mckoss (OP)
Newbie
 Offline
Activity: 52
Merit: 0
|
 |
November 25, 2011, 09:34:58 PM |
|
I feel nervous about preserving private keys in any of the wallet solutions I've seen. In all cases, even if the keys in the wallet are encrypted, there is a non-zero chance the wallet.dat file (or equivalent) will be lost, making the deposits in the wallet irrevocably lost.
So, why not generate all the public/private keys in a wallet based on a user-provided seed? It's certainly possible to deterministically regenerate an arbitrary number of public/private key pairs, given only a random seed as a starting point (e.g., a string like "service-name/user-name/passphrase").
If the wallet need never be stored because it can always be regenerated, then you just have to ensure that you don't loose the seed value (i.e., your password).
I'd love to hear if someone has already implemented something like this. I'd be willing to work on including it as an option in the BitCoin client as well.
Thanks,
Mike Koss
Coinlab.com
Seattle, WA
|
|
|
|
|
|
|
|
|
|
The trust scores you see are subjective; they will change depending on who you have in your trust list. |
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
MoonShadow
Legendary
Offline
Activity: 1708
Merit: 1007
|
|
November 25, 2011, 09:38:04 PM |
|
There exists a forked client that does exactly this, allowing the user to probably recreate a damaged or lost wallet.dat file based upon a secret passphrase used as the seed for new addresses, but I can't remember the name of it nor could I vouch for it's trustworthyness otherwise.
|
"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."
- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
|
|
|
mckoss (OP)
Newbie
Offline
Activity: 52
Merit: 0
|
|
November 26, 2011, 12:29:43 AM |
|
That sounds close - it eliminates to possibility of losing a wallet.dat file. But it would also be nice if private keys are NEVER written to disk, and so are much less vulnerable to theft.
|
|
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
November 26, 2011, 01:45:51 AM |
|
The term is "deterministic wallet". http://bitcoin.stackexchange.com/questions/718/what-is-a-deterministic-walletThere are some that exist. Most use a pass-phrase to generate a seed to recreate a "traditional wallet". In my spare time (not as much as I would like) I have been experimenting w/ a deterministic wallet variant which generates private keys "on demand" storing only the public key in the wallet. The goal would be to never write any private key to disk. However the way bitcoind is currently written makes that a challenge and will require extensive rewrite of the db and log code. |
|
|
|
|
btc_artist
Full Member
Offline
Activity: 154
Merit: 101
Bitcoin!
|
|
November 26, 2011, 06:46:15 AM |
|
As long as you have a strong (and long) enough passphrase, I like the idea of a deterministic wallet where the private keys are only ever generated in memory when you want to send money.
|
BTC: 1CDCLDBHbAzHyYUkk1wYHPYmrtDZNhk8zf
LTC: LMS7SqZJnqzxo76iDSEua33WCyYZdjaQoE
|
|
|
ThomasV
Legendary
Offline
Activity: 1896
Merit: 1353
|
|
November 26, 2011, 06:47:47 AM |
|
I feel nervous about preserving private keys in any of the wallet solutions I've seen. In all cases, even if the keys in the wallet are encrypted, there is a non-zero chance the wallet.dat file (or equivalent) will be lost, making the deposits in the wallet irrevocably lost.
So, why not generate all the public/private keys in a wallet based on a user-provided seed? It's certainly possible to deterministically regenerate an arbitrary number of public/private key pairs, given only a random seed as a starting point (e.g., a string like "service-name/user-name/passphrase").
If the wallet need never be stored because it can always be regenerated, then you just have to ensure that you don't loose the seed value (i.e., your password).
I'd love to hear if someone has already implemented something like this. I'd be willing to work on including it as an option in the BitCoin client as well.
Thanks,
Mike Koss
Coinlab.com
Seattle, WA
see http://ecdsa.org/electrum/and this thread: https://bitcointalk.org/index.php?topic=50936.40 |
Electrum: the convenience of a web wallet, without the risks
|
|
|
mckoss (OP)
Newbie
Offline
Activity: 52
Merit: 0
|
|
November 26, 2011, 05:17:28 PM |
|
Thanks for the links! I especially like electrum - I'll dig into the code there and try it out.
Mike Koss
CoinLab.com
|
|
|
|
|
mckoss (OP)
Newbie
Offline
Activity: 52
Merit: 0
|
|
November 26, 2011, 07:10:17 PM |
|
It seems that Electrum client will not run on Mac OS/X (PyGtk does not seem to be supported on Mac). Anyone know how I can get a Mac version running?
Mike Koss
CoinLab.com
|
|
|
|
|
|
bulanula
|
|
November 26, 2011, 07:14:50 PM |
|
In my spare time (not as much as I would like) I have been experimenting w/ a deterministic wallet variant which generates private keys "on demand" storing only the public key in the wallet. The goal would be to never write any private key to disk. However the way bitcoind is currently written makes that a challenge and will require extensive rewrite of the db and log code.
Exactly. The current code is a complete mess no wonder the wallet encryption bug. A Berkeley database, seriously ? |
|
|
|
|
mckoss (OP)
Newbie
Offline
Activity: 52
Merit: 0
|
|
November 26, 2011, 08:15:30 PM |
|
It does seem that the standard client has way too many dependencies in general. Unfortunately, building a GUI that is really cross platform seems not to be an easily solved problem. I find all of boost, qt, gtk, etc. to be quite daunting and error prone to configure and build (I mostly run on Mac's and Ubuntu).
Are people interested developing a more minimal server client (ideally, for me, all in Python)? What projects already exist with goals like that?
For the client UI, it seems to me that an embedded web server whose client is built in HTML/JavaScript would be preferable to all the complex GUI Frameworks that are being used today.
|
|
|
|
|
|
