Topic: Gocoin - totally different bitcoin client with deterministic cold wallet - page 7. (Read 38500 times)
May 08, 2014, 10:05:32 PM
Is it possible to spend an unconfirmed transaction?
April 21, 2014, 04:22:50 AM
If anyone is interested in my original implementation of a bitcoin client, feel invited to try Gocoin.
You can find the official webpage of the project at: http://www.assets-otc.com/gocoin/ - there is the User Manual and a lot of other info.
The source code is available at GitHub: https://github.com/piotrnar/gocoin
There is also a wiki article: https://en.bitcoin.it/wiki/Gocoin (feel welcome to contribute to it)
I provide no binaries, but building the client using Go compiler is quite an easy operation and unlike other bitcoin clients this one builds in a second. Just follow the instructions from README.md
General info
Client (the online bitcoin node)
Wallet (secure your money offline)
very nice conception
I will in it
You can find the official webpage of the project at: http://www.assets-otc.com/gocoin/ - there is the User Manual and a lot of other info.
The source code is available at GitHub: https://github.com/piotrnar/gocoin
There is also a wiki article: https://en.bitcoin.it/wiki/Gocoin (feel welcome to contribute to it)
I provide no binaries, but building the client using Go compiler is quite an easy operation and unlike other bitcoin clients this one builds in a second. Just follow the instructions from README.md
General info
- The solution is fully functional, but I like working on it, so please keep in mind that the HEAD is a work in progress and will probably always be. The source code gets tagged regularly, so if anything does not work for you with the latest version, try the previous tag. The database format is not supposed to change.
- For me it is far more convenient solution than a cold wallet based on satoshi client, because gocoin's wallet does not need a full copy of the blockchain in order to spend its coins.
- It also works with testnet, so you would probably prefer to start your gocoin adventure from it (use "-t" switch at the command line, for both client and wallet).
- You do not need the client in order to use the wallet. You can use use FetchBal tool to fetch the balance of the addresses you own (read more here).
Client (the online bitcoin node)
- It is a console application, like bitcoind, but it does not have an RPC interface. Instead it provides a text command interface (TextUI) and a web interface (WebUI) by default available at http://localhost:8833/.
- The blocks on your disk are compressed, which saves about 30% of space.
- If you have an existing Bitcoin database in the default folder, it is able to import the blocks from it at the first start. To do it later, delete gocoin folder from your bitcoin's data folder. You can also have a look at the importblocks tool.
- TextUI provides defrag command, that purges orphaned blocks from the database.
- Make sure your PC's clock is set more or less accurately (few minutes difference should be fine).
Wallet (secure your money offline)
- It is a separate app meant to be used as a deterministic cold wallet (on an offline PC), though if you don't mind the risks nothing can stop you from using it on the online PC.
- It has very little system requirements and should even work on platforms like Raspberry Pi.
- The wallet's security does not rely on any random number source.
- It is console only and does not have any user interface. Any operations on the wallet are driven by command line switches, plus you can put some defaults in a config file.
- The wallet's private key pool is based on a seed-password, so as long as you remember it you don't need any backups (some people call it a brain-wallet).
- Since the seed-password is basically a straight forward private key of your coins, make sure that it is complex enough and that nobody is able to peek at it.
- By default the wallet works with 50 deterministic addresses. If you need more, set keycnt parameter in wallet.cfg to the number you need.
- In addition to the deterministic key pool, you can import private keys generated elsewhere (they need to be in the base58 format).
- It supports Type-2 deterministic mode, that allows you to calculate further public keys without having an access to the seed password (see the tool type2determ).
- From version 0.9.3 it supports multisig addresses
very nice conception
I will in it
April 13, 2014, 03:37:51 PM
Another monthly update on the development.
The previous one was on 0.9.3 - now 0.9.7 is about to be released.
Among the changes there isn't really anything big, rather gadgets though a few useful ones, so I think I will just quote the change log:
Actually looking for the JSON files in "wallet/multisig" (added in 0.9.4) is a good stuff - quite convenient way of preparing multisig transactions for spending.
If I'd only used it myself...
But if you are into multisig, have a look at this - you won't regret, I promise.
From other things, there is an updated User Manual, which I have spent some time on today. I described the WebUI and the client's config file. I believe it covers now the most important things on how to use gocoin, but I am open for any suggestions. I mean, it's kind of hard to write a manual for something that you know everything about, because you built it. So if you had any questions that it doesn't cover, or some feedback about parts that are not clear, I'd be happy to address it.
Also, apparently somebody reads this topic, because even though I wasn't asking for it the mods gave me back my Gocoin article on our wiki.
So if you'd like to contribute into that article, feel free. Just don't delete it to replace it with your ads, please - this time I already know where to go
The previous one was on 0.9.3 - now 0.9.7 is about to be released.
Among the changes there isn't really anything big, rather gadgets though a few useful ones, so I think I will just quote the change log:
Code:
0.9.7
* Wallets tab of WebUI has an option to move an empty address to UNUSED wallet
* A user can quickly switch wallet being at any tab of the WebUI, as well as to reload it
* SendTx tab of WebUI refreshed Address Book using Ajax and addrs.xml
* Fixes and additional test cases around parsing of alert messages
* Added unit tests for "sighash.json" from the satoshi's repo and some more unit test rework
* A link to the user manual (served at google sites) in the header of each WebUI page
0.9.6 - 2014-04-02
* Client has a hammering protection (bans peers that keep trying to reconnect)
* Miners tab of WebUI does not show crap anymore is the chain isn't up do date.
* MakeTx tab of WebUI calculates estimated transaction size after signed (assumes compressed keys)
* Downloader can work with testnet and got a fix around an empty peers db after the headers stage
* New function "tools/utils/fetchtx.go", to download raw tx data from other websites
* If neccessary, FetchBal and FetchTx try several websites to fetch a raw transaction data
0.9.5 - 2014-03-24
* "MakeTx" tab of WebUI automatically recalculates the payment values to mBTC (for verification)
* The downloader does not have a default seed node anymore (you need to find one by youself)
* Do not block connections from 129.132.230.70-100 anymore
* Some changes in wallet's decode transaction functionality to better deal with non stardard txs
* "wallet -d" ignores spaces, tabs and EOLs in the hexdump of the transaction
0.9.4 - 2014-03-20
* The default "FeePerByte" changed from 10 to 1 (like they have done it in the reference client)
* The "-d" option of the wallet can now proparly decode coinbase transactions
* The client can work with multisig address description JSON files (place them in "wallet/multisig")
* Having the files in "wallet/multisig", MakeTx tab of client's WebUI can now create "multi2sign.txt"
... for the wallet, even properly mixing inputs from different addresses and address types.
* For multisig payments, "payment.zip" from the client contains "multi2sign.txt" and "multi_pay_cmd"
* The wallet can now deal with mixed (multisig and regular) inputs
Actually looking for the JSON files in "wallet/multisig" (added in 0.9.4) is a good stuff - quite convenient way of preparing multisig transactions for spending.
If I'd only used it myself...
But if you are into multisig, have a look at this - you won't regret, I promise.From other things, there is an updated User Manual, which I have spent some time on today. I described the WebUI and the client's config file. I believe it covers now the most important things on how to use gocoin, but I am open for any suggestions. I mean, it's kind of hard to write a manual for something that you know everything about, because you built it. So if you had any questions that it doesn't cover, or some feedback about parts that are not clear, I'd be happy to address it.
Also, apparently somebody reads this topic, because even though I wasn't asking for it the mods gave me back my Gocoin article on our wiki.
So if you'd like to contribute into that article, feel free. Just don't delete it to replace it with your ads, please - this time I already know where to go
April 10, 2014, 11:53:21 AM
In case if anyone had wondered:
No - Gocoin isn't anyhow vulnerable to the heartbleed attack.
But mark my words: expect more of openssl shit hitting the fan in a future.
And in the meantime: better watch your money - Gocoin can help you with this.
No - Gocoin isn't anyhow vulnerable to the heartbleed attack.
But mark my words: expect more of openssl shit hitting the fan in a future.
And in the meantime: better watch your money - Gocoin can help you with this.
March 30, 2014, 03:55:04 AM
So my implementation has not much to do with bitcoind, but instead it is focused on fulfilling my own personal needs, which might (by a chance) be similar with your needs
What do you mean ?
I said it below, in the same post: a possibility (though back then rather a limitation:)) to disable relying transactions, convenient cold wallets, network bandwidth usage limit.What do you mean ?
On top of that I can add: quickly switching between wallets, coin control (when bitcoind didn't have it back then), web interface (so I can operate/monitor my node via network), tuning to fastest peers (by periodically dropping the slowest one), mining pool stats... the list is long; whatever feature I found useful or even interesting during the last year - it's there.
For me as a developer it is also very important to be able to quickly rebuild a software for trying any change - bitcoind is a nightmare when it comes to that. Go is just so much more convenient and its code much smaller and readable than C++, though still performing quite similar.
March 29, 2014, 05:53:40 PM
Meaningful commit messages would be great!
March 26, 2014, 05:57:25 AM
This is great - well done!
March 23, 2014, 06:11:27 PM
It's a great piece of software. I'm using it for my own bitcoin wallet.
March 23, 2014, 12:54:14 PM
I think the most important thing for me, is an easy to use cold storage wallet - deterministic, based on a seed password.
It does not require me to do any backups, not even to store the actual password anywhere, except in my own brain.
Of course, for convenience and additional security (to access the cold wallet less often), I also use a wallet containing some small amounts on the online machine - obviously with a different seed password, but also not requiring any backups.
The client node can switch between my different wallets, in a fraction of a second. So I can easily choose any of them, use the web GUI to make an unsigned transaction - and then just execute the wallet app (on any PC I want; hot or cold) to sign it, simply by typing in the seed password which I keep stored only in my head.
Let's face it: it's the best security there is and none of the existing commercial hardware wallets comes even close to it.
And the recent versions also support a relatively easy to use multisig signing - which makes the security aspects even more crazy.
Personally I have not used it yet, didn't find a need for it, but I did test it, FWIW, so it should work.
It does not require me to do any backups, not even to store the actual password anywhere, except in my own brain.
Of course, for convenience and additional security (to access the cold wallet less often), I also use a wallet containing some small amounts on the online machine - obviously with a different seed password, but also not requiring any backups.
The client node can switch between my different wallets, in a fraction of a second. So I can easily choose any of them, use the web GUI to make an unsigned transaction - and then just execute the wallet app (on any PC I want; hot or cold) to sign it, simply by typing in the seed password which I keep stored only in my head.
Let's face it: it's the best security there is and none of the existing commercial hardware wallets comes even close to it.
And the recent versions also support a relatively easy to use multisig signing - which makes the security aspects even more crazy.
Personally I have not used it yet, didn't find a need for it, but I did test it, FWIW, so it should work.
March 23, 2014, 12:47:47 PM
Is it really so good? What's the main advantage that made you to begin to use it?
March 23, 2014, 04:29:30 AM
Can you imagine that some asshole removed my entire article from the wiki, just to put an ad of his corporation in its place?
https://en.bitcoin.it/w/index.php?title=Gocoin&action=historysubmit&diff=43684&oldid=41856
We empower merchants... - WTF? What kind of article is this?
Vandalism and spam - that's all I know they empower for sure.
Anyway, I'm not going to argue with idiots, so I just recovered the content from the history and put it at a different name.
https://en.bitcoin.it/wiki/Gocoin_bitcoin_software
EDIT (2014-Apr-12):
I did not ask for it, but apparently people read my posts and someone decided that I should get the original location back:
https://bitcointalksearch.org/topic/stance-on-vandalism-560755
Anyway, thanks, whoever you were
https://en.bitcoin.it/w/index.php?title=Gocoin&action=historysubmit&diff=43684&oldid=41856
We empower merchants... - WTF? What kind of article is this?
Vandalism and spam - that's all I know they empower for sure.
Anyway, I'm not going to argue with idiots, so I just recovered the content from the history and put it at a different name.
https://en.bitcoin.it/wiki/Gocoin_bitcoin_software
EDIT (2014-Apr-12):
I did not ask for it, but apparently people read my posts and someone decided that I should get the original location back:
https://bitcointalksearch.org/topic/stance-on-vandalism-560755
Anyway, thanks, whoever you were
March 17, 2014, 01:14:06 PM
Haven't really looked at the other project.
From the description I read that it's basically bitcioind rewritten into Go - so that's at least the first difference, because Gocoin's architecture is quite different from bitcoind, especially at the "blockchain parser/db <=== online node ===> wallet" interface.
Yes, it's been a year since I started it, so you may say that it was one man-year work, though I wasn't working on any schedule, rather for fun, education and a personal necessity.
But that (according to some research I've learned) is supposedly much more efficient way of development than working for money and I think I can agree with it, comparing to how quickly I remember delivering stuff last time anyone was paying me, not to mention how much more stressful it had been
So a may-year is a relative term and moreover, apparently the less you pay for it, the more you can get
From the description I read that it's basically bitcioind rewritten into Go - so that's at least the first difference, because Gocoin's architecture is quite different from bitcoind, especially at the "blockchain parser/db <=== online node ===> wallet" interface.
Yes, it's been a year since I started it, so you may say that it was one man-year work, though I wasn't working on any schedule, rather for fun, education and a personal necessity.
But that (according to some research I've learned) is supposedly much more efficient way of development than working for money and I think I can agree with it, comparing to how quickly I remember delivering stuff last time anyone was paying me, not to mention how much more stressful it had been
So a may-year is a relative term and moreover, apparently the less you pay for it, the more you can get
March 17, 2014, 01:08:03 PM
Thank you for providing btc community with a great alternative.
Since both are written in GO, if you don't mind, any information comparing GoCoin with Conformal will be very helpful.
it was claimed that there was well over one man-year worth of work spent in Conformal, guess GoCoin is on the same level?
Since both are written in GO, if you don't mind, any information comparing GoCoin with Conformal will be very helpful.
it was claimed that there was well over one man-year worth of work spent in Conformal, guess GoCoin is on the same level?
March 13, 2014, 11:59:30 AM
Sorry.
If your gocoin node had a breakdown today, it was because of some unique multisig txs that appeared in the chain last night.
I have just fixed it - pull the recent changes from github and it should go on with the remaining blocks now.
If your gocoin node had a breakdown today, it was because of some unique multisig txs that appeared in the chain last night.
I have just fixed it - pull the recent changes from github and it should go on with the remaining blocks now.
March 13, 2014, 06:35:01 AM
A update on 0.9.3 that is going to be released soon (the previous one was about 0.9.0)
As usually a more detailed list of changes is in the changelog.txt
I believe the most important feature that the new version brings is support for multisig addresses.
I already updated the user manual with the info on how to use the new feature: http://www.assets-otc.com/gocoin/manual/multisig
Please remember that the multisig code is pretty fresh and something may not work quite well yet. So make sure to try it with testnet first and please report any issues.
As usually a more detailed list of changes is in the changelog.txt
I believe the most important feature that the new version brings is support for multisig addresses.
I already updated the user manual with the info on how to use the new feature: http://www.assets-otc.com/gocoin/manual/multisig
Please remember that the multisig code is pretty fresh and something may not work quite well yet. So make sure to try it with testnet first and please report any issues.
March 06, 2014, 11:38:11 AM
You're welcome.
Coming back to a malware that would eventually be able to attack the offline wallet.
The only path I see, except exploiting the OS, is some kind of stack-overflow exploit that would be smuggled to the wallet PC, inside one of the balance description files, or the raw transaction file.
If I had screwed up something (which isn't unlikely), the wallet app may crash while parsing a corrupt file, especially if it was corrupt by design...
Though I am not aware of an existence of any possible stack-overflow exploits for software written in Go.
AFAIK, Go's framework is more like Java, having a quite restricting memory manager and thus making a possibility of stack-overflow exploits very unlikely.
But nothing is impossible and I have seen many things in my life, so thanks for your valuable feedback @Tovadnok - it's been taken with a seriousness it deserves.
Coming back to a malware that would eventually be able to attack the offline wallet.
The only path I see, except exploiting the OS, is some kind of stack-overflow exploit that would be smuggled to the wallet PC, inside one of the balance description files, or the raw transaction file.
If I had screwed up something (which isn't unlikely), the wallet app may crash while parsing a corrupt file, especially if it was corrupt by design...
Though I am not aware of an existence of any possible stack-overflow exploits for software written in Go.
AFAIK, Go's framework is more like Java, having a quite restricting memory manager and thus making a possibility of stack-overflow exploits very unlikely.
But nothing is impossible and I have seen many things in my life, so thanks for your valuable feedback @Tovadnok - it's been taken with a seriousness it deserves.
March 06, 2014, 11:06:02 AM
Thanks, Piotr_n.
I agree that the fact that hash can be substituted by an attacker on the online machine is still a problem. I'll try to think of a way around this issue.
Overall, I think your client probably has the most secure design out there.
I agree that the fact that hash can be substituted by an attacker on the online machine is still a problem. I'll try to think of a way around this issue.
Overall, I think your client probably has the most secure design out there.
March 06, 2014, 06:20:07 AM
I totally don't understand how anyone could develop a malware that would be able to copy itself unnoticed through a several different systems.
The only way stuxnet could spread in the first place was through a 0-day exploit, for which only Windows was vulnerable.
But well, you wanted a functionality to sign a hash - here it comes, though as I had said it isn't quite secured and there is plenty of hassle with it.
Anyway, it is already committed into github - comes with version 0.9.2.
Here is how to use it:
1.
Having the payment.zip created at the online machine, extract it (on whichever machine you want) and being in the payment folder execute:
This will print a hash that needs to be signed and the address that it shall be signed with - one pair for each of the transaction's inputs.
2. Now, on the offline wallet machine, execute such a command for each of the pairs:
Each of this commands will give you a hex dump of the public key and the canonical signature.
3. Now move the key+sig pairs to a PC where you have the unsigned transaction (tx2sign.txt) and use the tool called txaddsig, for each of the tx inputs executing:
The file created after the last step shall contain a fully signed transaction. Before loading it to the node, for broadcasting, you can decode it's content with:
The only way stuxnet could spread in the first place was through a 0-day exploit, for which only Windows was vulnerable.
But well, you wanted a functionality to sign a hash - here it comes, though as I had said it isn't quite secured and there is plenty of hassle with it.
Anyway, it is already committed into github - comes with version 0.9.2.
Here is how to use it:
1.
Having the payment.zip created at the online machine, extract it (on whichever machine you want) and being in the payment folder execute:
Code:
wallet -raw tx2sign.txt -hashes
2. Now, on the offline wallet machine, execute such a command for each of the pairs:
Code:
wallet -sign-hash
3. Now move the key+sig pairs to a PC where you have the unsigned transaction (tx2sign.txt) and use the tool called txaddsig, for each of the tx inputs executing:
Code:
txaddsig tx2sign.txt 0
txaddsig.txt 1
...
txaddsig.txt N
The file created after the last step shall contain a fully signed transaction. Before loading it to the node, for broadcasting, you can decode it's content with:
Code:
wallet -d.txt
March 05, 2014, 05:42:59 PM
Hi Piotrnar,
I'm not sure that copying several times, using non-root users, etc, will solve the problem. The concern is that someone will develop a new malware targeted specifically at your software. It can then exploit whatever vulnerabilities are currently available and will not necessarily use the same techniques as stuxnet.
Your idea for using a really small storage device makes a lot of sense. That's essentially what happens if a human types the data in -- you're using a very low bandwidth channel.
I'm not sure that copying several times, using non-root users, etc, will solve the problem. The concern is that someone will develop a new malware targeted specifically at your software. It can then exploit whatever vulnerabilities are currently available and will not necessarily use the same techniques as stuxnet.
Your idea for using a really small storage device makes a lot of sense. That's essentially what happens if a human types the data in -- you're using a very low bandwidth channel.
March 05, 2014, 03:54:23 AM
@piotr_n you're right about the fact that the has could be modified. That's a very good point.
However, I still think that transferring transactions via a USB drive is very risky.
If bitcoin is valuable, stuxnet-like malware may emerge that travels to the offline machine through a thumbdrive, and then travels back on the same thumbdrive, this time carrying your private keys with it. Once the USB drive is re-inserted into the online machine, the private keys are sent out to a malicious server.
I do think that your software is pretty much the only one out there that one person can read the entire code base and convince themselves that it does what it claims to do. This is a nice side effect of Go.
I guess the real problem to solve here is how to make the transactions themselves transferable to the offline machine without risking compromise of the offline machine.
If you are worried of stuxnet-like malware, just copy your file several times on the way - using different devices, with completely different software.However, I still think that transferring transactions via a USB drive is very risky.
If bitcoin is valuable, stuxnet-like malware may emerge that travels to the offline machine through a thumbdrive, and then travels back on the same thumbdrive, this time carrying your private keys with it. Once the USB drive is re-inserted into the online machine, the private keys are sent out to a malicious server.
I do think that your software is pretty much the only one out there that one person can read the entire code base and convince themselves that it does what it claims to do. This is a nice side effect of Go.
I guess the real problem to solve here is how to make the transactions themselves transferable to the offline machine without risking compromise of the offline machine.
These days there are plenty of embedded devices (cameras, GPS systems, media players, etc) that can copy data to/from USB disks or memory cards.
No way anyone would be able to create stuxnet-like malware that can infect each possible system.
Basically you can think of many kinds of countermeasures to protect this channel - copying the data at least once on its way is just the first one that comes to my mind.
It is a good idea to not have any GUI at the wallet machine, because AFAIK the stuxnet was infecting windows using an exploit in parsing shortcut/icon files, or something like that...
In other words: make sure to use a system which does not read any data from USB, except the one that you explicitly ordered it to read. Then an infection is pretty unlikely.
And also don't use root/admin account at the wallet machine - this makes infection even less likely.
You can even use an entirely read-only file system there, e.g. by booting it from a CD or a write protected USB medium.
Another trick could be to use a very small medium. For instance if you had a disk/diskette with only 16KB capacity, that should be enough for most transactions, but it's extremely unlikely that any malware (capable of stealing keys from your offline wallet) would fit into it.
Jump to: