The wallet is only encrypted with your password so you can email us and have the yubikey authentication removed (This must be from the email that is associated with your account).
Are you sure that you can reliably check if the sender's address is not forged ? 
Topic: Blockchain.info - Bitcoin Block explorer & Currency Statistics - page 163. (Read 482345 times)
December 15, 2011, 07:10:31 AM
December 15, 2011, 06:49:07 AM
Can you add support for Duo Security? It's a pretty neat service.
Looks like a good product but they really need to rethink their pricing strategy. Even at the small number of users My Wallet has at the moment it would be nearly $1000/month. I'll investigate the possibly of changing API key every request but I imagine this is against their TOS. At some point i will add email and skype as options since they are free.
Next feature I'm really craving is QR codes. Any plans for them on the receiving addresses?
Yep QR codes are already on my todo list.
This is cool, but seems a little bit dangerous for this application. What happens if you lose your yubikey or drop it in the toilet? Can you order a duplicate Yubikey as a backup? With mtgox it's a bit different…if you lose your key, you can always verify your identity and get them to restore your access to your account.
I had thought about encrypting wallets with the yubikey identity token but decided against it for the reasons you mention. The wallet is only encrypted with your password so you can email us and have the yubikey authentication removed (This must be from the email that is associated with your account).
And am I understanding this correctly: the private key is stored encrypted on the servers and the encryption is handled by my browser? So if someone were to steal acquire the data they would not be able to spend my coins?
Yes your wallet would still be secure. I'm operating under the assumption here that a wallet encrypted with a 10 character AES password will take a significant amount of time to brute force, certainly enough time for you to move your coins to different addresses.
I've been trying this out and it's working great. Nice interface and versatility.
I've kept an encrypted backup of the wallet locally but I have a question. If your site vanishes is there some tool (prefer linux) or process documented that can read the wallet.json.aes file format and decrypt it so we can get to our keys?
Wait a minute - I just saw that you now charge a 1% fee on outgoing transactions. Is that new? I thought a few days ago it was a free wallet and you were thinking about advertising for support?
I've kept an encrypted backup of the wallet locally but I have a question. If your site vanishes is there some tool (prefer linux) or process documented that can read the wallet.json.aes file format and decrypt it so we can get to our keys?
Wait a minute - I just saw that you now charge a 1% fee on outgoing transactions. Is that new? I thought a few days ago it was a free wallet and you were thinking about advertising for support?
You should be able to use AES Crypt on linux http://hungrycoder.xenexbd.com/tutorial/how-to-install-aes-crypt-in-linux-to-encrypt-and-decrypt-your-files.html.
Yes the service has a 1% transaction fee for all outgoing transactions, I changed this a few days ago. The site would not be sustainable from advertising alone and if the site is profitable then I have more time to implement new features and better security.
December 15, 2011, 03:11:43 AM
I've been trying this out and it's working great. Nice interface and versatility.
I've kept an encrypted backup of the wallet locally but I have a question. If your site vanishes is there some tool (prefer linux) or process documented that can read the wallet.json.aes file format and decrypt it so we can get to our keys?
Wait a minute - I just saw that you now charge a 1% fee on outgoing transactions. Is that new? I thought a few days ago it was a free wallet and you were thinking about advertising for support?
I've kept an encrypted backup of the wallet locally but I have a question. If your site vanishes is there some tool (prefer linux) or process documented that can read the wallet.json.aes file format and decrypt it so we can get to our keys?
Wait a minute - I just saw that you now charge a 1% fee on outgoing transactions. Is that new? I thought a few days ago it was a free wallet and you were thinking about advertising for support?
December 14, 2011, 11:26:48 PM
And am I understanding this correctly: the private key is stored encrypted on the servers and the encryption is handled by my browser? So if someone were to steal acquire the data they would not be able to spend my coins?
Yes, correct, assuming your passphrase is strong and your computer has not been compromised.
December 14, 2011, 11:00:08 PM
I've added your ip slush, not able to connect yet but as soon as a few nodes leave I should be able to.
Added yubikey support to My Wallet. For more info see
https://blockchain.info/wallet/yubikey
As far as i'm aware My Wallet is the only wallet service to offer two factor authentication (other than Mt. Gox). Existing Mt. Gox yubikeys should be compatible.
This is cool, but seems a little bit dangerous for this application. What happens if you lose your yubikey or drop it in the toilet? Can you order a duplicate Yubikey as a backup? With mtgox it's a bit different…if you lose your key, you can always verify your identity and get them to restore your access to your account. Added yubikey support to My Wallet. For more info see
https://blockchain.info/wallet/yubikey
As far as i'm aware My Wallet is the only wallet service to offer two factor authentication (other than Mt. Gox). Existing Mt. Gox yubikeys should be compatible.
December 14, 2011, 10:11:27 PM
Next feature I'm really craving is QR codes. Any plans for them on the receiving addresses?
I was just going to ask the same question. And am I understanding this correctly: the private key is stored encrypted on the servers and the encryption is handled by my browser? So if someone were to
December 14, 2011, 09:51:25 PM
I've added your ip slush, not able to connect yet but as soon as a few nodes leave I should be able to.
Added yubikey support to My Wallet. For more info see
https://blockchain.info/wallet/yubikey
As far as i'm aware My Wallet is the only wallet service to offer two factor authentication (other than Mt. Gox). Existing Mt. Gox yubikeys should be compatible.
Added yubikey support to My Wallet. For more info see
https://blockchain.info/wallet/yubikey
As far as i'm aware My Wallet is the only wallet service to offer two factor authentication (other than Mt. Gox). Existing Mt. Gox yubikeys should be compatible.
Wow~~,this is a serious wallet!
Really nice. I just tested this with a mtgox yubikey. I like that you can remove the two factor authentication and go back to just a password too.
Next feature I'm really craving is QR codes. Any plans for them on the receiving addresses?
December 14, 2011, 08:54:29 PM
I've added your ip slush, not able to connect yet but as soon as a few nodes leave I should be able to.
Added yubikey support to My Wallet. For more info see
https://blockchain.info/wallet/yubikey
As far as i'm aware My Wallet is the only wallet service to offer two factor authentication (other than Mt. Gox). Existing Mt. Gox yubikeys should be compatible.
Added yubikey support to My Wallet. For more info see
https://blockchain.info/wallet/yubikey
As far as i'm aware My Wallet is the only wallet service to offer two factor authentication (other than Mt. Gox). Existing Mt. Gox yubikeys should be compatible.
Wow~~,this is a serious wallet!
December 14, 2011, 08:17:36 PM
Can you add support for Duo Security? It's a pretty neat service.
I took a quick look. It looks rather costly to actually use on a website. free up to 10 users but $3/user/month after that. Doesn't sound fit for a free wallet service... except perhaps as an optional service that costs at least $3/month. I can see how it could be useful but it feels overpriced for a web-wallet unless you're keeping astronomous amounts of wealth in there.
December 14, 2011, 06:53:32 PM
Can you add support for Duo Security? It's a pretty neat service.
I took a quick look. It looks rather costly to actually use on a website. free up to 10 users but $3/user/month after that. Doesn't sound fit for a free wallet service... except perhaps as an optional service that costs at least $3/month. I can see how it could be useful but it feels overpriced for a web-wallet unless you're keeping astronomous amounts of wealth in there.
December 14, 2011, 05:58:21 PM
Can you add support for Duo Security? It's a pretty neat service.
December 14, 2011, 05:37:42 PM
I've added your ip slush, not able to connect yet but as soon as a few nodes leave I should be able to.
Added yubikey support to My Wallet. For more info see
https://blockchain.info/wallet/yubikey
As far as i'm aware My Wallet is the only wallet service to offer two factor authentication (other than Mt. Gox). Existing Mt. Gox yubikeys should be compatible.
Added yubikey support to My Wallet. For more info see
https://blockchain.info/wallet/yubikey
As far as i'm aware My Wallet is the only wallet service to offer two factor authentication (other than Mt. Gox). Existing Mt. Gox yubikeys should be compatible.
December 14, 2011, 03:18:04 PM
Are any incorrect or am I missing some? It could be that I cannot connect to your node, are you at the connection limit?
None of this IP is mine :-). Please try to connect to 176.31.157.133. Right now the node is on connection limit, but time to time some peers close connection. Or give me any of your static IP and I'll add it to my trusted IPs list.
December 13, 2011, 09:30:52 AM
Maybe you explained it already, but why exactly it's hard to detect blocks from my pool?
I can't seem to locate the ip addresses correctly. Here are the ip addresses I have down.
81.95.121.13 Slush
46.105.119.41 Slush
192.168.176.137 Slush
178.86.239.19 Slush
178.79.178.173 Slush
178.79.177.146 Slush
178.79.170.65 Slush
178.79.168.31 Slush
178.79.155.53 Slush
178.79.155.33 Slush
178.79.154.170 Slush
178.79.147.99 Slush
178.79.130.99 Slush
109.74.195.190 Slush
Are any incorrect or am I missing some? It could be that I cannot connect to your node, are you at the connection limit?
December 12, 2011, 09:20:15 AM
Maybe you explained it already, but why exactly it's hard to detect blocks from my pool?
December 11, 2011, 11:19:35 AM
That's a feature I was thinking might be useful -- a service that would import a wallet and all its keys.
This is second on my list of things to add, native import and export in wallet.dat format. Although why does the mainline client even need to use berkelydb for wallet.dat? Surely it would be better to use a human readable format to make it easier to repair in case of corruption. JSON would probably suffice. December 11, 2011, 09:51:20 AM
That's a feature I was thinking might be useful -- a service that would import a wallet and all its keys.
This is second on my list of things to add, native import and export in wallet.dat format. Although why does the mainline client even need to use berkelydb for wallet.dat? Surely it would be better to use a human readable format to make it easier to repair in case of corruption. JSON would probably suffice.
First I want to make sure security is tight enough so yubikey and SMS two factor authentication are my priority for the moment.
Can't open my wallet on iPhone, when i click the "Open wallet" button, it just stuck there.Anyone has the same issue ?
btw: should i clean my cache? will private key stored on my disk?
btw: should i clean my cache? will private key stored on my disk?
Haven't tested it on an iPhone yet, I'll have a quick look this afternoon. You are free to clear your cache, any private keys you have added will be safe on the server.
December 11, 2011, 09:41:51 AM
Can't open my wallet on iPhone, when i click the "Open wallet" button, it just stuck there.Anyone has the same issue ?
btw: should i clean my cache? will private key stored on my disk?
btw: should i clean my cache? will private key stored on my disk?
December 09, 2011, 10:43:38 PM
Well, yes, I've got a wallet cemetary of my own for different reasons. Merging/importing wallets is an obvious missing feature from the C++ client (I'm frustrated by the conservative - can't confuse the idiot's - mentality of the core developers).
But that's not the motivation of my thread here. Basically, I would like to be able to send bitcoins to another individual side channel (not in the block chain). The easiest way to do that today is just to give them a copy of a new wallet. While we're at it, why not encrypt the wallet. In fact, why not encrypt the wallet with the recipients own public bitcoin key (from which one of their addresses was derived).
In theory, the recipient could pass it on to a third party, and he to a fourth, and a fifth, ad infinitum. Of course, each recipient would be taking on enormous counter-counterparty risk, but the possibility allows for plausible deniability. Whenever a bitcoin actually hits the blockchain, even with a guilty 'paper' blockchain trail, one could simply claim 'wasn't me'. I passed that along side channel to a friend to a friend to a ... who knows how many times.
But that's not the motivation of my thread here. Basically, I would like to be able to send bitcoins to another individual side channel (not in the block chain). The easiest way to do that today is just to give them a copy of a new wallet. While we're at it, why not encrypt the wallet. In fact, why not encrypt the wallet with the recipients own public bitcoin key (from which one of their addresses was derived).
In theory, the recipient could pass it on to a third party, and he to a fourth, and a fifth, ad infinitum. Of course, each recipient would be taking on enormous counter-counterparty risk, but the possibility allows for plausible deniability. Whenever a bitcoin actually hits the blockchain, even with a guilty 'paper' blockchain trail, one could simply claim 'wasn't me'. I passed that along side channel to a friend to a friend to a ... who knows how many times.
December 09, 2011, 10:04:49 PM
Wait a second, today, I can PGP encrypt my wallet and give it to you. Once you decrypt the wallet, you can do whatever you want with that wallet in the blockchain or side channel again. The only additional cleverness is rather than PGP, I'm just using your public elliptic key (associated with an address in the blockchain) because I'm confident you have the private key.
Or just upload an unencrypted wallet.dat, SSL (https upload) will keep the contents of the wallet secure.
I encrypt an entire wallet with your public key, email it to you, and you decrypt it and do whatever you want with the wallet. The blockchain is no wiser.
That's a feature I was thinking might be useful -- a service that would import a wallet and all its keys. Because there is no easy way yet for (non-technical) people to merge wallets, those with multiple wallets (e.g, from a laptop and a separate on a desktop) are abandoning their old, empty wallets. But perhaps some payment will still arrive to one of those addresses -- that happens enough to where people are storing an archive of their wallet now, ... just in case someone sends bitcoins to an old address. If that wallet were to be imported on BlockChain.info, then all those keys from that old wallet could be retained.
At the time, I considered it to be a separate service -- a "wallet cemetary", where the service would take a cut should any bitcoins be received to those old addresses. Maybe that would just be one of the methods for moving from a local, Satoshi client wallet to BlockChain.info's Wallet.
Jump to: