Would be great to have the option for BIP38 encryption at the "Wallet Details" tab.
I like to dice roll my addresses and currently have to manually encrypt private keys.
Topic: [ANN] bitaddress.org Safe JavaScript Bitcoin address/private key - page 20. (Read 153371 times)
January 06, 2014, 08:23:31 AM
December 23, 2013, 10:19:34 PM
v2.7.2
https://www.bitaddress.org/bitaddress.org-v2.7.2-SHA1-364542f1ccc5777c79aebb1692a6265cf3e42e7e.html
- keys and addresses in monospace font.
https://www.bitaddress.org/bitaddress.org-v2.7.2-SHA1-364542f1ccc5777c79aebb1692a6265cf3e42e7e.html
- keys and addresses in monospace font.
December 22, 2013, 08:24:02 PM
@zemario,
I prefer the bulk wallet tab, to create compressed addresses. I think the entropy is fine at this point. Go generate like 100, pick 10 in the middle, and you should be fine.
Although your random gibberish should also be fine as long as it is extremely long and sufficiently random.
I don't know about the details, sorry.
I prefer the bulk wallet tab, to create compressed addresses. I think the entropy is fine at this point. Go generate like 100, pick 10 in the middle, and you should be fine.
Although your random gibberish should also be fine as long as it is extremely long and sufficiently random.
I don't know about the details, sorry.
December 22, 2013, 01:38:25 PM
Hey, I've been aware of this site for a long time. Yesterday I generated a handful of addresses by manually entering random gebrish as the brainwallet seed.
But now that I see that this started of a little buggy (no offense intended) I'm not sure I want to use those adresses.
Tis thread is quite long, could anyone provide more details (or link to them) about how the first bounty was collected?
But now that I see that this started of a little buggy (no offense intended) I'm not sure I want to use those adresses.
Tis thread is quite long, could anyone provide more details (or link to them) about how the first bounty was collected?
December 22, 2013, 10:37:26 AM
v2.7.1
https://www.bitaddress.org/bitaddress.org-v2.7.1-SHA1-6dfa290d1a133fc444c5580e2a8f1f890d5edf17.html
- more entropy for the PRNG seed.
- use ?showseedpool=true to see the contents of the seed pool in hex.
https://www.bitaddress.org/bitaddress.org-v2.7.1-SHA1-6dfa290d1a133fc444c5580e2a8f1f890d5edf17.html
- more entropy for the PRNG seed.
- use ?showseedpool=true to see the contents of the seed pool in hex.
December 11, 2013, 02:48:25 PM
Just used it for first time today to pass out Christmas gifts at the office. It was well received but a pain in the ass to load up each wallet individually. Is it possible to provide a URI that'll automatically send 1 transaction of fixed size to each of the wallet generated?
December 09, 2013, 10:45:51 PM
v2.6.6
https://www.bitaddress.org/bitaddress.org-v2.6.6-SHA1-0d68accca48df174b6b4f48544498f333dc6e33a.html
- German translations thanks to gerEDH.
https://www.bitaddress.org/bitaddress.org-v2.6.6-SHA1-0d68accca48df174b6b4f48544498f333dc6e33a.html
- German translations thanks to gerEDH.
December 04, 2013, 10:43:32 PM
I translated bitaddress.org (v2.6.2; I'll take care of the latest changes asap) into German. How should I go about submitting it?
I answered you in PM but incase other people are wondering for other languages the best way to submit translations is to fork the code at github:
https://github.com/pointbiz/bitaddress.org
And submit a pull request.
You just need to modify the file:
src/ninja.translator.js
December 04, 2013, 01:19:29 PM
I translated bitaddress.org (v2.6.2; I'll take care of the latest changes asap) into German. How should I go about submitting it?
December 04, 2013, 12:18:04 PM
One or two of the operators stated that depositing more than one time to the public address of a printed bitaddress "wallet"/keypair will create too many signatures which the hackers will use to decode the private address.
