[ANN] bitaddress.org Safe JavaScript Bitcoin address/private key - page 6.

uidge

newbie

Activity: 8

Merit: 0

Quote from: TheButterZone on August 17, 2017, 04:48:12 PM

I spy only an unconfirmed transaction from today at that address. Electrum might not be able to sweep unconfirmeds with CPFP, only sweep confirmed TXs.

I've tested many ones, here for example https://blockchain.info/address/19DpkXMi4oTfayjxfDSuz3uHUrsX387Twz
Transaction confirmed. I have very old ones with bitcoins stored on those.

TheButterZone

legendary

Activity: 3038

Merit: 1032

RIP Mommy

I spy only an unconfirmed transaction from today at that address. Electrum might not be able to sweep unconfirmeds with CPFP, only sweep confirmed TXs. If you import the private key rather than sweep attempt, that might make it available for CPFP.

uidge

newbie

Activity: 8

Merit: 0

HELP NEEDED

I have generated a bunch of BIP38 encrypted addresses with the tab "BULK WALLET" of bitaddress html under the same password on the machine that is not connected to the internet. Then I transferred some coins on the first 3 of them to run a test of sweeping them into electrum wallet.

I have decrypted all 3 wallets and used Private Keys (WIF51 characters base58, starts with a '5') to sweep them into Electrum. The first one swept well, but then the others would not sweep. Electrum says that they are empty. I tried importing them into blockchain.info wallet but it also says that they are empty.

When I check public address it shows that the wallet contains bitcoins
https://blockchain.info/address/19DpkXMi4oTfayjxfDSuz3uHUrsX387Twz

This same public address is displayed on "Wallet Details" tab in bitaddress.org when I decrypt private key.

PRIVATE ADRESS: 6PnSSP9UiDEjFfRW2R2hsu9Wuk4xviMdsitF1vVahTdK2vRoCQfvFesjih
PASSWORD: 3,452s.Km;x%D7I(K)
I don't care if the coins will be moved away, but I really need to figure out how to get access to my wallet.

Can anyone help please?

Version History (3.3.0)
527B 5C82 B1F6 B2DB 72A0
ECBF 8749 7B91 6397 4F5A

TheKoziTwo

legendary

Activity: 1552

Merit: 1047

Gregory Maxwell says:
The common libraries they have used have had a long and worrying series of mathematical flaws that cause them to occasionally generate addresses that do not match the private keys, and were completely without the sorts of test that would have detected these mistakes
https://www.reddit.com/r/Bitcoin/comments/6ss91w/seriously_how_are_you_all_generating_your_private/dlf4uhr/

dooglus mention the same issue here:
https://bitcointalksearch.org/topic/m.16941686

Is "Wallet details" in bitaddress sufficient test to make sure address is valid? or should you import the private key in something like bitcoin core and sign/verify it? other options?

Millionero

sr. member

Activity: 807

Merit: 423

Coinomi wallet supports bitcoin cash and it has a function to sweep a paper wallet (import private key).
Coinomi is a mobile app that supports many coins. I use it on my Android phone. I think it has been ported for PC too.
Facts about the fork as I understand it:
The way addresses are formed is the same in bitcoin and bitcoin cash. That didn't change.
The two chains are different in the way they put transactions into blocks.
If you have BTC from before the fork in a wallet where you control the private keys, here is the standard advice on how to get bitcoin cash without accidentally having a replay/playback mishap that could cause you to lose your bitcoins:
1) Send the BTC to a new BTC address using your bitcoin wallet. Doesn't matter if it's a light wallet or a full node, just has to be a Bitcoin transaction done in a Bitcoin wallet according to the standard Bitcoin protocol. Your bitcoins are now safe and sound in a new address.
2) Import the private key from the OLD BTC address into a bitcoin cash wallet.
This works because transaction (1) was not entered into a block on the bitcoin cash chain.

I've described it as if you are sending from a single address, but it would work the same for an HD wallet with multiple addresses, if the bitcoin cash wallet can import an HD privkey. I haven't used Coinomi to import a paper wallet and I'm not sure if it works with single address keys, HD privkeys, or both.

TryNinja

legendary

Activity: 2758

Merit: 6830

Quote from: adaseb on August 05, 2017, 04:52:14 PM

Anyone know if this can be used for BCC/BCash the exact same way as it was used for BTC? Or were there some changes that make it incompatible?

Right now a Paper wallet seems to be the only cold storage option available for Bitcoin Cash.

Secondly, whats the method of sweeping the coins? Since services such as Blockchain.info don't support Bitcoin Cash, seems the only way would be to do a full sync of the Bitcoin Cash wallet?

I am almost sure that you can do for both, since BCC is basically Bitcoin with a few changes.

The only part you need to pay attention is in which side of the chain you are sending the coins to the address, making it a BCC or BTC paper wallet.

adaseb

legendary

Activity: 3808

Merit: 1723

Anyone know if this can be used for BCC/BCash the exact same way as it was used for BTC? Or were there some changes that make it incompatible?

Right now a Paper wallet seems to be the only cold storage option available for Bitcoin Cash.

Secondly, whats the method of sweeping the coins? Since services such as Blockchain.info don't support Bitcoin Cash, seems the only way would be to do a full sync of the Bitcoin Cash wallet?

dooglus

legendary

Activity: 2940

Merit: 1333

I just tried using the current version of bitaddress.org on both chrome and firefox, and neither of them work any more for me.

I wiggle the mouse until the entropy collection reaches 100%, and then nothing happens. The screen stays full of the green dots I have drawn.

The console says: "TypeError: ninja.unitTests is undefined[Learn More]" in Firefox, and - ugh - just started working again in Chrome. I tried a few times and it failed. Now I tried one more time to copy/paste the error messages and it worked!

Muhammed Zakir

hero member

Activity: 560

Merit: 509

I prefer Zakir over Muhammed when mentioning me!

Quote from: ?? on ??

Hiya,

Can anyone advise me on how I can send the bitcoins from my wallet generated by bitaddress.org ?

I have been reading online for a few hours now and cannot find any recommended way of doing this.

Sending the coin anonymously would be preferred if possible.

Thanks in advance
Xirus

Use Electrum, Mycelium or any other Bitcoin wallet which can import a Bitcoin address.

TheButterZone

legendary

Activity: 3038

Merit: 1032

RIP Mommy

Quote from: jofus on June 16, 2017, 12:12:07 AM

This address generator is great. I used it to print off Bitcoin wallets. I am wondering if anyone can tell me how to print of Litecoin wallets though?

I have no problem using lite address.org, but when I download the zip file, it just gives me Bitaddress that is used for Bitcoin, not Litecoin.

Is there a link somewhere I can download the litecoin address generator so that I can generate offline?

Thanks

https://github.com/litecoin-project/liteaddress.org
https://bitcointalk.org/index.php?topic=97867.20

jofus

full member

Activity: 127

Merit: 100

This address generator is great. I used it to print off Bitcoin wallets. I am wondering if anyone can tell me how to print of Litecoin wallets though?

I have no problem using lite address.org, but when I download the zip file, it just gives me Bitaddress that is used for Bitcoin, not Litecoin.

Is there a link somewhere I can download the litecoin address generator so that I can generate offline?

Thanks

bitterbug

member

Activity: 78

Merit: 10

Hi,

I'm fairly new to PKI, so bear with me please.

I have a couple of questions about verifying the signed message.

Quote from: pointbiz on September 11, 2011, 07:23:01 PM

...

Verifying the release:
1) get public key of author
2) import public key of author
3) get HTML from bitaddress.org
4) sha1 checksum of HTML
5) verify signed message from author
6) confirm sha1 in step 4 & 5 matches
NOTE: If the web page is saved as "web page complete" as opposed to "web page html only" the checksum will not match.

