Pages:
Author

Topic: [ANN] bitaddress.org Safe JavaScript Bitcoin address/private key - page 40. (Read 153479 times)

sr. member
Activity: 437
Merit: 415
1ninja
I also wouldn't offer it in base64 unless something else uses it prominently (e.g. OpenSSL, but OpenSSL uses hex).

Code:
# write 32 random bytes of base64-encoded data to stdout
$ openssl rand -base64 32
0kMS0ngFjbWFnDAQzH+OvJTlO2b6O71Kcv9aKpWVh2k=
Looks like you can generate random numbers in base64 with OpenSSL:
http://www.madboa.com/geek/openssl/#random-generate

I'm not sure who, if anyone, is using base64 but it's such a wide spread encoding I figured it would be useful to include in the tool.
sr. member
Activity: 437
Merit: 415
1ninja
MagicalTux reports having fixed this.  It now accepts Base58 private keys, and I was able to import one as a test.

Cool. I also tested a private key in sipa wallet import format and it worked.

v1.1
https://www.bitaddress.org/bitaddress.org-v1.1-SHA1-969273be66ecf93d8bb3525edc1fa0cf3de228d2.html
- Removed 'Standard Format' from Wallet Details tab.
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
MagicalTux reports having fixed this.  It now accepts Base58 private keys, and I was able to import one as a test.
sr. member
Activity: 437
Merit: 415
1ninja
MtGox only accepted that format because MagicalTux was confused as to how the format worked.  Nothing generates keys in that format, and quite frankly there is no advantage to doing it because it takes away the error checking for no good reason.  It would be best not to propagate new formats for keys that don't serve any particular purpose, otherwise everybody will have to support them for everything.

I'm going to remove the "standard format" from the next release. I just checked and MtGox no longer accepts it. I agree the sipa format is better due to the error checking and the usability feature of always starting with a 5.

I can also confirm that the hexadecimal format works at MtGox. Thanks bwagner for checking as well.
sr. member
Activity: 437
Merit: 415
1ninja
Is there any known reason why this does not work in mobile safari? The gen key function seems to be called and the CPU seems to be chugging along for 4-5s but nothing is displayed past "move your mouse". I tried to step through the js execution and think the script halted at one one of underlying crypto functions.   


Try Opera Mini. It works on my iPod 2G.

I recommend that you DO NOT do use "Opera Mini". It is a different type of browser that uses a proxy and renders the information server side (including JavaScript execution results) then sends the results to the client. So theoretically Opera knows about any private keys generated using "Opera Mini".

Opera has another mobile browser called "Opera Mobile" which is safe to use but may not solve the slow JavaScript issue on some iDevices.
legendary
Activity: 2646
Merit: 1137
All paid signature campaigns should be banned.
I don't think there exists such thing as a "standard format" in base58 that's < 51 characters.  The standard base58 format is the sipa wallet import format.  I also wouldn't offer it in base64 unless something else uses it prominently (e.g. OpenSSL, but OpenSSL uses hex).  These unused formats will just serve to confuse people.

Also, hexadecimal is misspelled on the actual website.

LOL. I guess Standard Format didn't exist until MagicalTux created it... maybe I'm adding to the problem. I don't want to cause confusion.
Mtgox still doesn't work with WIF. I added the base64 only because it was available in the .toString() method for the ECKey and I assumed Stephan had a reason for that. I'm going to double check Mtgox works with hex. Hopefully they fix the WIF bug soon. Did MtGox stop accepting in the "standard format"? Because I tried it a few days ago and it worked.
I have verified that Mt. Gox works with and automatically detects both the mini private key format and the hex format.  The last time I checked it still did not work with the "standard" WIF but I will check it again in a few days.  I filed a bug report with Mt. Gox but they have not even assigned it to anyone yet, let alone gotten back to me.
hero member
Activity: 602
Merit: 502
Is there any known reason why this does not work in mobile safari? The gen key function seems to be called and the CPU seems to be chugging along for 4-5s but nothing is displayed past "move your mouse". I tried to step through the js execution and think the script halted at one one of underlying crypto functions.   


Try Opera Mini. It works on my iPod 2G.
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
MtGox only accepted that format because MagicalTux was confused as to how the format worked.  Nothing generates keys in that format, and quite frankly there is no advantage to doing it because it takes away the error checking for no good reason.  It would be best not to propagate new formats for keys that don't serve any particular purpose, otherwise everybody will have to support them for everything.
sr. member
Activity: 437
Merit: 415
1ninja
v1.0
https://www.bitaddress.org/bitaddress.org-v1.0-SHA1-8fc60a3ca4eb24c85c31b264e95a9298e41032c2.html
- Added Wallet Details tab. View your private key in the various formats.
Cool. Another way to convert. I don't have a "mini-key" to test but if you put that in will it also give you the other formats?

Yes, a little Easter Egg for Casascius Tongue
sr. member
Activity: 437
Merit: 415
1ninja
I don't think there exists such thing as a "standard format" in base58 that's < 51 characters.  The standard base58 format is the sipa wallet import format.  I also wouldn't offer it in base64 unless something else uses it prominently (e.g. OpenSSL, but OpenSSL uses hex).  These unused formats will just serve to confuse people.

Also, hexadecimal is misspelled on the actual website.

LOL. I guess Standard Format didn't exist until MagicalTux created it... maybe I'm adding to the problem. I don't want to cause confusion.
Mtgox still doesn't work with WIF. I added the base64 only because it was available in the .toString() method for the ECKey and I assumed Stephan had a reason for that. I'm going to double check Mtgox works with hex. Hopefully they fix the WIF bug soon. Did MtGox stop accepting in the "standard format"? Because I tried it a few days ago and it worked.
hero member
Activity: 784
Merit: 1009
firstbits:1MinerQ
v1.0
https://www.bitaddress.org/bitaddress.org-v1.0-SHA1-8fc60a3ca4eb24c85c31b264e95a9298e41032c2.html
- Added Wallet Details tab. View your private key in the various formats.
Cool. Another way to convert. I don't have a "mini-key" to test but if you put that in will it also give you the other formats?
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
v1.0
https://www.bitaddress.org/bitaddress.org-v1.0-SHA1-8fc60a3ca4eb24c85c31b264e95a9298e41032c2.html
- Added Wallet Details tab. View your private key in the various formats.

I don't think there exists such thing as a "standard format" in base58 that's < 51 characters.  The standard base58 format is the sipa wallet import format.  I also wouldn't offer it in base64 unless something else uses it prominently (e.g. OpenSSL, but OpenSSL uses hex).  These unused formats will just serve to confuse people.

Also, hexadecimal is misspelled on the actual website.
sr. member
Activity: 437
Merit: 415
1ninja
sr. member
Activity: 437
Merit: 415
1ninja
Is there any known reason why this does not work in mobile safari? The gen key function seems to be called and the CPU seems to be chugging along for 4-5s but nothing is displayed past "move your mouse". I tried to step through the js execution and think the script halted at one one of underlying crypto functions.   

Mobile Safari has relatively slow JavaScript performance and a timeout occurs while trying to do the math to generate an address.
It does not work for me on my iPhone3G but it does work for Casascius on his iPhone4.
member
Activity: 75
Merit: 10
Is there any known reason why this does not work in mobile safari? The gen key function seems to be called and the CPU seems to be chugging along for 4-5s but nothing is displayed past "move your mouse". I tried to step through the js execution and think the script halted at one one of underlying crypto functions.   
legendary
Activity: 2646
Merit: 1137
All paid signature campaigns should be banned.
It would be helpful if MtGox autodetected the key type based on the length.  I'm sure they will at some point, I assume they're monitoring this thread.  It is pretty easy...

Wallet Import Format... 51 base58 characters, always starts with '5'

Hex... 64 characters [0-9A-F]...

Casascius Coins... 22 base58 characters, always starts with 'S'...

The javascript in the page could be the agent that converts all these forms to a single format accepted by MtGox's API call...

The Mt. Gox site now autodetects the private key format.  It is working for hex keys and mini private keys but there currently is a bug in the WIF conversion.  See:

https://bitcointalksearch.org/topic/m.561163
https://bitcointalksearch.org/topic/m.561803

sr. member
Activity: 437
Merit: 415
1ninja
Would you put the page you serve into a repo (e.g., GitHub) so that a specific revision can get a closer security review and then each change can be easily identified and scrutinized individually?  

This will help assure that the html/js being served has been reviewed.

I'll think about it. More scrutiny is definitely a good thing.
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
It would be helpful if MtGox autodetected the key type based on the length.  I'm sure they will at some point, I assume they're monitoring this thread.  It is pretty easy...

Wallet Import Format... 51 base58 characters, always starts with '5'

Hex... 64 characters [0-9A-F]...

Casascius Coins... 22 base58 characters, always starts with 'S'...

The javascript in the page could be the agent that converts all these forms to a single format accepted by MtGox's API call...
legendary
Activity: 2506
Merit: 1010
Would you put the page you serve into a repo (e.g., GitHub) so that a specific revision can get a closer security review and then each change can be easily identified and scrutinized individually?  

This will help assure that the html/js being served has been reviewed.
sr. member
Activity: 437
Merit: 415
1ninja
"SHA-256 Private Key (E.g. Casascius Coins)"
So, I was NOT successful in depositing a HEX private key using that option at MtGox.

They have removed that option, now there are two options that say "Standard Private Key" and it now says it can take up to 2 hours to deposit and before it said 24 hours.
Pages:
Jump to: