Stephen Gornick
Legendary
 Offline
Activity: 2506
Merit: 1010
|
 |
October 10, 2012, 09:41:05 PM |
|
5. The 30-character minikey would probably be a better private key than a full 51-character code, simply for user convenience. Many of them will end up typing them.
Maybe printed in addition to the 51-char key would be good, but unless that minikey is accepted (e.g., can be imported into the BItcoin.org client), then it shouldn't exist in place of the 51-char key. |
|
|
|
|
|
|
"This isn't the kind of software where we can leave so many unresolved bugs that we need a tracker for them." -- Satoshi
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1136
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
October 10, 2012, 10:11:23 PM |
|
I think the only thing standing between bitcoind accepting the minikey is just simply that it hasn't been done. Devs have no objection to the 30-character minikey, just the 22 character one, for having less than 128 bit entropy, but may not consider it a priority unless presented as a polished pull.
I am ultimately looking for laypeople to use bitcoins as gift cards, and redeem them at merchants like gift cards. These are people who are not going to download bitcoind, wait to download the block chain, manually create a bitcoin.conf file, learn how to use the RPC interface, and import private keys through it. The fact that they're redeemable at MtGox and BlockChain.info makes them perfectly good today.
Ideally, I want them to be able to buy bitcoins in person like gift cards and redeem them on Silk Road just like redeeming an iTunes gift card (not because I like or condone drugs, but because it's possibly easier to understand the simplicity I'm seeking by picturing people who have fried their own brains successfully managing it without a need or an ability to understand how it works).
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1136
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
October 11, 2012, 01:08:54 AM |
|
I just about have that whole SVG CSS-ified so the elements can be addressed by class and manipulated in script! (For customizing colors of course)
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
|
ErebusBat
|
|
October 11, 2012, 01:58:31 AM |
|
Casascius you rock!
|
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1136
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
October 11, 2012, 03:25:51 AM |
|
Now I have the note CSS-ified and have provided four color palettes that can be applied to the note in javascript. Just click the name of the color, and the svg transforms. https://casascius.com/colornote.htm |
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
bitpop
Legendary
Offline
Activity: 2912
Merit: 1060
|
|
October 11, 2012, 03:39:03 AM |
|
wow howd you make that
|
|
|
|
|
BkkCoins
|
|
October 11, 2012, 08:04:58 AM |
|
Now I have the note CSS-ified and have provided four color palettes that can be applied to the note in javascript. Just click the name of the color, and the svg transforms. https://casascius.com/colornote.htmThat's really very nice. Great stuff. And not so big as before either. I really like the purple but the green one looks more grayish on my screen. I'm sure now it would be easy to have a few color tiles to choose color, or even a #hex field for total custom values. I also tried gzip on it to see how it may compress when supported by browsers and it drops down to 67K. Now if there were some JS compression code that could do that it would be pretty sweet and small. |
|
|
|
|
ErebusBat
|
|
October 11, 2012, 12:38:51 PM |
|
FYI this works on my iPhone too. Not that we would be printing from that, but just a good tech tool.
|
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1136
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
October 11, 2012, 01:33:39 PM |
|
If you view source on the page, you'll find that adding other color palettes and changing the colors is relatively easy.
Possibly others can do a better job of picking colors than I can, especially for example those in Europe who want their notes' color scheme to resemble the series of Euro notes. Maybe when I get a moment I'll make it into a color picker so you can experiment and post your results.
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
pointbiz (OP)
Sr. Member
Offline
Activity: 437
Merit: 415
1ninja
|
|
October 11, 2012, 02:25:26 PM |
|
Now I have the note CSS-ified and have provided four color palettes that can be applied to the note in javascript. Just click the name of the color, and the svg transforms. https://casascius.com/colornote.htmExciting! and very cool. |
|
|
|
pointbiz (OP)
Sr. Member
Offline
Activity: 437
Merit: 415
1ninja
|
|
October 11, 2012, 02:27:09 PM |
|
I saw on github you are still making changes. I will consider adding your tab. Could you also merge with the newest version v1.7 ? I'd like to give this Vanity Address thing a try... do you have a link that would guide me through the process? Who do I contact to find the vanity address? I have rebased to your latest version. Give it a try. To test out download vanity generator from: https://bitcointalk.org/index.php?topic=25804.0Then create a new key on the tab. Keep the private key safe. Then run: oclvanitygen.exe -P PUBLICKEYFROMABOVE 1prefix This with after some time return a private key. If you then put this private key and the one you originally generated into the bitaddress.org page it will then generate the actual private key in WIF and confirm that the address is the one that starts with the prefix you want. In a vanity pool someone else would run the oclvanitygen for you. Ok, I tried it. I understand the concept and read some of the related threads. My thoughts are that it should use the WIF private key in all cases. I had to open bitaddress in another browser tab to convert the WIF from vanitygen to HEX for the vanity tab. Is there a reason we shouldn't use just WIF? Or alternatively we could extract the private key detection used in the wallet details tab so any private key format could be used. I like the descriptions you have for each area. Regarding the UI we could possibly create two parts inside that tab. So it's clear there is Part/Step 1 and Part/Step 2. We can use the expand collapse UI like the FAQs on the bulk wallet tab. |
|
|
|
|
|
|
nibor
|
|
October 14, 2012, 08:57:44 PM |
|
My thoughts are that it should use the WIF private key in all cases. I had to open bitaddress in another browser tab to convert the WIF from vanitygen to HEX for the vanity tab. Is there a reason we shouldn't use just WIF? Or alternatively we could extract the private key detection used in the wallet details tab so any private key format could be used.
I was trying to avoid using WIF for the "part-private-keys" and "part-public-keys" as then they look different from the key you have to import into the wallet. Although once you get your head round it all the fact that there are 3 private and 3 public keys washing around in the process is obvious, for the casual one off user it could get confusing. By making the keys look different they are less likely to try to import the wrong private key into the Wallet and then be disappointed! Regarding the UI we could possibly create two parts inside that tab. So it's clear there is Part/Step 1 and Part/Step 2. We can use the expand collapse UI like the FAQs on the bulk wallet tab.
Agreed - will do tomorrow, and update git. |
|
|
|
|
Stephen Gornick
Legendary
Offline
Activity: 2506
Merit: 1010
|
|
October 19, 2012, 06:05:52 AM
Last edit: October 19, 2012, 06:50:57 AM by Stephen Gornick |
|
I can verify that the BitAddress.org website has been updated and returns the same HTML from the commit with the description v1.9 (770d933029b8bbb56539d866db6b8fa37f262102) in github: - https://github.com/pointbiz/bitaddress.orgTo confirm this I first check the sha1sum hash of the html returned by a request to http://bitaddress.org: $ wget --quiet -O - http://bitaddress.org|sha1sum a487b495d710d6f617d688e5f758e40c8b6c510e - $ GET -eSd bitaddress.org|grep -i "200 OK" GET https://www.bitaddress.org/bitaddress.org-v1.9-SHA1-a487b495d710d6f617d688e5f758e40c8b6c510e.html --> 200 OK Then from my bitaddress.org repo: $ git checkout master $ git log --pretty=oneline|grep "v1.9" 770d933029b8bbb56539d866db6b8fa37f262102 v1.9 Testnet Edition fixes $ git checkout 770d933029b8bbb56539d866db6b8fa37f262102 $ git rev-list --max-count=1 HEAD 770d933029b8bbb56539d866db6b8fa37f262102 $ sha1sum bitaddress.org.html a487b495d710d6f617d688e5f758e40c8b6c510e bitaddress.org.html [Update: Had to update the procedure since there had been commits to master since v1.9.] |
|
|
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1136
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
October 20, 2012, 07:39:31 PM |
|
Absolutely awesome, printed QR codes look great! Codes in black toner are much more readable on printouts.
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
|
|
|
nibor
|
|
October 20, 2012, 10:01:30 PM |
|
PointBiz,
What is next on your list?
Creating offline transactions from just the script hashes/indexes and private keys?
Or some multisig magic?
N1bor
|
|
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1136
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
October 21, 2012, 06:09:34 PM |
|
Another simple enhancement idea:
upon clicking the Print button, if the user has not generated new addresses since the last time he clicked it, it should tell him: "For security, new addresses will be generated before printing. Continue?" (OK=regenerate and print, Cancel = do nothing).
This will help avert a potential disaster if a user unknowingly prints a large batch more than once and then distributes the duplicate batches.
I realize it's of little use if the user chooses Print from his browser rather than the Print button in the page, but it's far better than nothing, and I think most users will use a Print button provided to them anyway when available, knowing it gives them the overall best chance of printing a print-friendly version. The advanced user also maintains the option to reprint a batch if needed: he can just use the browser's Print function.
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
koin
Legendary
Offline
Activity: 873
Merit: 1000
|
|
October 27, 2012, 03:31:13 AM |
|
are there people scrutinizing these new releases to ensure there are no changes to the private key generation or presentment that shouldn't be there?
|
|
|
|
|
|
