Topic: easy offline transactions - 1 BTC bounty (Read 6205 times)

I successfully used the version quoted below. Haven't tried in a while though.

You could always create a test offline address, with a tiny amount of BTC, then post a transaction from it here in case anyone will take a look at it. (I wouldn't know what to look for though).

Hello guys!

Congratulations for the development of that offline transaction implementation.

I was always worried about the "problem" with BTC's change.

Newbies are more than expected to commit that kind of mistake anytime.

Mea culpa: I've got to admit I lost a few LTC once (as a newbie then...) I was testing the "import privkey" feature in the official litecoin client in the past.

Suggestions: It would be nice if there were multiple Recipient Addresses forms in order to send transactions for more than just one BTC address.

And do not forget the "Transaction History" feature and the "Raw Transaction" generator as similiar to what's available at brainwallet.org.

Gonna follow this thread and count on this development.

Keep up the good work!

Cheers!

Has anyone successfully been able to use this? When submitting the TX to either http://blockchain.info/pushtx or https://coinb.in/send-raw-transaction.html it gets rejected. Anyone else have any luck?

what are the security implications exactly? Simply that the destination address could be altered, and then the user may overlook this when signing offline? or can other things be done by changing the blockchain data or other stuff?

Sorry, Emergenz claimed my 1BTC bounty in a private message and I donated him because I thought you left.

That was the transaction:
https://blockchain.info/es/tx/5017919fbebe0712a349e473c06018b1df87cdd2732e4f93db76cc3c5c431dc8

Yes, my ultimate goal is to get it where people can easily run *both* the online version and offline version locally, with no need to host the online version.  It's a little tricky because of the problems that exist making request to third-party websites from a locally-running javascript program.  Really, this is the only secure way to do it.  SSL for the online portion is nice but still requires the user trust the person serving the site.  Running both portions locally, on my online and offline computers, is the only way I'd consider using this project for a significant offline transaction.

Anyway, this third-party request issue is partially solveable using CORS headers, and blockchain.info has recently, and very kindly, implemented CORS headers for this type of use case.  Anyway, I worked on it some more last night but ran into some very serious issues with AngularJS (the JS framework I used) HTTP client implementation and CORS compatibility, so I've ended up using Jquery to call blockchain for unspent outputs and to push the signed transaction (which works fine).  Anyway, I still want to do some more work before I announce it ready, and although I won't get to anything tonight, I should be able to finish up this weekend.

This is cool thank you!

Hey, no worries. Good to see you may still work on it

Personally I risked using the prototype version above for my most pressing needs.

Thanks for your understanding and sorry for the inconvenience to anyone who has been waiting on this (i.e., xDan).  I'll be sure to check this thread on a regular basis now.

I'll post an announcement here tonight or tomorrow when it's ready for beta testing.

EDIT: Had to work late last night, hopefully will get to it today.

Good move - will wait for that - I think this is the right way to go and appreciate the effort (I actually wrote something similar but is much less user-friendly as it requires you to find the UTXO information manually).

After thinking about it some more, may I please ask everyone to please hold off on using any version of this?  I didn't realize anyone was still interested in it until a few hours ago.  However, it's got some bugs I want to iron out before anyone uses it.  I originally said to use my hosted version at https://bitcoin-secured.com since it was better than using an unencrypted version of the online part, but after thinking about it, I'd prefer people hold off on using it at all until after I do some additional testing tonight, when I'll have time to do so (can't shirk my work duties anymore right now).  You are of course free to do anything you want with the code, since it's MIT licensed, but I'd prefer people hold off until I can do some additional testing.

I'll make an announcement here when it's ready for beta use.

Sure - I'll wait for the updated version (as I'm watching this thread just be sure to post in it so I remember).

Python is technically not a dependency.  It's just what I used to serve it locally.  It's all static HTML, JS, and CSS, so you can run it from wherever you usually run such scripts.

Can you hold off for a day?  Or else update it tomorrow?  I'll be making some significant changes tonight, like better error handling, etc.

And again, I'll note that I have an SSL-encrypted version at https://bitcoin-secured.com that includes signed MD5 hashes of the offline code for download.

Okay - found the repository (https://github.com/esbullington/bitcoin-secured) - apart from Python any other dependencies?

Thanks for the offer!  The source is on github (I'm esbullington on github, the link is somewhere above), so please feel free to do so, but I do have it on https://bitcoin-secured.com which is SSL.  It's just down for a few minutes while I'm updating it.  So I'll have it back on an SSL-enabled site real soon.

Users who use the online portion of bitcoin-secured hosted by a third-party should make sure that

1)  It's SSL-encryped
2)  It's someone you trust

The best way to run the online portion is locally, simply by going to the `bitcoin-secured/online` directory and then running: python -m SimpleHTTPServer

The site will then be available at localhost:8000

Since blockchain.info is now using CORS, this should work, but I've not yet tested it (working as fast as I can to do so).

PS: Please note that I have signed MD5 hashes of the offline code that can be downloaded at: https://bitcoin-secured.com/#/download

If you have the source on say github then I will be happy to grab it and put it somewhere under https://ciyam.org.

Good news.  blockchain.info now supports CORS so I can connect directly to them while I'm finalizing my own local database of unspent ouputs for bitcoin-secured.  I'll try to push the new version out tonight.  Right now, the script relies on Yahoo to relay the request, which means that blockchain.info's API request limit is quickly reached if a lot of people use it.  This will solve that problem.

NOTICE: bitcoin-secured will be offline shortly will I update it to supports blockchain.info's CORS.  While it's down, please be aware that if you use a non-SSL link for the online version of this software, it's very vulnerable to someone swapping out your Bitcoin address for another.  Either use https://bitcoin-secured.com when it's back up or run it locally (on localhost).  Or wait for someone else to host it on an SSL-enabled URL.

Thanks, Polvos.  I appreciate it.  Which address did you send it to?  I see xDan's bounty but not any others.

The online version currently takes the unspent transactions from the blockchain.info API, although I'm testing my own local database of unspent outputs so that I'm not reliant on an external site for the unspent outcomes.  The problem with the local bitcoin-qt/bitcoind is that it doesn't track arbitrary Bitcoin addresses' unspent outcomes, only the addresses in the local wallet.  So you have to build an external db of those outputs.

Thanks, xDan.  I appreciate it.  Sorry for being offline for a while -- I didn't realize this was still being discussed.  I had an out-of-state family member in the ICU for a week, and then a family member's funeral about 1000 miles away.  So I've been out town for most of the past few weeks.

The reason I still hadn't announced the software was that I haven't had enough time to test it to the fullest extent.  But if people really want to use the implementation as is (early alpha), I'd recommend using this link I've put up for the online portion (if you decide not to run that locally).  It's the same as the copy posted above but it's over SSL:

https://bitcoin-secured.com

Since the link that emergenz posted is not SSL-encrypted, it could pose a big risk for these types of transactions.  Someone could easily swap out Bitcoin addresses of the non-SSL link using mitm.  The site I put up above is SSL-encryped.  If you're comfortable using alpha quality software, you can ignore the notice since this is the same implementation as emergenz posted (except he had removed my alpha software notice or used an earlier version).

Since there is interest, I'll try to test this some more and remove the alpha warning.  But please realize that this is all alpha quality software (including the copy of the program posted by emergenz), and I can make no guarantees.  Personally, I use and recommend Armory for offline signing of significant amounts at this point, although I may move to my implementation as my main offline signer after some additional work and testing.

EDIT: After thinking about it, I'd recommend that no one use any version of this software until I have some more time to look over it tonight (28 May 2013).  I'll post here tomorrow when it's ready.

It is taken from blockchain.info. Here is the relevant line from main1.js:


All you need to use the offline wallet is a bitcoin address and its private key, you don't need any additional software.

I have a question about the offlinewallet. Where does it take the unspent outputs information from, the local stored blockchain or some online server?

As promised, I sent a 1BTC transaction as a bounty reward for yor nice piece of work. I'm pleased to pay someone like you for the work done helping us, the noobies, to use Bitcoin in a safer way. Now we can send the newcomers to those directions when an offline secure transaction needs to be built. Thanks for your effort.

Yes, change is automatically sent back to the cold storage address.



I absolutely agree with that. Of course it's all open source from bitcoinJS, brainwallet and bitcoin-secured but there is no reason not to double-check. I have added the coinb.in link to the signtransaction.html.

Thanks. That does seem to work.

I sent w1R903 his 1 BTC as a test:
https://blockchain.info/tx/a0333dcedebe862471f427ee728c43d7368d62cf4456b4d9af9fc3cad9676855

Will test further...

Edit:

Anyone else testing this, you might want to use a service such as this:
https://coinb.in/decode-raw-transaction.html

...to validate the final transaction. (Before sending it via https://blockchain.info/pushtx )

It does not work offline for raw tx's as it cannot determine the inputs (you need a blockchain for that).

It also cannot calculate a correct fee.

Don't recommend using it anymore because of non-fee calculation and /pushtx being fucked up, but if you have to, download the source, not the website (the site could be easily hacked, redirected, recoded to steal your BTC). Source: https://github.com/brainwallet/brainwallet.github.com/archive/master.zip

Brainwallet is offline. You just save the complete webpage and copy it over to your offline machine. I noticed he's added multiple output addresses as well. The only thing it's lacking now is multiple input addresses and I don't know if it can calculate the proper fee.

OK, I haven't tried it yet but where do you enter the change address? Or does it just send the change back to the original address?

The first prototype of w1R903's bitcoin-secured seems to work fine. I tried to make it more straightforward to use.

Online part:
http://offlinewallet.appspot.com/

Offline part:
http://offlinewallet.appspot.com/signtransaction.zip

Brainwallet.org is good, it's not offline though, that was the problem for me.

w1R903's work done already is very good. Almost feature complete, except for the requesting of necessary block chain data. It requires relying on a remote server which seems to make this a harder problem to solve than I expected.

Maybe if someone else can fix w1R903's implementation to work (e.g. connecting to Electrum servers if that is possible!?) the bounty could be split 50-50? (Since, technically my bounty could be considered expired anyway since it's past april...)

(and it seems w1R903 has gone AWOL)

just a thought...

Brainwallet is really good:

http://brainwallet.org/#tx

But I'd like a more user friendly way of selecting unspent outputs for one or more adresses, and most important, a noob friendly way to prevent loosing the change as a transaction fee. I don't know how, maybe asking for the noob user to select a predefined change address before building transactions. It won't be a bad idea if we add some tutorial or help to guide people in what they are doing too. Even warning them about the dangers of forgetting the change address or not counting the BTC in Satoshis.

I can tell you that, even knowing how to use brainwallet, I'm always panicking about all the mistakes I can make and end up injecting my private key in blockchain.info and doing the transaction from there.

Isn't better a web page with javascript like the bitaddress example? You can use it online searching for unspent outputs in blockchain.info and use it  offline after that for signing the transaction with your private key. I'm not a coder, but those are my thoughts. I'm sorry to say this, but I used your python pywallet and I found it very noob unfriendly. At least, as a no coder I found very unpleasant learning how to install python in order to start using your software.

Wasn't that supposed to be a software?

Ok, let's get this done. I'll add 1BTC to the bounty for something noob friendly like bitaddress.com. When the page is ready, please send me a PM with a link to it and I will pay the bounty to the coder. We really need it.

OK, any updates? I'll add 0.5 btc to the bounty if it is able to do the following:

Create transactions from one or multiple inputs to one or multiple outputs (at least 20) and control where the change is sent. Also it needs to automatically calculate and include the correct fee (or at least prompt and give the option to include the correct fee).

This bounty is good til the end of May 2013. PM me if you complete it so I can pay, using the software of course.

Any update on this? Has not being able to rely on BlockChain.info caused a lot of problems?

(thought I'd test it and maybe try sending the 1 BTC, alpha quality or not, however the transaction data request did not seem to work.)

Shall I pester BlockChain.info and ask if they will support jsonp?

I did a little exploring with a test python script. I didn't get far with JS because I'm just not familiar with using sockets there and my brief trial just confused me. Seems like using a socket and tcp would bypass cross site limitations but I'm unsure. Electrum servers also support HTTP mode as well but I'm guessing there is cross site issues (maybe). The server API is very simple as seen below.

Anyway, I did have some success with the script below and it shows the bare bones (no error checking) steps to access an Electrum server and get trx details. It could have been very simple except the trx data is returned in a BCD stream and so you need to pull in some bitcoin stuff to decode it. I think this could be simplified.

Anyway, just for example purposes, this takes an address and dumps it's outputs available for making a transaction. Relatively few JSON calls gets what I presume is sufficient data, since Electrum appears to be able to sign and send with this info.
Example output,

I think so but haven't coded any tests. I don't think the server has any knowledge of the wallet. It just receives an address to get the history for. Electrum works with normal key/addresses as well as deterministic addresses so it should handle either. I have looked at the server source code to understand and check the code. I believe the API is quite simple but I'm not sure it's documented. It's been a while since I looked. My recollection is there is only 2 or 3 API calls and one of them is a history call that returns history for an address. The client uses this to update the wallet with the info needed to make transactions and show a balance.

I ran my own Electrum server for a few months. It's basically a slightly patched bitcoind with a thin layer on top for Electrum. It does take somewhat more disk space.

I'm quite curious about this so if you can wait a bit I'm going to go and see how it works.

Thanks for the tip -- I'm very interested in this possibility.  So I can query Electrum for the unspent outputs of an arbitrary address, not just the addresses in the wallet? Is this part of the Electrum API documented anywhere?  Again, I appreciate the information.

Is it possible to use the stratum protocol from JS to access any of the Electrum servers? Electrum servers can provide all the info needed for building trx. You can query irc dynamically to get a list of them and since there are quite few you have redundancy you couldn't get with your own or blockchain.info. I don't know if cross sites issues prevent this. You could run an Electrum server or proxy to one.

> I'm feeling more and more that the appropriate place to enter the destination address and transaction amount may be in the offline component.  Is convenience the main reason you want to enter the address and amount in the online component?

Yes, it was... it seems easier to copy + paste the destination address on the online machine. Also it seems conceptually simpler (at least to me) that all you are doing offline is the "signing". I could live with the other approach though.

Anyway, it's a great job you're doing, looks really nice too.

When you think it's ready enough, I'll send you the 1 BTC bounty using it


BkkCoins, the more options we have to do this the better, of course!

It looks like I may have to run my own node on a VPS earlier for queries to the blockchain for unspent outputs, and then to broadcast the signed tx.  I'm running into problems now with the cross-domain requests to blockchain.info, even through it was working before.  I suspect that since both brainwallet and I are using YQL to query the blockchain.info API, we might be running into some kind of API limits set by Ben.  I've put in a support request to blockchain.info about the issue, and also asked here on the forum.

While I could change the code to use blockchain explorer's API (they use a different format), I hesitate to do so since we could run into the same issue with them.  

Meanwhile, I've put up some UI improvements to the github repo.

EDIT: Having looked into the blockchain.info situation further, it's clear that we're being blocked.  This is probably because brainwallet and I are both using YQL (Yahoo) to access blockchain.info client-side (otherwise we run into cross-domain issues).  As such, to blockchain it looks like one requester, and so we're rate limited as soon as brainwallet is.  It's possible we're running into daily limits, since I had only run 2-3 requests today when it stopped working.  In any case, I'm concerned the same could happen with block explorer API, so I'm looking into hosting this API myself.  Unfortunately, I had forgot that bitcoind client does not catalog the unspent outputs of every address -- just those from the local wallet.dat -- so there is no rpc command to simply fetch the outputs for a given address. As such, I have to build up that database myself.  I've started on this today and will try to get it done in the next day or two.

Yes. I think ideally then it could create a new text page with only instructions and data which the user can Save As to the offline device. You would only enter the destination address on the offline computer at signing time.

The signing page could have a File Open button that allows selecting the input data file and a send-to address field. It could also have a paste button for those that like to copy+paste but I think users would find it easier to click Open and choose a file. Once loaded a nicely formatted summary would be presented before the user pastes in keys or click to Open a Key File (which could contain multiple keys) making it easy to sign the transaction.

I may still code this up for fun even though it sounds like the bounty is committed already.

As well as removing the wifi card I plugged both the LAN and modem sockets on an old notebook with "sawn off" mangled plugs.

Thanks for the tips.  Those types of UI additions are exactly what I'll be working on tomorrow.  However, this being a web-based project, there are limits to what kind of I/O monitoring I'll be able to do.  In any case, if you're dealing with large sums of btc, I'd really recommend disabling bluetooth and wifi altogether on your offline computer you use for signing, and keeping them off.  I physically removed the wifi receiver from my laptop that I turned into an offline transaction signer.

I'm using JSON as the format of the paste generated by the online page.  As such, the JSON.parse() function provides significant protection against what you are describing.  JSON.parse() was created specifically as a way to prevent execution of arbitrary code embedded in JSON and is available on all modern browsers.  Plus, as you specified, I have a confirmation modal popup on the offline app displaying the values as they will be inserted into the raw tx.

Nonetheless, after creating an initial working prototype, I'm feeling more and more that the appropriate place to enter the destination address and transaction amount may be in the offline component.  Is convenience the main reason you want to enter the address and amount in the online component?

I've gone ahead and pushed my initial version as a way to kind of pre-claim the bounty, but I'm not finished yet.  In fact, please don't use the app yet for any transactions, even though I've already used it to send btc on the blockchain [1].  It's not been fully tested.

I plan on doing a lot of work on the UI tomorrow, doing some testing, and also producing a GPG-signed release of the MD5 hashes.  In fact, I may throw significant energy into this project, including hosting the online portion with SSL, hosting my own full Bitcoin node for querying the blockchain and broadcasting tx's, instead of farming it out to blockchain.info (which as done now requires a third-party intermediary since it's a cross-domain request), and perhaps some other fun stuff, all while keeping it extremely simple to use.  I'll probably put up some tasteful ads on the hosted online app to try to recoup the development and hosting costs, but the all the code needed to conduct these transactions will be open source so no one will have to use my hosted version if they don't want to.

I'm open sourcing the code under MIT, and will continue to open source the offline secure signing app and online component as described in xDan's spec above.  If I do code up some of the stuff I mention above, I may keep some of the server-side code closed.  We'll see.  But all the security-critical code will be open-source.

I've used significant code from both Brainwallet and BitcoinJS, which are Public Domain and MIT-licensed respectively.  So a big thanks to those guys, it's incredibly cool that all this stuff is being done with JS.  I've also used AngularJS and a few other standard liberally-licensed JS libraries.

Anyway, once xDan and crazy_rabbit are satisfied, the bounty can go to: 1KpN5iePG1czLnBvJLzSQWXz9cerBWuBo2  As a said, it's not ready yet, I still need to pretty-up the UI and build these apps into single-page HTML files, and issue GPG-signed hashes of the code.

GitHub repo: https://github.com/esbullington/bitcoin-secured
Transaction on blockchain created using this app: https://blockchain.info/tx/6549d360e1493865bebe5b90649de8f0d068e109655a2b618fa6d1f7648d8892  As you can see, the change goes back to the sending address, as requested.  Do note that you give up some anonymity in exchange for this convenience, since all your transactions will be tied to a single address.

One final note: if you're interested in offline transactions and don't mind maintaining a full node with bitcoind or bitcoin-qt, I'd strongly recommend taking a look at Bitcoin Armory.  Etotheipi has done a really great job.  That said, I think there's room for a real lightweight implementation of this that doesn't require the blockchain, thus my interest in xDan's proposal.

What you do is heroic. Load it up with plenty of 'idiot lights' as displayed across my automobile dashboard. Road signs too: 'this computer is not offline!' 'you are about to access the big piggy!' Allow users to import 'skins' for all languages including all sorts of useful tips. 'usb detected' 'bluetooth request' detected... etc. So much work needs to be done, thanks for all you do.

I will add .3BTC to this bounty (valid till the end of april) myself. This is crazy hard to do currently and frustrating to no end. Indeed, not spending BTC is simply the safest way to handle btc.

EDIT: Should have a look at Slush's TREZOR project. It's a hardware bitcoin wallet that might be useful for something like this.

> Since the web page is verified the page it creates for moving offline should be trustworthy to the same level as one that you already have offline that you would paste data into.

You would have to re-verify it each time you use it though, if you think your online machine might be compromised in the future... if you keep it saved locally there is a running possibility of being compromised at a later date. I can imagine with the other approach this verification only needs doing once, so you only need care about being compromised the time at which you download + copy the "signtransaction.html" across to the offline machine. So the window of attack is smaller. (But still sadly present of course.)

>  I can imagine an infection that monitors clipboard data and when it sees transaction info it alters the destination address to it's own before the paste operation.

Well, you must visually confirm the destination address and other details on the offline system (as displayed by the "signtransaction.html"). This is an important part.

I assume after signing the transaction offline it is tied permanently to a particular amount and destination address and cannot be modified. (I hope that's correct, I'm no expert)

> A thought I had about doing it this way is that it allows using a LiveCD where absolutely nothing has been changed on the offline system. Otherwise you either need to build the offline image containing the special signing page, or copy it on after booting.

That is a very good point. Personally, I have a full (clean) linux system I use with hard drive, which I will use for signing.

My intention was that the html would be fully self-contained and downloadable to your local machine. So you could verify it with sha like bitaddress.org. It would still need info while online to build the transaction. Since the web page is verified the page it creates for moving offline should be trustworthy to the same level as one that you already have offline that you would paste data into.

I'm not sure you give anything up because copy/pasting data has it's vulnerabilities too. I can imagine an infection that monitors clipboard data and when it sees transaction info it alters the destination address to it's own before the paste operation.

I suppose it could create a new page with just data which you then Save As to your offline disk. Even then the user has to be knowledgeable enough to visually inspect the data for changes since an infected system could alter data through almost any method.

A thought I had about doing it this way is that it allows using a LiveCD where absolutely nothing has been changed on the offline system. Otherwise you either need to build the offline image containing the special signing page, or copy it on after booting.

BkkCoins,

creating a new web page implies you must trust the online machine, no? Otherwise it could inject something malicious? e.g. send the btc to an attacker's address.

(I know that scenario is unlikely, but I'd still like to see something both user friendly and highly secure. The people who need this - people who are using offline wallets created on air gapped machines - obviously are very paranoid about security.)

with my method, the offline page would verify the transaction data. (We assume here the offline page can then be tested well by the community, perhaps even analysed and signed by some experienced and trusted member, and so trusted to correctly verify transactions.)

I guess the create a new web page approach can be trusted, but still you have to continue trusting it not to be corrupted at a later date (every time you create a transaction you may have some fear that it will have been compromised and behave differently this time). Whereas with the entirely offline approach you only have to apply trust once.

(I agree your approach might be more user friendly though)

...

hmm, now I'm wondering if some bug/flaw could be found in the offline web browser, triggered by something injected into the transaction data... I wonder if there exists a truly 100% perfectly secure approach? If only the block chain data wasn't required. (You see how paranoid I am )

...

There is also already an excellent and fairly easy to use page for anyone who is happy to do this online: http://brainwallet.org/#tx

Although far from easy to use http://ciyam.org/rawtx_helper.html may be of some help to those who are putting this together (welcome to any of the .js if it useful).

I would tackle this slightly differently.

The main html page should have a place to paste in addresses and these immediately are updated with current balances (outputs summed). ie. it acts like a wallet page. The user can select any of these (or none if they don't care to select inputs) and then enters in an amount, fee and destination address. The last thing is a "Create" button.

This button doesn't create a block of info - it creates a new web page that contains the JS signing code, transaction summary (tech details exposed by click maybe for those interested), an area to paste in keys (either normal or deterministic seed are possible) and instructions/choices. And a "Send" button. Maybe it has a list of input addresses that get checked off as you paste each key.

Those who want to complete online can paste their keys and click "Send". Those who want to complete offline can use File,Save As to save it to a usb stick or hard disk. They would then reboot on LiveCD, or xfer usb stick to secure computer.

They open the "Send" page and paste in their keys, and click "Send". Again this creates a new web page with the final signed transaction embedded and JS code for sending. They either go online and click "Send" or File, Save As to a usb again for transport back to online computer. They open and click "Send".

This approach is easier for users than copy/pasting raw data since they're going to have to paste into a file for saving anyway in order to get it to the offline system.

I could code this but I'm not sure 1 btc is enough to do it. Maybe if I put advertising into the page and hosted it I could recoup the development effort. Anyway, I put this out there to see if people like the methodology. I think it's more friendly for non-techies as each step is explained right on the pages as you go.

I even happen to own a domain that could work for this: paperwallet.info

Easy peasy ->

Make a normal transaction in a online insecure seedless wallet.
Grab the tx file and use the buttons shown in the image above ^ to sign the tx in the offline wallet.
Done!



edit: sorry for the screenshot in Spanish, but I'm not gonna upload the image again, I'm using my 3G plan

Great! I look forward to it

btcven, the idea here is for something far simpler and more newbie friendly than that.

Electrum -> https://github.com/spesmilo/electrum/blob/master/docs/offline_wallets

Out of curiosity, I started playing around with this to see how it would be done, and I've ended up finishing most of Part 1.  I'll see if I can finish up Part 1 and do Part 2 this weekend and release them both on Monday.  It's a good idea.

