Alternative clients, risks, pros, cons, security?

[manuel]

I'm having trouble understanding what are the security implications of using a light weight client?  Can somebody help clarify or point me to some good reading on the topic?

What I really don't understand are the various warnings given on bitcoin.org for different clients.  Why do some third party clients get a warning and others don't?

Bitcoin-Qt - Bitcoin-Qt is a full Bitcoin client and builds the backbone of the network. It offers the highest levels of security, privacy, and stability. However, it has fewer features and it takes a lot of space and memory.

OK this is obvious and straight forward.

MultiBit - MultiBit is a lightweight client that focuses on being fast and easy to use. It synchronizes with the network and is ready to use in minutes. MultiBit also supports many languages. It is a good choice for non-technical users.

What would be the risks of using a "lightweight client" versus the standard client?

Armory - Armory is an advanced Bitcoin client that expands its features for Bitcoin power users. It offers many backup and encryption features, and it allows secure cold-storage on offline computers.

Is it as secure as the original?  I guess needless to say you must store the blockchain locally if it works offline?

Bitcoin Wallet - Bitcoin Wallet for Android is easy to use and reliable, while also being secure and fast. Its vision is de-centralization and zero trust: No central service is needed for Bitcoin-related operations. The app is a good choice for non-technical people. It is also available for BlackBerry OS.

Why doesn't this have a warning like the clients below?  Obviously it cannot store the block chain on a phone.  How does it work then?  How can it not rely on any central service?  If it's possible to make a lightweight client that doesn't need a lot of storage or a central service then why are people making clients that rely on central services?

Mycelium Wallet - This wallet relies on a centralized service by default and requires a certain level of trust on a third party. This third party however does not control your wallet. Using backups and a strong password is always recommended when applicable.

Electrum - This wallet relies on a centralized service by default and requires a certain level of trust on a third party. This third party however does not control your wallet. Using backups and a strong password is always recommended when applicable.

Blockchain.info - This wallet relies on a centralized service by default and requires a certain level of trust on a third party. This third party however does not control your wallet. Using backups and a strong password is always recommended when applicable.

BIPS - Be careful. Web wallets host your bitcoins. That means it is possible for them to lose your bitcoins following any incident on their side. As of today, no web wallet services provide enough insurance to be used to store value like a bank.

Coinbase - Be careful. Web wallets host your bitcoins. That means it is possible for them to lose your bitcoins following any incident on their side. As of today, no web wallet services provide enough insurance to be used to store value like a bank.

[1715600049]

1715600049

[Barek]

Many questions. I'll get started answering with what I have some experience with.

Armory - Armory is an advanced Bitcoin client that expands its features for Bitcoin power users. It offers many backup and encryption features, and it allows secure cold-storage on offline computers.

Is it as secure as the original?  I guess needless to say you must store the blockchain locally if it works offline?

Armory interfaces with bitcoind from Bitcoin-Qt, so for that purpose it is like running Bitcoin-Qt, which means storing the full chain and requiring plenty of memory. On top of that, Armory adds additional security features like deterministic wallets and offline signing of transactions. In its current version it is a huge memory hog (you need about 8GB memory), which will be addressed in the next version.

Offline means that you have the option to sign a transaction on a seperate client. To use this feature, you create the transaction on the online client (which has bitcoind running and the full blockchain) by entering recipient and amount. This transaction is then saved to USB stick and can be copied to the offline computer. The idea here is to have a seperate computer, which was never connected to the internet. On this computer the private key was generated and never leaves it. Therefore an adversary would need to physically access the computer and know the passphrase to use the key. After copying the transaction to the offline computer, reviewing it, and signing it, it is again copied to the online computer (via USB stick), to be broadcast to the network. Note that the offline computer does not need a running bitcoind or the blockchain and, therefore, has low system requirements.

[ajax3592]

MultiBit - MultiBit is a lightweight client that focuses on being fast and easy to use. It synchronizes with the network and is ready to use in minutes. MultiBit also supports many languages. It is a good choice for non-technical users.

What would be the risks of using a "lightweight client" versus the standard client?

I too have this question.
Plus I would also like to know how to best secure the Multibit wallet, beacuse I dont have a spare computer to store offline wallet.

[Barek]

The standard client gets much more attention, because there are more developers and users.

With lightweight clients there is always a chance that the parts that were cut out to make the implementation lighter had some sort of use. One example for this is address reuse.  Blockchain.info, for example, sends the change back to the original address. So each spending results in a signature with the same private key. In general, this is fine because each signing also involves a random number. If the RNG is broken (which happened to android devices recently), two random numbers can be very similar. This in turn makes it possible to calculate the private key from two signatures that used the same private key.

Yes, those are some odd circumstances. I'm not saying lightweight clients are bad, but I also would not keep too much money in them.

[AndrewWilliams]

I use MultiBit and am very satisfied. I could not imagine going back to the default client.


When will someone come out with a multi-coin wallet? One that can hold BTC, LTC, etc.
I'm tired of switching between all the different clients! 

[mprep]

@OP (Don't want to qoute the whole long post to answer only 1 question) The Bitcoin wallet for Android is a lightweight client. I think it only checks the parts of the blockchain that are associated with your addresses. However, don't qoute me on that, there might be someone who might know more about the software.

[blockgenesis]

Full node clients (Bitcoin-QT / Armory) download the full block chain. They are slower, but they also play a key role, which includes securing lightweight clients.

Lightweight clients (Bitcoin Wallet for Android, Multibit, and soon Hive) use SPV (simplified payment verification), these are also decentralized and only download specific parts of the block chain.
https://en.bitcoin.it/wiki/Thin_Client_Security#Simplified_Payment_Verification_.28SPV.29

Server-trusting clients ( Electrum / Mycelium ), these wallets connect to a remote server that handle the block chain for them, but the wallet is still controlled by the user. Electrum also lets users create their own servers.

Web wallets ( coinbase, BIPS ), are like banks for Bitcoin. They have 100% control over your wallet and must secure all of their users' funds. One huge difference, however, is that there is no security standard / insurance yet, so they still don't provide the basic protections all banks are required to provide.

Hybrid wallets ( blockchain.info ), Hybrid wallets usually are web wallets (no software) for which the private keys are generated locally in your browser, and encrypted before they are stored on the remote server. It's easier to compromise users' wallets by attacking this service than a software wallet, but it's still harder than usual web wallets.