Topic: Bitcoin Checks : R3 - page 6. (Read 13559 times)

I had sent out a couple samples a few weeks ago but I haven't heard anything back. I still have a bit left to give away.

It's cool, if I didn't want feedback I wouldn't have asked for it. I am tryin to sell check to and for the community, if the community does not approve, my idea has already failed. I didn't think Firstbits were that crucial at the time and didn't focus on them so much. Obviously I was mistaken, but it is an easy fix and well worth it.

Sorry if I came across a bit harsh there, I didn't mean to call you dumb or anything, but you are (at present) on a newbie account in the newbie forums and the pic did seem pretty odd. Not trying to call you out, honestly, I'd rather offer help if there's some misunderstanding. I want to see Bitcoin succeed and the better people understand it at this stage of the game the higher the chances of that happening are.

I wasn't trying to beat a dead horse with the firstbits thing either, it's just that a lot of folks aren't aware of things like vanitygen and don't know that you can "steal" firstbits pretty trivially. I figured an actual in-practice example would be a good way to drive that home.

I know I come off strong but it's only because you look like you've got a good product if you can just recognize and patch a few simple problems before hitting a live market with them and I wish you the best of luck.

You're kind of missing the point. Most people will use whatever the easiest method you present them is. If they have a way to scan the QR code, then they'll do that - otherwise they'll default to firstbits. Nobody is going to enter a 34 character alphanumeric case sensitive string to check balance if they can type 6 or 7 non-case-sensitive firstbits instead. If you're printing the firstbits on the check, it's implied that the firstbits are inexorably tied to that piece of paper, which isn't necessarily the case. I've already demonstrated how someone could use this loophole to scam a merchant and saying "it's on the merchant if they don't take the time to type 34 alphanumeric characters" is not a valid excuse for doing things the right way. If we want Bitcoin to be accepted by merchants we have to make it easier than "1KvrFZYgwQe5D7cfMR1ndKL9zUzm9CAHzy and pray to god you don't make a typo" which is the whole point of firstbits anyway. But for the firstbits to be valid you HAVE to fund them or else leave yourself open to a collision attack like I described above. Merchant's won't use these if it's that trivial to scam with them. Again, you don't even have to fund them with a lot, you can spend a single satoshi which, at the time of this writing, is worth ~0.0000000494991 USD (about five millionths of a penny). To refuse to fund at 0.00000001 BTC before sending is either incredibly cheap or incredibly lazy and either way it completely invalidates the usefulness of printing the firstbits at all.

Also, for the record, it seems odd that you've scribbled over the address but left the privkey visible in your image; it seems to belie a very poor understanding of how Bitcoin actually works... From private key 5J7nDBQHbQ7u8MmLdHuxz2uqGCJdrKzZSMY7vcnZRnDeCEFqLs3 it's trivial to compute the scribbled-out address 1KvrFZYgwQe5D7cfMR1ndKL9zUzm9CAHzy with firstbits 1kvrfzy.

As a proof of concept I just did exactly what I suggested and made an address with vanitygen that collides with your firstbits: 1KvrFZyLX7dKpvYjzTWv3E9KfivR6fhBco and funded it with a satoshi just to prove that I can "steal" your firstbits if you don't fund them at the time of generation/purchase. I'm doing this from my work laptop so I didn't even have the benefit of OpenCL acceleration on a decent GPU to help me. This took less than ten minutes. With even a single 5830 it would take less than one.

Note: At the time of this writing there hasn't been a new block for nearly an hour so the transaction is 0/unconfirmed so I technically haven't stolen your firstbits just yet, but whenever the next block arrives you should see what I mean.

Update: Block finally hit, all your firstbits are belong to me.
Firstbits.com is annoyingly slow to confirm this but http://blockchain.info/address/1kvrfzy links to my address, not yours. I think that's an adequately solid proof of concept.

They are, but if I relied solely on the first bits the full address wouldn't be needed. Creating an address with matching firstbits also kind of defeats the purpose as well.

What is the point of including the firstbits on the check then, if they aren't to be used to validate the check balance?

That is why I also have the full address listed on the check, If the merchant checks only the firstbits and does not validate the whole address that is their mistake, TBH. Don't get me wrong I had thought of that, but at the same time personal responsibility of your own payments is like Bitcoin 101.

Look, here's the problem: Say you have a check with firstbits 1qz80e7. I can go grab a copy of vanitygen and make a new bitcoin address with those firstbits. I then send money to that address and nothing ever gets sent to the actual address on the check. Since firstbits aren't case-sensitive generating a collision should be relatively easy. A merchant might then take the check, check the firstbits only and accept it since firstbits 1qz80e7 actually shows a balance. When said merchant attempts to redeem the check via the private key, they will find they've been given the privkey to an account holding no funds.

Shoot me an email with your information or use the form provided at http://shop.psjb.me

I'd hardly call a satoshi "funded".  Just don't tell anyone it is there.  Anyway, I gave my opinion, you don't have to take it.  Best of luck, and I still want a free one! 

My site is really the biggest problem right now, using a MAILTO link, not being able to generate a payment address automatically, and also my emails are marked as spam by many clients. =/

I don't really want to send out funded checks and the firstbits are only ment as a reference number to check the transaction, not the sole means of funding.

Yeah. This would work and guarantee that you don't ever have an incorrect firstbits.

To be safe, I'd just send a satoshi to each of the check addresses to get them into the blockchain and have valid firstbits.  I think it's a good idea to have the firstbits on the check, but better to be safe than sorry!  You can use sendmany for each batch to minimize fees.  It wouldn't cost more than a few cents total, definitely worth it IMO if you want to have a product that seems completely legitimate!  Otherwise, you'll keep being asked the same question over and over about the firstbits. 

I would like some free if your still giving them away.

But they will also have an unfunded check leaving them no reason to check the transaction, also the reason for 6 characters.

However if someone else funds an address with same prefix before your customer funds his then the check will have the wrong firstbit.

When the address is used it will appear in the block chain, I currently use 6 characters to avoid any mismatches, if this proves to be a problem I will switch to 7.

That was scrap check where the QR code was misprinted, I just scratched out the address with it.