[BTC] Online/Offline Wallet

[cp1]

How does bitcoind generate a wallet.dat from a passphrase?

[presidentcoin]

How does bitcoind generate a wallet.dat from a passphrase?

In the passphrase is you wallet.dat encypted

[presidentcoin]

I am going now to sleep i reply later. If you want now a answer try a mail to support@newtimes.co maby anybody of the Team don't sleep.

[odolvlobo]

I understand now. Your site says that the passphrase is encrypted before being used to generate addresses, but it is not.

Your passphrase is encrypted into a number which is then turned into Bitcoin Addresses.

[ryanmnercer]

Hold on. Your Bitcoins are not at my Wallet there are in you PC. I generate nothing

You are using javascript. There is no reason on the planet for anyone to use javascript. Period. It's a steaming pile of shit with a bazillion known vulnerabilities and more found daily.

No. JavaScript is secure.

You made me laugh.

[presidentcoin]

I understand now. Your site says that the passphrase is encrypted before being used to generate addresses, but it is not.

Your passphrase is encrypted into a number which is then turned into Bitcoin Addresses.

OK,  thanks that you found a "bug" in the translation

[Abdussamad]

Hold on. Your Bitcoins are not at my Wallet there are in you PC. I generate nothing

You are using javascript. There is no reason on the planet for anyone to use javascript. Period. It's a steaming pile of shit with a bazillion known vulnerabilities and more found daily.

No. JavaScript is secure.

You made me laugh.

You are confusing Java with Javascript. Javascript is not related to Java in any way. Almost every website on the web uses javascript in some form or the other. For example, this forum.

[ryanmnercer]

Hold on. Your Bitcoins are not at my Wallet there are in you PC. I generate nothing

You are using javascript. There is no reason on the planet for anyone to use javascript. Period. It's a steaming pile of shit with a bazillion known vulnerabilities and more found daily.

No. JavaScript is secure.

You made me laugh.

You are confusing Java with Javascript. Javascript is not related to Java in any way. Almost every website on the web uses javascript in some form or the other. For example, this forum.

I'm confusing nothing, https://www.google.com/#q=javascript+exploits About 3,190,000 results (0.29 seconds)

Sure, java has more exploits... but javascript is almost as bad, that's why noscript and scriptno block BOTH.

[presidentcoin]

Hold on. Your Bitcoins are not at my Wallet there are in you PC. I generate nothing

You are using javascript. There is no reason on the planet for anyone to use javascript. Period. It's a steaming pile of shit with a bazillion known vulnerabilities and more found daily.

No. JavaScript is secure.

You made me laugh.

You are confusing Java with Javascript. Javascript is not related to Java in any way. Almost every website on the web uses javascript in some form or the other. For example, this forum.

I'm confusing nothing, https://www.google.com/#q=javascript+exploits About 3,190,000 results (0.29 seconds)

Sure, java has more exploits... but javascript is almost as bad, that's why noscript and scriptno block BOTH.

+1 Whats the problem i know that in the WWW are JavaScrypt Exploids, but almost every WebSite use JavaScrypt on anyway i use it only for the Bitcoind, beacause so you don't need a Server to use the Wallet in offline mod. Google use also JavaScrypt, with your opinion Google is bad, beacuse it uses JavaScrypt

[ryanmnercer]

The problem is no one should be using a web wallet, no one. Let alone a web wallet run by some random guy on a forum that speaks in broken English.

[presidentcoin]

The problem is no one should be using a web wallet, no one. Let alone a web wallet run by some random guy on a forum that speaks in broken English.

Sorry we are from Germany, and this is not a online Wallet this is a offline Wallet. Use only need your browser for the GUI, you could download the SourceCode and open index.html or index.php and use the Wallet on a PC without Internet connection. Kryptowallet.org is only the GUI/UserInterface

[Abdussamad]

I like the electrum compatibility but I am not sure about the RNG (RC4) you are using. I would not advice using wallets based on passphrases generated by this site just yet.

Also there are some UI bugs. When you logout you can't log back in. It gets stuck on the open wallet progress bar.

The open wallet button also remains disabled until you press a key while the text field has focus. For example if you copy paste a passphrase instead of typing it out.

The way the UI is structured around the open wallet area is also confusing. It makes it look like we are supposed to enter a human generated passphrase. I suggest hiding the text field until you choose to open an existing wallet.

[presidentcoin]

I like the electrum compatibility but I am not sure about the RNG (RC4) you are using. I would not advice using wallets based on passphrases generated by this site just yet.

Also there are some UI bugs. When you logout you can't log back in. It gets stuck on the open wallet progress bar.

The open wallet button also remains disabled until you press a key while the text field has focus. For example if you copy paste a passphrase instead of typing it out.

The way the UI is structured around the open wallet area is also confusing. It makes it look like we are supposed to enter a human generated passphrase. I suggest hiding the text field until you choose to open an existing wallet.

This is for the security. You can't open the Wallet with copy and paste you need to do Ctrl+V or write manual.
The stuck on the progress bar is normal. The Browser try to download again the SoureCode, but you allready had a copy. Just refresh the Browser.

We don't use RNG (RC4), how do you get on this

[Abdussamad]

I like the electrum compatibility but I am not sure about the RNG (RC4) you are using. I would not advice using wallets based on passphrases generated by this site just yet.

Also there are some UI bugs. When you logout you can't log back in. It gets stuck on the open wallet progress bar.

The open wallet button also remains disabled until you press a key while the text field has focus. For example if you copy paste a passphrase instead of typing it out.

The way the UI is structured around the open wallet area is also confusing. It makes it look like we are supposed to enter a human generated passphrase. I suggest hiding the text field until you choose to open an existing wallet.

This is for the security. You can't open the Wallet with copy and paste you need to do Ctrl+V or write manual.
The stuck on the progress bar is normal. The Browser try to download again the SoureCode, but you allready had a copy. Just refresh the Browser.

We don't use RNG (RC4), how do you get on this

It uses arcfour as prng?

js/newtimes.js -> generatepassword() -> rng_get_bytes()

extjs/bitcoin/rng.js -> rng_get_bytes () -> rng_get_byte() -> prng_new_state()

extjs/bitcoin/prng4.js -> prng_new_state() creates arcfour object

I am no expert so I think we should wait for a cryptologist to look at this.

[presidentcoin]

If you mean how we generate a passphrase we use a dictionary based on from Electrum’s (we use different words)

[presidentcoin]

I like the electrum compatibility but I am not sure about the RNG (RC4) you are using. I would not advice using wallets based on passphrases generated by this site just yet.

Also there are some UI bugs. When you logout you can't log back in. It gets stuck on the open wallet progress bar.

The open wallet button also remains disabled until you press a key while the text field has focus. For example if you copy paste a passphrase instead of typing it out.

The way the UI is structured around the open wallet area is also confusing. It makes it look like we are supposed to enter a human generated passphrase. I suggest hiding the text field until you choose to open an existing wallet.

This is for the security. You can't open the Wallet with copy and paste you need to do Ctrl+V or write manual.
The stuck on the progress bar is normal. The Browser try to download again the SoureCode, but you allready had a copy. Just refresh the Browser.

We don't use RNG (RC4), how do you get on this

It uses arcfour as prng?

js/newtimes.js -> generatepassword() -> rng_get_bytes()

extjs/bitcoin/rng.js -> rng_get_bytes () -> rng_get_byte() -> prng_new_state()

extjs/bitcoin/prng4.js -> prng_new_state() creates arcfour object

I am no expert so I think we should wait for a cryptologist to look at this.

A cryptologist expert has allready looked at the SoureCode, it's very secure. 2.11 trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion centuries would take to hack a passphrase.

[js/newtimes.js -> generatepassword() -> rng_get_bytes()

extjs/bitcoin/rng.js -> rng_get_bytes () -> rng_get_byte() -> prng_new_state()

extjs/bitcoin/prng4.js -> prng_new_state() creates arcfour object] this is how the passphrase generator works. Your are good at this, but some items missing

[Abdussamad]

So kryptowallet is a copy of carbon wallet:

http://carbonwallet.com/

[presidentcoin]

So kryptowallet is a copy of carbon wallet:

http://carbonwallet.com/

No, only to about 30-40% we added a bigger dictionary, added AES256bit, a faster GUI, a new design, more funktions .......
Carbonwallet was only the base like Bitcoin for Litecoin. Litecoin use a other PoW, but is based on Bitcoin. That is same like here. Kryptowallet use a other encryption than Carbonwallet

[presidentcoin]

The SourceCode of Kryptowallet.com and Carbonwallet.com you can't compare. Me as a cryptographer and some other of the NewTimes team have changed the SourceCode so much that you can only compare the Code-Core (base of KryptoWallet/Carbonwallet)