Bitcoin Forum
December 10, 2016, 02:42:49 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: For very cautious Bitcoiners - Offline transactions.  (Read 1824 times)
dogisland
Sr. Member
****
Offline Offline

Activity: 261



View Profile
November 08, 2011, 03:07:15 PM
 #1

I've written up a technique for creating an offline transaction. This is basically a payment instruction created from keys living on a machine that never gets connected to the internet.

Thanks to the guys in the development part of the forum for helping me put this together.

https://strongcoin.com/blog/the_easiest_way_to_create_secure_offline_bitcoin_transactions

Let me know your thoughts.
1481380969
Hero Member
*
Offline Offline

Posts: 1481380969

View Profile Personal Message (Offline)

Ignore
1481380969
Reply with quote  #2

1481380969
Report to moderator
1481380969
Hero Member
*
Offline Offline

Posts: 1481380969

View Profile Personal Message (Offline)

Ignore
1481380969
Reply with quote  #2

1481380969
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481380969
Hero Member
*
Offline Offline

Posts: 1481380969

View Profile Personal Message (Offline)

Ignore
1481380969
Reply with quote  #2

1481380969
Report to moderator
casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1344


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
November 08, 2011, 03:25:36 PM
 #2

This is fantastic to see.

One thing I would love to see (and might experiment with) would be a C++ implementation of this that uses a console interface (stdin/stdout) to do this very same thing, and which has its own key store.

Result: compile it for any hardware with a serial console interface, it would be a 100% safe ONLINE wallet, especially if the device has its own display and keypad so user can confirm transaction.

Serial is better than network in this case because the attack surface is very small, especially if the device offers no shell capabilities over its serial port. Like those VeriFone credit card machines. Except something this simple could run on the extremely obsolete ones, the kind that go on eBay for well less than $50. (example: VeriFone Omni 3200)

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper wallets instead.
ThomasV
Legendary
*
Offline Offline

Activity: 1722



View Profile WWW
November 08, 2011, 03:52:58 PM
 #3

This is fantastic to see.

One thing I would love to see (and might experiment with) would be a C++ implementation of this that uses a console interface (stdin/stdout) to do this very same thing, and which has its own key store.

Result: compile it for any hardware with a serial console interface, it would be a 100% safe ONLINE wallet, especially if the device has its own display and keypad so user can confirm transaction.

Serial is better than network in this case because the attack surface is very small, especially if the device offers no shell capabilities over its serial port. Like those VeriFone credit card machines. Except something this simple could run on the extremely obsolete ones, the kind that go on eBay for well less than $50. (example: VeriFone Omni 3200)

Electrum is Python, not C++, but it has an option to generate offline transactions from the command line. maybe you can use it ?

example:
Code:
$ python ./electrum.py gentx 19mP9FKrXqL46Si58pHdhGKow88SUPy1V8 0.1
Password:
0100000001c7bc6a8c93d73bdebb6ae19653913b9a8970a1fa7491d010343a6ae5f05969b5010000008c4930460221008471f57ae05f5c31c0fd96e9100e01086d2615710ef2d7e22ffe116193b24b89022100d444591d6ceb8efc0df6beb342791b402bfae8aea26efcf4d2cfeacafa965441014104aba3e1e12ce9bba626716c17e6f56f9c15edd776feefb7005a2806b2e88a223e18fb3cd4153081cf68c22cd766c930d118b49e5b6804e49caed63f9424c4b24dffffffff0280969800000000001976a9146025cabdbf823949f85595f3d1c54c54cd67058b88ac60070b01000000001976a914ddd071f1583fd565f5dc9a416ba1ba83211102d888ac00000000

Electrum: the convenience of a web wallet, without the risks
casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1344


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
November 08, 2011, 04:50:32 PM
 #4

Electrum is Python, not C++, but it has an option to generate offline transactions from the command line. maybe you can use it ?

Probably not on the devices I envision running it on, which will be closer to microcontrollers than computers with support for high-level languages.  I'm not in any hurry, but I will cheer and jump for joy when such a thing comes to be.

If such a thing existed, someone could produce a cheap "secure wallet gadget" which would completely solve the problem of hacking and theft.  Such code could be loaded in moderately cheap off-the-shelf gadgets.

Imagine a bitcoin client where you send bitcoins, and a modified cheapo credit card terminal on your desk says on its display, "You're about to send 20.32 BTC to 1asaskdfljasdflkj...confirm?" and you must press enter before the terminal signs the transaction and the bitcoins can be sent.  There are zillions of refurbished Omni 3200's out there right now for under $50.  With a built-in printer, your bitcoin private keys can be safely backed up in the form of QR-codes on receipt tape with encryption.  You would be safe transacting even with a rooted computer.  This would be a SERIOUS answer to criticism about theft and Bitcoin's security.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper wallets instead.
genjix
Legendary
*
Offline Offline

Activity: 1232


View Profile
November 08, 2011, 04:55:50 PM
 #5

Quote
One thing I would love to see (and might experiment with) would be a C++ implementation of this that uses a console interface (stdin/stdout) to do this very same thing, and which has its own key store.

I released a tool to do all this a while back:

https://bitcointalk.org/index.php?topic=50721.0

Has Ubuntu, Gentoo and source code packages.
quartz92
Member
**
Offline Offline

Activity: 72


View Profile
November 08, 2011, 10:03:54 PM
 #6

Quote
One thing I would love to see (and might experiment with) would be a C++ implementation of this that uses a console interface (stdin/stdout) to do this very same thing, and which has its own key store.

I released a tool to do all this a while back:

https://bitcointalk.org/index.php?topic=50721.0

Has Ubuntu, Gentoo and source code packages.

Very useful, thanks
Red Emerald
Hero Member
*****
Offline Offline

Activity: 742



View Profile WWW
November 15, 2011, 01:11:33 AM
 #7

Very neat.  How much work would it be to write arbitrary scripts offline and then broadcast them?

I really like the idea of contracts and getting a way to write them easily and securely would be awesome.

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!