It's certainly beautiful... I sure hope you are what you say you are Mike.
I downloaded the chrome "web page complete" and while running it locally, it let me do the mouse movements just fine but wouldn't let me go to the next screen upon generation. Oh well.
The more I think about it, the more I really think you need to make the site into a downloadable package that we can use as a portable app... It still seems too easy for the browser to report the priv key back to you after an offline generation. A cookie could store that and be told to report it at next page load, couldn't it?
If Chrome makes problems, try Firefox, it should be doable. But anyways, I'll try to implement HTML5 offline version as soon as possible - which should solve this.
cool new open-source site for generating safe and truly random offline Bitcoin addresses.
Hi mikewoods,
I quite like the visual display for your entropy gathering. From a psychological perspective, I think it makes it more likely that a user will do the work it takes to make good mouse movements.
I notice you're not taking advantage of window.crypto.getRandomValues(). Do you believe your random number generator is more secure? If so I'd like an explanation. It seems to me that mouse movement and such should either be a fallback or an enhancement to using window.crypto.getRandomValues. Not leveraging getRandomValues at all seems an oversight to me since it's supported by almost every browser now. (IE9 being the notable exception.)
CantonThank Canton, it was very fun to work on those dots
As for as window.crypto.getRandomValues() goes - there are a few problems:
1) not all browsers support it correct (and I'm trying to support a bit older browser (not really old once) as well, for example I've implemented address computation using both html5 workers, as well as doing it using UI tread with delayed recursives.
2) It's still pseudorandom which makes it conceptually unacceptable because it has limited entropy.
3) (less important then 1) and 2) ) Browser could be compromised (and it's very obvious thing to attack).
Mouse movement are used as primary source of randomness and it has a lot higher entropy then any pseudorandom source. Still, to protect the user a bit more it's xor-ed over pseudorandom sequence.
Anyways, I'd be more happy if this kind of very technical questions are discussed on GitHub, because they can be useful for people that decide to join later.
Yes watch out for html5 offline storage to. I would use on unnetworked vm that is then destroyed.
Its just cold keys are perfect, you can steal them later and they have large amounts. Be careful people. This looks legit. I didnt see any http requests after load. But someone can clone this site, etc.
Even then, initial ecdsa can be compromised. Like the android hack.
I also don't believe bitaddress takes only one reading
Those are valid consideration for possible attack - that's why my site doesn't store (and won't) a single cookie, doesn't include outside .js (no ads, and no analytic software), and that's also the reason why I'll have to support the site using only the donations.
Luckily the ecdsa can not be compromised because the randomness source is from human (bad randomness is what enabled the exploit on android).
Bitpop, I'd be very thankful if you open discussion about possible attack on GitHub, this information is very valuable.
Wow, very nice site!
Great job.
Thanks devthedev!