Topic: easy offline transactions - 1 BTC bounty - page 4. (Read 6189 times)

Yeah. And they are all - to quote a certain Onion news video - ass backwards as f*ck.

(No offense, I'm joking just a little there. But there is nothing that hits my measure of being easy to use.)

Just as an example: I stumbled across some reddit article the other day about some guy who lost a ton of BTC by trying to redeem his private key in some Linux live CD with some client that sent change to a new address that was lost when he shut down the machine (he didn't know about change addresses and assumed all BTC would remain on his original private key).

People have lost big money because of how tricky this is! And they will continue to do so.

Something like the solution described here, if widely popularised, would have saved that guys neck.

I want a solution that:

- doesn't rely on the block chain being stored locally, even on the online machine (Armory out)
- doesn't rely on anything other than bare private keys (no wallet generation seeds or anything specific to one client. It should be able to redeem BTC from bitaddress.org printed private keys, a lot of people use that service)
- doesn't rely on any command line stuff
- uses tech that runs on any computer
- guides you through every step along the way in a logical manner (creating a transaction then signing it offline is logical to a noob. Grubbing around to find blockchain data to copy paste across is not logical to a noob.)

offlineTransaction.html comes very close, however still is a bit over complicated (relying on copy pasting blockchain output, which is very confusing unless you understand bitcoin and "inputs" and "outputs" deeply, as I still don't really). And also it relies on typing out the source/destination btc addresses on the offline machine; I think it's far more user friendly for this to be done on the online machine and then simply verified on the offline machine.) Aaaand it was giving me Javascript errors the last time I tried it.

I found this a great chore even being fairly technically literate, I can only imagine what someone less literate would feel.

Of course if there exists something precisely as I described do tell.

There are already some ways to do this, I know that pywallet does and I assume Armory too

Hello, I'd like to propose a project idea for the simplest possible way to perform offline transactions from a single cold storage WIF private key (such as is gotten from bitaddress.org). The idea is to securely redeem a small part of some larger BTC balance, while leaving the majority where it is in cold storage.

I'll put a bounty of 1 BTC, valid for the rest of April. If you think this is a good idea, please chip in too.

I'm not really sure the exact work involved, but since there are open source projects already that do large parts of this, it hopefully wouldn't be too much. e.g.:

- brainwallet.org ( https://github.com/brainwallet/brainwallet.github.com )
- offlineTransaction.html ( https://bitcointalksearch.org/topic/getting-unspent-outs-for-arbitrary-addresses-from-blockexplorer-bounty-20btc-50797 )

What I envisiage is the follows: Two HTML/Javascript pages, one for creating the transaction online in an insecure environment, and one for signing the transaction offline in a highly secure environment.


** Part 1. The online, insecure, part. ("createtransaction.html")

On this page are fields for the source cold storage bitcoin address, the destination payment address, amount to be sent, and transaction fee. After filling in these fields you select "Create transaction" and some resulting transaction data appears as text that can be copied and pasted. As part of this process a cross domain query is required (see brainwallet.org code for reference) to get whatever outputs data is necessary from blockexplorer.com. This should happen automatically and transparently to the user when they click "create transaction".


** Part 2. The offline, secure part. ("signtransaction.html")

On this page, you paste the generated transaction data from part 1 into a text box. After doing this, the source and destination bitcoin addresses and the BTC amount and transaction fee are shown to the user for verification (in case anything malicious happened at part 1). It should be assumed that part (1) is malicious, so the verification details shown to the user must be based on calculating what will actually occur from the given transaction data. The user can then enter their cold storage private key into a text field and click "Sign transaction" and the signed raw transaction data is created, suitable for then transferring to an online system and submitting via https://blockchain.info/pushtx


Other notes:

- change should be returned to the original cold storage address.
- the emphasis here is to create something foolproof and extremely simple - hence not even requiring the user to copy/paste data from blockexplorer.
- no fancy CSS necessary.