Bitcoin Forum
August 02, 2015, 04:18:42 AM *
News: New! Latest stable version of Bitcoin Core: 0.11.0 [Torrent]
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 »
  Print  
Author Topic: [ANN] bitaddress.org Safe JavaScript Bitcoin address/private key  (Read 85651 times)
pointbiz
Sr. Member
****
Offline Offline

Activity: 398

1ninja


View Profile

Ignore
September 12, 2011, 12:23:01 AM
 #1

UPDATED!

Generate a Bitcoin address and corresponding private key with this all-in-one html page:
https://www.bitaddress.org/

Testnet Edition (for developers) add ?testnet=true to the end of the URL

To run the unit tests add ?unittests=true to the end of the URL
To run the async unit tests add ?asyncunittests=true to the end of the URL
To view the seed pool add ?showseedpool=true to the end of the URL

The bitaddress.org software is now available open source with an MIT License, the GitRepo is here:
https://github.com/pointbiz/bitaddress.org

Send Donations to: 1NiNja1bUmhSoTXozBRBEtR8LeF9TGbZBN


NOTICE: DO NOT USE v0.1 to v0.4 they infrequently generate a bad address and/or private key. The issue is fixed in v0.5+
NOTICE: DO NOT USE v2.1 on the Vanity Wallet tab it incorrectly multiplies a public key with a private key and therefore displays an incorrect bitcoin address. The issue is fixed in v2.2+
NOTICE: DO NOT USE v2.9.7 translations file has a JavaScript error.

Tutorial:
Open the page, move your mouse around a bit and you will get a new address/private key combination.

Useful for:
1) The HTML file can be saved to disk and used in combination with an "offline" system to provide super security.
2) Generate an instant paper wallet by just printing the web page.
3) Generate address without having to install anything!

Please share any other uses you can think of....

I have provided a signed version of the hashes of the files:
http://www.bitaddress.org/ninja_bitaddress.org.txt - PGP Public Key
http://www.bitaddress.org/CHANGELOG.txt.asc - Signed Message
Key fingerprint = 527B 5C82 B1F6 B2DB 72A0 ECBF 8749 7B91 6397 4F5A

Verifying the release:
1) get public key of author
2) import public key of author
3) get HTML from bitaddress.org
4) sha1 checksum of HTML
5) verify signed message from author
6) confirm sha1 in step 4 & 5 matches
NOTE: If the web page is saved as "web page complete" as opposed to "web page html only" the checksum will not match.

Code:
wget http://www.bitaddress.org/ninja_bitaddress.org.txt
gpg --import ninja_bitaddress.org.txt
wget http://www.bitaddress.org/bitaddress.org-v2.9.1-SHA1-67b1facd70890aa9544597e97122c7a1d4fdc821.html
sha1sum bitaddress.org-v2.9.1-SHA1-67b1facd70890aa9544597e97122c7a1d4fdc821.html
wget -qO- http://www.bitaddress.org/pgpsignedmsg.txt | gpg -d

Code used from CryptoJS project, Tom Wu's JSBN (refactored), Stephan Thomas bitcoinjs-lib.

BOUNTY------->>>>>
0.1 BTC was transferred to this address generated by the bitaddress.org JavaScript software:
Bitcoin Address:
19ePdrxmtVCdRMZrJzCX3gf6fK6juu9yFa
http://blockexplorer.com/address/19ePdrxmtVCdRMZrJzCX3gf6fK6juu9yFa
Private Key Hex:
3BF44F939A73052E56FC1B946A080E30B46FFD49835FD59ACDAA5ACFB15D11D2
Private Key Base64:
O/RPk5pzBS5W/BuUaggOMLRv/UmDX9Wazapaz7FdEdI=
UPDATE: Bounty was collected.


CHECKSUM HISTORY:
bitaddress.org-v2.9.10-SHA256-445e44cfd04c8f1ea8f732c3ae7277b0166fdb3e2109251c54e4b367983fe04d.html
bitaddress.org-v2.9.9-SHA256-90ddaf250f6302acb53945128e38225208af5a2fa7cfdf51519213e8b144a76d.html
bitaddress.org-v2.9.8-SHA256-2c5d16dbcde600147162172090d940fd9646981b7d751d9bddfc5ef383f89308.html
bitaddress.org-v2.9.3-SHA1-7d47ab312789b7b3c1792e4abdb8f2d95b726d64.html
bitaddress.org-v2.9.1-SHA1-67b1facd70890aa9544597e97122c7a1d4fdc821.html
bitaddress.org-v2.9.0-SHA1-6e9ae5c64d510b53fa39e36a3017d5342b838984.html
bitaddress.org-v2.8.1-SHA1-a6e63f2712851710255a27fa0f22ef7833c2cd07.html
bitaddress.org-v2.8.0-SHA1-87dcf19f02ee9fb9dd3a8c787bcf52eef944aa82.html
bitaddress.org-v2.7.2-SHA1-364542f1ccc5777c79aebb1692a6265cf3e42e7e.html
bitaddress.org-v2.7.1-SHA1-6dfa290d1a133fc444c5580e2a8f1f890d5edf17.html
bitaddress.org-v2.6.6-SHA1-0d68accca48df174b6b4f48544498f333dc6e33a.html
bitaddress.org-v2.6.5-SHA1-fa763c2bbc97e1b37bc6d3945647aed869ec8c18.html
bitaddress.org-v2.6.2-SHA1-4d98755d7e78caa4361228a2b11b0faa0f65e6de.html
bitaddress.org-v2.6.0-SHA1-4f1fea4620287f863473193b8d93a8f3877ba972.html
bitaddress.org-v2.5.1-SHA1-b7bda19c2327cc44a81b68a44926a9f8057ed681.html
bitaddress.org-v2.4-SHA1-1d5951f6a04dd5a287ac925da4e626870ee58d60.html
bitaddress.org-v2.3-SHA1-1d067dc4f3103622ca9de332c3c86fc57d76ec83.html
bitaddress.org-v2.2-SHA1-d414530eea984e9ebdd40dc27af9078cd73dc3b3.html
bitaddress.org-v2.0-SHA1-c0300a88d2de421106560185e4916f4eee6ed9df.html
bitaddress.org-v1.9-SHA1-a487b495d710d6f617d688e5f758e40c8b6c510e.html
bitaddress.org-v1.8-SHA1-97d52a44eeb261e2398e98e1eed2bd56b99c845a.html
bitaddress.org-v1.7-SHA1-46215e8a2f026b784f29ea86c00c866e634a22fa.html
bitaddress.org-v1.6-SHA1-162d1ff4fd1e09222cbaca6c282672ee6c195e1b.html
bitaddress.org-v1.5-SHA1-f2e410251c8741ac65d29a1c6fb8ef6919b6ab8b.html
bitaddress.org-v1.4-SHA1-5c120c0860032e88a8fd81b802d6f53a5fc082bf.html
bitaddress.org-v1.3-SHA1-88d9a17e6d6286d7840043b6df9980e85f44b8c0.html
bitaddress.org-v1.2-SHA1-1770e5e8993cca823a2ad956e2aab5c291151692.html
bitaddress.org-v1.1-SHA1-969273be66ecf93d8bb3525edc1fa0cf3de228d2.html
bitaddress.org-v1.0-SHA1-8fc60a3ca4eb24c85c31b264e95a9298e41032c2.html
bitaddress.org-v0.9-SHA1-aa61ca480288e1bda00f1f042d60a057880a2321.html
bitaddress.org-v0.8-SHA1-47b989b8a33407df14d21dbd00fad653e0161d6c.html
bitaddress.org-v0.7-SHA1-34e344a0d229dc10c8f5c99ed6b6298e6fc5e39f.html
bitaddress.org-v0.6-SHA1-1cea2d8c437d49c550b9ec1cfc5d02ac85e8199e.html
bitaddress.org-v0.5-SHA1-7ea8d0e32c3583d369dc4079443e0d6e215ac216.html

Code signing key:
Code:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.17 (MingW32)

mQENBE5lizQBCADhDeJALMhaXOW6U5Lj1wyNyYwf5bh4kcP4m5pDrQCk3GzduMBh
NKsa21zgejhST74l7PRVNWJc7cLsdpQ7fCGUgbEBaApQ7+J1pSAClEdBCZ6wycgI
gAln86LmsmtsGnr77jPJEeeYI2FH6o5JEEYdc6Kji8Mkj1fNMqa8qrOFydazbvTm
EcuwtWsf+EFM1DwnaS2D0CU8Y4rB7wzaQkS/m+9yXqmhLgFI1B5mYyEhWz/YGcKs
ln93a/rLemHty54UWtpi1bn5F7alB/HnvNt65wHvXKnvi+/Teqft2jk4i0Uqd7QR
uFUBc/wTC9tJXwf83qOMOv8zqU8uJCryp4cjABEBAAG0HG5pbmphIDxuaW5qYUBi
aXRhZGRyZXNzLm9yZz6JAT4EEwECACgCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4B
AheABQJSLPElBQkHiczxAAoJEIdJe5Fjl09aoPMH/2p6b2HjgUM0OWuStfRtVXiS
t8y8bCAeGzN+3Z/fLPncbTck2hT2S4TYd/37qghJWirrlSmzEVRW6aCVeD/tt7xA
nBkGSTWr17JRsXY0ro+zXaSPmwJyuIDnNR2Jo/ha65QlLT/yEI5cO2cIMzMI82X/
3QYFRcJBYYDSSvXbR7ctqCRns6+Eh4B+HQlRz+mBR5aXTwkr/hEsDUs2I3/bSucF
kadeH4FlM5broQ2Ccl8sESusOwhmvPFJFxTV7JpB547VlXbNOF0OEl/aztKtMEo1
+SaYU232Icdvuuxx3XT8+QUdwBndABY43HmUgbVE2ht4GyUHwKkIsbvgT5CBr/u5
AQ0ETmWLNAEIAN1eqRI6ltxWZhR3EaWIca1/p3PrV/BqY0CpWufjr/ZWjufN+QSV
gICrVF/CjYxxZeo0tZ48m3qzIfr3MYIMW2+YRno1p/uMbf43oqOiQy7o30u8rhLg
Wc3nmKFyE8I1iRToqcGM2+YxQ80zp8TvjFQWzvMClFHS+JAa+n7Z5RwerTQPf3j4
spo4oZGrxxu8UWT4qxR8BRzs6q4BSkuehzxTTgYhxSOrKqZLKVQ/kVfUZaCy29Wq
V9LxnQXLFrqZeHccocp+Hd01xyCybGgynJfgO2Oz52RXRHDEPv0hjR+b419O7QOi
qGI7TQ7fcaIBUByIn84fodOnddak9XYwd1MAEQEAAYkBJQQYAQIADwIbDAUCUizx
RwUJB4nNEwAKCRCHSXuRY5dPWsGgB/9JszPV07ZrL1OOMz7rxkBHYhwPB3Wk8fOM
PueNLQLJsE4w+WI3Pn5gtDKkR0oRgjoWCqSmTcZOukg2QQ0Zh5ChQ+f61+Z7SYgC
7PFSWmzM7+tTw73aRqUcRcpm/C5Y9EpYiCDat3gAKZ4Np3+LNLWzt8ni4EBbBGdY
Gw3z4Nc12ZAg30RY+M+jMSCr5U7xfHiKLMN9bkQJpl/H6tHiEJRnBoN3fa8o9ahh
3eA64z/kXtH74JbuUomtNr104wfA4Iw3mYM34GL4T1C8VrhKAOnCzSw8otWBuyM2
rdxVjJs1qvgp9Q10CyV0uelzZKSDWcyanBmlOm6+yO5hZI9+l2Rn
=pDI6
-----END PGP PUBLIC KEY BLOCK-----

Coder of: https://www.bitaddress.org      Thread
Open Source JavaScript Client-Side Bitcoin Wallet Generator
Donations: 1NiNja1bUmhSoTXozBRBEtR8LeF9TGbZBN   PGP
Even in the event that an attacker gains more than 50% of the network's computational power, only transactions sent by the attacker could be reversed or double-spent. The network would not be destroyed.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1438489122
Hero Member
*
Offline Offline

Posts: 1438489122

View Profile Personal Message (Offline)

Ignore
1438489122
Reply with quote  #2

1438489122
Report to moderator
1438489122
Hero Member
*
Offline Offline

Posts: 1438489122

View Profile Personal Message (Offline)

Ignore
1438489122
Reply with quote  #2

1438489122
Report to moderator
1438489122
Hero Member
*
Offline Offline

Posts: 1438489122

View Profile Personal Message (Offline)

Ignore
1438489122
Reply with quote  #2

1438489122
Report to moderator
pointbiz
Sr. Member
****
Offline Offline

Activity: 398

1ninja


View Profile

Ignore
September 12, 2011, 12:37:43 AM
 #2

Please post if you collect the bounty. Thanks.

Coder of: https://www.bitaddress.org      Thread
Open Source JavaScript Client-Side Bitcoin Wallet Generator
Donations: 1NiNja1bUmhSoTXozBRBEtR8LeF9TGbZBN   PGP
nmat
Hero Member
*****
Offline Offline

Activity: 602


View Profile

Ignore
September 12, 2011, 01:25:37 AM
 #3

Bookmarked it. Thank you very much Smiley I claimed the bounty, but I will offer half of it (0.05) here:

Quote
Bitcoin Address:
1DcTht9y5VhSCGMe7XmbTZBGHM79oAGVjm
Private Key Hex:
1F386E4824A902731159EC25CB5EEFE3DBD83601CCA6A3C40E7565679D134C7A
Private Key Base64:
HzhuSCSpAnMRWewly17v49vYNgHMpqPEDnVlZ50TTHo=
pointbiz
Sr. Member
****
Offline Offline

Activity: 398

1ninja


View Profile

Ignore
September 12, 2011, 01:33:48 AM
 #4

nmat, thanks.

Coder of: https://www.bitaddress.org      Thread
Open Source JavaScript Client-Side Bitcoin Wallet Generator
Donations: 1NiNja1bUmhSoTXozBRBEtR8LeF9TGbZBN   PGP
casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1288


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW

Ignore
September 12, 2011, 02:33:47 AM
 #5

Excellent achievement.  Somebody needed to do this.  It wouldn't run in IE9 btw but runs fine in other browsers.

Instead of base64 you should provide the Wallet Import Format, which is how it is used on Bitbills and the format natively used by the "importprivkey" command of bitcoind (available by sipa's patch, and will likely become part of the release).

Wallet Import Format is: you construct it exactly the same as a bitcoin address in base58, but use the header byte 0x80 at the beginning instead of 0x01.  And of course your payload is 32 bytes instead of 20.  You do the SHA256 checksum exactly the same way.  The resulting string should always start with the character '5'.

Also a suggestion: recommend that the user disconnect themselves from the internet, print their "paper wallet", and close their browser before reconnecting.  That way they can confirm they're airgapped.  You'd need a button to generate a new address instead of having them refresh in this case.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper wallets instead.
pointbiz
Sr. Member
****
Offline Offline

Activity: 398

1ninja


View Profile

Ignore
September 12, 2011, 02:49:19 AM
 #6

Excellent achievement.  Somebody needed to do this.  It wouldn't run in IE9 btw but runs fine in other browsers.

Instead of base64 you should provide the Wallet Import Format, which is how it is used on Bitbills and the format natively used by the "importprivkey" command of bitcoind (available by sipa's patch, and will likely become part of the release).

Wallet Import Format is: you construct it exactly the same as a bitcoin address in base58, but use the header byte 0x80 at the beginning instead of 0x01.  And of course your payload is 32 bytes instead of 20.  You do the SHA256 checksum exactly the same way.  The resulting string should always start with the character '5'.

Also a suggestion: recommend that the user disconnect themselves from the internet, print their "paper wallet", and close their browser before reconnecting.  That way they can confirm they're airgapped.  You'd need a button to generate a new address instead of having them refresh in this case.

Thank you for the algorithm, I was going to dig it from some C# code you posted and port.

Looks like it defaults to quirks mode in IE9, I'll fix that in V0.2 as well as add the WIF.

Coder of: https://www.bitaddress.org      Thread
Open Source JavaScript Client-Side Bitcoin Wallet Generator
Donations: 1NiNja1bUmhSoTXozBRBEtR8LeF9TGbZBN   PGP
Joric
Member
**
Offline Offline

Activity: 67


View Profile

Ignore
September 12, 2011, 03:09:40 AM
 #7

Bookmarked it. Thank you very much Smiley I claimed the bounty, but I will offer half of it (0.05) here:

Quote
Bitcoin Address:
1DcTht9y5VhSCGMe7XmbTZBGHM79oAGVjm
Private Key Hex:
1F386E4824A902731159EC25CB5EEFE3DBD83601CCA6A3C40E7565679D134C7A
Private Key Base64:
HzhuSCSpAnMRWewly17v49vYNgHMpqPEDnVlZ50TTHo=

Many thanks! I promise I'll spend them for good and decent causes.

1JoricCBkW8C5m7QUZMwoRz9rBCM6ZSy96
pointbiz
Sr. Member
****
Offline Offline

Activity: 398

1ninja


View Profile

Ignore
September 13, 2011, 03:07:49 AM
 #8

V0.2

-Updated the logo
-Added New Address and Print buttons
-Added doctype so IE9 renders in standards mode
-Added Array.prototype.map for IE7/8 compatibility
-Known bug: Bitcoin.Base58.encode is not working properly in IE7



Coder of: https://www.bitaddress.org      Thread
Open Source JavaScript Client-Side Bitcoin Wallet Generator
Donations: 1NiNja1bUmhSoTXozBRBEtR8LeF9TGbZBN   PGP
pointbiz
Sr. Member
****
Offline Offline

Activity: 398

1ninja


View Profile

Ignore
September 14, 2011, 03:56:10 AM
 #9

V0.3

-Removed Private Key Base64
-Added Private Key Wallet Import Format

Coder of: https://www.bitaddress.org      Thread
Open Source JavaScript Client-Side Bitcoin Wallet Generator
Donations: 1NiNja1bUmhSoTXozBRBEtR8LeF9TGbZBN   PGP
nhodges
Sr. Member
****
Offline Offline

Activity: 308

Firstbits: 1nurih


View Profile WWW

Ignore
September 14, 2011, 04:22:53 AM
 #10

V0.3
http://www.bitaddress.org/bitaddress.org-v0.3-SHA1-bd94e796811d852f9db69e82adea9a9c48daf183.html

-Removed Private Key Base64
-Added Private Key Wallet Import Format

Sweet, it's nearing perfect utilitarian function! Smiley

nibor
Sr. Member
****
Offline Offline

Activity: 344


View Profile

Ignore
September 14, 2011, 10:03:36 AM
 #11

Great!

Just need to add the QR Codes for them all and is perfect!

https://github.com/jeromeetienne/jquery-qrcode#readme
casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1288


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW

Ignore
September 14, 2011, 04:53:28 PM
 #12

Very nice!

If you make it so you can click a button and see 10 addresses instead of 1 (or however many might fit on a piece of paper), then now you have a working Paper Wallet generator.  Though a paper wallet with 1 address is still just as safe and useful.

Also you might want to have something help produce entropy.  It looks like there is a "sr.seedtime" you can be calling that will take entropy from the timing of events.  If various objects called this onmouseover and onmouseout, the user could be adding entropy just by hovering towards the buttons.  EDIT: I just noticed you added it to the body tag.

Thanks for producing this.  I sent you a 10 BTC donation to your firstbits.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper wallets instead.
pointbiz
Sr. Member
****
Offline Offline

Activity: 398

1ninja


View Profile

Ignore
September 14, 2011, 05:13:58 PM
 #13

nhodges, thanks for the post on the BTCNN:
http://www.btcnn.com/2011/09/bit-address-makes-offline-wallets-easy.html

nibor, thanks for the link. I know the QR code would be useful for the public key. Is it also useful to have it for the private key?
I'll dig into that jQuery QR plugin code. I'm trying to avoid having to use jQuery (because it has XMLHttpRequest in it) and it's a lot of extra JavaScript for people to review.

Coder of: https://www.bitaddress.org      Thread
Open Source JavaScript Client-Side Bitcoin Wallet Generator
Donations: 1NiNja1bUmhSoTXozBRBEtR8LeF9TGbZBN   PGP
casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1288


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW

Ignore
September 14, 2011, 05:23:24 PM
 #14

nhodges, thanks for the post on the BTCNN:
http://www.btcnn.com/2011/09/bit-address-makes-offline-wallets-easy.html

nibor, thanks for the link. I know the QR code would be useful for the public key. Is it also useful to have it for the private key?
I'll dig into that jQuery QR plugin code. I'm trying to avoid having to use jQuery (because it has XMLHttpRequest in it) and it's a lot of extra JavaScript for people to review.

You probably could formulate a QR code in javascript.  There's a lightweight C library out there that's very simple, and given a string, returns an array of integers - one per pixel - to say what needs to be white and black.  This could be converted to javascript.  I would strongly favor avoiding jQuery, or any included or linked files whatsoever for that matter.  Ideally one should be able to just save the single .html file to disk and generate fresh bitcoin addresses with it.

That said, even if you do this, if the QR code turns out to be bulky you ought to offer both versions, so the person who wants to review the code but who isn't interested in QR codes has less to review.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper wallets instead.
pointbiz
Sr. Member
****
Offline Offline

Activity: 398

1ninja


View Profile

Ignore
September 14, 2011, 05:29:48 PM
 #15

Very nice!

If you make it so you can click a button and see 10 addresses instead of 1 (or however many might fit on a piece of paper), then now you have a working Paper Wallet generator.  Though a paper wallet with 1 address is still just as safe and useful.

Also you might want to have something help produce entropy.  It looks like there is a "sr.seedtime" you can be calling that will take entropy from the timing of events.  If various objects called this onmouseover and onmouseout, the user could be adding entropy just by hovering towards the buttons.  EDIT: I just noticed you added it to the body tag.

Thanks for producing this.  I sent you a 10 BTC donation to your firstbits.

Thanks SO much for the donation Smiley Adds a lot of excitement to the fun for me!

I noticed there is some extra space left to fill for an 8.5x11 inch print out. I'm thinking about your two suggestions... the instructions and/or more than 1 address generated.

Coder of: https://www.bitaddress.org      Thread
Open Source JavaScript Client-Side Bitcoin Wallet Generator
Donations: 1NiNja1bUmhSoTXozBRBEtR8LeF9TGbZBN   PGP
casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1288


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW

Ignore
September 14, 2011, 05:37:49 PM
 #16

Thanks SO much for the donation Smiley Adds a lot of excitement to the fun for me!

I noticed there is some extra space left to fill for an 8.5x11 inch print out. I'm thinking about your two suggestions... the instructions and/or more than 1 address generated.

You're welcome.  You are doing good work.

If you tag the instructions with a CSS style marked with "@media screen" and "@media print" (see http://www.w3.org/TR/CSS2/media.html), you can control what appears on screen versus what's printed.  So that way the printout can omit the instructions, fit within a single page, giving just the addresses and (ideally) a space for the user to write notes next to each address to record what he used it for.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper wallets instead.
pointbiz
Sr. Member
****
Offline Offline

Activity: 398

1ninja


View Profile

Ignore
September 14, 2011, 05:47:04 PM
 #17

You probably could formulate a QR code in javascript.  There's a lightweight C library out there that's very simple, and given a string, returns an array of integers - one per pixel - to say what needs to be white and black.  This could be converted to javascript.  I would strongly favor avoiding jQuery, or any included or linked files whatsoever for that matter.  Ideally one should be able to just save the single .html file to disk and generate fresh bitcoin addresses with it.

That said, even if you do this, if the QR code turns out to be bulky you ought to offer both versions, so the person who wants to review the code but who isn't interested in QR codes has less to review.

The intention of the site is to always provide a single .html file. So there will never be externally included/linked files. I also will not include any minified JavaScript. jQuery could be embedded like the other JavaScript but it would be a huge bulk, so I'll be investigating doing the QR code without the jQuery dependency.

Good idea regarding the media types.

Cheers.

Coder of: https://www.bitaddress.org      Thread
Open Source JavaScript Client-Side Bitcoin Wallet Generator
Donations: 1NiNja1bUmhSoTXozBRBEtR8LeF9TGbZBN   PGP
casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1288


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW

Ignore
September 14, 2011, 05:54:37 PM
 #18

I also will not include any minified JavaScript.

excellent policy, the thorough commenting makes the code much easier to review.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper wallets instead.
Elwar
Legendary
*
Offline Offline

Activity: 1456


www.bitpools.com


View Profile WWW

Ignore
September 14, 2011, 05:55:32 PM
 #19

I like it if it is what I think it is...

how would one go about using this?

http://www.bitpools.com
Pool your bitcoins with others. Vote on solutions using the Bitcoin blockchain. Keep your bitcoins in your cold storage until you find a solution you like.
Links and Reviews of useful every day places to spend bitcoins: https://bitcointalk.org/index.php?topic=943143.0
Stephen Gornick
Legendary
*
Offline Offline

Activity: 1638



View Profile WWW

Ignore
September 15, 2011, 06:08:23 AM
 #20

Is it still possible that there could be a keylogger performing screenshots even when not even connected to the Internet (but will upload the screenshots once the connection is re-established?)

To use this even more securely would it not make sense to boot to a LiveOS (e.g., LinuxCoin, or Ubuntu even) that is not connected to the internet even and then load the page from the usb flash drive, for instance?
 - http://en.bitcoin.it/wiki/LinuxCoin

And secondly, just to make sure I'm current on this -- there is no way for these to be redeemed without first downloading a patch for bitcoind that will allow importing of the key?
 

Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!