pointbiz (OP)
Sr. Member
 Offline
Activity: 437
Merit: 415
1ninja
|
 |
October 11, 2011, 02:41:18 AM |
|
I don't think there exists such thing as a "standard format" in base58 that's < 51 characters. The standard base58 format is the sipa wallet import format. I also wouldn't offer it in base64 unless something else uses it prominently (e.g. OpenSSL, but OpenSSL uses hex). These unused formats will just serve to confuse people.
Also, hexadecimal is misspelled on the actual website.
LOL. I guess Standard Format didn't exist until MagicalTux created it... maybe I'm adding to the problem. I don't want to cause confusion. Mtgox still doesn't work with WIF. I added the base64 only because it was available in the .toString() method for the ECKey and I assumed Stephan had a reason for that. I'm going to double check Mtgox works with hex. Hopefully they fix the WIF bug soon. Did MtGox stop accepting in the "standard format"? Because I tried it a few days ago and it worked. |
|
|
|
pointbiz (OP)
Sr. Member
Offline
Activity: 437
Merit: 415
1ninja
|
|
October 11, 2011, 02:42:19 AM |
|
Cool. Another way to convert. I don't have a "mini-key" to test but if you put that in will it also give you the other formats? Yes, a little Easter Egg for Casascius  |
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
October 11, 2011, 02:45:31 AM |
|
MtGox only accepted that format because MagicalTux was confused as to how the format worked. Nothing generates keys in that format, and quite frankly there is no advantage to doing it because it takes away the error checking for no good reason. It would be best not to propagate new formats for keys that don't serve any particular purpose, otherwise everybody will have to support them for everything.
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
|
nmat
|
|
October 11, 2011, 04:07:24 AM |
|
Is there any known reason why this does not work in mobile safari? The gen key function seems to be called and the CPU seems to be chugging along for 4-5s but nothing is displayed past "move your mouse". I tried to step through the js execution and think the script halted at one one of underlying crypto functions.
Try Opera Mini. It works on my iPod 2G. |
|
|
|
|
BurtW
Legendary
Offline
Activity: 2646
Merit: 1137
All paid signature campaigns should be banned.
|
|
October 11, 2011, 04:12:34 AM |
|
I don't think there exists such thing as a "standard format" in base58 that's < 51 characters. The standard base58 format is the sipa wallet import format. I also wouldn't offer it in base64 unless something else uses it prominently (e.g. OpenSSL, but OpenSSL uses hex). These unused formats will just serve to confuse people.
Also, hexadecimal is misspelled on the actual website.
LOL. I guess Standard Format didn't exist until MagicalTux created it... maybe I'm adding to the problem. I don't want to cause confusion. Mtgox still doesn't work with WIF. I added the base64 only because it was available in the .toString() method for the ECKey and I assumed Stephan had a reason for that. I'm going to double check Mtgox works with hex. Hopefully they fix the WIF bug soon. Did MtGox stop accepting in the "standard format"? Because I tried it a few days ago and it worked. I have verified that Mt. Gox works with and automatically detects both the mini private key format and the hex format. The last time I checked it still did not work with the "standard" WIF but I will check it again in a few days. I filed a bug report with Mt. Gox but they have not even assigned it to anyone yet, let alone gotten back to me. |
Our family was terrorized by Homeland Security. Read all about it here: http://www.jmwagner.com/ and http://www.burtw.com/ Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated! |
|
|
pointbiz (OP)
Sr. Member
Offline
Activity: 437
Merit: 415
1ninja
|
|
October 11, 2011, 11:33:59 AM |
|
Is there any known reason why this does not work in mobile safari? The gen key function seems to be called and the CPU seems to be chugging along for 4-5s but nothing is displayed past "move your mouse". I tried to step through the js execution and think the script halted at one one of underlying crypto functions.
Try Opera Mini. It works on my iPod 2G. . It is a different type of browser that uses a proxy and renders the information server side (including JavaScript execution results) then sends the results to the client. So theoretically Opera knows about any private keys generated using "Opera Mini". Opera has another mobile browser called "Opera Mobile" which is safe to use but may not solve the slow JavaScript issue on some iDevices. |
|
|
|
pointbiz (OP)
Sr. Member
Offline
Activity: 437
Merit: 415
1ninja
|
|
October 11, 2011, 11:41:50 AM |
|
MtGox only accepted that format because MagicalTux was confused as to how the format worked. Nothing generates keys in that format, and quite frankly there is no advantage to doing it because it takes away the error checking for no good reason. It would be best not to propagate new formats for keys that don't serve any particular purpose, otherwise everybody will have to support them for everything.
I'm going to remove the "standard format" from the next release. I just checked and MtGox no longer accepts it. I agree the sipa format is better due to the error checking and the usability feature of always starting with a 5. I can also confirm that the hexadecimal format works at MtGox. Thanks bwagner for checking as well. |
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
October 11, 2011, 01:16:26 PM |
|
MagicalTux reports having fixed this. It now accepts Base58 private keys, and I was able to import one as a test.
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
|
|
pointbiz (OP)
Sr. Member
Offline
Activity: 437
Merit: 415
1ninja
|
|
October 13, 2011, 12:19:04 AM |
|
I also wouldn't offer it in base64 unless something else uses it prominently (e.g. OpenSSL, but OpenSSL uses hex).
# write 32 random bytes of base64-encoded data to stdout
$ openssl rand -base64 32
0kMS0ngFjbWFnDAQzH+OvJTlO2b6O71Kcv9aKpWVh2k=
Looks like you can generate random numbers in base64 with OpenSSL: http://www.madboa.com/geek/openssl/#random-generateI'm not sure who, if anyone, is using base64 but it's such a wide spread encoding I figured it would be useful to include in the tool. |
|
|
|
pointbiz (OP)
Sr. Member
Offline
Activity: 437
Merit: 415
1ninja
|
|
October 13, 2011, 01:36:53 AM |
|
A deterministic generation function does one more very valuable thing from an auditability perspective that has nothing to do with recreating wallets. Supporting deterministic generation from a passphrase allows the average user to control for the possibility that the RNG in your generator isn't rigged or flawed in a non-obvious manner. If your RNG turns out to be flawed at any time down the road, it would turn into a huge liability for anyone who has ever used your generator. (Google "Debian OpenSSL key flaw" for an example of a past occurrence of this mess). On the other hand, if it produces the same deterministic wallet as any other program made for the same purpose, it can be conclusively deemed to operate as advertised.
The Wallet Details tab can now be used for the purpose of creating a deterministic wallet. You can use the tab to determine if you have a valid private key in one of various formats and what the bitcoin address is for that key. It's also useful if you're in a highly adversarial environment and you believe a weakness in the PRNG could expose your private key. To protect against that you could copy the key you generate on the single wallet tab and paste it on the wallet details tab and adjust a few characters then view the details to confirm it's a valid private key and see it's bitcoin address. |
|
|
|
|
|
|
amencon
|
|
October 15, 2011, 09:54:43 AM |
|
Great job! Thanks very much for this. Using it to secure some coins now and it was MUCH simpler than other alternatives I was looking at.
|
|
|
|
|
mwally
Newbie
Offline
Activity: 21
Merit: 0
|
|
October 20, 2011, 01:52:01 AM |
|
Thank you for this excellent tool.
|
|
|
|
|
pointbiz (OP)
Sr. Member
Offline
Activity: 437
Merit: 415
1ninja
|
|
November 07, 2011, 02:40:33 AM |
|
I decided to open source the project, it's now available under an MIT License. https://github.com/pointbiz/bitaddress.orgI've uploaded the version history from v0.5 to the current v1.2 so it's easier to review the changes. |
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
November 07, 2011, 03:12:44 AM |
|
That is exciting news, and an enormous contribution to the community! Thanks much!
In my opinion, this should be available directly at places like bitcoin.org, weusecoins.com, mtgox.com, etc...
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
|
mila
|
|
November 08, 2011, 08:48:11 PM
Last edit: November 08, 2011, 09:01:12 PM by mila |
|
that's amazing  Q: do you plan to add testnet switch for addresses/keys valid for testnet blockchain? p.s. pls send me a unique address for a bitcoin donation That is exciting news, and an enormous contribution to the community! Thanks much!
In my opinion, this should be available directly at places like bitcoin.org, weusecoins.com, mtgox.com, etc...
+1 |
your ad here:
|
|
|
|
|
|
osmosis
|
|
December 04, 2011, 01:21:21 AM |
|
I would like a bitaddress option to generate a PDF of dollar bill sized print outs. What printcoins.com is doing works great because they fit in a wallet.
|
|
|
|
|
cbeast
Donator
Legendary
Offline
Activity: 1736
Merit: 1014
Let's talk governance, lipstick, and pigs.
|
|
December 04, 2011, 02:08:47 AM |
|
I would like a bitaddress option to generate a PDF of dollar bill sized print outs. What printcoins.com is doing works great because they fit in a wallet.
I'm having to pshop them manually. I'm not printing bill exactly, but a similar format. A DTP program would prolly do a better job. |
Any significantly advanced cryptocurrency is indistinguishable from Ponzi Tulips.
|
|
|
|
