Author

Topic: A Bitcoin webservice that I do not need to trust, possible? (Read 1593 times)

sr. member
Activity: 350
Merit: 252
probiwon.com
Faced with a similar problem when doing exchange site. Unfortunately, http does not support the EDS, except logins through SSL.
hero member
Activity: 616
Merit: 500
Firstbits.com/1fg4i :)
I imagine it might be possible to have a client that runs straight out from an webbrowser, which would only require you to load the page and then point the client to your wallet file (you would still need to trust the client enough to not copy the wallet data elsewhere without your consent though)
full member
Activity: 218
Merit: 101
A few of us in the community are working on a solution that will both increase the usability of bitcoins for newcomers, while preserving the user's control of those coins.  Expect some good things in the near future Smiley.
administrator
Activity: 5222
Merit: 13032
It's possible. The service will be able to send you transactions that don't really exist, though it is safer than using MyBitcoin.

In most cases I think it would be better to use a headers-only Bitcoin client, and then rely on some third party to pass you transactions that you have received. Then the service can only neglect to give you transactions, and not trick you into accepting double-spent transactions.
newbie
Activity: 23
Merit: 0
Hey Bitcoiners,

say I wanted to use Bitcoin, but do not want to (or cannot) download and run the client.

You say I should use a service like mybitcoin.com and cash in some.

I say I wanted to use bitcoin, because I liked the thought that the amount of BTC I possess is stored in a block chain; shared and controlled by the P2P network. When I use a service provider like mybitcoin.com, the control over my BTCs is at one entity again..

So what I would really appreciate would be a webservice, that runs the transactions for you, without having control over the BTCs, because they do not know the private Keys of your adresses.

They show your balance and dispatch transactions for the adresses you provided, but they can not without you having signed any outgoing transaction. So without your personal Key (which they dont know), any transaction they create with your adresses is invalid and rejected by the swarm.

It could work like that:
I want to send Joe 1000.00 BTC with my BTC-serviceprovider
1. Select one (or more) of my adresses from which I want to send the BTC.
2. Enter one (or more) BTC-adresses of Joe.
3. Enter amount '1000.00'
4. Click "Generate Transaction"
  This generates an unsigned Transaction, which you download onto your terminal.
5. Use my private Key(s) to sign it.
  Maybe stored on my USB-Drive.
6. I upload the signed Transaction back to my BTC-SP, who broadcasts it into the swarm.

Note that my "sign" should only work for this particular transaction; the BTC-SP is not able to modify it. The worst thing he could do would be to not broadcast it.

Is such a webservice technically possible without major changes to the protocol?

I did not find threads about this. If I missed one, please link me.
Jump to: