[Feat Request] - Solution for Lost Wallet Passphrase

etotheipi

legendary

Activity: 1428

Merit: 1093

Core Armory Developer

Quote from: grau on July 11, 2013, 12:14:14 PM

Quote from: etotheipi on July 11, 2013, 09:17:35 AM

Use Armory. Print a paper backup. Keep it in a safe place.

Armory never reuses addresses. All change always goes to the next address in your infinite list of addresses backed up by your paper backup. It's the "right way", as evidenced by the fact that BIP 32 is basically an extension of that that will eventually used in Bitcoin-Qt and other alt clients.

Are serialized BIP32 keys interoperable with Armory? If not yet, is it planned?

I am about 70% done with the new wallet format that will accommodate all sorts of new stuff, including BIP 32. I plan to standardize the wallet operations to BIP 32 as closely as possible, for interoperability. But I got distracted by some the RAM issues and am working on that right now. As soon as I'm done, I'll be upgrading the wallets.

grau

hero member

Activity: 836

Merit: 1030

bits of proof

Quote from: etotheipi on July 11, 2013, 09:17:35 AM

Use Armory. Print a paper backup. Keep it in a safe place.

Armory never reuses addresses. All change always goes to the next address in your infinite list of addresses backed up by your paper backup. It's the "right way", as evidenced by the fact that BIP 32 is basically an extension of that that will eventually used in Bitcoin-Qt and other alt clients.

Are serialized BIP32 keys interoperable with Armory? If not yet, is it planned?

gmaxwell

staff

Activity: 4284

Merit: 8808

Quote from: AliceWonder on July 11, 2013, 03:25:29 AM

Since I joined this forum, I've seen more than one thread where someone forgot their passphrase to their encrypted wallet and wanted help cracking it.
What if as an option, a user could enter the address of, say, a paper wallet beforehand.

In that case: Just write the passphrase down. It has the same security exposure to as your paper wallet backup, but its simpler and involves less things to get wrong.

etotheipi

legendary

Activity: 1428

Merit: 1093

Core Armory Developer

Use Armory. Print a paper backup. Keep it in a safe place.

Armory never reuses addresses. All change always goes to the next address in your infinite list of addresses backed up by your paper backup. It's the "right way", as evidenced by the fact that BIP 32 is basically an extension of that that will eventually used in Bitcoin-Qt and other alt clients.

jl2012

legendary

Activity: 1792

Merit: 1111

Quote from: AliceWonder on July 11, 2013, 05:03:34 AM

One of the problems I have with the alt clients, I don't know if Armory does this, but it seems that many of them use the same address for change every time.

That's a problem because if someone is able to identify any address with me, it then is possible for them to figure out what address was used as change when the input for that address was spent. And if the change address is the same every time, it's game over, they now can identify all kinds of addresses I sent money to and sent money from.

That's the primary reason I'm sticking with bitcoin-qt. It uses fresh change address each time change is needed.

Armory does not reuse address by default

TierNolan

legendary

Activity: 1232

Merit: 1094

Quote from: AliceWonder on July 11, 2013, 05:03:34 AM

One of the problems I have with the alt clients, I don't know if Armory does this, but it seems that many of them use the same address for change every time.

I don't know what Armory does, but I would be surprised if it re-uses addresses. The whole point of the system is that you can easily generate new addresses.

If that is your only concern, then you should just ask in the Armory forum.

I think deterministic wallets are being considered for the main-client, but I don't know what the timeline is.

With Armory, the root key consists of 2 parts, the private key and the chaincode.

If someone obtains your chaincode, they can generate the public key (but not the private key) for all your transactions.

For full privacy, you need to protect both.

However, a merchant would have to put their chaincode on the customer facing server, or it wouldn't be able to generate new public keys. However, the private root key should be kept on a different/more secure server.

AliceWonder

full member

Activity: 168

Merit: 100

One of the problems I have with the alt clients, I don't know if Armory does this, but it seems that many of them use the same address for change every time.

That's a problem because if someone is able to identify any address with me, it then is possible for them to figure out what address was used as change when the input for that address was spent. And if the change address is the same every time, it's game over, they now can identify all kinds of addresses I sent money to and sent money from.

That's the primary reason I'm sticking with bitcoin-qt. It uses fresh change address each time change is needed.

TierNolan

legendary

Activity: 1232

Merit: 1094

Quote from: AliceWonder on July 11, 2013, 03:25:29 AM

Since I joined this forum, I've seen more than one thread where someone forgot their passphrase to their encrypted wallet and wanted help cracking it.

What if as an option, a user could enter the address of, say, a paper wallet beforehand.

This is pretty much what Armory does. However, it doesn't need to actually generate the transaction.

You have 1 root key and all public and private keys can be generated from that. You can then print that key to a sheet of paper and keep it somewhere safe.

If you give the software your root key, then it can scan the chain and find all coins that are yours (and send them to an address).

Quote

Then whenever the user enters the passphrase to decrypt the wallet, a transaction is created and signed but not sent - that would send all inputs to that address. This transaction is then stored in the data directory.

This would have to be one transaction per coin output. Effectively, when a coin is received, a tx is created to send it to some other fixed address.

You still need to secure that other address though.

So, you don't get much benefit over a deterministic wallet.

AliceWonder

full member

Activity: 168

Merit: 100

Since I joined this forum, I've seen more than one thread where someone forgot their passphrase to their encrypted wallet and wanted help cracking it.

What if as an option, a user could enter the address of, say, a paper wallet beforehand.

Then whenever the user enters the passphrase to decrypt the wallet, a transaction is created and signed but not sent - that would send all inputs to that address. This transaction is then stored in the data directory.

In the event that the user can not recall their passphrase, that transaction could then be sent so at least the user has not lost all their coins.

Obviously it would not be able to include inputs created after the last time the user decrypted the wallet.dat but it could include all inputs that could be spent the last time wallet.dat was decrypted.

It might soften the financial blow to some people when they forget their passphrase.

Speaking as someone who sometimes has memory problems due to head injuries, I think it would be a welcome addition, and might even convince me to not keep my passphrase on a piece of paper in my desk drawer (There are days I can not even remember my own phone number).

Topic: [Feat Request] - Solution for Lost Wallet Passphrase (Read 1105 times)