Topic: E-Wallet better or not? (Read 2973 times)

If all of your code were available as a downloadable client as an .html file, or a series of .html files (that could be saved to someone's hard drive, or burned to the LinuxCoin CD), and used ajax calls or something similar to query for transactions on the blockchain and submit signed transactions via your website, it could be deemed a whole lot more secure.  The risk isn't in interacting with your website, it's the theoretical risk that you or an attacker could serve a different page once in a while.  A third party can't really rule that out, because they can only validate the page you sent them.

Yes, this would interact with the internet, but somebody else could validate that it had no capability of "leaving the sandbox" at the request of the server, and then it would be good.

I'm aware of this issue too. Possible solutions I'm considering are...

1. Some sort of browser plugin that verifies the JavaScript.
2. An external trusted 3rd party/parties that validate the JavaScript. i.e. Some sort of Pingdom service that does an SHA of the HTML and JavaScript.
3. Hosting the JavaScript on on Github.

If anyone else has a suggestion I'd love to hear it.


That's true, but it can't make payments. So I think StrongCoin currently has the best balance between convenience and security.

The only itch I have with regards to StrongCoin is that although it may now be designed in such a way that the operator can't spend the coins, there is nothing saying that the site at any point couldn't be covertly modified either by its operator - or by an intruder - to start collecting people's passwords.  And since people aren't checking the Javascript each time they use it, such an attack would be quite successful.  Average Joe doesn't have a chance of checking the client-side code for security, even if he wanted to.  It's a conceptual flaw, so to speak.

For argument's sake, the paper wallets I sell by mail carry the same conceptual flaw - in theory I could scam my customers - and a paper wallet where NOBODY has any possibility of scamming is going to be a higher quality paper wallet.  My customers knowing my IRL identity is a good control, but still, 1 person potentially having your keys is 1 person too many from the ideal.

Compare to BitAddress.org, which generates paper wallets, and arguably could carry out the same attack.  But BitAddress.org has been built in such a way that one can copy the .html file and run it from an offline computer.  In effect, the average joe has a solid way to audit that the paper wallet generator he is running offline isn't communicating secrets to a server, simply by observing that it still runs without his internet connection.  If a current or future build of the bootable LinuxCoin CD had a copy of BitAddress.org's generator pre-installed, it would be about the best way I can think of for someone to generate their paper wallet (assuming they didn't have to fight with installing printer drivers).

That's correct I can't access the private keys so I can't spend the coins.

There are about 30 people using the service currently and I've had some great people on this forum help me with issues. The main bulk of the JavaScript was built Stefan Thomas over at bitcoinjs.

In the next few days I'll be launching some testing bounties to help nail down any remaining issues.

In terms of usability there are still some things that don't flow as I'd like, I have some ideas for improvements.

It's for these reasons I built http:// strongcoin.com

We don't have a wallet.dat.

We create you keypairs in the browser, then encrypt the private key in the browser before storing it server side. Only you can decrypt the key as only you know the passphrase.

The only time you actually need access to your private key is when creating a payment. Again we decrypt the key browser side and create the transaction which we then send on to the bitcoin network.

So all the benefits of an e-wallet with a huge reduction in the risk.

Vibanko looks like an e-wallet service run by someone else, where you send your coins to someone else's address - therefore that could allow a scammer to steal and run away with ones BTC - I do not see a fundamental difference between the proven scam sites and Vibanko - I don't understand what makes it "reliable and trustworthy bitcoin wallet service" as it claims.

But yes, I agree that Bitcoin Consultancy should be capable re-writing the official Bitcoin client in PHP for ones use in private-on-line-e-wallet arrangement - that way the risk of entrusting some anonymous entity with your coins is eliminated.

Should you trust Bitcoin E-wallets?

http://janelondon.files.wordpress.com/2010/11/images.jpg?w=260&h=194

The Vibanko.com sourcecode is open:
https://gitorious.org/vibanko

I have a better idea

Why don't you find someone who is capable of re-writing the official Bitcoin client in PHP, with a small addition like built-in authentication having the password scrambled with one of your keys (256-bit PKI authentication). Make sure you trust him not to embed a trojan horse in the code though.

Then find a reputable and well established web-hosting service company and rent a single page php only account (<$10/year), where you run your PHP script Bitcoin client.

That way you can have your wallet in the cloud, accessible from any device you may have, regularly backed-up by the cloud service, but still keep it private and secure and sleep peacefully knowing that no stammer can steel your BTC.

For savings long term I'd go with the P-Wallet... paper wallet. Just as easy to use for receiving money and only a minor inconvenience for spending.  

Print a page of address/keys using bitaddress.org (offline from a livecd boot if you prefer) and send coin to addresses on your page. Maybe spread it over a few addresses so that you can redeem some portion independently of the total. Make copies and store in your safe/deposit box.

MtGox now lets you dump a key into your account and I expect in the future there will be more options for importing keys. Hopefully pywallet will someday support importing a key into an encrypted wallet, or even better the client itself.

Given that another exchange was hacked today, and the history of this occurring, I just can't see trusting money to unproven startups as a good idea.

Just curious why that post was cleared.

I think the guy that had 25,000 coins vanish from his compromised desktop might disagree... but I do cede to you that there are still structural problems with bitcoins that will take time to fix.

If it's the users fault, then you shouldn't be liable (such as them having an easy to guess username/pw combo).  But if your system is setup in such a way that someone is able to exploit a security hole and steal bitcoins because of it you should be liable.

There are some good guides out there that tell you how to setup a secure wallet on your computer, so I consider keeping my coins on my computer pretty safe.  A hacker is much more likely to go for one place where a lot of bitcoins are stored (such as an ewallet service).

I wouldn't use your desktop either for the same reason.   Because honestly "something we did"  can be widely interpreted as "allowed yourself to get hacked"  or even more likely "allowed someone to impersonate me and use my username and password and e-mail to steal my bitcoins"

Hence it was the users fault,  but I would be liable.

It's a topic that I don't think any single organization,  from US to Mt. Gox to Tradehill can fix,  including the end users desktop client..  who knows what malware is sending crap out...   you get the point.

I believe you answered the question "Are you FDIC insured?" and not the original question asked.  This seems like a red flag that if because of something you/your company did wrong and bitcoins were stolen you would not repay them.

I personally will not use an ewallet where my bitcoins are not guaranteed to be there.

Well I didn't mean to start a war here.  I didn't say every Bitcoin company is a scam.  And I didn't say I lost money with Mybitcoin.  My statement is still accurate.  Bitcoin holders have no legally enforceable property rights.  Don't confuse possession with property rights.  I have possession of my car, but if I don't make my payments the bank can take it away - because they have property rights.  So if any e-wallet or exchange holder wants to, they can walk away with everything and face no legal action.  It's in all the disclaimers.  I'm not saying they will, I'm saying they can - and that is a huge issue for Bitcoin.  We need property rights.  If I steal your computer, or hack into it and send all your coins to me, I can be prosecuted for computer theft or hacking, but not for the theft of the coins.  And you have no legal recourse to get those coins back.  Unfortunately we have to rely on government agencies to enforce any property rights.  I think the community and especially the large exchanges and e-wallets need to get more involved and pressure these agencies for rights.  A theft from from an exchange or e-wallet affects the owners as much as the customers, and each one is a huge blow the community at large.

And evoorhees, you are one of the most well spoken in libertarian philosophy I've seen on this forum. I would hope someone with your knowledge would understand the importance of property rights as related to Bitcoins success, and help move the community forward with this.  Bitcoin will not become widely accepted without property rights.

I would cheerfully use an online wallet for small amounts I expect to spend soon, but would prefer a paper wallet for keeping longer term amounts.

Now that MtGox has a paper wallet redeemer, there's no reason not to.

.

Of course not every company is a scam but the problem is if the wallet you chose turns out to be a scam it is little compensation to know there are other companies which aren't a scam.  

Also not everything starts as a scam.  IMHO MyBitCoin was started as a legitimate service at some point the greed and ease of theft was too much.  I mean with bitcoin it is too easy.  The "money" is under the wallet owners control.  They can simply walk away and it is theirs.

I wouldn't trust an online wallet.  Nothing against Flexcoin but are you a publicly registered company?  In DUNS?  Do you/your company have any assets?  If I needed to could I find you to file a lawsuit in civil court?  Are you willing to sign any contract or terms of service making you personally liable for any wallet funds stolen as a result of your negligence? Do you have sufficient assets to make such a contract worth anything?  Willing to make those assets public or post a bond so depositors have some reassurance of being repaid?

With the current state of bitcoin economy and operators essentially an online wallet is trust.  The user is handing irrevocable funds to another person backed up only by trust that they will do (and continue to do) the right thing.

The "real world equivalent" would be thinking it is a good idea to send large amounts of cash via mail to an anonymous entity not regulated by any government so they can keep your money safe and pay bills for you. Would you do that?  Maybe it isn't a scam but the risk is significant.  Yet somehow because it is bitcoin the exact same idea (except using even easier to steal & get away with it) is seen as legitimate.

Oh, i've read that SO many times in the market forum of EVE Online.

And everytime a new scam appeared. Not only that, but each time they scammed more and more money. And yet they are "yes but not everything is a scam", and people keep investing...erh...getting scammed.