Bitcoin Forum
December 09, 2016, 03:49:47 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Development Roadmap  (Read 775 times)
sethsethseth
Sr. Member
****
Offline Offline

Activity: 256


Not trusting third parties with my private keys


View Profile
May 26, 2012, 08:02:28 AM
 #1

Crashing bugs, any bug that might result in loss of bitcoins, and security fixes are always highest priority, but here are the big things I think are very high priority that, as far as I know, nobody is working on.  I think they all need to be done before we can say we have a "Bitcoin 1.0" :

  • finish download-only-blockheaders client mode
  • password-protect the wallet private keys (mitigate the steal wallet.dat problem: see https://gist.github.com/803170 )
  • import a backed-up wallet
  • figure out how to do click-to-pay
  • design/implement a secure DNS-like "map string to bitcoin address" system  (so I can send bitcoins to "gavin@acm.org")
  • export+encrypt part of your balance (for long-term storage; I still waffle on whether we want to encourage that right now)


Stumbled upon Gavin's post from over a year ago and wondered about the status of these points.  It looks like the pace of development is slow, but not being a programmer, I feel all I can do to help is tell businesses and friends about bitcoin, play bitcoin poker, order the magazine, and bomb hundreds of coins at SatoshiDice.

SealsWithClubs poker room has  over 400 players online. Buy in from .01 to 60btc.      BTCSportsMatch lets you bet sports with vig free lines!  Best kept secret in bitcoin....          LocalBitcoins.com is very user-friendly now for bank transfers.  You don't have to live close to trade when in the same currency area.           
Electrum client is awesome. Try it. And please stop sending bitcoins to sites run by security newbies, or don't complain when you lose everything.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481298587
Hero Member
*
Offline Offline

Posts: 1481298587

View Profile Personal Message (Offline)

Ignore
1481298587
Reply with quote  #2

1481298587
Report to moderator
1481298587
Hero Member
*
Offline Offline

Posts: 1481298587

View Profile Personal Message (Offline)

Ignore
1481298587
Reply with quote  #2

1481298587
Report to moderator
1481298587
Hero Member
*
Offline Offline

Posts: 1481298587

View Profile Personal Message (Offline)

Ignore
1481298587
Reply with quote  #2

1481298587
Report to moderator
Qoheleth
Legendary
*
Offline Offline

Activity: 882


Spurn wild goose chases. Seek that which endures.


View Profile WWW
May 26, 2012, 08:21:00 AM
 #2

I think #2 and #4 are done (encrypted wallets and bitcoin URIs, respectively) and #5 seems like it could be done with Namecoin integration.

If there is something that will make Bitcoin succeed, it is growth of utility - greater quantity and variety of goods and services offered for BTC. If there is something that will make Bitcoin fail, it is the culture of naive fools and conmen, the former convinced that BTC is a magic box that will turn them into millionaires, and the latter arriving by the busload to devour them.
Eli
Full Member
***
Offline Offline

Activity: 128



View Profile
May 26, 2012, 10:40:32 AM
 #3

Crashing bugs, any bug that might result in loss of bitcoins, and security fixes are always highest priority, but here are the big things I think are very high priority that, as far as I know, nobody is working on.  I think they all need to be done before we can say we have a "Bitcoin 1.0" :

  • finish download-only-blockheaders client mode
  • password-protect the wallet private keys (mitigate the steal wallet.dat problem: see https://gist.github.com/803170 )
  • import a backed-up wallet
  • figure out how to do click-to-pay
  • design/implement a secure DNS-like "map string to bitcoin address" system  (so I can send bitcoins to "gavin@acm.org")
  • export+encrypt part of your balance (for long-term storage; I still waffle on whether we want to encourage that right now)


Stumbled upon Gavin's post from over a year ago and wondered about the status of these points.  It looks like the pace of development is slow, but not being a programmer, I feel all I can do to help is tell businesses and friends about bitcoin, play bitcoin poker, order the magazine, and bomb hundreds of coins at SatoshiDice.

Figure out how to do click-to-pay - it's pretty easy, the bitcoin URI is pretty well defined by now, all you need to do is register the URI in the OS so that when it's accessed, the OS will know to forward it to the bitcoin client. This works well with bittorrent URIs, I don't see why it can't work the same way with Bitcoin.
The problem that I foresee is fraudulent bitcoin URIs. Consider the following:
You're surfing Amazon.com, and want to buy a book. You click on the "Pay with Bitcoin" button, but at some point a malicious factor in your system (or on the host site, Amazon.com for this example) replaces Amazon's tried and true Bitcoin address with it's own, trying to force you pay to the hacker instead to Amazon. Bad for Bitcoin, bad for the client, and bad for Amazon.
What is needed is a list of "Trusted" and "Registered" addresses that clients can look up and verify before sending out the payment.
I have a feeling that this is very related to the "DNS-like map string to bitcoin addresses" issue - it's one problem that compliments another, and it the click-to-pay requires you to have some kind of verified address that you can identify before making a payment.
Qoheleth
Legendary
*
Offline Offline

Activity: 882


Spurn wild goose chases. Seek that which endures.


View Profile WWW
May 26, 2012, 04:32:45 PM
 #4

You're surfing Amazon.com, and want to buy a book. You click on the "Pay with Bitcoin" button, but at some point a malicious factor in your system (or on the host site, Amazon.com for this example) replaces Amazon's tried and true Bitcoin address with it's own, trying to force you pay to the hacker instead to Amazon. Bad for Bitcoin, bad for the client, and bad for Amazon.
I don't think this is a failure case against which technology can secure. If you're running malware on your computer, any ability to secure your Bitcoins is out the window. If Amazon, heaven forbid, has malware on their servers, that's the end for them. Even today, either of those situations would at the very least mean your credit card gets stolen.
I have a feeling that this is very related to the "DNS-like map string to bitcoin addresses" issue - it's one problem that compliments another, and it the click-to-pay requires you to have some kind of verified address that you can identify before making a payment.
How about address signing? If you're running an online storefront, you probably already have an SSL certificate from one of the big CAs. Use that key to prove control of the address, and the only checking that needs to be done is a glance at the blockchain to make sure that the keys match up.

If there is something that will make Bitcoin succeed, it is growth of utility - greater quantity and variety of goods and services offered for BTC. If there is something that will make Bitcoin fail, it is the culture of naive fools and conmen, the former convinced that BTC is a magic box that will turn them into millionaires, and the latter arriving by the busload to devour them.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!