lcruz007 (OP)
Newbie
 Offline
Activity: 5
Merit: 0
|
 |
March 10, 2018, 05:51:31 AM |
|
So specifically I am using BitcoinJS to sign a transaction and get the raw HEX data. Now, since I don't want to run my own full bitcoin nodes, I am considering using one of the many services out there that pushes the hex data and broadcasts it to the bitcoin network (such as: https://www.localbitcoinschain.com/tx/send). Now, my question is: Is this safe at all? Could someone derive my private key from the hex data? (I'm assuming not right? Since it shouldn't be possible to decrypt once signed?) I just want to make sure if it's safe to use any of these services to broadcast my bitcoin transactions and making sure no one gets access to the user's funds if the user decides to push tx through these services) Thanks in advance! |
|
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
nc50lc
Legendary
Offline
Activity: 2408
Merit: 5591
Self-proclaimed Genius
|
|
March 10, 2018, 06:06:07 AM
Last edit: March 10, 2018, 06:27:20 AM by nc50lc |
|
Yes it is safe. It is impossible for someone to find your private key just from the transaction id/hex. In fact, Raw TX are even displayed on block explorers like: blockchain.info ( ?format=hex added) which doesn't expose anything about security other than the transaction history.
|
.
.HUGE. | | | | | | █▀▀▀▀
█
█
█
█
█
█
█
█
█
█
█
█▄▄▄▄ | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
.
CASINO & SPORTSBOOK
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ | ▀▀▀▀█
█
█
█
█
█
█
█
█
█
█
█
▄▄▄▄█ | | |
|
|
|
mattcode
Copper Member
Member
Offline
Activity: 282
Merit: 31
|
There are some privacy concerns as the service could link the transaction with you (well, your IP address), but it's no worse than using a web wallet or Electrum with a public server.
|
|
|
|
|
bob123
Legendary
Offline
Activity: 1624
Merit: 2481
|
|
March 10, 2018, 02:58:04 PM |
|
Short answer: Yes, it is safe.
Long answer:
It doesn't matter whether you broadcast the TX yourself into the network (via own node) or you give your TX to an online service which broadcasts it for you.
Both does the same: Distributing your transaction.
The transaction has to be broadcasted to get propagated across the whole network.
If there would be a way to derive the private key out of a signed transaction (which has to be propagated between all nodes), btc would be broken.
A transaction basically contains inputs, outputs, verification (to prove the ownership).
There are no confidential information within a transaction.
|
|
|
|
Quickseller
Copper Member
Legendary
Offline
Activity: 2870
Merit: 2300
|
|
March 10, 2018, 09:23:58 PM |
|
In additional to the potentailly privacy issues mentioned above, localbitcoins (or whatever other similar service you may use) can potentially censor your transaction, which may be difficult for you to detect. They can do this for any reason, or for no reason, and because of the privacy issues mentioned above, they have the potential to censor your transaction for a reason specific to *you*. With the above being said, I am not aware of any service you describe ever engaging in this practice for reasons other than their systems are misconfigured. Could someone derive my private key from the hex data? This is the data that ultimately makes its way onto the blockchain once your transaction is confirmed, and you cannot keep this private as this is your actual transaction. It is possible to effectively expose your private key with your signed transaction (hex data), however this will only happen if there is a problem with *your* wallet software you used to sign the transaction. |
|
|
|
|
bob123
Legendary
Offline
Activity: 1624
Merit: 2481
|
|
March 11, 2018, 08:41:56 AM |
|
In additional to the potentailly privacy issues mentioned above, localbitcoins (or whatever other similar service you may use) can potentially censor your transaction, which may be difficult for you to detect. They can do this for any reason, or for no reason, and because of the privacy issues mentioned above, they have the potential to censor your transaction for a reason specific to *you*.
How (and why) should an online service (like localbitcoins) 'censor' a transaction just because it didnt get broadcastet by OP's node, but someone else's node? I don't see a single reason why someone would 'block' transactions just because 'a 3rd party' broadcastet it. Im not even sure if thats completely transparent (who exactly broadcastet this TX first; IP maybe? )? |
|
|
|
|
|
|
wilwxk
|
|
March 11, 2018, 02:37:42 PM |
|
The pushtx service cant stole your private key, but the problem is they can track you by your public address, ip address and in the worst case they can censor you transaction, creating a fake confirmed transaction in their system of blockchain explorer while the other wallet didnt received anything.
|
|
|
|
|
Quickseller
Copper Member
Legendary
Offline
Activity: 2870
Merit: 2300
|
|
March 11, 2018, 04:14:19 PM |
|
In additional to the potentailly privacy issues mentioned above, localbitcoins (or whatever other similar service you may use) can potentially censor your transaction, which may be difficult for you to detect. They can do this for any reason, or for no reason, and because of the privacy issues mentioned above, they have the potential to censor your transaction for a reason specific to *you*.
How (and why) should an online service (like localbitcoins) 'censor' a transaction just because it didnt get broadcastet by OP's node, but someone else's node? I don't see a single reason why someone would 'block' transactions just because 'a 3rd party' broadcastet it. Im not even sure if thats completely transparent (who exactly broadcastet this TX first; IP maybe? )? A " pushtx" service could censor a transaction by simply not broadcasting said transaction, possibly while saying the transaction was actually pushed, or by saying the transaction is somehow invalid. When a user uses a pushtx service, the only way the network sees the subject transaction is vis the node(s) of the pushtx service. Why this type of service would want to censor a particular transaction could be a number of reasons. Maybe the service does not like the person, or maybe it is suspicious of the history of certain inputs that are being spent, or any other arbitrary reason. |
|
|
|
|
hatshepsut93
Legendary
Offline
Activity: 2968
Merit: 2147
|
|
March 11, 2018, 05:23:00 PM |
|
In case you'll run into some problems mentioned by previous posters (getting your transactions censored, etc.), you can also push transactions via some lightweight wallets like Electrum. It has the same drawbacks as other tx pushers - Electrum servers will know your IP address, but you can choose out of many different servers and easily switch them, so it's more flexible than using one service all the time.
|
|
|
|
lcruz007 (OP)
Newbie
Offline
Activity: 5
Merit: 0
|
|
March 13, 2018, 07:50:37 AM |
|
Any specific push tx services you guys would recommend?? So that there is no way we can run into that specific problem (of censorship)?
But not web-based, preferably something that can be used through an API or something similar.
Thanks in advance!
|
|
|
|
|
mocacinno
Legendary
Offline
Activity: 3388
Merit: 4922
https://merel.mobi => buy facemasks with BTC/LTC
|
|
March 13, 2018, 07:55:38 AM |
|
Any specific push tx services you guys would recommend?? So that there is no way we can run into that specific problem (of censorship)?
But not web-based, preferably something that can be used through an API or something similar.
Thanks in advance!
https://bitcointalk.org/index.php?topic=1938621.0This post contains links to several tx pushing services (including mine), AND a link to Coding Enthusiast's Pusher, which is an application that uses a bunch of API's to allow you to push your tx to several nodes... |
|
|
|
|
