Bitcoin Forum
December 11, 2016, 04:25:11 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 [37] 38 39 »
  Print  
Author Topic: [ANN] bitaddress.org Safe JavaScript Bitcoin address/private key  (Read 110224 times)
pointbiz
Sr. Member
****
Offline Offline

Activity: 426

1ninja


View Profile
November 21, 2015, 02:16:57 AM
 #721

I published a branch with bip38 encryption on the wallet details tab. It addresses the requests on this thread and the issue posted on github:
https://github.com/pointbiz/bitaddress.org/issues/44

Here is the branch:
https://github.com/pointbiz/bitaddress.org/tree/bip38walletdetails

Here is the raw html:
https://raw.githubusercontent.com/pointbiz/bitaddress.org/bip38walletdetails/bitaddress.org.html

Please take a look and give me feedback. I'm wondering if this is what people are looking for. Also, wondering if the usability is good.

Each Private Key could have a few different BIP38 keys. This is because there is more than one way to generate a BIP38 key.

Here is an example. The Paper Wallet tab would generate an "EC Multiply" BIP38 key like #1 below. It's uncompressed and uses an intermediate point derived from the passphrase then mixed with random data to make the encrypted key.
Passphrase: TestingOneTwoThree
1) EC Multiply, no compression, 6PfQu77ygVyJLZjfvMLyhLMQbYnu5uguoJJ4kMCLqWwPEdfpwANVS76gTX   5K4caxezwjGCGfnoPTZ8tMcJBLB7Jvyjv4xxeacadhq8nLisLR2

If I take the WIF key above ('5xxx') then I use it on the Wallet Details tab using the passphrase above I get this BIP38 key that does NOT use "EC Multiply".
2) no EC Multiply, no compression, 6PRNpUxL88gG5GeAGqQnEpTzLfzCNaq91m8TmMwMsAqWrfG9SA4CiMsCBJ   5K4caxezwjGCGfnoPTZ8tMcJBLB7Jvyjv4xxeacadhq8nLisLR2

If you take the compressed WIF key and use it on the Wallet Details tab using the passphrase above you'll get yet another BIP38 key because this key will keep track of the compression flag so you can generate the Bitcoin Address for the compressed public key.
3) no EC Multiply, compression, 6PYMHFJQL84b73nEHQcfQYzGbvnPGufT4VkxC9aHr2gWJBkvpnQZtJrrMk   L2ix4teikZY4kAD9k8Cqofxnpbdcr9FSREVzcsN3T1DTLkDhHDkk

To keep things simple for users I just show one key. When decrypting a BIP38 key then I just show that key. When encrypting you get the uncompressed no EC multiply BIP38 key. Unless you use the compressed WIF key then you get the compressed no EC multiply BIP38 key. I considered that these details are not important for end users. Hence, why I just show one of these versions at any given time because you can always get the same private key out anyways.

Coder of: https://www.bitaddress.org      Thread
Open Source JavaScript Client-Side Bitcoin Wallet Generator
Donations: 1NiNja1bUmhSoTXozBRBEtR8LeF9TGbZBN   PGP
1481430311
Hero Member
*
Offline Offline

Posts: 1481430311

View Profile Personal Message (Offline)

Ignore
1481430311
Reply with quote  #2

1481430311
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481430311
Hero Member
*
Offline Offline

Posts: 1481430311

View Profile Personal Message (Offline)

Ignore
1481430311
Reply with quote  #2

1481430311
Report to moderator
1481430311
Hero Member
*
Offline Offline

Posts: 1481430311

View Profile Personal Message (Offline)

Ignore
1481430311
Reply with quote  #2

1481430311
Report to moderator
1481430311
Hero Member
*
Offline Offline

Posts: 1481430311

View Profile Personal Message (Offline)

Ignore
1481430311
Reply with quote  #2

1481430311
Report to moderator
minimalB
Donator
Hero Member
*
Offline Offline

Activity: 627


View Profile
November 21, 2015, 11:50:57 AM
 #722

Thanks pointbiz, it works perfectly!

Just a sugesiton: For intermediate user everything is clear. If you are a beginner or just started playing around with key generation and bip38 stuff,  I guess you would get lost in "Details tab".  Maybe separate tab with a little bit of explanation would help a lot.
dooglus
Legendary
*
Offline Offline

Activity: 2002



View Profile
November 21, 2015, 05:34:45 PM
 #723

Quick question, does anyone know if Blockchain.info store the private key from a watch only address once you use on their site to authorize a payment?  i used the private key created on Bitaddress the other day to do such a thing.

I don't know, but you should assume that they (or your own computer) store it and will one day leak it to a hacker.

To assume anything else is dangerous. You're presumably using bitaddress.org for offline storage. Once you've entered a private key online, consider it compromised, and move any remaining funds to a new address.

dooglus
Legendary
*
Offline Offline

Activity: 2002



View Profile
November 21, 2015, 05:47:39 PM
 #724

I published a branch with bip38 encryption on the wallet details tab. It addresses the requests on this thread and the issue posted on github:

Looks good. Thanks.

I'd like to be able to 'skip entropy collection', like I added to https://clamaddress.org/ (a fork of bitaddress). I took the code for that from the bitcoinpaperwallet fork.

pointbiz
Sr. Member
****
Offline Offline

Activity: 426

1ninja


View Profile
November 22, 2015, 07:06:21 PM
 #725

v3.1.0
https://www.bitaddress.org/bitaddress.org-v3.1.0-SHA256-c3d4d8da8fc6980435a520dff562b7f831b2f6037ec2d4dd6bf76c5321873303.html
 - add BIP38 encryption on Wallet Details tab.

Coder of: https://www.bitaddress.org      Thread
Open Source JavaScript Client-Side Bitcoin Wallet Generator
Donations: 1NiNja1bUmhSoTXozBRBEtR8LeF9TGbZBN   PGP
minimalB
Donator
Hero Member
*
Offline Offline

Activity: 627


View Profile
November 23, 2015, 11:51:23 PM
 #726

Not sure if this is a bug:

If I manually change a letter in a private key and click "View Details" (wallet details tab), I don't get any error message but text and QR codes are not displayed either.

For example:
1. generate private key like: 5KjQAHniFiy18SU7eenyJ9EPYUkjrbiBPfDqw987QjT5vehVQZV
2. paste address into "Wallet Details" tab
3. manually change something, for example
  5KjQAHniFiy18SU7eenyJ9EPYUkjrbiBPfDqw987QjT5vehVQZV
  5kjQAHniFiy18SU7eenyJ9EPYUkjrbiBPfDqw987QjT5vehVQZV
  (at the beginning uppercase is changed from "5K" to "5k")
3. click "View Details"

Nothing happens... no text, no QR code, no Error message.

Would it be possible to get "CRC Error" message or something like that?
pointbiz
Sr. Member
****
Offline Offline

Activity: 426

1ninja


View Profile
November 24, 2015, 01:30:52 AM
 #727

Not sure if this is a bug:

If I manually change a letter in a private key and click "View Details" (wallet details tab), I don't get any error message but text and QR codes are not displayed either.

For example:
1. generate private key like: 5KjQAHniFiy18SU7eenyJ9EPYUkjrbiBPfDqw987QjT5vehVQZV
2. paste address into "Wallet Details" tab
3. manually change something, for example
  5KjQAHniFiy18SU7eenyJ9EPYUkjrbiBPfDqw987QjT5vehVQZV
  5kjQAHniFiy18SU7eenyJ9EPYUkjrbiBPfDqw987QjT5vehVQZV
  (at the beginning uppercase is changed from "5K" to "5k")
3. click "View Details"

Nothing happens... no text, no QR code, no Error message.

Would it be possible to get "CRC Error" message or something like that?


The error is uncaught and shows in the console:
Checksum validation failed!

Yes, I'll fix it so that the error is handled and shown to the user. No one can lose money due to that bug, so I'll fit it in with the next release.

Thanks for reporting it.

Coder of: https://www.bitaddress.org      Thread
Open Source JavaScript Client-Side Bitcoin Wallet Generator
Donations: 1NiNja1bUmhSoTXozBRBEtR8LeF9TGbZBN   PGP
Trolololo
Sr. Member
****
Offline Offline

Activity: 245



View Profile
December 23, 2015, 05:16:42 PM
 #728

I published a branch with bip38 encryption on the wallet details tab.


Thank you very much!


Tip for you!
pointbiz
Sr. Member
****
Offline Offline

Activity: 426

1ninja


View Profile
February 20, 2016, 01:45:26 AM
 #729

v3.2.0
https://www.bitaddress.org/bitaddress.org-v3.2.0-SHA256-ad4fd171c647772aa76d0ce828731b01ca586596275d43a94008766b758e8736.html
 - switch languages without full page load
 - add BIP38 encryption to Bulk Wallet
 - use compressed addresses on Single/Paper/Bulk Wallet
 - add compressed address option on Brain Wallet

Coder of: https://www.bitaddress.org      Thread
Open Source JavaScript Client-Side Bitcoin Wallet Generator
Donations: 1NiNja1bUmhSoTXozBRBEtR8LeF9TGbZBN   PGP
Trader Steve
Hero Member
*****
Offline Offline

Activity: 725


"How do you eat an elephant? One bit at a time..."


View Profile
February 20, 2016, 06:37:56 PM
 #730

I'm trying to understand the use case/purpose for having the compressed address. Can anyone enlighten?

minimalB
Donator
Hero Member
*
Offline Offline

Activity: 627


View Profile
February 20, 2016, 07:24:50 PM
 #731

The error is uncaught and shows in the console:
Checksum validation failed!

Yes, I'll fix it so that the error is handled and shown to the user. No one can lose money due to that bug, so I'll fit it in with the next release.

Thanks for reporting it.

v3.2.0 still shows "uncaught exception: Checksum validation failed!" in console.
pointbiz
Sr. Member
****
Offline Offline

Activity: 426

1ninja


View Profile
February 20, 2016, 07:30:27 PM
 #732

The error is uncaught and shows in the console:
Checksum validation failed!

Yes, I'll fix it so that the error is handled and shown to the user. No one can lose money due to that bug, so I'll fit it in with the next release.

Thanks for reporting it.

v3.2.0 still shows "uncaught exception: Checksum validation failed!" in console.


Sorry, still on my TODO.

Coder of: https://www.bitaddress.org      Thread
Open Source JavaScript Client-Side Bitcoin Wallet Generator
Donations: 1NiNja1bUmhSoTXozBRBEtR8LeF9TGbZBN   PGP
pointbiz
Sr. Member
****
Offline Offline

Activity: 426

1ninja


View Profile
February 20, 2016, 09:11:49 PM
 #733

I'm trying to understand the use case/purpose for having the compressed address. Can anyone enlighten?



Compressed public keys are 66 hex characters. Uncompressed are 130 hex characters. Using compressed keys saves space in the block chain because the transaction size is smaller and potentially would reduce the transaction fee which is calculated by transaction size in the reference bitcoin implementation.

There is no downside.

Coder of: https://www.bitaddress.org      Thread
Open Source JavaScript Client-Side Bitcoin Wallet Generator
Donations: 1NiNja1bUmhSoTXozBRBEtR8LeF9TGbZBN   PGP
Trader Steve
Hero Member
*****
Offline Offline

Activity: 725


"How do you eat an elephant? One bit at a time..."


View Profile
February 21, 2016, 02:47:33 AM
 #734

I'm trying to understand the use case/purpose for having the compressed address. Can anyone enlighten?



Compressed public keys are 66 hex characters. Uncompressed are 130 hex characters. Using compressed keys saves space in the block chain because the transaction size is smaller and potentially would reduce the transaction fee which is calculated by transaction size in the reference bitcoin implementation.

There is no downside.

Thank you!

minimalB
Donator
Hero Member
*
Offline Offline

Activity: 627


View Profile
February 21, 2016, 11:58:04 AM
 #735

@pointbiz:
I find labeling in v3.2.0 a little bit confusing:

In "Single wallet" tab, string "Bitcoin Address" represents compressed address.
In "Wallet Details" tab, string "Bitcoin Address" represents normal uncompressed address.
The same is true for private keys...

Also - if usage of compressed keys is preferred, it would make sense (at least to me) that compressed bitcoin address would be the first choice (on the left side) in "Wallet Details" tab.

Just my 0.00000002
pointbiz
Sr. Member
****
Offline Offline

Activity: 426

1ninja


View Profile
February 21, 2016, 10:39:29 PM
 #736

@pointbiz:
I find labeling in v3.2.0 a little bit confusing:

In "Single wallet" tab, string "Bitcoin Address" represents compressed address.
In "Wallet Details" tab, string "Bitcoin Address" represents normal uncompressed address.
The same is true for private keys...

Also - if usage of compressed keys is preferred, it would make sense (at least to me) that compressed bitcoin address would be the first choice (on the left side) in "Wallet Details" tab.

Just my 0.00000002


Yes, I see what you are saying. I want to make wallet details less confusing. And de-emphasize the uncompressed info.

Coder of: https://www.bitaddress.org      Thread
Open Source JavaScript Client-Side Bitcoin Wallet Generator
Donations: 1NiNja1bUmhSoTXozBRBEtR8LeF9TGbZBN   PGP
BitCharlie
Full Member
***
Offline Offline

Activity: 198


View Profile
June 03, 2016, 08:54:31 PM
 #737

Why are someone is going to encrypt the paper wallet?
I think the bigger risk is not that the wallet get stolen instead of forget the passphrase. Or I don´t unterstand the idea behind it?
dooglus
Legendary
*
Offline Offline

Activity: 2002



View Profile
June 04, 2016, 05:20:59 AM
 #738

Why are someone is going to encrypt the paper wallet?
I think the bigger risk is not that the wallet get stolen instead of forget the passphrase. Or I don´t unterstand the idea behind it?

When securing your coins you have two conflicting issues to address:

1) you want to be able to access the coins at some point in the future
2) you don't want anyone else to be able to access the coins without your permission

If you don't encrypt your paper wallet then you are making (1) more likely, but (2) less likely. If anyone finds your printed paper wallet they can immediately just take your coins.

So you encrypt it. It's relatively hard to crack the password on paper wallets, but there's a risk that you will forget the password yourself. So (1) is less likely, but (2) is more likely.

It's a trade off. Encrypt if you like. Or don't.

dooglus
Legendary
*
Offline Offline

Activity: 2002



View Profile
June 04, 2016, 05:30:41 AM
 #739

@pointbiz:
I find labeling in v3.2.0 a little bit confusing:

In "Single wallet" tab, string "Bitcoin Address" represents compressed address.
In "Wallet Details" tab, string "Bitcoin Address" represents normal uncompressed address.
The same is true for private keys...

Also - if usage of compressed keys is preferred, it would make sense (at least to me) that compressed bitcoin address would be the first choice (on the left side) in "Wallet Details" tab.

Just my 0.00000002


Yes, I see what you are saying. I want to make wallet details less confusing. And de-emphasize the uncompressed info.

Also in v3.2.0 I found another confusing inconsistency:

If I use the 'paper wallet' or 'bulk wallet' tabs to encrypt a private key, I get a "6Pn" (compressed) or "6Pf" (not compressed) encrypted private key, whereas if I use the 'wallet details' tab to encrypt the same private key, I get a "6PY" (compressed) or "6PR" (not compressed) encrypted private key.

The little research I did tells me that 6Pn and 6Pf represent "Encryption when EC multiply mode is used" whereas 6PY and 6PR represent "Encryption when EC multiply flag is not used".

Why is "multiply mode" used in 2 of the 3 tabs offering encryption but not in the 3rd? Is that deliberate? Is there a good reason for it? Is using "multiply mode" any more or less secure than not using it?

BitCharlie
Full Member
***
Offline Offline

Activity: 198


View Profile
June 04, 2016, 09:16:10 AM
 #740

Why are someone is going to encrypt the paper wallet?
I think the bigger risk is not that the wallet get stolen instead of forget the passphrase. Or I don´t unterstand the idea behind it?

When securing your coins you have two conflicting issues to address:

1) you want to be able to access the coins at some point in the future
2) you don't want anyone else to be able to access the coins without your permission

If you don't encrypt your paper wallet then you are making (1) more likely, but (2) less likely. If anyone finds your printed paper wallet they can immediately just take your coins.

So you encrypt it. It's relatively hard to crack the password on paper wallets, but there's a risk that you will forget the password yourself. So (1) is less likely, but (2) is more likely.

It's a trade off. Encrypt if you like. Or don't.

Thank you very much for your explanation.
I personally think the higher risk is to forget in a couple of years the passphrase - all BTC are useless, that will be one of the hardest pain, especially if it >10k/btc
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 [37] 38 39 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!