Author

Topic: Easy offline transactions with standard client (Read 4226 times)

hero member
Activity: 602
Merit: 502
October 14, 2011, 04:55:06 AM
#15
Does this also work through the command line or is it only available at the webpage? This process can be automated which could be useful, for example, to allow one computer at a DMZ to send bitcoin transactions signed by another computer located inside a secure LAN. If the DMZ computer is compromised the private keys are still secure.
legendary
Activity: 905
Merit: 1012
This would be extraordinarily useful for high-value accounts, ones which store millions+ of USD worth of crypto-tokens. Something like that is simply too valuable to secure on any system connected to the internet.

My group is working on this for our own altchain client. In our application, the “master keys” to a bank or exchange's primary account will be printed off as QR codes, and stored in safety deposit boxes. Transactions to/from this account would use MULTISIG with 2-of-3 signatures required, and we'll have an offline machine in a secure location (safe requiring multiple keys to access) with attached scanner and printer. To do a transaction out, you need at least all the keys to the safe and two QR codes. The machine performs an offline transaction (using the scanner to input the keys), then prints that transaction as a QR code. Anyone can then take that QR code and use it on a machine connected to the internet to broadcast the transaction.

The master keys to the organization's accounts are never stored or processed on a computer connected to the internet, multiple people are required to be present making it harder for an insider job, and existing/familiar organizational security measures can be employed.
sr. member
Activity: 322
Merit: 251
FirstBits: 168Bc
I could imagine an offline computer generating transactions which could be displayed by QR code, printed, or exported to USB, and then injected into any old online client.

rant/ I've often been puzzled that bitcoin doesn't take the unix approach with many little utilities that do one thing and one thing well. I was hoping the node.js client would take that route. Why does the client need to confirm that it actually has the bitcoins before sending them? I realize false sends would 'spam' the network, but malicious users can and might do that anyway. /rant
legendary
Activity: 1176
Merit: 1280
May Bitcoin be touched by his Noodly Appendage
Just for the record, there is also a transaction export/import patch for bitcoin (GUI and CLI).
You have to compile bitcoind yourself, but after that, it is much easier to use IMHO.

https://bitcointalksearch.org/topic/is-there-an-importexport-transaction-patch-28278
Yes, and this is this patch that made me think about implementing it
The only problem I see is that it requires to build bitcoin and it's dependencies
When I tested to build bitcoin it was really a pain (Ubuntu), so I think building it without internet connection must be even more boring

Why not put it into the official distribution?  I think all you need to operate a completely offline wallet and make it easy would be an ability to export/import the latest blocks and to export/import transactions (on import, the client would just behave exactly as it would if it had received the transaction from the network).  For the blocks, if the export could just export the blocks downloaded since the last export, it would probably make it quicker to keep the offline wallet's blocks updated.
As blk00001 is just the entire blockchain concatenated I don't think it is simple to export/import blocks. It would be nice if someone does such a tool though, because it's really a good idea. Personally I'm too busy with pywallet
To import/export transactions, pywallet works fine, or maybe I didn't understand correctly what you was meaning
hero member
Activity: 868
Merit: 1008
Just for the record, there is also a transaction export/import patch for bitcoin (GUI and CLI).
You have to compile bitcoind yourself, but after that, it is much easier to use IMHO.

https://bitcointalksearch.org/topic/is-there-an-importexport-transaction-patch-28278
Yes, and this is this patch that made me think about implementing it
The only problem I see is that it requires to build bitcoin and it's dependencies
When I tested to build bitcoin it was really a pain (Ubuntu), so I think building it without internet connection must be even more boring

Why not put it into the official distribution?  I think all you need to operate a completely offline wallet and make it easy would be an ability to export/import the latest blocks and to export/import transactions (on import, the client would just behave exactly as it would if it had received the transaction from the network).  For the blocks, if the export could just export the blocks downloaded since the last export, it would probably make it quicker to keep the offline wallet's blocks updated.
legendary
Activity: 1176
Merit: 1280
May Bitcoin be touched by his Noodly Appendage
Just for the record, there is also a transaction export/import patch for bitcoin (GUI and CLI).
You have to compile bitcoind yourself, but after that, it is much easier to use IMHO.

https://bitcointalksearch.org/topic/is-there-an-importexport-transaction-patch-28278
Yes, and this is this patch that made me think about implementing it
The only problem I see is that it requires to build bitcoin and it's dependencies
When I tested to build bitcoin it was really a pain (Ubuntu), so I think building it without internet connection must be even more boring
member
Activity: 73
Merit: 10
Just for the record, there is also a transaction export/import patch for bitcoin (GUI and CLI).
You have to compile bitcoind yourself, but after that, it is much easier to use IMHO.

https://bitcointalksearch.org/topic/is-there-an-importexport-transaction-patch-28278
legendary
Activity: 1176
Merit: 1280
May Bitcoin be touched by his Noodly Appendage
Is it possible to write something with the following functionality?

Quote
Take as input:
  1) a private key (e.g. from a paper wallet, generated with vanity gen or similiar, which has received coins but has never been in a wallet)
  1a) the balance of the private key address (enter as parameter or query this from blockexplorer)
  2) a transaction amount
  3) a destination address
  4) a change address (e.g. new, unused paper wallet or vanity generated address, never stored in a wallet)

Write the transaction to send  the "transaction amount" from the "private key" to the "destination address" and send change to the "change address".

Broadcast this transaction (or input into new wallet and run bitcoin(d) to broadcast).

This would allow a secure transaction with only one computer that can be online, with secure addresses kept offline.

