adaseb
Legendary
 Offline
Activity: 3878
Merit: 1733
|
 |
November 22, 2016, 02:45:39 AM |
|
If I were to SIGN and VERIFY a private key offline in Bitcoin-qt would it be adequate enough that I would be able to access the funds?
Yes. So which method of creating the private key is safer? Using Bitaddress or just using the one that get created in Bitcoin Core 0.1.3? |
|
|
|
|
dooglus
Legendary
Offline
Activity: 2940
Merit: 1333
|
|
November 22, 2016, 04:28:03 AM |
|
Dooglus, I went back several pages looking for any post where you linked to a bug, but couldn't find it. Could you post the link again? The link is in the post you quoted. It's the blue bit. |
| Just-Dice | ██
██████████
██████████████████
██████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████
██████████████
██████ | Play or Invest | ██
██████████
██████████████████
██████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████
██████████████
██████ | 1% House Edge |
|
|
|
Dabs
Legendary
Offline
Activity: 3416
Merit: 1912
The Concierge of Crypto
|
|
November 22, 2016, 08:06:51 PM |
|
If I were to SIGN and VERIFY a private key offline in Bitcoin-qt would it be adequate enough that I would be able to access the funds?
Yes. So which method of creating the private key is safer? Using Bitaddress or just using the one that get created in Bitcoin Core 0.1.3? Both are safe if both are offline, or a computer never connected to the internet. The risk is the private key gets stolen. If you can prevent or mitigate that risk, then that private key remains safe. If you use bitaddress, then you will have to import the private key into your wallet. If you use bitcoin core, then you simply have to keep a backup of the wallet file. |
|
|
|
adaseb
Legendary
Offline
Activity: 3878
Merit: 1733
|
|
November 23, 2016, 02:05:44 AM |
|
If I were to SIGN and VERIFY a private key offline in Bitcoin-qt would it be adequate enough that I would be able to access the funds?
Yes. So which method of creating the private key is safer? Using Bitaddress or just using the one that get created in Bitcoin Core 0.1.3? Both are safe if both are offline, or a computer never connected to the internet. The risk is the private key gets stolen. If you can prevent or mitigate that risk, then that private key remains safe. If you use bitaddress, then you will have to import the private key into your wallet. If you use bitcoin core, then you simply have to keep a backup of the wallet file. I was simply going to swish (don't remember the term) with Blockchain when I decide to spend it in the future. They only require the private key correct? |
|
|
|
|
Dabs
Legendary
Offline
Activity: 3416
Merit: 1912
The Concierge of Crypto
|
|
November 23, 2016, 03:58:39 PM |
|
I was simply going to swish (don't remember the term) with Blockchain when I decide to spend it in the future. They only require the private key correct?
I believe the term is sweep. I've never used the online Blockchain.info wallet so I'm not sure, but I think that is correct: they only require the private key. Mt. Gox had a sweep function too, and many other wallets, like the Android bitcoin wallet and Electrum. Depending on the amount you saved in cold storage, I would consider which wallet to use. In my case, I've stuck with Bitcoin Core since I started, so that's what I'm comfortable with using, despite the large amount of space needed if not using pruned mode. I might consider using a brand new wallet with Core (the new ones are HD) and sweep all my funds to addresses there, and then prune that or something. Maybe. |
|
|
|
adaseb
Legendary
Offline
Activity: 3878
Merit: 1733
|
|
November 24, 2016, 02:34:35 AM |
|
I was simply going to swish (don't remember the term) with Blockchain when I decide to spend it in the future. They only require the private key correct?
I believe the term is sweep. I've never used the online Blockchain.info wallet so I'm not sure, but I think that is correct: they only require the private key. Mt. Gox had a sweep function too, and many other wallets, like the Android bitcoin wallet and Electrum. Depending on the amount you saved in cold storage, I would consider which wallet to use. In my case, I've stuck with Bitcoin Core since I started, so that's what I'm comfortable with using, despite the large amount of space needed if not using pruned mode. I might consider using a brand new wallet with Core (the new ones are HD) and sweep all my funds to addresses there, and then prune that or something. Maybe. I looked up what HD wallet meant and since I am using this address once for long term cold storage I don't really need HD, correct? Since I will send an entire input, and later on when I withdraw I will withdraw everything in one output without leaving any change. |
|
|
|
|
Dabs
Legendary
Offline
Activity: 3416
Merit: 1912
The Concierge of Crypto
|
|
November 24, 2016, 03:23:25 AM |
|
I looked up what HD wallet meant and since I am using this address once for long term cold storage I don't really need HD, correct?
Since I will send an entire input, and later on when I withdraw I will withdraw everything in one output without leaving any change.
Yes, you don't need HD. I used to be against the idea since it is deterministic; but it is convenient. If there is any change at all, find out the change address and its private key. Or intentionally send the leftovers to another address you have already created, or send it back to the same address (not recommended, but lots of people do that.) |
|
|
|
adaseb
Legendary
Offline
Activity: 3878
Merit: 1733
|
|
November 26, 2016, 01:12:33 AM |
|
If I want to make more than one private key with Bitaddress, do I need to reload the page each time and keep moving the mouse to generate the randomness or is doing it once enough for multiple private keys?
If I use one of these private keys, can some "hacker" generate any other of my private keys since he can reverse engineer the randomness?
|
|
|
|
|
pointbiz (OP)
Sr. Member
Offline
Activity: 437
Merit: 415
1ninja
|
|
November 26, 2016, 01:47:11 AM |
|
If I want to make more than one private key with Bitaddress, do I need to reload the page each time and keep moving the mouse to generate the randomness or is doing it once enough for multiple private keys?
If I use one of these private keys, can some "hacker" generate any other of my private keys since he can reverse engineer the randomness?
You don't have to reload the page. No, a hacker cannot correlate the keys from one session as they are all random and not deterministic. |
|
|
|
adaseb
Legendary
Offline
Activity: 3878
Merit: 1733
|
|
November 26, 2016, 01:55:07 AM |
|
If I want to make more than one private key with Bitaddress, do I need to reload the page each time and keep moving the mouse to generate the randomness or is doing it once enough for multiple private keys?
If I use one of these private keys, can some "hacker" generate any other of my private keys since he can reverse engineer the randomness?
You don't have to reload the page. No, a hacker cannot correlate the keys from one session as they are all random and not deterministic. Ok sounds good. Thanks so much |
|
|
|
|
adaseb
Legendary
Offline
Activity: 3878
Merit: 1733
|
|
November 26, 2016, 02:50:02 AM |
|
Got another quick question, trying to test the PGP and SHA256 of the files. Here is what I did following the first post in this thread with the updated signatures. IN the end I get a WARNING however Detached signature. Please enter name of data file: bitaddress.org-v3.2.2-SHA256-f4d047c264a2b71946de319482a9365e56d8d7289dd85a352da3b1448b7647df.html gpg: Signature made Sun 21 Aug 2016 05:56:51 PM MDT using RSA key ID 63974F5A gpg: Good signature from "pointbiz < pointbiz@bitaddress.org>" gpg: aka "ninja < ninja@bitaddress.org>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 527B 5C82 B1F6 B2DB 72A0 ECBF 8749 7B91 6397 4F5A |
|
|
|
|
Dabs
Legendary
Offline
Activity: 3416
Merit: 1912
The Concierge of Crypto
|
|
November 26, 2016, 03:27:39 AM |
|
I think you have to add his PGP key to your keyring, or you have to sign his key first.
|
|
|
|
pointbiz (OP)
Sr. Member
Offline
Activity: 437
Merit: 415
1ninja
|
|
November 26, 2016, 03:37:19 AM |
|
Got another quick question, trying to test the PGP and SHA256 of the files. Here is what I did following the first post in this thread with the updated signatures. IN the end I get a WARNING however Detached signature. Please enter name of data file: bitaddress.org-v3.2.2-SHA256-f4d047c264a2b71946de319482a9365e56d8d7289dd85a352da3b1448b7647df.html gpg: Signature made Sun 21 Aug 2016 05:56:51 PM MDT using RSA key ID 63974F5A gpg: Good signature from "pointbiz < pointbiz@bitaddress.org>" gpg: aka "ninja < ninja@bitaddress.org>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 527B 5C82 B1F6 B2DB 72A0 ECBF 8749 7B91 6397 4F5A In the original post I put my key fingerprint 527B 5C82 B1F6 B2DB 72A0 ECBF 8749 7B91 6397 4F5A There is an issue on github where I also list the fingerprint and on bitaddress.org If one of the 3 doesn't match then something has happened. |
|
|
|
pointbiz (OP)
Sr. Member
Offline
Activity: 437
Merit: 415
1ninja
|
|
November 26, 2016, 03:39:13 AM |
|
I think you have to add his PGP key to your keyring, or you have to sign his key first.
Yeah he has to sign my key or Web of Trust |
|
|
|
shorena
Copper Member
Legendary
Offline
Activity: 1498
Merit: 1540
No I dont escrow anymore.
|
|
November 26, 2016, 06:04:57 AM |
|
I think you have to add his PGP key to your keyring, or you have to sign his key first.
Yeah he has to sign my key or Web of Trust No they dont have to and they should not as they are unable to actually verify your identity[1]. The important part is that signature is valid, which it is: "gpg: Good signature from "pointbiz < pointbiz@bitaddress.org>"" Whether or not the key should be trusted has nothing to do with the verification of the code, its about verification of the key used to sign. If you just not want to see the message, sign the key locally with --lsign-key. [1] I guess it depends how you use the WoT here. |
Im not really here, its just your imagination.
|
|
|
|
|
minimalB
Donator
Hero Member
Offline
Activity: 674
Merit: 523
|
|
December 02, 2016, 10:53:18 PM |
|
Thanks for checksum validation fix!
|
|
|
|
|
pointbiz (OP)
Sr. Member
Offline
Activity: 437
Merit: 415
1ninja
|
|
December 24, 2016, 07:36:29 PM |
|
|
|
|
|
dooglus
Legendary
Offline
Activity: 2940
Merit: 1333
|
|
December 24, 2016, 08:46:00 PM |
|
IN the end I get a WARNING however
It's saying the signature is good for the key: but that it has no way of checking that the key you used is the correct one. Anyone can make a key for pointbiz@bitaddress.org. You need to check that you have the right one. If you do, everything is fine, and you can ignore the warning. |
| Just-Dice | ██
██████████
██████████████████
██████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████
██████████████
██████ | Play or Invest | ██
██████████
██████████████████
██████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████
██████████████
██████ | 1% House Edge |
|
|
|
|
|
|