You're probably talking about this issue:
https://bitcointalksearch.org/topic/bad-signatures-leading-to-5582152538-btc-theft-so-far-271486
Spending multiple times from the same address will allow hackers to deduce your private key if the random number generator in the client you're using to do the spending is no good. There's no danger in sending multiple times to the same address (except that when you come to spend the coins you deposited, you are effectively spending multiple times from that address).
It's only when you come to spend from the address that the risk exists.
December 02, 2013, 03:34:56 PM
I don't think that's a real problem because the pool of dice generated possible private keys is still huge. But I would prefer a dice method that covers the full range of possible private keys. 100 rolls should be enough, but that could produce number that are too large.
Is there any easy solution to this?
not really...
You are getting 255.91 bits of entropy with 99 dice rolls. The idea that you're losing almost 6% of "something" makes it sound much scarier than it is.
I will bet that a private key that has only 224 random bits is still for all intents and purposes secure, even though 99.999999999%+ of the key space is being left on the table.
And then, keep in mind that a bitcoin address only has 160 bits of entropy in the first place.
December 01, 2013, 07:18:27 AM
v2.6.2 support input of a private key in base6 format which shall be defined as:
99 characters (1,2,3,4,5,0) where 1=1 and 6=0
This allows you to create a private key with physical randomness with 99 rolls of a die. Use 3 dice and do 33 rolls.
Then enter the 99 character string into the wallet details tab of bitaddress.org and you've got yourself a truly randomly generated bitcoin wallet.
99 characters (1,2,3,4,5,0) where 1=1 and 6=0
This allows you to create a private key with physical randomness with 99 rolls of a die. Use 3 dice and do 33 rolls.
Then enter the 99 character string into the wallet details tab of bitaddress.org and you've got yourself a truly randomly generated bitcoin wallet.
When using 99 rolls, the highest base6 number one could come up would be this:
Code:
555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555
This results in this hex private key:
Code:
F0BB8A1BBDE9163B9E053E8F918BF8E4D34034D7FFFFFFFFFFFFFFFFFFFFFFFF
I'm quoting from the Bitcoin wiki:
Quote
Nearly every 256-bit number is a valid private key. Specifically, any 256-bit number between 0x1 and 0xFFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4141 is a valid private key.
Now there's quite a large amount of numbers between
the highest dice generated number at F0BB8A1BBDE9163B9E053E8F918BF8E4D34034D7FFFFFFFFFFFFFFFFFFFFFFFF
and
the upper limit at FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141
It seems the 99-rolls dice method is not using the full range of possible private keys, leaving the upper 5.96% of possible keys untouched.
I don't think that's a real problem because the pool of dice generated possible private keys is still huge. But I would prefer a dice method that covers the full range of possible private keys. 100 rolls should be enough, but that could produce number that are too large.
Is there any easy solution to this?
In any case, I love the principle of rolling my own private keys and not being dependent on software RNGs.
December 01, 2013, 04:18:30 AM
To Pointbiz, et al...
Guys I was reading up in bitcoin's freenode irc room about some people arguing against paper wallets like yours versus Armory's paper wallet.
One or two of the operators stated that depositing more than one time to the public address of a printed bitaddress "wallet"/keypair will create too many signatures which the hackers will use to decode the private address.
But doesn't bitaddress not create signatures to begin with??? Can you guys explain this a little bit to a beginner like myself?
I already know that the random mouse movement and printing everything offline, in a livecd linux, will create a very secure unique set of addresses, but then when bitcoin veterans would advise against using bitaddress puts me in a dilemma on what to use.
Thank you so much and more power to all of you.
Guys I was reading up in bitcoin's freenode irc room about some people arguing against paper wallets like yours versus Armory's paper wallet.
One or two of the operators stated that depositing more than one time to the public address of a printed bitaddress "wallet"/keypair will create too many signatures which the hackers will use to decode the private address.
But doesn't bitaddress not create signatures to begin with??? Can you guys explain this a little bit to a beginner like myself?
I already know that the random mouse movement and printing everything offline, in a livecd linux, will create a very secure unique set of addresses, but then when bitcoin veterans would advise against using bitaddress puts me in a dilemma on what to use.
Thank you so much and more power to all of you.
December 01, 2013, 03:09:23 AM
v2.6.2 support input of a private key in base6 format which shall be defined as:
99 characters (1,2,3,4,5,0) where 1=1 and 6=0
This allows you to create a private key with physical randomness with 99 rolls of a die. Use 3 dice and do 33 rolls.
Then enter the 99 character string into the wallet details tab of bitaddress.org and you've got yourself a truly randomly generated bitcoin wallet.
99 characters (1,2,3,4,5,0) where 1=1 and 6=0
This allows you to create a private key with physical randomness with 99 rolls of a die. Use 3 dice and do 33 rolls.
Then enter the 99 character string into the wallet details tab of bitaddress.org and you've got yourself a truly randomly generated bitcoin wallet.
If throwing 3 dice... would need to ensure you don't introduce any bias such as reading from lowest to highest. Would be best to read dice from left to right as they fell.
This is nice. The hex format can be confirmed with this I think -
echo 'obase=16; ibase=6; 0123450123450123450123450123450123450123450123450123450123450123450123450123450 12345012345012345012' | bc
Nice to not have to rely on computer rng.
November 27, 2013, 10:44:14 PM
I have used 2.6.1 to generate my bulk addresses, can anyone confirm that the generated keys are safe? Sorry kind of noob questions but better safe than sorry
If you generated it on an offline computer, it is safe. You can also attempt to import the private keys into your client to see if it accepts them, using an offline computer.
bitaddress is great as is but I still have a small feature request.
Would you consider to add the option to show an extra textbox with only the public keys? this would make saving them digitaly easier.
Would you consider to add the option to show an extra textbox with only the public keys? this would make saving them digitaly easier.
I used to grab the whole bulk text, save it as a file, and import the whole thing into a spreadsheet. Then you can save a version with only the public keys after you delete the private keys.
I now use vanitygen to generate bulk addresses since it works faster and I can even use a short prefix if I wanted.
November 26, 2013, 12:47:29 PM
bitaddress is great as is but I still have a small feature request.
Would you consider to add the option to show an extra textbox with only the public keys? this would make saving them digitaly easier.
thanks
Would you consider to add the option to show an extra textbox with only the public keys? this would make saving them digitaly easier.
thanks
November 24, 2013, 01:01:36 PM
Here is a feature request that I think would help assuage people's fears about random number generation, which have become more valid the more we hear about NSA-rigged RNG.
Right now, the script collects entropy by way of mouse movements.
I propose that the script also collect some additional entropy by way of the keyboard.
When the script generates new private keys, the private key should be SHA256(user-entered-string | prng-generated-string) (where | is concatenation).
I agree and consider this a high priority item on the TODO.Right now, the script collects entropy by way of mouse movements.
I propose that the script also collect some additional entropy by way of the keyboard.
When the script generates new private keys, the private key should be SHA256(user-entered-string | prng-generated-string) (where | is concatenation).
Hi, wondering if this was implemented in 2.6.1?
I have used 2.6.1 to generate my bulk addresses, can anyone confirm that the generated keys are safe? Sorry kind of noob questions but better safe than sorry
November 24, 2013, 05:39:39 AM
How do we know the website isn't storing our private keys?
You download it to an airgapped computer, using the website live is only proof of concept.
November 24, 2013, 03:51:45 AM
How do we know the website isn't storing our private keys?
November 23, 2013, 06:22:35 PM
Is printing safe on linux?
If you use a live cd it is and your printer doesn't store print jobs in memory. So printing from a normal linux machine will potentially leave traces/keys on the system just as printing from a windows machine does? Maybe bitaddress.org should warn about that.
It would be cool to have a Bitcoin Live CD with a hardened system, bitaddress and some nice tools ready to go.
Jump to: