Author

Topic: How to securely spend coins from a compressed offline private key? (Read 1991 times)

newbie
Activity: 28
Merit: 0
this woud be nice to know how to easily create Tx from offline wallet.

hopefully we know soon
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
Okay - I checked in "bitcoinrpc.h" and found this:

RPC_DESERIALIZATION_ERROR       = -22, // Error parsing or validating structure in raw format

So now I am guessing that there must be something wrong with the raw transaction that you created (maybe brainwallet.org doesn't properly work when trying to create a raw tx with compressed private keys).

Perhaps try using the "decoderawtransaction" RPC to see if you can get something a bit more specific?
newbie
Activity: 29
Merit: 0
It's been over 16 hours now, no signs of the transaction on blockchain.info or my local client (not even unconfirmed) so I think I can safely say it wasn't a double spend.

Just tried pushing again via bitcoin client and it gave me the same error: "TX rejected (code -22)"

I would be curious to see the full list of error codes (does anybody have this? It would be extremely helpful), once again I looked hard for this on the internet but was unable to figure out what this error means.

Also, I just tried an empty "signrawtransaction" to validate the transaction as per this use case on the wiki (very bottom of the page): https://en.bitcoin.it/wiki/Raw_Transactions#Validate_a_transaction_without_broadcasting_it

It gave me this error: "Missing scriptPubKey (code -3)"

Does that mean that I didn't sign it properly? Or that I didn't define the outputs properly?

I got the raw transaction from offline version of http://brainwallet.org/#tx so it *should* be well-formed.

I'd still like to do this entirely offline so it would be great to know what's wrong with my raw transaction.
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
I think the -22 error is actually detecting a "double spend" so presumably the tx was actually sent out (via blockchain.info) but perhaps it is just taking a while for it to be processed (even with the fee being paid).
newbie
Activity: 29
Merit: 0
Thanks Ian.

What I tried was this:

1. (Online) Get unspent output addresses using blockchain.info ( http://blockchain.info/unspent?address= )
2. (Offline) Paste this JSON plus private key into brainwallet transaction generator
3. (Online) Paste the resulting raw transaction hex into http://blockchain.info/pushtx

However after blockchain info said it had published my transaction successfully nothing happened to the sending or receiving addresses.

I tried using the sendrawtransaction command on the same hex in my local bitcoin client, and it gave me this error: "TX rejected (code -22)"

What exactly does this error code mean? I tried googling it in and out and I got nothing whatsoever.

Is it possible that I accidentally exported the brainwallet transaction without signing it? (I seem to remember signing it though. Does the populated "scriptSig" field in my raw transaction mean that it was signed?)

Also I included a fee of 0.005 which I think is standard so that shouldn't be it.

Thanks again.
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
I think that you've already got the basic idea (create/sign/send) - the "brainwallet.org" page I mentioned (stored offline) will just make the process easier for you (rather than using the low-level API for everything) although what you'll want to finally use is it's "raw tx" output.
newbie
Activity: 29
Merit: 0
Can't you use the raw tx API to accomplish this?

(to make it easier you could use an offline "brainwallet.org")


This sounds like the way to go. So my workflow would be:

1. 'createrawtransaction' on the onlne computer, using the public bitcoin address.
2. 'signrawtransaction' on the offline computer.
3. 'sendrawtransaction' on the online computer.

I took a look at the raw transaction API here: https://en.bitcoin.it/wiki/Raw_Transactions

It's helpful but a bit abstract. Are there any good tutorials or other resources that would help me set up this workflow?

Thanks.
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
Can't you use the raw tx API to accomplish this?

(to make it easier you could use an offline "brainwallet.org")
legendary
Activity: 1106
Merit: 1016
090930
There is a new patch that adds support for importing compressed key pairs into electrum. However it hasn't been fully reviewed yet. See here: https://github.com/spesmilo/electrum/pull/28

newbie
Activity: 29
Merit: 0
So I wanted to create an offline wallet to store my bitcoins securely, because I'm not sure that either my computers aren't compromised (at least not 20-30 bitcoins sort of sure.)

Entirely offline, I booted a pristine live Ubuntu session, ran Bitcoin V0.7.0, and wrote down a public address and a corresponding private key. I ciphered the private key using a passphrase and PGP, then took that encrypted message, printed it and scattered copies in a number of different places on-and-off-site. I sent most of my bitcoins to the public address for that encrypted private key, so now the only way to get the private key is by using the encrypted message and the passkey.

Now here's the real issue, and I thought that it would be way easier than it turned out being: How do I spend these coins without taking the private key back to one of my online, blockchain-updated computers?

Obviously I could just import my private key into one of my online computers and have access to all my coins, but that would defeat the entire purpose of this online/offline setup. My second thought was to import the private key into an Armory wallet, create a watching-only copy for my online computers, and then create and sign transactions using the standard Armory offline transaction workflow. The problem with this is that the private key was created by Bitcoin V0.7.0, so it uses the compressed format (starts with 'L'), which is incompatible with Armory, and from what I've gathered it is impossible to convert the new compressed private key format to the old uncompressed, Armory-compatible one (to spend from the same public address.)

So now I'm stuck with my private key already secured, distributed, and tested, and I have no way to spend any funds from it without importing the entire private key's balance online again. Is there a way I can spend from this private key without being online? If not, is there at least a way I can spend from a clean operating system that is very briefly online, and without the overhead of the entire blockchain? (Electrum-style -- in fact, does electrum support compressed private keys?)

I'd rather not have to re-encrypt and redistribute my paper wallet using a new uncompressed key that will work with Armory.

Thanks in advance for the help.
Jump to: