Bitcoin Forum
December 05, 2016, 06:53:25 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 [39]
  Print  
Author Topic: [ANN] bitaddress.org Safe JavaScript Bitcoin address/private key  (Read 110009 times)
adaseb
Legendary
*
Offline Offline

Activity: 1064



View Profile
November 22, 2016, 01:08:25 AM
 #761

If I were to SIGN and VERIFY a private key offline in Bitcoin-qt would it be adequate enough that I would be able to access the funds?

1480964005
Hero Member
*
Offline Offline

Posts: 1480964005

View Profile Personal Message (Offline)

Ignore
1480964005
Reply with quote  #2

1480964005
Report to moderator
1480964005
Hero Member
*
Offline Offline

Posts: 1480964005

View Profile Personal Message (Offline)

Ignore
1480964005
Reply with quote  #2

1480964005
Report to moderator
1480964005
Hero Member
*
Offline Offline

Posts: 1480964005

View Profile Personal Message (Offline)

Ignore
1480964005
Reply with quote  #2

1480964005
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Dabs
Staff
Legendary
*
Offline Offline

Activity: 1512


64blocks.com


View Profile WWW
November 22, 2016, 01:35:44 AM
 #762

If I were to SIGN and VERIFY a private key offline in Bitcoin-qt would it be adequate enough that I would be able to access the funds?
Yes.

64blocks.com Social Multiplayer Dice (Gambling) - Escrow Service (Services) - GPG ID: 32AD7565, OTC ID: Dabs
All messages concerning escrow or with bitcoin addresses are GPG signed. Please verify.
CompTIA A+, Microsoft Certified Professional, MCSA: Windows 10; Windows Server 2012, MCSE: Cloud Platform and Infrastructure; Productivity; Messaging
adaseb
Legendary
*
Offline Offline

Activity: 1064



View Profile
November 22, 2016, 02:45:39 AM
 #763

If I were to SIGN and VERIFY a private key offline in Bitcoin-qt would it be adequate enough that I would be able to access the funds?
Yes.

So which method of creating the private key is safer? Using Bitaddress or just using the one that get created in Bitcoin Core 0.1.3?

dooglus
Legendary
*
Offline Offline

Activity: 1988



View Profile
November 22, 2016, 04:28:03 AM
 #764

it's possible that only 1 in a million addresses generated by a tool will have problems
Dooglus, I went back several pages looking for any post where you linked to a bug, but couldn't find it.
Could you post the link again?

The link is in the post you quoted. It's the blue bit.

Dabs
Staff
Legendary
*
Offline Offline

Activity: 1512


64blocks.com


View Profile WWW
November 22, 2016, 08:06:51 PM
 #765

If I were to SIGN and VERIFY a private key offline in Bitcoin-qt would it be adequate enough that I would be able to access the funds?
Yes.

So which method of creating the private key is safer? Using Bitaddress or just using the one that get created in Bitcoin Core 0.1.3?

Both are safe if both are offline, or a computer never connected to the internet. The risk is the private key gets stolen. If you can prevent or mitigate that risk, then that private key remains safe.

If you use bitaddress, then you will have to import the private key into your wallet. If you use bitcoin core, then you simply have to keep a backup of the wallet file.

64blocks.com Social Multiplayer Dice (Gambling) - Escrow Service (Services) - GPG ID: 32AD7565, OTC ID: Dabs
All messages concerning escrow or with bitcoin addresses are GPG signed. Please verify.
CompTIA A+, Microsoft Certified Professional, MCSA: Windows 10; Windows Server 2012, MCSE: Cloud Platform and Infrastructure; Productivity; Messaging
adaseb
Legendary
*
Offline Offline

Activity: 1064



View Profile
November 23, 2016, 02:05:44 AM
 #766

If I were to SIGN and VERIFY a private key offline in Bitcoin-qt would it be adequate enough that I would be able to access the funds?
Yes.

So which method of creating the private key is safer? Using Bitaddress or just using the one that get created in Bitcoin Core 0.1.3?

Both are safe if both are offline, or a computer never connected to the internet. The risk is the private key gets stolen. If you can prevent or mitigate that risk, then that private key remains safe.

If you use bitaddress, then you will have to import the private key into your wallet. If you use bitcoin core, then you simply have to keep a backup of the wallet file.

I was simply going to swish (don't remember the term) with Blockchain when I decide to spend it in the future. They only require the private key correct?

Dabs
Staff
Legendary
*
Offline Offline

Activity: 1512


64blocks.com


View Profile WWW
November 23, 2016, 03:58:39 PM
 #767

I was simply going to swish (don't remember the term) with Blockchain when I decide to spend it in the future. They only require the private key correct?
I believe the term is sweep.

I've never used the online Blockchain.info wallet so I'm not sure, but I think that is correct: they only require the private key. Mt. Gox had a sweep function too, and many other wallets, like the Android bitcoin wallet and Electrum.

Depending on the amount you saved in cold storage, I would consider which wallet to use. In my case, I've stuck with Bitcoin Core since I started, so that's what I'm comfortable with using, despite the large amount of space needed if not using pruned mode.

I might consider using a brand new wallet with Core (the new ones are HD) and sweep all my funds to addresses there, and then prune that or something. Maybe.

64blocks.com Social Multiplayer Dice (Gambling) - Escrow Service (Services) - GPG ID: 32AD7565, OTC ID: Dabs
All messages concerning escrow or with bitcoin addresses are GPG signed. Please verify.
CompTIA A+, Microsoft Certified Professional, MCSA: Windows 10; Windows Server 2012, MCSE: Cloud Platform and Infrastructure; Productivity; Messaging
adaseb
Legendary
*
Offline Offline

Activity: 1064



View Profile
November 24, 2016, 02:34:35 AM
 #768

I was simply going to swish (don't remember the term) with Blockchain when I decide to spend it in the future. They only require the private key correct?
I believe the term is sweep.

I've never used the online Blockchain.info wallet so I'm not sure, but I think that is correct: they only require the private key. Mt. Gox had a sweep function too, and many other wallets, like the Android bitcoin wallet and Electrum.

Depending on the amount you saved in cold storage, I would consider which wallet to use. In my case, I've stuck with Bitcoin Core since I started, so that's what I'm comfortable with using, despite the large amount of space needed if not using pruned mode.

I might consider using a brand new wallet with Core (the new ones are HD) and sweep all my funds to addresses there, and then prune that or something. Maybe.

I looked up what HD wallet meant and since I am using this address once for long term cold storage I don't really need HD, correct?

Since I will send an entire input, and later on when I withdraw I will withdraw everything in one output without leaving any change.


Dabs
Staff
Legendary
*
Offline Offline

Activity: 1512


64blocks.com


View Profile WWW
November 24, 2016, 03:23:25 AM
 #769

I looked up what HD wallet meant and since I am using this address once for long term cold storage I don't really need HD, correct?

Since I will send an entire input, and later on when I withdraw I will withdraw everything in one output without leaving any change.

Yes, you don't need HD. I used to be against the idea since it is deterministic; but it is convenient. If there is any change at all, find out the change address and its private key. Or intentionally send the leftovers to another address you have already created, or send it back to the same address (not recommended, but lots of people do that.)

64blocks.com Social Multiplayer Dice (Gambling) - Escrow Service (Services) - GPG ID: 32AD7565, OTC ID: Dabs
All messages concerning escrow or with bitcoin addresses are GPG signed. Please verify.
CompTIA A+, Microsoft Certified Professional, MCSA: Windows 10; Windows Server 2012, MCSE: Cloud Platform and Infrastructure; Productivity; Messaging
adaseb
Legendary
*
Offline Offline

Activity: 1064



View Profile
November 26, 2016, 01:12:33 AM
 #770

If I want to make more than one private key with Bitaddress, do I need to reload the page each time and keep moving the mouse to generate the randomness or is doing it once enough for multiple private keys?

If I use one of these private keys, can some "hacker" generate any other of my private keys since he can reverse engineer the randomness?


pointbiz
Sr. Member
****
Offline Offline

Activity: 426

1ninja


View Profile
November 26, 2016, 01:47:11 AM
 #771

If I want to make more than one private key with Bitaddress, do I need to reload the page each time and keep moving the mouse to generate the randomness or is doing it once enough for multiple private keys?

If I use one of these private keys, can some "hacker" generate any other of my private keys since he can reverse engineer the randomness?



You don't have to reload the page. No, a hacker cannot correlate the keys from one session as they are all random and not deterministic.

Coder of: https://www.bitaddress.org      Thread
Open Source JavaScript Client-Side Bitcoin Wallet Generator
Donations: 1NiNja1bUmhSoTXozBRBEtR8LeF9TGbZBN   PGP
adaseb
Legendary
*
Offline Offline

Activity: 1064



View Profile
November 26, 2016, 01:55:07 AM
 #772

If I want to make more than one private key with Bitaddress, do I need to reload the page each time and keep moving the mouse to generate the randomness or is doing it once enough for multiple private keys?

If I use one of these private keys, can some "hacker" generate any other of my private keys since he can reverse engineer the randomness?



You don't have to reload the page. No, a hacker cannot correlate the keys from one session as they are all random and not deterministic.

Ok sounds good. Thanks so much

adaseb
Legendary
*
Offline Offline

Activity: 1064



View Profile
November 26, 2016, 02:50:02 AM
 #773

Got another quick question, trying to test the PGP and SHA256 of the files.

Here is what I did following the first post in this thread with the updated signatures.

Quote

IN the end I get a WARNING however

Quote
Detached signature.
Please enter name of data file: bitaddress.org-v3.2.2-SHA256-f4d047c264a2b71946de319482a9365e56d8d7289dd85a352da3b1448b7647df.html
gpg: Signature made Sun 21 Aug 2016 05:56:51 PM MDT using RSA key ID 63974F5A
gpg: Good signature from "pointbiz <pointbiz@bitaddress.org>"
gpg:                 aka "ninja <ninja@bitaddress.org>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 527B 5C82 B1F6 B2DB 72A0  ECBF 8749 7B91 6397 4F5A

Dabs
Staff
Legendary
*
Offline Offline

Activity: 1512


64blocks.com


View Profile WWW
November 26, 2016, 03:27:39 AM
 #774

I think you have to add his PGP key to your keyring, or you have to sign his key first.

64blocks.com Social Multiplayer Dice (Gambling) - Escrow Service (Services) - GPG ID: 32AD7565, OTC ID: Dabs
All messages concerning escrow or with bitcoin addresses are GPG signed. Please verify.
CompTIA A+, Microsoft Certified Professional, MCSA: Windows 10; Windows Server 2012, MCSE: Cloud Platform and Infrastructure; Productivity; Messaging
pointbiz
Sr. Member
****
Offline Offline

Activity: 426

1ninja


View Profile
November 26, 2016, 03:37:19 AM
 #775

Got another quick question, trying to test the PGP and SHA256 of the files.

Here is what I did following the first post in this thread with the updated signatures.

Quote

IN the end I get a WARNING however

Quote
Detached signature.
Please enter name of data file: bitaddress.org-v3.2.2-SHA256-f4d047c264a2b71946de319482a9365e56d8d7289dd85a352da3b1448b7647df.html
gpg: Signature made Sun 21 Aug 2016 05:56:51 PM MDT using RSA key ID 63974F5A
gpg: Good signature from "pointbiz <pointbiz@bitaddress.org>"
gpg:                 aka "ninja <ninja@bitaddress.org>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 527B 5C82 B1F6 B2DB 72A0  ECBF 8749 7B91 6397 4F5A

In the original post I put my key fingerprint
527B 5C82 B1F6 B2DB 72A0 ECBF 8749 7B91 6397 4F5A

There is an issue on github where I also list the fingerprint and on bitaddress.org

If one of the 3 doesn't match then something has happened.

Coder of: https://www.bitaddress.org      Thread
Open Source JavaScript Client-Side Bitcoin Wallet Generator
Donations: 1NiNja1bUmhSoTXozBRBEtR8LeF9TGbZBN   PGP
pointbiz
Sr. Member
****
Offline Offline

Activity: 426

1ninja


View Profile
November 26, 2016, 03:39:13 AM
 #776

I think you have to add his PGP key to your keyring, or you have to sign his key first.

Yeah he has to sign my key or Web of Trust

Coder of: https://www.bitaddress.org      Thread
Open Source JavaScript Client-Side Bitcoin Wallet Generator
Donations: 1NiNja1bUmhSoTXozBRBEtR8LeF9TGbZBN   PGP
shorena
Legendary
*
Offline Offline

Activity: 1078


ALL escrow is signed! https://keybase.io/verify


View Profile WWW
November 26, 2016, 06:04:57 AM
 #777

I think you have to add his PGP key to your keyring, or you have to sign his key first.

Yeah he has to sign my key or Web of Trust

No they dont have to and they should not as they are unable to actually verify your identity[1]. The important part is that signature is valid, which it is:
"gpg: Good signature from "pointbiz <pointbiz@bitaddress.org>""

Whether or not the key should be trusted has nothing to do with the verification of the code, its about verification of the key used to sign. If you just not want to see the message, sign the key locally with --lsign-key.


[1] I guess it depends how you use the WoT here.

pointbiz
Sr. Member
****
Offline Offline

Activity: 426

1ninja


View Profile
November 27, 2016, 08:24:57 PM
 #778

v3.2.3
https://www.bitaddress.org/bitaddress.org-v3.2.3-SHA256-c9a0bb3ed50aa75a5ae9c606d81e3fd41a4ff686ad38ad5379e2402f481e79a4.html
 - wallet details: show error when checksum validation fails
 - wallet details: show error when private key outside of curve range

Coder of: https://www.bitaddress.org      Thread
Open Source JavaScript Client-Side Bitcoin Wallet Generator
Donations: 1NiNja1bUmhSoTXozBRBEtR8LeF9TGbZBN   PGP
minimalB
Donator
Hero Member
*
Offline Offline

Activity: 627


View Profile
December 02, 2016, 10:53:18 PM
 #779

Thanks for checksum validation fix!
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 [39]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!