Code:

wget http://www.bitaddress.org/ninja_bitaddress.org.txt
gpg --import ninja_bitaddress.org.txt
wget http://www.bitaddress.org/bitaddress.org-v2.9.1-SHA1-67b1facd70890aa9544597e97122c7a1d4fdc821.html
sha1sum bitaddress.org-v2.9.1-SHA1-67b1facd70890aa9544597e97122c7a1d4fdc821.html
wget -qO- http://www.bitaddress.org/pgpsignedmsg.txt | gpg -d

...

It appears to me that 'gpg -d' is an instruction to gpg to decrypt the file argument.

1) Why is it necessary to decrypt the message when I can read it perfectly as it is?
2) Why is there no mention of 'verify' in this step's command (step 5)? I was expecting to use one or other variation of '--verify'. Please clarify.

Thanks for any feedback.

Mbidox

full member

Activity: 212

Merit: 108

I found in post #1 and on your homepage (https://www.bitaddress.org/pointbiz_bitaddress.org.asc) the following PGP SIGNATURE:

Code:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.13 (MingW32)

mQENBE5lizQBCADhDeJALMhaXOW6U5Lj1wyNyYwf5bh4kcP4m5pDrQCk3GzduMBh
NKsa21zgejhST74l7PRVNWJc7cLsdpQ7fCGUgbEBaApQ7+J1pSAClEdBCZ6wycgI
gAln86LmsmtsGnr77jPJEeeYI2FH6o5JEEYdc6Kji8Mkj1fNMqa8qrOFydazbvTm
EcuwtWsf+EFM1DwnaS2D0CU8Y4rB7wzaQkS/m+9yXqmhLgFI1B5mYyEhWz/YGcKs
ln93a/rLemHty54UWtpi1bn5F7alB/HnvNt65wHvXKnvi+/Teqft2jk4i0Uqd7QR
uFUBc/wTC9tJXwf83qOMOv8zqU8uJCryp4cjABEBAAG0HG5pbmphIDxuaW5qYUBi
aXRhZGRyZXNzLm9yZz6JAT4EEwECACgCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4B
AheABQJV9gLjBQkQ9njvAAoJEIdJe5Fjl09a6eMH/j0TIX/fQzvWhVOFNdS3rKeG
7xJ90QvlgzSwXig/lCtf2/wO216bgDwY0yZCIcvsjusneXbjSIqJ1eXIZE06B3yP
6Xmlc6GU8vu5XJvqf27axAGoghy0Y7Wag2FlgPbKJPSapqIj3O4JV/fwKH/Wmua/
J36XVW3+0G3Hx4vB15v1w4WX56ttDXo5vCMcCPn8zh5+MA2+HK1ts/SMvhG9pWuk
TCTPka3hawIQOOawoAty/zQIDma3XHjAUM4oErTLlgux7LwNl+H772GIfvy4ltj3
/LhZBDIe6NB0JArb4NqvICIZ5pDUr4Zp6QccZO6jL3KXomo6c9DPkeXMz1gpx1u0
InBvaW50Yml6IDxwb2ludGJpekBiaXRhZGRyZXNzLm9yZz6JAT4EEwECACgFAlX2
Bc0CGwMFCRD2eO8GCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEIdJe5Fjl09a
2CMH/iUwNXr9NP9brt93+E2YpH1zGqgnOoYVGz72WTUD+v0WP5/LN2qVMec8nqXb
dzwQI6ERQlEkgahynzaxZw44U5AKfpvxI8AFD4mOuB4aAMJxt5k5a9O1AgegJAX6
Ev04mIXGhNisq3oLIVkbhCR8IS43B6mWUYyBcICWec/gkxh/EJh3BuavlmDZBkp8
/5K/oBg6Un80jCWP1h87Fxv8dWClcF8wROaSnoFDKPsbpPNEudgxUkAycbcByy0o
v62d1X5GNFrr432EMZpTO5Up6vCA/B8K7cCS7qYsLbvo5WglYpscoDWozUld5ga1
qeZdjDI8u5qDnGKgI3ZkT5sV/WC5AQ0ETmWLNAEIAN1eqRI6ltxWZhR3EaWIca1/
p3PrV/BqY0CpWufjr/ZWjufN+QSVgICrVF/CjYxxZeo0tZ48m3qzIfr3MYIMW2+Y
Rno1p/uMbf43oqOiQy7o30u8rhLgWc3nmKFyE8I1iRToqcGM2+YxQ80zp8TvjFQW
zvMClFHS+JAa+n7Z5RwerTQPf3j4spo4oZGrxxu8UWT4qxR8BRzs6q4BSkuehzxT
TgYhxSOrKqZLKVQ/kVfUZaCy29WqV9LxnQXLFrqZeHccocp+Hd01xyCybGgynJfg
O2Oz52RXRHDEPv0hjR+b419O7QOiqGI7TQ7fcaIBUByIn84fodOnddak9XYwd1MA
EQEAAYkBHwQYAQIACQIbDAUCVfYGGwAKCRCHSXuRY5dPWsk6B/0XNmalHNn175fJ
DeFTTmZ0BAEj3izjYb4NWExutcF4AcJjqEU+oSaY7QrZoV6YBpeJ8YXVigK9EOf8
4eaQONk/ZT5yjYYn6IrFmL0SL+O2HKOxFNogv2yyLYJJXFvUcSSBZGQrNK2pbhbc
Y/r6XXpgKl/JqazvVGGl3j38t7KzTMDkmhtkL+EzX9GiaXx0tF7ZPI2JfcizotuF
ONiWDc5ferDBJaFPMYb9ElcxC5knnfkM0ti5SH3vUw1qCT6+vKB4PG7W4V1MpoMx
ZHAcHt6uj5cE2IfHO4aPRU1BnqB6lRK2ob0c8/o7d0dWwvciQhH+NrRQThqlGf8E
sjLBqm5u
=9YLe
-----END PGP PUBLIC KEY BLOCK-----

But I found on http://www.bitaddress.org/ninja_bitaddress.org.txt (Link from post #1) the following PGP SIGNATURE which is different:

Code:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.17 (MingW32)

mQENBE5lizQBCADhDeJALMhaXOW6U5Lj1wyNyYwf5bh4kcP4m5pDrQCk3GzduMBh
NKsa21zgejhST74l7PRVNWJc7cLsdpQ7fCGUgbEBaApQ7+J1pSAClEdBCZ6wycgI
gAln86LmsmtsGnr77jPJEeeYI2FH6o5JEEYdc6Kji8Mkj1fNMqa8qrOFydazbvTm
EcuwtWsf+EFM1DwnaS2D0CU8Y4rB7wzaQkS/m+9yXqmhLgFI1B5mYyEhWz/YGcKs
ln93a/rLemHty54UWtpi1bn5F7alB/HnvNt65wHvXKnvi+/Teqft2jk4i0Uqd7QR
uFUBc/wTC9tJXwf83qOMOv8zqU8uJCryp4cjABEBAAG0HG5pbmphIDxuaW5qYUBi
aXRhZGRyZXNzLm9yZz6JAT4EEwECACgCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4B
AheABQJSLPElBQkHiczxAAoJEIdJe5Fjl09aoPMH/2p6b2HjgUM0OWuStfRtVXiS
t8y8bCAeGzN+3Z/fLPncbTck2hT2S4TYd/37qghJWirrlSmzEVRW6aCVeD/tt7xA
nBkGSTWr17JRsXY0ro+zXaSPmwJyuIDnNR2Jo/ha65QlLT/yEI5cO2cIMzMI82X/
3QYFRcJBYYDSSvXbR7ctqCRns6+Eh4B+HQlRz+mBR5aXTwkr/hEsDUs2I3/bSucF
kadeH4FlM5broQ2Ccl8sESusOwhmvPFJFxTV7JpB547VlXbNOF0OEl/aztKtMEo1
+SaYU232Icdvuuxx3XT8+QUdwBndABY43HmUgbVE2ht4GyUHwKkIsbvgT5CBr/u5
AQ0ETmWLNAEIAN1eqRI6ltxWZhR3EaWIca1/p3PrV/BqY0CpWufjr/ZWjufN+QSV
gICrVF/CjYxxZeo0tZ48m3qzIfr3MYIMW2+YRno1p/uMbf43oqOiQy7o30u8rhLg
Wc3nmKFyE8I1iRToqcGM2+YxQ80zp8TvjFQWzvMClFHS+JAa+n7Z5RwerTQPf3j4
spo4oZGrxxu8UWT4qxR8BRzs6q4BSkuehzxTTgYhxSOrKqZLKVQ/kVfUZaCy29Wq
V9LxnQXLFrqZeHccocp+Hd01xyCybGgynJfgO2Oz52RXRHDEPv0hjR+b419O7QOi
qGI7TQ7fcaIBUByIn84fodOnddak9XYwd1MAEQEAAYkBJQQYAQIADwIbDAUCUizx
RwUJB4nNEwAKCRCHSXuRY5dPWsGgB/9JszPV07ZrL1OOMz7rxkBHYhwPB3Wk8fOM
PueNLQLJsE4w+WI3Pn5gtDKkR0oRgjoWCqSmTcZOukg2QQ0Zh5ChQ+f61+Z7SYgC
7PFSWmzM7+tTw73aRqUcRcpm/C5Y9EpYiCDat3gAKZ4Np3+LNLWzt8ni4EBbBGdY
Gw3z4Nc12ZAg30RY+M+jMSCr5U7xfHiKLMN9bkQJpl/H6tHiEJRnBoN3fa8o9ahh
3eA64z/kXtH74JbuUomtNr104wfA4Iw3mYM34GL4T1C8VrhKAOnCzSw8otWBuyM2
rdxVjJs1qvgp9Q10CyV0uelzZKSDWcyanBmlOm6+yO5hZI9+l2Rn
=pDI6
-----END PGP PUBLIC KEY BLOCK-----

Question 1: So which of them is guilty? I think it is the second (v2.0.17) and not v1.4.13, because v2. is newer than v1. (?)

Question2: My expectation was that the "PGP SIGNATURE" in the actual message on https://www.bitaddress.org/CHANGELOG.txt.asc is the same like the PGP Signature in the blocks above. But this "PGP SIGNATURE" is again different:

Code:

Can you help me please.

Edit:
Nevertheless I tried the following:

1. As in https://www.bitaddress.org/CHANGELOG.txt.asc at the top you write "Hash: SHA1" I asume, that you did generate a SHA1 Hash of this message.
2. So I went http://hash.online-convert.com/sha1-generator.
3. Into the filed "Or enter URL of the file where you want to create a SHA1 hash:" I entered "http://hash.online-convert.com/sha1-generator" (this is the message)
4. I clicked the button "convert file"

My expectation was, that I now will get some of the PGP SIGNATURE in the code windows above. But what I got is the following:

Code:

hex: 15f511b73d9a9aa54a76ae107585dc6075c70fd0
HEX: 15F511B73D9A9AA54A76AE107585DC6075C70FD0
h:e:x: 15:f5:11:b7:3d:9a:9a:a5:4a:76:ae:10:75:85:dc:60:75:c7:0f:d0 
base64: FfURtz2amqVKdq4QdYXcYHXHD9A=

None of this output is the same, as one of the above PGP Signatures.

Question 3: What do I make wrong?

Millionero

sr. member

Activity: 807

Merit: 423

Quote from: Mbidox on April 17, 2017, 06:22:29 AM

According to
https://en.bitcoin.it/wiki/Private_key#Range_of_valid_private_keys
all numbers from 0x1 to 0xFFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4140 are valid private keys.

When I go to "Wallet Details" and type in the field "Enter Private Key" the following numer: 1

Why is there a message "It is not a valide private key." (?)

Assuming you are using hex, then that "1" that you typed in is the number 1 out of a space of only 16 possibilities.
The (unextended) private key has a space of 2^256 possibilities (actually a bit less, as you posted), which is why the private key range you posted has 64 hex characters.
To use the number 1 as a private key, it has to be expressed as 1 out of 2^256 possibilities.
In hexadecimal, that would be 63 zeros followed by the numeral 1.
0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0001

P.S. um, don't use that as the private key

P.P.S. Sometimes the words "private key" are understood in context to mean the private key in Wallet Import Format (WIF), which is a different animal, not expressed in hex at all, but in base58 check encoding.

Mbidox

full member

Activity: 212

Merit: 108

According to
https://en.bitcoin.it/wiki/Private_key#Range_of_valid_private_keys
all numbers from 0x1 to 0xFFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4140 are valid private keys.

When I go to "Wallet Details" and type in the field "Enter Private Key" the following numer: 1

Why is there a message "It is not a valide private key." (?)

minimalB

donator

Activity: 674

Merit: 523

Feature Request:
I wish there was an option to hide Passphrase whenever i am making paperwallet for someone else.

Morthawt

newbie

Activity: 32

Merit: 0

Very blummin nice! It has been quite some years since I even looked into, let alone involved with (since the Mt Gox debacle) since I am clueless of where to buy or sell bitcoins in an easy and legit bank-like manner (not some ebay bidding trading kind of site, so if you know of any good ones in the UK please let me know. I would like to dip my toe back into BTC as a user not a miner)

I would like to request you add an option to the paper wallet section to make some kind of cover to prevent someone seeing through an envelope. Kind of like how pin numbers for credit cards have random wavy lines and things right up against the pin to make it way hard or maybe even impossible to detect the info. It would be nice if there were some kind of thing like that, which you can sandwich face to face with the actual page to protect the QR codes through an envelope?

Just an idea.

Amazing system you have made. I was at first annoyed thinking it was a system making me dependent on going to a website but now I know it is offline and I have it saved I am very very happy indeed :-)

pointbiz

sr. member

Activity: 437

Merit: 415

1ninja

Quote from: shorena on March 04, 2017, 08:04:53 AM

Quote from: Lasergun on March 04, 2017, 04:00:45 AM

Quote from: Semvak on March 03, 2017, 11:10:38 PM

Anyone can guarantee for using these service? I mean, how if site got hacked Huh

To be safe It is highly recommend using this software on a computer that is offline, and stays offline.

That wouldnt help against all attacks. E.g. the code could be altered in a way to use only a specific section of all possible keys. Thus they would appear random, while they not actually are. If you want to make sure you are not fucked, read the code or trust in others that have done so.

Download from github for the most security. Random number generator is fine it's been peer reviewed.

shorena

copper member

Activity: 1498

Merit: 1528

No I dont escrow anymore.

Quote from: Lasergun on March 04, 2017, 04:00:45 AM

Quote from: Semvak on March 03, 2017, 11:10:38 PM

Anyone can guarantee for using these service? I mean, how if site got hacked Huh

To be safe It is highly recommend using this software on a computer that is offline, and stays offline.

That wouldnt help against all attacks. E.g. the code could be altered in a way to use only a specific section of all possible keys. Thus they would appear random, while they not actually are. If you want to make sure you are not fucked, read the code or trust in others that have done so.

Lasergun

legendary

Activity: 1155

Merit: 1174

https://keybase.io/lasergun

Quote from: Semvak on March 03, 2017, 11:10:38 PM

Anyone can guarantee for using these service? I mean, how if site got hacked Huh

To be safe It is highly recommend using this software on a computer that is offline, and stays offline.

Topic: [ANN] bitaddress.org Safe JavaScript Bitcoin address/private key - page 6. (Read 153371 times)