 I'll try to see what I can do with JavaScript but I'm already working on 3 projects so I'm not sure I'll find some time

> Anyway, the next release of pywallet (which should comply with your 5 needs, if not, tell me) is planned on this week-end and will have transactions management

That's really great if you are doing that.

(Though, for this particular bounty, I would like something precisely as I described using HTML/Javascript.)

Yeah I missed the noob-friendly part
Anyway, the next release of pywallet (which should comply with your 5 needs, if not, tell me) is planned on this week-end and will have transactions management. That would not be tough to make what you ask possible
I don't know if other software already does it though

Yeah. And they are all - to quote a certain Onion news video - ass backwards as f*ck.

(No offense, I'm joking just a little there. But there is nothing that hits my measure of being easy to use.)

Just as an example: I stumbled across some reddit article the other day about some guy who lost a ton of BTC by trying to redeem his private key in some Linux live CD with some client that sent change to a new address that was lost when he shut down the machine (he didn't know about change addresses and assumed all BTC would remain on his original private key).

People have lost big money because of how tricky this is! And they will continue to do so.

Something like the solution described here, if widely popularised, would have saved that guys neck.

I want a solution that:

- doesn't rely on the block chain being stored locally, even on the online machine (Armory out)
- doesn't rely on anything other than bare private keys (no wallet generation seeds or anything specific to one client. It should be able to redeem BTC from bitaddress.org printed private keys, a lot of people use that service)
- doesn't rely on any command line stuff
- uses tech that runs on any computer
- guides you through every step along the way in a logical manner (creating a transaction then signing it offline is logical to a noob. Grubbing around to find blockchain data to copy paste across is not logical to a noob.)

offlineTransaction.html comes very close, however still is a bit over complicated (relying on copy pasting blockchain output, which is very confusing unless you understand bitcoin and "inputs" and "outputs" deeply, as I still don't really). And also it relies on typing out the source/destination btc addresses on the offline machine; I think it's far more user friendly for this to be done on the online machine and then simply verified on the offline machine.) Aaaand it was giving me Javascript errors the last time I tried it.

I found this a great chore even being fairly technically literate, I can only imagine what someone less literate would feel.

Of course if there exists something precisely as I described do tell.

There are already some ways to do this, I know that pywallet does and I assume Armory too

Hello, I'd like to propose a project idea for the simplest possible way to perform offline transactions from a single cold storage WIF private key (such as is gotten from bitaddress.org). The idea is to securely redeem a small part of some larger BTC balance, while leaving the majority where it is in cold storage.

I'll put a bounty of 1 BTC, valid for the rest of April. If you think this is a good idea, please chip in too.

I'm not really sure the exact work involved, but since there are open source projects already that do large parts of this, it hopefully wouldn't be too much. e.g.:

- brainwallet.org ( https://github.com/brainwallet/brainwallet.github.com )
- offlineTransaction.html ( https://bitcointalksearch.org/topic/getting-unspent-outs-for-arbitrary-addresses-from-blockexplorer-bounty-20btc-50797 )

What I envisiage is the follows: Two HTML/Javascript pages, one for creating the transaction online in an insecure environment, and one for signing the transaction offline in a highly secure environment.


** Part 1. The online, insecure, part. ("createtransaction.html")

On this page are fields for the source cold storage bitcoin address, the destination payment address, amount to be sent, and transaction fee. After filling in these fields you select "Create transaction" and some resulting transaction data appears as text that can be copied and pasted. As part of this process a cross domain query is required (see brainwallet.org code for reference) to get whatever outputs data is necessary from blockexplorer.com. This should happen automatically and transparently to the user when they click "create transaction".


** Part 2. The offline, secure part. ("signtransaction.html")

On this page, you paste the generated transaction data from part 1 into a text box. After doing this, the source and destination bitcoin addresses and the BTC amount and transaction fee are shown to the user for verification (in case anything malicious happened at part 1). It should be assumed that part (1) is malicious, so the verification details shown to the user must be based on calculating what will actually occur from the given transaction data. The user can then enter their cold storage private key into a text field and click "Sign transaction" and the signed raw transaction data is created, suitable for then transferring to an online system and submitting via https://blockchain.info/pushtx


Other notes:

- change should be returned to the original cold storage address.
- the emphasis here is to create something foolproof and extremely simple - hence not even requiring the user to copy/paste data from blockexplorer.
- no fancy CSS necessary.