my private key. I assumed my made address would be a cold wallet address that linked to the same main address with the same private key. Disconnecting it going to be an issue though. I tried clearing options and reopening the client and it went through first opening routine again (where you choose location to save blockchain etc). I might just re sync the client to another location which should give me a fresh address array, I'll save the private key, xfer funds, and just delete the folder, clear options again and revert back to my folder. Unless there is an easier way where I don't have to re download the 150gb blockchain again?

~ he asked if I could make him a Bitcoin address with my Core client, dump his paid share into it and pass on an encrypted copy of the private key. I said no worries at the time. Now a potential fork is upcoming I want to get it into his own address.
You're using a hot wallet for long-term storage, that isn't a best practice.

I don't think It's possible to disconnect/remove a specific address though.
Correct. All you can do is change the address label to something like "zzzDONOTUSE".
As an alternative, you can create a new wallet.dat before doing all this, so that his new private key is not a part of your own wallet. But it will still be a hot wallet.

Any advice would be appreciated. Cheers.
My advice would be to create a paper wallet (bitaddress.org). Take all safety precautions: run it from an offline Linux LIVE CD, use a cheap laser printer, don't show anybody the private key and QR-code, and tell him to store it safely.
You could print several backups (more risk of exposure but less risk of losing them), and/or BIP38-encrypt them (safe against theft, but you absolutely must remember the password).

A properly made paper wallet is considered cold storage, a can't be stolen by any online hacker.

Quote
Now a potential fork is upcoming
Did you do all this before or after the Cash/Gold forks?

Wouldn't it be a cold wallet if the client nor the key is kept online? How is it different making a wallet from a web wallet over the Core client but adding a trusted party into the mix? (bitaddress.org) The key will be encrypted onto a usb stick and I will keep a copy too just in case. But they will both be offline and cold. Isn't this a cold paper wallet?

I'm referring to the segwit2x repost coming up in a week or was that fake news too? Not interested in all these shitforks.

Would there be an easier way to avoid re downloading the whole chain again as per above? You mentioned the .dat file. If I delete that will it revert to a new address on client open?

Cheers.

cr1776
Legendary
*
Offline Offline

Activity: 2058
Merit: 1011


View Profile
December 20, 2017, 02:25:59 PM
 #5

Creating a receiving address and exporting the private keys should be sufficient yes. I don't think It's possible to disconnect/remove a specific address though. If he don't have a PC, he could use Mycelium for android and buy a hardware wallet since the amount is big.

Thanks for the suggestion. He doesn't want me to use any 3rd party to make his wallet. I just tested making a new address and dumping priv key and to my surprise, it was different to my private key. I assumed my made address would be a cold wallet address that linked to the same main address with the same private key. Disconnecting it going to be an issue though. I tried clearing options and reopening the client and it went through first opening routine again (where you choose location to save blockchain etc). I might just re sync the client to another location which should give me a fresh address array, I'll save the private key, xfer funds, and just delete the folder, clear options again and revert back to my folder. Unless there is an easier way where I don't have to re download the 150gb blockchain again?

~ he asked if I could make him a Bitcoin address with my Core client, dump his paid share into it and pass on an encrypted copy of the private key. I said no worries at the time. Now a potential fork is upcoming I want to get it into his own address.
You're using a hot wallet for long-term storage, that isn't a best practice.

I don't think It's possible to disconnect/remove a specific address though.
Correct. All you can do is change the address label to something like "zzzDONOTUSE".
As an alternative, you can create a new wallet.dat before doing all this, so that his new private key is not a part of your own wallet. But it will still be a hot wallet.

Any advice would be appreciated. Cheers.
My advice would be to create a paper wallet (bitaddress.org). Take all safety precautions: run it from an offline Linux LIVE CD, use a cheap laser printer, don't show anybody the private key and QR-code, and tell him to store it safely.
You could print several backups (more risk of exposure but less risk of losing them), and/or BIP38-encrypt them (safe against theft, but you absolutely must remember the password).

A properly made paper wallet is considered cold storage, a can't be stolen by any online hacker.

Quote
Now a potential fork is upcoming
Did you do all this before or after the Cash/Gold forks?

Wouldn't it be a cold wallet if the client nor the key is kept online? How is it different making a wallet from a web wallet over the Core client but adding a trusted party into the mix? (bitaddress.org) The key will be encrypted onto a usb stick and I will keep a copy too just in case. But they will both be offline and cold. Isn't this a cold paper wallet?

I'm referring to the segwit2x repost coming up in a week or was that fake news too? Not interested in all these shitforks.

Would there be an easier way to avoid re downloading the whole chain again as per above? You mentioned the .dat file. If I delete that will it revert to a new address on client open?

Cheers.




The "new and improved"* segwit2x fork is now supposed to occur at block 501451, around Dec 28, 2017.  However, this is worse than other forks since they "guarantee that all BTC holders will receive reward for your commitment to progress, the proportional number of Bitcoin of Satoshi Nakamoto".  So they are going to steal coins.  Anyone who follows a fork that sets the precedent of stealing coins of the guy who invented bitcoin is bound to be disappointed or robbed - whatever you do, make sure that if you try to claim these coins, you are really careful. 

I am not sure if this is the same people who were doing the original segwit2x fork or a different group trying to hijack it, but either way, this fork is an atrocious idea.  Much, much worse (yes, that is possible) than the original segwit2x fork.


* Not new and definitely not improved.

LoyceV
Legendary
*
Offline Offline

Activity: 1302
Merit: 2251


Self-made Legendary!


View Profile WWW
December 20, 2017, 03:04:22 PM
 #6

I just tested making a new address and dumping priv key and to my surprise, it was different to my private key. I assumed my made address would be a cold wallet address that linked to the same main address with the same private key.
I am very confused as to what you mean exactly.

Quote
Disconnecting it going to be an issue though. I tried clearing options and reopening the client and it went through first opening routine again (where you choose location to save blockchain etc). I might just re sync the client to another location which should give me a fresh address array, I'll save the private key, xfer funds, and just delete the folder, clear options again and revert back to my folder. Unless there is an easier way where I don't have to re download the 150gb blockchain again?
All you need is a new wallet.dat. Don't delete the old one, just move or rename it. No need to delete your 150 GB blockchain, that won't change.

Quote
Wouldn't it be a cold wallet if the client nor the key is kept online?
A cold wallet is defined as a wallet that has never touched any online device, and the device in which it was created can never be online after it's creation. The idea behind this is that it can't be stolen, no matter what happens to your online computer.

Quote
How is it different making a wallet from a web wallet over the Core client but adding a trusted party into the mix? (bitaddress.org)
Bitaddress.org isn't a web wallet, it's a site that you can download and use offline to print a paper wallet.

Quote
The key will be encrypted onto a usb stick and I will keep a copy too just in case. But they will both be offline and cold. Isn't this a cold paper wallet?
If you create it from the same Bitcoin Core on your normal online computer, it's considered a hot wallet. For long term storage, I trust paper much more than USB sticks.

Quote
I'm referring to the segwit2x repost coming up in a week or was that fake news too? Not interested in all these shitforks.
I can barely keep track of all the shitforks (love the term though!), but from cr1776's description, I hope everybody ignores it from the start.

Quote
Would there be an easier way to avoid re downloading the whole chain again as per above? You mentioned the .dat file. If I delete that will it revert to a new address on client open?
NEVER delete a wallet (this recommendation comes from Satoshi himself). Rename it, so you can still use it later on.

You don't need the blockchain to generate private addresses.

BiGsy
Newbie
*
Offline Offline

Activity: 22
Merit: 0


View Profile
December 20, 2017, 04:35:08 PM
 #7

Ok, renaming the dat file reset the account with fresh address and keys and wallet not encrypted etc. I will just do this. Make his new account, then rename the dat file, rename mine back to wallet.dat. Cheers.

Yeah the 2x fork. I'm hoping for a 95%+ miner consensus (Last segwit2x reached 97%) to scrap a side chain and we just update Bitcoin Core like it should be done. Transactions need scaling aye.400 BTC pending transaction fees is ridiculous.

So I disconnected from the internet, output priv key, veracrypt the key onto two usb sticks, killed client, deleted .dat file and unplugged usb sticks from computer, reconnected. I think using a web browser and a 3rd party website to create a wallet for cold storage is a silly idea. I wouldn't even do that, web browsers are a big target for sniffers/stingrays. If I wanted a further layer on above, I'd do it all through an encrypted VM instance, then kill it.

I've got the security and redundancy bit down pat. Thanks for the Core client help, worked a treat.

Cheers.
BiGsy
Newbie
*
Offline Offline

Activity: 22
Merit: 0


View Profile
December 20, 2017, 04:44:22 PM
 #8

Actually, another quick question. Can he/I access an account via Bitcoin Core client with only a private key? Should I have put the .dat file with the key on the sticks?
LoyceV
Legendary
*
Offline Offline

Activity: 1302
Merit: 2251


Self-made Legendary!


View Profile WWW
December 20, 2017, 08:03:25 PM
 #9

Actually, another quick question. Can he/I access an account via Bitcoin Core client with only a private key?
You can import the private key. In Bitcoin Core, click Help > Debug Window > Console > enter importprivkey "privkey"
After this, wait a long time (depending on your system speed) for a complete rescan. Note that you can't remove a private key from a wallet.dat anymore after importing.

Quote
Should I have put the .dat file with the key on the sticks?
It wouldn't hurt to keep it.

I think using a web browser and a 3rd party website to create a wallet for cold storage is a silly idea. I wouldn't even do that, web browsers are a big target for sniffers/stingrays.
For this reason, the offline Linux LIVE CD is recommended. It disables any remote attack.

BiGsy
Newbie
*
Offline Offline

Activity: 22
Merit: 0


View Profile
December 22, 2017, 07:21:56 AM
 #10

Actually, another quick question. Can he/I access an account via Bitcoin Core client with only a private key?
You can import the private key. In Bitcoin Core, click Help > Debug Window > Console > enter importprivkey "privkey"
After this, wait a long time (depending on your system speed) for a complete rescan. Note that you can't remove a private key from a wallet.dat anymore after importing.

Quote
Should I have put the .dat file with the key on the sticks?
It wouldn't hurt to keep it.

I think using a web browser and a 3rd party website to create a wallet for cold storage is a silly idea. I wouldn't even do that, web browsers are a big target for sniffers/stingrays.
For this reason, the offline Linux LIVE CD is recommended. It disables any remote attack.

Ah, sweet. Thanks. I've got like a whole 40 min play time on Core ever. Good to familiarise myself with more of it though.

I would of kept it if I redo it, but since importing a private key is easy, i'll leave it at that.

I'll look into the linux live CD. Sounds even more secure then a VM. (or could do both)

Cheers.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!