DiThi (OP)
Full Member
 Offline
Activity: 156
Merit: 100
Firstbits: 1dithi
|
 |
December 30, 2011, 02:01:23 PM
Last edit: January 05, 2012, 10:00:58 PM by DiThi |
|
Edit: A fix is on the way!
A friend of mine sent 0.99999999 BTC with StrongCoin and the fee has been 10 BTC (in theory it should be 1%, 0.005 min, 1 max).
With blockchain.info, trying to do that yelds even weirder results, but hopefully that wallet is so great it lets you review all the details of the transaction before sending it. blockchain.info is not affected at all, it was an error on my part.
Please, fix it!
And to the rest of the people: don't try that at home! Well, can someone try sending something like 0.00999999 to test?
|
1DiThiTXZpNmmoGF2dTfSku3EWGsWHCjwt
|
|
|
|
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
sadpandatech
|
|
January 03, 2012, 12:27:48 AM |
|
wht software are you refering to that your friend input this amount into and was told there would be a 10BTC fee?
|
If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system.
- GA
It is being worked on by smart people. -DamienBlack
|
|
|
DiThi (OP)
Full Member
Offline
Activity: 156
Merit: 100
Firstbits: 1dithi
|
|
January 03, 2012, 02:24:21 PM
Last edit: January 03, 2012, 02:39:41 PM by DiThi |
|
Strongcoin. They sent me the missing 10 BTC and they're trying to fix the problem. Also blockchain.info is affected (and maybe other bitcoinJS wallets), but as I said, you can review the transaction before sending it, so it's not a problem. Clien-side online wallets are much more secure than server side ones. Don't ever use server-side wallets (such as the infamous and now extinct mybitcoin). The only client-side wallets I know are Strongcoin, Blockchain.info and Bitventory (this one may be more secure since the author can't change the code without you knowing it). None of them can access your private keys.
|
1DiThiTXZpNmmoGF2dTfSku3EWGsWHCjwt
|
|
|
BurtW
Legendary
Offline
Activity: 2646
Merit: 1130
All paid signature campaigns should be banned.
|
|
January 03, 2012, 03:07:19 PM |
|
I will give it a try with my strongcoin account.
|
Our family was terrorized by Homeland Security. Read all about it here: http://www.jmwagner.com/ and http://www.burtw.com/ Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated! |
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1136
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
January 03, 2012, 03:10:55 PM |
|
None of them can access your private keys.
The problem is that if any of these sites are compromised by attackers, and the attackers change the scripts in these pages so that they can access your private keys, this will have been a false sense of security. Attackers gaining access to change html pages is actually a fairly common occurrence, so it's a realistic threat to be aware of. |
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
BurtW
Legendary
Offline
Activity: 2646
Merit: 1130
All paid signature campaigns should be banned.
|
|
January 03, 2012, 03:27:21 PM
Last edit: January 03, 2012, 03:39:00 PM by bwagner |
|
This is NOT fixed!
I just sent 0.99999999 from my StrongCoin account and the transaction went as follows:
0.99999999 Sent
0.99999999 StrongCoin Fee
0.99999999 Miner Fee
------------
2.99999997 TOTAL
This should have been
0.99999999 Sent
0.00500000 StrongCoin Fee
0.00500000 Miner Fee
------------
1.00999999 TOTAL
I was overcharged 1.9899998 BTC
I have contacted StrongCoin.
|
Our family was terrorized by Homeland Security. Read all about it here: http://www.jmwagner.com/ and http://www.burtw.com/ Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated! |
|
|
DiThi (OP)
Full Member
Offline
Activity: 156
Merit: 100
Firstbits: 1dithi
|
|
January 03, 2012, 03:51:30 PM |
|
Sorry, misleading title tag. Don't try until they confirm it's fixed.
|
1DiThiTXZpNmmoGF2dTfSku3EWGsWHCjwt
|
|
|
DiThi (OP)
Full Member
Offline
Activity: 156
Merit: 100
Firstbits: 1dithi
|
|
January 03, 2012, 04:08:03 PM |
|
None of them can access your private keys.
The problem is that if any of these sites are compromised by attackers, and the attackers change the scripts in these pages so that they can access your private keys, this will have been a false sense of security. Attackers gaining access to change html pages is actually a fairly common occurrence, so it's a realistic threat to be aware of. It's much more difficult than directly accessing unencrypted keys, but I agree, it's a threat. Is there a browser plugin or userscript that guarantees that the code in a page hasn't changed? Or something that allows digitally signing HTML and JS. |
1DiThiTXZpNmmoGF2dTfSku3EWGsWHCjwt
|
|
|
|
piuk
|
|
January 03, 2012, 04:33:09 PM |
|
Edit: A fix is in the way!
A friend of mine sent 0.99999999 BTC with StrongCoin and the fee has been 10 BTC (in theory it should be 1%, 0.005 min, 1 max).
With blockchain.info, trying to do that yelds even weirder results, but hopefully that wallet is so great it lets you review all the details of the transaction before sending it.
Please, fix it!
And to the rest of the people: don't try that at home! Well, can someone try sending something like 0.00999999 to test?
Hi DiThi, I have been unable to replicate this using blockchain.info. What browser and OS are you using? Could you please confirm the exact steps to replicate the bug and if possible include a screenshot of the transaction confirmation dialog. For example this transaction of 0.999999 appears to be constructed correctly.  |
|
|
|
Jan
Legendary
Offline
Activity: 1043
Merit: 1002
|
|
January 04, 2012, 08:48:13 AM |
|
Strongcoin. They sent me the missing 10 BTC and they're trying to fix the problem. Also blockchain.info is affected (and maybe other bitcoinJS wallets), but as I said, you can review the transaction before sending it, so it's not a problem. Clien-side online wallets are much more secure than server side ones. Don't ever use server-side wallets (such as the infamous and now extinct mybitcoin). The only client-side wallets I know are Strongcoin, Blockchain.info and Bitventory (this one may be more secure since the author can't change the code without you knowing it). None of them can access your private keys. Add BitcoinSpinner to your list of client-side wallets. Forum thread: https://bitcointalk.org/index.php?topic=52674.0 |
Mycelium let's you hold your private keys private.
|
|
|
DiThi (OP)
Full Member
Offline
Activity: 156
Merit: 100
Firstbits: 1dithi
|
|
January 05, 2012, 08:52:28 PM
Last edit: January 05, 2012, 09:06:02 PM by DiThi |
|
I was talking about "online" wallets, i.e. web browser based wallets. I use BitcoinSpinner as well and it's great! By the way, blockchain.info is down the last times I've tried to access, and I need a private key I forgot to backup :/ It's up again. |
1DiThiTXZpNmmoGF2dTfSku3EWGsWHCjwt
|
|
|
DiThi (OP)
Full Member
Offline
Activity: 156
Merit: 100
Firstbits: 1dithi
|
|
January 05, 2012, 09:55:21 PM |
|
Hi DiThi,
I have been unable to replicate this using blockchain.info. What browser and OS are you using? Could you please confirm the exact steps to replicate the bug and if possible include a screenshot of the transaction confirmation dialog.
For example this transaction of 0.999999 appears to be constructed correctly.
You are right. I was about to send you an example but there was an error on my part when interpreting the tx. Thumbs up for such a great web app. By the way, it says "A 1% or 0.01 BTC fee is charged on all outgoing transactions". 0.01 is the minimum? Fix the text to make it clear. |
1DiThiTXZpNmmoGF2dTfSku3EWGsWHCjwt
|
|
|
ThiagoCMC
Legendary
Offline
Activity: 1204
Merit: 1000
฿itcoin: Currency of Resistance!
|
|
January 17, 2012, 06:56:08 AM |
|
In fact, Strongcoin is a modified version of Diaspora integrated with Electrum lightweight Bitcoin client  |
|
|
|
|
DiThi (OP)
Full Member
Offline
Activity: 156
Merit: 100
Firstbits: 1dithi
|
|
January 17, 2012, 02:16:36 PM |
|
In fact, Strongcoin is a modified version of Diaspora integrated with Electrum lightweight Bitcoin client I have no idea, and I don't know if they fixed the problem. I haven't used strongcoin since I opened this thread. I use blockchain.info and the official client importing the keys with pywallet. |
1DiThiTXZpNmmoGF2dTfSku3EWGsWHCjwt
|
|
|
|
