Bitcoin Express -- an iOS thin client for bitcoin

fingster

newbie

Activity: 20

Merit: 0

Quote from: Kris on August 14, 2011, 09:29:17 AM

Are you using json-rpc calls to talk with the server? and if so can it talk with a remote bitcoind?

If this is the case it would be perfect for my iPhone, since I already have an json-rpc interface for WalletBit for it to interface with!

Kind regards
Kris

First, btc express talks with the server by extending bitcoin Protocol specification, not json-rpc calls.
Second, btc express disables json-rpc calls to a remote bitcoind daemon for security considerations. There will be a configuration for users to re-enable remote json-rpc functions at their own risks in future.
Of course, you can add your json-rpc interface to btc express by modifying the open source code, see https://github.com/fingster/BTC-Express

Kris

donator

Activity: 640

Merit: 500

Are you using json-rpc calls to talk with the server? and if so can it talk with a remote bitcoind?

If this is the case it would be perfect for my iPhone, since I already have an json-rpc interface for WalletBit for it to interface with!

Kind regards
Kris

fingster

newbie

Activity: 20

Merit: 0

Quote from: EhVedadoOAnonimato on July 28, 2011, 03:47:33 AM

Quote from: fingster on July 27, 2011, 07:23:55 AM

“the client must at least ask the server how much money it has on its addresses”, correct, but in bitcoin system, the btc addresses are not private data. Every transaction a user made, is seen by all the other peer, including involved addresses and amount of coins and where from/to. Check http://www.blockexplorer.com to see more details.
So, it means that the "private data" you quoted is entirely known by every one in bitcoin network not only the server.

I know how it works, and no, my private data is not entirely known by everyone because you can't know a priori which are all my address. You can't even know whether two particular addresses belong to the same person or not.
In a client server solution like yours, the server can link together all the address of one client wallet. Okay, if it doesn't ask anything more, it will only know the IP of the owner, not his identity. But it adds some risk anyway.
I know it's not a major problem, mainly because people should not put all their wealth in a smartphone, but I'd suggest you not to keep any logs in your server that could link together different addresses, just for precaution. If you keep such logs and they leak, that could be bad, since anyone that has ever done one single transaction with one of your clients could then know every other transaction that this client ever did using your app.

Right. I understand what you worry about.
There are NO such logs keeping relations between addresses and clients or wallets. And even the bitcoin original logs are scheduled to be deleted from disk ( to reduce storage charges of vps ). The btc logs grow quickly at a speed of nearly 120MB/day. In fact, we can't afford that storage charge in a long run.

EhVedadoOAnonimato

hero member

Activity: 630

Merit: 500

Quote from: fingster on July 27, 2011, 07:23:55 AM

“the client must at least ask the server how much money it has on its addresses”, correct, but in bitcoin system, the btc addresses are not private data. Every transaction a user made, is seen by all the other peer, including involved addresses and amount of coins and where from/to. Check http://www.blockexplorer.com to see more details.
So, it means that the "private data" you quoted is entirely known by every one in bitcoin network not only the server.

I know how it works, and no, my private data is not entirely known by everyone because you can't know a priori which are all my address. You can't even know whether two particular addresses belong to the same person or not.
In a client server solution like yours, the server can link together all the address of one client wallet. Okay, if it doesn't ask anything more, it will only know the IP of the owner, not his identity. But it adds some risk anyway.
I know it's not a major problem, mainly because people should not put all their wealth in a smartphone, but I'd suggest you not to keep any logs in your server that could link together different addresses, just for precaution. If you keep such logs and they leak, that could be bad, since anyone that has ever done one single transaction with one of your clients could then know every other transaction that this client ever did using your app.

fingster

newbie

Activity: 20

Merit: 0

Quote from: EhVedadoOAnonimato on July 26, 2011, 03:43:45 PM

Congratulations for your great work!

You say no private data is sent to the server. How can it be? I mean, the client must at least ask the server how much money it has on its addresses, what means the server will know which are your addresses, thus it will know how much money you've got on your wallet and how you spend them. Your "private data" is entirely known by the server.

Or by "private data" you meant only the private keys to the addresses? If that's the case, maybe you should correct your statement to make it clearer?

Thanks.

“the client must at least ask the server how much money it has on its addresses”, correct, but in bitcoin system, the btc addresses are not private data. Every transaction a user made, is seen by all the other peer, including involved addresses and amount of coins and where from/to. Check http://www.blockexplorer.com to see more details.
So, it means that the "private data" you quoted is entirely known by every one in bitcoin network not only the server.
However, that is safe for everyone. Even you known an btc address and track it from the past to the future, you can't tell who is behind the btc address. Bitcoin ensures everyone is anonymous and safe. It's very difficult to know which person owns what amount. See https://en.bitcoin.it/wiki/Introduction , "Anonymity" section.

"private data" here is only referred to the private keys to the addresses.

EhVedadoOAnonimato

hero member

Activity: 630

Merit: 500

Congratulations for your great work!

You say no private data is sent to the server. How can it be? I mean, the client must at least ask the server how much money it has on its addresses, what means the server will know which are your addresses, thus it will know how much money you've got on your wallet and how you spend them. Your "private data" is entirely known by the server.

Or by "private data" you meant only the private keys to the addresses? If that's the case, maybe you should correct your statement to make it clearer?

Thanks.

samr7

full member

Activity: 140

Merit: 430

Firstbits: 1samr7

Watching this thread -- this looks really promising!

It must have been quite a job to get the original bitcoin client running on iOS!

fingster

newbie

Activity: 20

Merit: 0

submitted to App Store today :-)

dinox

full member

Activity: 126

Merit: 100

Great idea, indeed.

Can you put this on Appstore/Cydia?

fingster

newbie

Activity: 20

Merit: 0

Hi,
I've written a thin client for iPhone, based on the idea of separating a peer node into a 'thin' client and a server. The client runs on an iOS device and doesn't need to download any blocks/headers from bitcoin network. The client just needs to download its transactions from server into its local wallet. NO PRIVATE DATA OF BTC IS SENT TO SERVER.
The client signs on its sending transaction LOCALLY and then sends to server which relays/broadcasts it to bitcoin network. The server pushes transactions to the involved clients (sender and receivers) .

MIT Licensed open source: https://github.com/fingster/BTC-Express
UI partially based on: https://github.com/udibr/bitcoinApp
More Details: http://forum.bitcoin.org/index.php?topic=31362.0
Beta version download: http://www.megaupload.com/?d=9RX93T9V

any suggestion is welcomed, ;p

Best regards

Topic: Bitcoin Express -- an iOS thin client for bitcoin (Read 4733 times)