piuk (OP)
|
|
December 04, 2011, 10:25:18 PM |
|
Puik, I could foresee creating a wallet with a single address, adding some funds, printing it out as a pdf, and then I would like to be able to delete the record from your servers. I'll add this in the next update. Following that train of thought, your PDF could produce DIY PuiKash or, the analogy I prefer, traveller cheques. Writing the password on the cheque is equivalent to activating or signing it anonymously.
No sure i'm following you, you mean some kind of printable cheque which you then sign? What is a multi-recipient transaction? First come, first serve?
No, i meant, you an create a transaction with more than one receiving address e.g. Public key only address?
Probably should have worded it "Address without private key". e.g. If you add just a bitcoin address to your wallet if with be labeled like this: So you will be able to see transactions, balances, etc. But when you try and send funds from that address you will be prompted to enter the private key. Before you enter the private key you can unplug your internet and instead of relaying the transaction immediately it will output a string which you can copy and paste into http://bitsend.rowit.co.uk/ when your ready to send it.
|
|
|
|
HostFat
Staff
Legendary
Offline
Activity: 4270
Merit: 1209
I support freedom of choice
|
|
December 04, 2011, 11:01:50 PM |
|
Is it possible to add private key from Vanitygen? https://bitcointalk.org/index.php?topic=25804.0I tried but I couldn't, I'm doing something wrong but I don't know what ...
|
|
|
|
netrin
Sr. Member
Offline
Activity: 322
Merit: 251
FirstBits: 168Bc
|
|
December 04, 2011, 11:04:00 PM |
|
Following that train of thought, your PDF could produce DIY PuiKash or, the analogy I prefer, traveller cheques. Writing the password on the cheque is equivalent to activating or signing it anonymously.
No sure i'm following you, you mean some kind of printable cheque which you then sign? I mentioning this as a matter of style. I have not yet seen your PDF, but it could look like a cheque or certificate with your brand ("In Puik we Trust"), rather than just an archival artifact. I am suggesting that users could generate a one time wallet simply to create fixed denomination cheques. Each cheque presumably contains a unique encrypted wallet. You can give the cheque to someone and they would need the passphrase to decrypt and transfer the funds. The passphrase is thus the activation 'signature'. multi-recipient transaction ... a transaction with more than one receiving address Brilliant. You are not too far from creating a scrambling service. Public key only address ... "Address without private key". So that I can generate a private key offline, create offline transactions, but send the public address to your server for balance tracking?
|
|
|
|
koin
Legendary
Offline
Activity: 873
Merit: 1000
|
|
December 06, 2011, 12:48:59 AM |
|
it is odd to go to a site named BlockChain.info for managing my hybrid javascript wallet. and then this thread gets polluted with wallet-related topics. wouldn't it be a better idea to separate the two? I will be integrating the wallet into the site (nothing too intrusive). Fro example when you visit a address page you will be able to click 'Add to my Wallet' and have the address added in public key only mode. + I can't be bothered to setup a new domain ok. the other request is for translations. this site -- particularly with the javascript wallet, is just as useful to those who read german, spanish, japanese, etc. the question i had though is what happens when i want to access from a different computer but don't have a link to the wallet url? isn't there a way i can give an alias so that i don't need to keep the wallet identifier?
Good idea, but people would likely pick aliases which are easy to guess e.g. 'my-wallet' which would then exposed your encrypted wallet data. What do you think about an alias with a security question something like simple like 'What is your date of birth?'. that would work. i'm not sure why there's a concern though to require date of birth or other filter -- if it is encrypted the password i used to encrypt it is still required, right?
|
|
|
|
piuk (OP)
|
|
December 06, 2011, 12:51:22 AM |
|
Yes it should be. Vanity gen is base58 i think so copy the 'Privkey' text in 'Import Private Key' text box and it should work. Let me know if it doesn't. I mentioning this as a matter of style. I have not yet seen your PDF, but it could look like a cheque or certificate with your brand ("In Puik we Trust"), rather than just an archival artifact. I am suggesting that users could generate a one time wallet simply to create fixed denomination cheques. Each cheque presumably contains a unique encrypted wallet. You can give the cheque to someone and they would need the passphrase to decrypt and transfer the funds. The passphrase is thus the activation 'signature'.
Interesting idea, it could done fairly easily. But to redeem the cheque you would have to type in the private key by hand and the private key address would need to have the exact balance of the cheque. So that I can generate a private key offline, create offline transactions, but send the public address to your server for balance tracking?
Yeah exactly. I've implemented kinda sorta offline mode now you can generate a transaction offline after you have gotten the unspent outputs from the server. So at the point at which you need to enter the private key you can go offline. You'll see something like this. A general use case: You have a 'current' account where you keep a limited amount of coins to do whatever it is you do with bitcoins. Then a 'savings' account which you keep the majority of you holdings. For the current account you keep both the bitcoin address and private key in the wallet, so you can send and receive transactions quickly. But with the savings account you keep only the bitcoin address and have a paper backup of the private key. So you can see the transactions and balances of both accounts but there is absolutely now way your savings account private key can leak. To move money from the savings account to the current account you would create an offline transaction, typing in the private key by hand. That way the private key touches only your browser for a few seconds and it not transmitted over the internet, even in encrypted form. New Features Tonight- Aliases for new wallets as suggested by koin
- 'Add to my Wallet' on blockchain.info address pages
- Offline transactions
- firefox bug fixes
|
|
|
|
piuk (OP)
|
|
December 06, 2011, 12:54:51 AM |
|
ok. the other request is for translations. this site -- particularly with the javascript wallet, is just as useful to those who read german, spanish, japanese, etc.
that would work. i'm not sure why there's a concern though to require date of birth or other filter -- if it is encrypted the password i used to encrypt it is still required, right?
Posted as i was replying I am not bilingual so can't help much here. If anyone wants to volunteer then great. The fear is that someone with the encrypted wallet might be able to brute force it, I think your right is not too much of a concern. I upped the minimum password length to 10 characters and implemented it anyway.
|
|
|
|
finway
|
|
December 06, 2011, 02:13:24 AM |
|
The online wallet is awesome! Will you add the "green address" function?
|
|
|
|
netrin
Sr. Member
Offline
Activity: 322
Merit: 251
FirstBits: 168Bc
|
|
December 06, 2011, 02:45:35 AM |
|
Your innovations/implementations are fantastic. While I hope for your sake that you can monetize this somehow. I also hope others will follow in your footsteps. I would like to see the data formats and interfaces all standardized. | Don't you use QR codes in the PDF? I'd think the 3-7K capacity of a version 40 QR (left) is more than enough for a single key wallet.
I still don't understand offline transactions. I don't understand why they aren't already common, why they are difficult to implement, and how then you are able to do them (there is something fundamental about outputs that I don't understand, but I don't know what I don't know/understand).
The offline wallet is brilliant. But beyond a proof of concept, I don't think I would use them unless I could download a zip (html, js), pull the plug and only then generate keys. Its a position born from misunderstanding and distrust.
When a private key (and most definitely a public key) is input, I think you can safely guess the encoding. I estimate there is one in ten trillion chance of confusing an honestly generated hex with base58 and the checksum and length should be unambiguous.
|
@Finway: I'd think a green address would be problematic as Puik's site does not provide accounts, but facilitates YOUR wallets. There would be no single trusted green address to send from, unless you entrusted your bitcoins to a single wallet managed by Puik. He's already emphasised having no access to your wallet (it's stored encrypted on his site and decrypted locally on your machine).
|
|
|
|
finway
|
|
December 06, 2011, 03:20:56 AM |
|
@Finway: I'd think a green address would be problematic as Puik's site does not provide accounts, but facilitates YOUR wallets. There would be no single trusted green address to send from, unless you entrusted your bitcoins to a single wallet managed by Puik. He's already emphasised having no access to your wallet (it's stored encrypted on his site and decrypted locally on your machine).
Thank you for your elaboration, encryption before storage is even better!
|
|
|
|
terrytibbs
|
|
December 06, 2011, 07:04:34 AM |
|
After toying around with the wallet for some time, the "text" cursor hand you get when hovering over the pills started to annoy me. Those are navigational elements, a not descriptive ones. Easy fix: .pills li{cursor:default;}
|
|
|
|
racerguy
|
|
December 06, 2011, 11:46:28 AM |
|
For the wallet Lastpass doesn't seem to recognize the password field, I have to manually enter my wallet password everytime. Is there a way to change this? I like lastpass because it generates 32 key random passwords for each separate site I visit, I don't want to have to remember/store a complicated password to login to this.
|
|
|
|
terrytibbs
|
|
December 06, 2011, 01:16:16 PM |
|
For the wallet Lastpass doesn't seem to recognize the password field, I have to manually enter my wallet password everytime. Is there a way to change this? I like lastpass because it generates 32 key random passwords for each separate site I visit, I don't want to have to remember/store a complicated password to login to this.
I would assume this is because there is no data POSTed to the server, if Lastpass is listening for POSTs, it won't find any. All decryption is done on the client side.
|
|
|
|
HostFat
Staff
Legendary
Offline
Activity: 4270
Merit: 1209
I support freedom of choice
|
|
December 06, 2011, 11:42:05 PM |
|
Ok, Vanity generates private keys in Sipa Wallet Format
|
|
|
|
piuk (OP)
|
|
December 06, 2011, 11:56:30 PM |
|
Your innovations/implementations are fantastic. While I hope for your sake that you can monetize this somehow. I also hope others will follow in your footsteps. I would like to see the data formats and interfaces all standardised.
Thank you for your support netrin. It would be nice if this was profitable but it's not a priority at the moment. Others are welcome to you my api's if they want to implement a similar service. Don't you use QR codes in the PDF? I'd think the 3-7K capacity of a version 40 QR (left) is more than enough for a single key wallet.
No not yet. I still don't understand offline transactions. I don't understand why they aren't already common, why they are difficult to implement, and how then you are able to do them (there is something fundamental about outputs that I don't understand, but I don't know what I don't know/understand).
They are not difficult to implement, the only problem is knowing which outputs to send without an internet connection or access to the blockchain. You can cache a list of unspent outputs but the longer you keep the list the more likely the state of the outputs will change cause your transaction to be rejected. Then you have to submit the transaction to the network offline, again not hard to implement, just a bit cumbersome. The offline wallet is brilliant. But beyond a proof of concept, I don't think I would use them unless I could download a zip (html, js), pull the plug and only then generate keys. Its a position born from misunderstanding and distrust.
I think this can be done, I have an idea. Finway, as netrin explained explained the green address technique cannot be used for this wallet. Terrytibbs, I add the css you suggested but it didn't seem to help the browser seems to be ignoring it. racerguy, don't think I can help with that won't, probably won't work as there is no form submitted. HostFat, I added sipa support. Couple of small updates Added rejected inventory so you can check if your block / transaction has been rejected @ http://blockchain.info/rejectedPush tx now has a form @ http://www.blockchain.info/pushtx
|
|
|
|
netrin
Sr. Member
Offline
Activity: 322
Merit: 251
FirstBits: 168Bc
|
|
December 07, 2011, 02:36:37 AM |
|
I still don't understand offline transactions. I don't understand why they aren't already common, why they are difficult to implement, and how then you are able to do them (there is something fundamental about outputs that I don't understand, but I don't know what I don't know/understand).
They are not difficult to implement, the only problem is knowing which outputs to send without an internet connection or access to the blockchain. You can cache a list of unspent outputs but the longer you keep the list the more likely the state of the outputs will change cause your transaction to be rejected. Then you have to submit the transaction to the network offline, again not hard to implement, just a bit cumbersome. Could you explain outputs or provide a link? The wiki Transactions doesn't cut it for me. To me, when I send bitcoins, I collect a bunch of addresses, add up their balance, and using each address, sign the fact that I am redirecting their total balance to a new set of addresses. The 'output' is just the amounts, the destination addresses, the same tiny script 99% of all transactions use, all wrapped in my address signatures. As long as I know my address balances have not changed, what state change could have happened? My understanding of 'output' must be horribly naive. Is it possible to take a minimal wallet and encrypt it with the recipient's public address and send it to the recipient side channel? In theory, couldn't the recipient use the associated private key to decrypt it? (Are elliptic keys reversible in the same way as RSA?) If this were common, wouldn't bitcoin truly be anonymous, every transaction plausibly deniable?
|
|
|
|
piuk (OP)
|
|
December 07, 2011, 11:33:54 AM |
|
Just to let everyone know the site is down because I've screwed up the firewall settings, I'll be going down to the datacenter shortly to repair the machines.
|
|
|
|
racerguy
|
|
December 07, 2011, 02:45:18 PM |
|
I guess the good thing about this wallet site is you can backup your own priv keys incase the site does go down.
|
|
|
|
racerguy
|
|
December 08, 2011, 07:50:18 AM |
|
any eta on when it's back up?
|
|
|
|
piuk (OP)
|
|
December 08, 2011, 09:23:32 AM |
|
any eta on when it's back up?
Not as yet. Hopefully should be backup this morning but I rang the datacenter company and doesn't look like there even up yet. Considering how much I pay them they have pretty crappy support.
|
|
|
|
piuk (OP)
|
|
December 08, 2011, 10:38:43 AM |
|
Back up now, Mining pools stats are going to be messed up for a while.
|
|
|
|
|