molecular
Donator
Legendary
Offline
Activity: 2772
Merit: 1019
|
|
August 12, 2013, 10:15:19 AM |
|
Jan, you should change the thread title to "BitcoinSpinner / Mycelium".
It's confusing... I take it your last posts are about Mycelium?
Done. Mycelium should really have its own thread. I'll look into that once all this is sorted out. In other news: An update for BitcoinSpinner is in the works. Everything has been coded and tested. I am just waiting for the signer to verify and sign the APK. It will be published later today. nice, thank you! I will likely switch to mycelium in a couple of days anyhow, though. But it's good to see BitcoinSpinner still receives security updates like this one
|
PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0 3F39 FC49 2362 F9B7 0769
|
|
|
phelix
Legendary
Offline
Activity: 1708
Merit: 1020
|
|
August 12, 2013, 11:18:14 AM |
|
I think Mycelium is already functional enough to avoid this issue: Go to https://www.bitaddress.org, generate a key, print a backup, scan it into mycelium, and stash the backup safe somewhere. Of course any fixes will also help a lot. Thanks guys! I understand that the affected wallets generate transactions that might leak key information. So even if you generated your key in a secure way, as soon as you generated one transaction with one of the affected clients *bam!* anyone could steal all your funds. That would make your advice dangerous and misleading. The only way to be sure is to transfer all your funds to a fixed version (or to bitcoin-qt, or to a paper wallet...). I got the same idea as Rassah.... thanks elebit for noting this issue (even if it might not be so bad with mycelium).
|
|
|
|
Jan (OP)
Legendary
Offline
Activity: 1043
Merit: 1002
|
|
August 12, 2013, 11:47:42 AM |
|
Version 0.7.0 has been pushed. It may take an hour or two before it is available in the Google Play Store. This version features the key migration wizard. If you already migrated your keys in version 0.6.5 manually you should not notice any difference. Otherwise it will nag you on the startup view until you complete the wizard for every key.
|
Mycelium let's you hold your private keys private.
|
|
|
teste
|
|
August 12, 2013, 01:09:16 PM |
|
Question:
Private keys doesn´t start with 5?
|
|
|
|
westkybitcoins
Legendary
Offline
Activity: 980
Merit: 1004
Firstbits: Compromised. Thanks, Android!
|
|
August 12, 2013, 01:13:25 PM |
|
Question:
Private keys doesn´t start with 5?
It depends on whether the public key is compressed or not: For private keys associated with uncompressed public keys, they are 51 characters and always start with the number 5. Private keys associated with compressed public keys are 52 characters and start with a capital L or K. This is the same private key in wallet import format. Source: https://en.bitcoin.it/wiki/Private_key
|
Bitcoin is the ultimate freedom test. It tells you who is giving lip service and who genuinely believes in it.
... ... In the future, books that summarize the history of money will have a line that says, “and then came bitcoin.” It is the economic singularity. And we are living in it now. - Ryan Dickherber... ... ATTENTION BFL MINING NEWBS: Just got your Jalapenos in? Wondering how to get the most value for the least hassle? Give BitMinter a try! It's a smaller pool with a fair & low-fee payment method, lots of statistical feedback, and it's easier than EasyMiner! (Yes, we want your hashing power, but seriously, it IS the easiest pool to use! Sign up in seconds to try it!)... ... The idea that deflation causes hoarding (to any problematic degree) is a lie used to justify theft of value from your savings.
|
|
|
teste
|
|
August 12, 2013, 01:17:03 PM |
|
westkybitcoins,
Thanks for the answer.
|
|
|
|
apetersson
|
|
August 12, 2013, 01:30:02 PM |
|
0.7 is live and kicking. apart from minor spelling issues, please report any inconsistencies.
|
|
|
|
BurtW
Legendary
Offline
Activity: 2646
Merit: 1137
All paid signature campaigns should be banned.
|
|
August 12, 2013, 01:33:26 PM |
|
I understand that the affected wallets generate transactions that might leak key information.
So even if you generated your key in a secure way, as soon as you generated two transactions one transaction with one of the affected clients *bam!* there is a small probablity anyone could steal all your funds.
That would make your advice dangerous and misleading. The only way to be sure is to transfer all your funds to a fixed version (or to bitcoin-qt, or to a paper wallet...).
Corrected for accuracy. This specific bug is very rare. It happens when the broken RNG generates exactly the same random number for both signatures. It has been noted that it was happening a few times a month worldwide. There are scripts running that search the blockchain for this specific issue: two signatures in two different transactions from a single private key that have the same random number in the signature. So, if your coins have not been stolen yet and you update to the new RNG then they probably won't be stolen (by this method).
|
Our family was terrorized by Homeland Security. Read all about it here: http://www.jmwagner.com/ and http://www.burtw.com/ Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated!
|
|
|
Rassah
Legendary
Offline
Activity: 1680
Merit: 1035
|
|
August 12, 2013, 04:06:45 PM |
|
After all this madness is done with, will you guys be able to add a deterministic key feature to allow for a new Bitcoin address for every change transaction?
Using new deterministic addresses for every transaction is quite tricky with the model that we use. Instead of downloading the blockchain we query a server for the unspent outputs of the addresses we are interested in. If the number of addresses grows infinitely something is bound to break down. Andreas has some nifty ideas on how to mitigate that, so this is something we will investigate. Perhaps just make older addresses inaccessible? Show only the most recent address that has coins, when you spend it, create a new address for change, sweep from old address, and hide old address to prevent it from being used. That way you'll only be interested in the last address, and can ignore the rest. And since it's deterministic, you only need to back up the initial seed. If you stick with the deterministic address standard being developed, if someone wants to clean out their old addresses, you would only either have to create a separate tool to scan/sweep the seed addresses, or even just use someone else's tool, which I'm sure will be developed once deterministic addresses become more popular.
|
|
|
|
phelix
Legendary
Offline
Activity: 1708
Merit: 1020
|
|
August 12, 2013, 04:14:47 PM |
|
0.7 is live and kicking. apart from minor spelling issues, please report any inconsistencies.
Security swiping worked like a charm. Thanks.
|
|
|
|
elebit
|
|
August 12, 2013, 06:43:52 PM |
|
Perhaps just make older addresses inaccessible? Show only the most recent address that has coins, when you spend it, create a new address for change, sweep from old address, and hide old address to prevent it from being used.
During your winning poker streak you do some bitcoin payments. Finally you win big and all your winnings are paid back to you ... at an address you can no longer access in your client. Whoopsie. The idea is not unworkable but there will be lots of usability corner cases like the above.
|
|
|
|
apetersson
|
|
August 12, 2013, 06:50:04 PM |
|
generating new addresses is currently not feasible due to "the backup" problem. also we need some more server infrastructure to handle this correctly. we have a plan how to solve this but its complex to execute. but it will be fun to work on it
|
|
|
|
Rassah
Legendary
Offline
Activity: 1680
Merit: 1035
|
|
August 12, 2013, 07:03:28 PM |
|
During your winning poker streak you do some bitcoin payments. Finally you win big and all your winnings are paid back to you ... at an address you can no longer access in your client. Whoopsie.
Since addresses are generated from a single seed, you technically still have all the private keys for it. I guess you just won,t know what the balance on them is. Maybe it would be good to "lock" some addresses in place to continue using them, instead of moving them into the "Archive" section. generating new addresses is currently not feasible due to "the backup" problem.
I was suggesting using https://en.bitcoin.it/wiki/BIP_0032What back up problem will that cause?
|
|
|
|
apetersson
|
|
August 12, 2013, 07:18:32 PM |
|
sure, this is the solution. but it means some more work for us both client and server side.
|
|
|
|
Jan (OP)
Legendary
Offline
Activity: 1043
Merit: 1002
|
|
August 12, 2013, 08:10:53 PM |
|
BitcoinSpinner v0.8.3b has been pushed to Google Play. It may take an hour or two before you can update it. Version 0.8.3b: - Fix for broken SecureRandom on Android - Showing warning message on startup on how to mitigate weak key vulnerability
|
Mycelium let's you hold your private keys private.
|
|
|
Rassah
Legendary
Offline
Activity: 1680
Merit: 1035
|
|
August 13, 2013, 04:20:34 AM |
|
sure, this is the solution. but it means some more work for us both client and server side. Does Mycelium depend on a server? I thought it worked like the other Bitcoin Wallet, just connecting to random bitcoin nodes and asking for bitcoin balances from relevant addresses (bloom filter). And sure, I understand that this will be more work. Let me know if I can help motivate it.
|
|
|
|
Jan (OP)
Legendary
Offline
Activity: 1043
Merit: 1002
|
|
August 13, 2013, 07:06:09 AM |
|
Does Mycelium depend on a server? I thought it worked like the other Bitcoin Wallet, just connecting to random bitcoin nodes and asking for bitcoin balances from relevant addresses (bloom filter). ...
Let me clarify a bit by pointing out differences between Mycelium and other Android wallets. - Like the Blockchain.info app, Mycelium depends on a redundant set of servers. This is what gives the wallet tremendous speed, and makes it ready immediately after startup.
- Unlike the Blockchain.info app, Mycelium does not upload private keys to the server (not even in encrypted form), or require any registration.
- Like the Android Bitcoin Wallet, the private keys are only stored on your device (You may and should export them for backup purposes)
- Unlike the Android Bitcoin Wallet, Mycelium does not connect directly to several nodes in the Bitcoin network. This means less bandwidth requirement for your mobile plan, less power consumption, and immediate availability, but also means that the server side could establish IP/address relations. (which it doesn't)
Using a powerful server side with an optimized index over the entire blockchain is what makes it possible to determine unspent outputs, transaction history, etc for any address in milliseconds. The alternative would be to download and scan the entire blockchain. Without this it would not be possible to do effective cold storage spending or key imports. Please note that since the server does not know your keys, it cannot control your funds. Each wallet does it differently, and that is a good thing. We need as much diversity as we can get.
|
Mycelium let's you hold your private keys private.
|
|
|
Andreas Schildbach
|
|
August 13, 2013, 09:12:15 PM |
|
- Unlike the Android Bitcoin Wallet, Mycelium does not connect directly to several nodes in the Bitcoin network. This means less bandwidth requirement for your mobile plan, less power consumption, and immediate availability, but also means that the server side could establish IP/address relations. (which it doesn't)
Can you reason this claim? Bitcoin Wallet also is "immediate available", has a very low bandwidth requirement and power consumption. The Bitcoin P2P protocol is very efficient (its binary), so how can Mycelium get any better than that?
|
|
|
|
cypherdoc
Legendary
Offline
Activity: 1764
Merit: 1002
|
|
August 13, 2013, 10:28:30 PM |
|
wait, which do you recommend? mycelium or spinner 0.8.3. makes no diff to me.
|
|
|
|
niko
|
|
August 14, 2013, 12:26:36 AM |
|
wait, which do you recommend? mycelium or spinner 0.8.3. makes no diff to me.
BitcoinSpinner / Mycelium Wallet
An update has been prepared for Mycelium Wallet and is being pushed out via the Play Store. If you use BitcoinSpinner you are encouraged to upgrade to Mycelium Wallet, which is maintained by the same people.
|
They're there, in their room. Your mining rig is on fire, yet you're very calm.
|
|
|
|