I'm not aware of how feasible this is to program. As I understand it, you method requires the bitcoin instance on Computer A to write the transaction data.
I would love to
After testing signing/verifying messages feature I just implemented, that will be my next task. Should take a lot of time though
hero member
Activity: 518
Merit: 500
Is it possible to write something with the following functionality?

Quote
Take as input:
  1) a private key (e.g. from a paper wallet, generated with vanity gen or similiar, which has received coins but has never been in a wallet)
  1a) the balance of the private key address (enter as parameter or query this from blockexplorer)
  2) a transaction amount
  3) a destination address
  4) a change address (e.g. new, unused paper wallet or vanity generated address, never stored in a wallet)

Write the transaction to send  the "transaction amount" from the "private key" to the "destination address" and send change to the "change address".

Broadcast this transaction (or input into new wallet and run bitcoin(d) to broadcast).

This would allow a secure transaction with only one computer that can be online, with secure addresses kept offline.

I'm not aware of how feasible this is to program. As I understand it, you method requires the bitcoin instance on Computer A to write the transaction data.
legendary
Activity: 1176
Merit: 1280
May Bitcoin be touched by his Noodly Appendage
Are wallet a and b completely different? I mean can a wallet now be never online and still do transactions?
Yes absolutely

But the offline wallet still needs to have a blockchain where it sees it can spends the amount of the tx
This doesn't need to be online, transfering the blk* files with a USB drive is enough
member
Activity: 224
Merit: 10
Are wallet a and b completely different? I mean can a wallet now be never online and still do transactions?
legendary
Activity: 1176
Merit: 1280
May Bitcoin be touched by his Noodly Appendage
This is great.

The tx_k and tx_v values, does anyone know how they are generated ?

I guess they are signed with the private key.
They are the data that the client wrote inside the wallet, so yes it must be signed

I'm not sure I'd call this EASY, but it certainly is workable. Not to mention it makes a starting point for actually making it easy.
Updated, one can now export tx's to a file and import the file, see 'short method'
I can't make it easier
sr. member
Activity: 262
Merit: 250
This is great.

The tx_k and tx_v values, does anyone know how they are generated ?

I guess they are signed with the private key.
hero member
Activity: 588
Merit: 500
I'm not sure I'd call this EASY, but it certainly is workable. Not to mention it makes a starting point for actually making it easy.
legendary
Activity: 1176
Merit: 1280
May Bitcoin be touched by his Noodly Appendage
It was something I wanted for me and I believe it can be useful for others
I just tested it and it works as expected

Here's the situation:
  • Computer A, with:
    • wallet located at /home/a/.bitcoin/wallet.dat
    • pywallet downloaded somewhere and running using './pywallet.py --web'

  • Computer B, with:
    • wallet located at c:\bitcoin\b\wallet.dat
    • pywallet downloaded somewhere and running using './pywallet.py --web'


A is offline and makes a transaction, B will broadcast it


Instructions:

Short method, exporting all tx's:
Backup your wallets
Close all Bitcoin instances

Everything has to be done on A until I said it's on B
  • Send your transaction
  • Go to http://localhost:8989
    Under the Dump transactions section:
    Type '/home/a/.bitcoin' and 'wallet.dat' in wallet directory and wallet filename
    Type the full path of the output file, e.g. on a USB drive
    Then click on the Dump button

From now, everything is made on B
  • Go to http://localhost:8989
    Under 'Import a transaction into your wallet' section:
    Write 'c:\bitcoin\b' and 'wallet.dat' in wallet directory and wallet filename
    Type 'file' in Txk
    And the path of the output file in Txv
    Click the Import button
  • This should return: (if not, let me know)
    Quote
    txk: file
    x transactions imported in c:\bitcoin\b\wallet.dat



Long method, exporting only one tx:
Backup your wallets
Close all Bitcoin instances

Everything has to be done on A until I said it's on B
  • Send your transaction: if you use bitcoind, you already have your txid, if you use GUI, remember the amount you sent
  • Go to http://localhost:8989
    Under the Dump section, enter '/home/a/.bitcoin' and 'wallet.dat' in wallet directory and wallet filename
    Then click on the Dump button
  • Using Ctrl-F, find either your txid or your amount (beware, there may be more than one transaction with that amount)
    Quote
           {
                "tx_id": "ae788fb76a935c5f3127bf5c7d860be4f90bae89782235ab55baf559a917404e",
                "tx_k": "0274784e4017a959f5ba55ab35227889ae0bf9e40b867d5cbf27315f5c936ab78f78ae",
                "tx_v": "0100000001d9f102cc434df41ef7[...]370656e74000001000000aa3a3f4e0100",
                "txin": [
                    {
                        ...
                    }
                ],
                "txout": [
                    {
                        ...
                    },
                    {
                        "scriptPubKey": "76a91425e8b5ed100729c5027a49643219e30a67356a3e88ac",
                        "value": 10.0
                    }
                ]
            },
  • Copy tx_k and tx_v values on a USB drive

From now, everything is made on B
  • Open the file with tx_k and tx_v
  • Go to http://localhost:8989
    Under 'Import a transaction into your wallet' section:
    Write 'c:\bitcoin\b' and 'wallet.dat' in wallet directory and wallet filename
    Paste tx_k in Txk
    And tx_v in Txv
    Click the Import button
  • This should return: (if not, let me know)
    Quote
    txk: tx_k
    1 transaction imported in c:\bitcoin\b\wallet.dat


Now, run bitcoin on B and it will broadcast the transaction made by A


Feel free to post comments/suggestions/etc
Jump to: