Author

Topic: gosh darnit, making a secure wallet is hard. (Read 1420 times)

sr. member
Activity: 252
Merit: 250
i see your guys point.

fine

then i shall hope for stability for a while, followed by the type of continued skyrocketting weve been seeing.
legendary
Activity: 3472
Merit: 4801
No guts, no glory. If I see it at $20 again, I'm going all inn too. Sell everything!

Heck, if it gets below $10, I just might start selling stuff I don't own.  Wink
full member
Activity: 218
Merit: 100
No guts, no glory. If I see it at $20 again, I'm going all inn too. Sell everything!
legendary
Activity: 3472
Merit: 4801
But first 15 dollars a coin for a few months would be nice...

Yeah, if it dropped below $20 and there wasn't some major bitcoin disaster (ECDSA found to be broken!, SHA-256 found to be fully reversible!), I'd probably sell everything I own and borrow everything I could borrow to sink it all in.
sr. member
Activity: 252
Merit: 250
"Fuck this 400 dollars a bitcoin shit. price needs to drop so I can get in deeper.  Then it can explode if it wants."

 Grin   Grin

Haha! Let's hope.

I'm betting it's going to happen.

But first 15 dollars a coin for a few months would be nice...
legendary
Activity: 3472
Merit: 4801
Ps. fuck this 40 dollars a bitcoin shit. price needs to drop so I can get in deeper.

then it can explode if it wants.

I can't wait until I start seeing people post, "Fuck this 60 dollars a bitcoin shit. price needs to drop to $45 so I can get in deeper.  Then it can explode if it wants."

Or better yet:

"Fuck this 400 dollars a bitcoin shit. price needs to drop so I can get in deeper.  Then it can explode if it wants."

 Grin   Grin
sr. member
Activity: 252
Merit: 250
I'd suggest using https://blockchain.info/wallet for your hot wallet.  Unlike MtGox, you retain control over your private keys and as such over your bitcoins that way.  Blockchain.info also has more features that make it a more convenient wallet.

I'll take this suggestion seriously.

My reasons for using gox was that I would be easily able to play short game, if i think the price is gonna fall. Guess it doesn't take THAT long to transfer though.

Quote
If you can get the Linux – Offline Bundle for Ubuntu 10.04-32bit going on one of those, it'd be a really cheap and easy solution because all of the dependencies are already installed.
I had an old laptop that worked great. This is an Armory tutorial I'm working on for my friends and family.

I will check out your tutorial. For the moment I've decided that since cold storage is supposed to be a long term solution anyway, I'll just make the wallet and not even use the private key until I'm ready to deal with withdrawing something.

I actually tried the offline bundle for having the dependencies but still couldn't get it to work. Maybe if I tried ubuntu 10.04? Is that an LTS version? If it came to not being supported would it still be secure (from a live-cd)?

Thanks guys!

Ps. fuck this 40 dollars a bitcoin shit. price needs to drop so I can get in deeper.

then it can explode if it wants.
full member
Activity: 218
Merit: 100
I'm not sure if you're up for it but, I saw a thread a while back that said someone was running Armory (offline) on a Raspberry Pi.

Question about offline transactions... what are the system requirements for a computer that would ONLY hold private keys and sign transactions?
Nothing special. I run it on a Raspberry Pi.
And is there any special setup procedures for such an offline computer?  Do I still have to install the Bitcoin-QT client?
Nope, no blockchain or network connection is necessary.

If you can get the Linux – Offline Bundle for Ubuntu 10.04-32bit going on one of those, it'd be a really cheap and easy solution because all of the dependencies are already installed.
I had an old laptop that worked great. This is an Armory tutorial I'm working on for my friends and family.
legendary
Activity: 2058
Merit: 1452
Okay one last question, are there any alternatives to blockchain.info in generating the raw transaction code from a private key? it sure is one more password to remember for something I have to go offline to do anyway
armory
legendary
Activity: 3472
Merit: 4801
- snip -
my plan is to use mt gox as a hot wallet.
- snip -

I'd suggest using https://blockchain.info/wallet for your hot wallet.  Unlike MtGox, you retain control over your private keys and as such over your bitcoins that way.  Blockchain.info also has more features that make it a more convenient wallet.
sr. member
Activity: 252
Merit: 250
Okay one last question, are there any alternatives to blockchain.info in generating the raw transaction code from a private key? it sure is one more password to remember for something I have to go offline to do anyway
sr. member
Activity: 252
Merit: 250
Hey thanks for those last two links!

Will bookmark immediately.

I think I could live without even having a client on a usb drive, as long as something like those links exist.

However, the raw transaction is way too many characters to handwrite, as fate would have it I'm out of ink. I suppose between now and the time I have enough bitcoin to make real use of a brainwallet though I could invest in some ink and just print the thing out. Still a pain in the butt to type in though.

Is there anyway around this without turning the internet back on after having typed in your private key?

Ok reading that first link more deeply, I like this solution alot.

I think I'm going to employ that for a cold wallet, and use the above described solution for more of a warm wallet.

If I were to save the raw transaction code as a txt file on whatever hard drive I happen to be using, so that way I could reboot any given live cd and retrieve it and send, would this present any kind of security flaw? Actually I like this plan, or I could just use a USB drive and save the raw code in a sort of live cd usb combo...

that might work!


or... duh! use the persistent tails distribution that worked in the first step for everything but a client!!!!

YES!

Thanks guy!
legendary
Activity: 2506
Merit: 1010
what is the best way to generate the send code for removing money from cold storage without having to use a client?

 - http://bitcoinarmory.com/using-offline-wallets-in-armory

Second, is there any alternative to the british hosted rowit thingy for when I figure out how to get said code generated?

Not needed with armory, but if you created a raw transaction with Bitcoin-Qt/bitcoind client and need to broadcast it ... these will work:
 - https://blockchain.info/pushtx
 - http://brainwallet.org/#tx 
sr. member
Activity: 252
Merit: 250
okay I've tried many different approaches to this.

I'm excited to throw a little money at bitcoin, but I need to do this right.

my plan is to use mt gox as a hot wallet.

then I wanted to make a warm wallet that I could boot from either a cd or a USB drive, but this step is turning out to be trickier than I thought.

CD's aren't working for me because I wanted the warm wallet to be convenient, I didn't want to install everything every-time. I could have settled to download the blockchain everytime, and I didn't have a Flashdrive handy at first, so I attempted to make a custom ubuntu live cd (after realizing that Tails no longer fits on a cd). That effort fell flat in my attempt to use three different programs. Seemed like I got close though, even got a CD burnt with googlecode's custom ubuntu offering but it failed to boot.

So I'm like heck with it, I'd like persistence anyway. And I went and splurged on a flashdrive. My first impulse was tails, so I installed it, and I liked it alot. Nice and snappy and seemed secure and well organized. Started wasting some time customizing it and stuff. But when it came time to make armory work, there was a list of dependencies I needed to get, and they just plain weren't in Tails' repository. I didn't want to add them for fear of making tails less secure, and also wasn't sure what to add anyway. Then I attempted to use electrum and qt, experiencing a similar error but with one dependency (python4-qt) one the later, and the former's instructions just plain not working. So damn.

I proceeded to Ubuntu, first attempting to use the pendrivelinux installer with an iso for 12.04 (since it's supported longer). That loaded painfully slow. Really really painfully slow. So I attempted an install from a live-cd to USB using Ubuntu's built in USB startdisk dealy. Same results.

I am at present attempting my last resort, which is to attempt a regular ubuntu installation directly to the flash drive, onto partitions that I made myself. It is taking forever. I hope it loads faster, I have no how I'm going to do this if not, it'll be back to the drawing board. Any idea what I'll do if this fails?

The last leg in my plan was to have a cold wallet for long term savings. This seems like the most simple part of everything. I fired up a regular ubuntu live-cd, slid over to bitaddress.org, turned off the internet, and generated a test wallet just to see if I could at least make this part work. When I have it down pat, I already know a nice, long, difficult to crack, but easy to remember seed phrase (I also have other plans to back both wallets up, of course) perfect for my cold wallet. I wrote down the private key and the public address, and rebooted the live-cd. Headed to gox, sent my test-cold-wallet .1 btc. Took a look on the blockchain to verify that it had made it. Then I ran into two different obstacles, the first was that I couldn't figure out how to get the raw send code from an offline app. The forbes article I was reading said blockchain.info could do it, and I expected that to work but I couldn't find how to do it. Researching the process, I tried to go to the rowit send site, where I would have pasted said "send code," if I had been able to make it work, to finalize the removal of the coin back to my gox wallet, but it was down!!! (It was late at night I guess).

So my cold wallet question is two fold, first is what is the best way to generate the send code for removing money from cold storage without having to use a client? Second, is there any alternative to the british hosted rowit thingy for when I figure out how to get said code generated?

Anyway I've been up all night playing poker on seals with clubs and trying to make this beotch work. It's driving me nuts.

Help me out guys, please. How would you approach this?
Jump to: