Author

Topic: iPhone wallets that correctly use change addresses? (Read 3216 times)

newbie
Activity: 37
Merit: 0
Are there any iPhone wallets that correctly return the change of a transaction into a newly generated address, much like Electrum does?

BitWallet does not do this.

Airbitz always generates a new address. Not just for change, but also for new receive requests. Give it a shot http://airbitz.co
member
Activity: 115
Merit: 19
P.S. A simple one : Your phone can be hacked and thus reveal your private key!

  ~~MZ~~

Both android and iOS use app "sandboxing" and code-signing which makes it more difficult to hack than popular desktop systems. iOS further requires that all code run on the device be code-signed by apple, and enables AES hardware encryption on all devices by default to protect your data in the even of physical theft.

breadwallet was the first mobile HD wallet using SPV, but the new version of andreas schlindbach's wallet based on bitcoinj that was just recently released has it now as well. bither and KnC wallet for iOS are using breadwallet code.

The upcoming version of breadwallet will use a combination of touch id and wallet pin. Touch id enables fast convenient access without the potential of revealing your pin to a shoulder surfer, however your fingerprints are all over the phone, so there will be a user configurable spending limit after which pin entry is required. This helps to mitigate both the shoulder surfing and fake finger attacks.
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
Isnt that a bad idea for a phone? I mean you usually have 1, 2 or at least very few addresses on a phone in comparisson to the number you might have on a regular machine. But in order to send the change to a fresh address the phone would have to generate a new key pair and your backup would need an update. On the other hand if you allready have several private keys and addresses generated you could just add one of them as another receiving address.

Please lookup https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki and https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki. With just one backup, you can securely generate an unlimited number of addresses.

Breadwallet always sends change to a new address.

Yes, a HD wallet would certainly solve the problem of the backup. I actually had that in mind when I wrote this, but I couldnt come up with one. I was more thinking out loud than shouting: OMG DONT DO THAT!!111 I recently tested bither and while I like the way you can generate keys, I dont like that they restrict the possible keys for a hot wallet to 10. Sadly no breadwallet for android, but I just read greenwallet is HD as well.

You can generate as many addresses as you want in Bither but the number of private keys to be generated will not be shown if the total number of addresses reached 10. i just tested now and I have 12 addresses now. Yes, greenwallet is HD.

  ~~MZ~~
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
Shorena said, it is bad for a phone. Phones can be attacked easier than a computer. So it is bad. That's the point here.

I don't think you understand what you are talking about. The ease of "attack" (what kind of attack? You don't say.) has nothing to do with re-using small numbers of addresses, which has objective negatives.

Deterministic wallets completely solve the problem of backups.

I didn't told that re-using address is bad but it does affect your privacy. You can see explanation of my words'+shorena's in the above post! Roll Eyes

P.S. A simple one : Your phone can be hacked and thus reveal your private key!

  ~~MZ~~
copper member
Activity: 1498
Merit: 1528
No I dont escrow anymore.
Isnt that a bad idea for a phone? I mean you usually have 1, 2 or at least very few addresses on a phone in comparisson to the number you might have on a regular machine. But in order to send the change to a fresh address the phone would have to generate a new key pair and your backup would need an update. On the other hand if you allready have several private keys and addresses generated you could just add one of them as another receiving address.

Please lookup https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki and https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki. With just one backup, you can securely generate an unlimited number of addresses.

Breadwallet always sends change to a new address.

Yes, a HD wallet would certainly solve the problem of the backup. I actually had that in mind when I wrote this, but I couldnt come up with one. I was more thinking out loud than shouting: OMG DONT DO THAT!!111 I recently tested bither and while I like the way you can generate keys, I dont like that they restrict the possible keys for a hot wallet to 10. Sadly no breadwallet for android, but I just read greenwallet is HD as well.

Shorena said, it is bad for a phone. Phones can be attacked easier than a computer. So it is bad. That's the point here.

   ~~MZ~~
Please explain to me how iPhone is more easily attacked than a computer.
Be as in depth as possible in your justification.

The problem is not the phone itself but the way most users handle their phone - or at least a lot, I dont have actual numbers here, its just something I observe when people use their phones. TouchID is just a gimmick and provides next to no security [1]. Passcodes and lengthy passphrases are barely used because it takes to long to unlock the phone. 4 or 6 digit PIN can be shoulder surfed as well as these patterns people tend to use. An additional risk for the patterns is that they show on the front of the phone when used with oily skin. This however has nothing to do with the way the btc wallet handles change and should just tell you that you should not hold more bitcoin on your phone than you would in your regular wallet.


[1] http://www.ccc.de/en/updates/2013/ccc-breaks-apple-touchid
newbie
Activity: 25
Merit: 0
Shorena said, it is bad for a phone. Phones can be attacked easier than a computer. So it is bad. That's the point here.

I don't think you understand what you are talking about. The ease of "attack" (what kind of attack? You don't say.) has nothing to do with re-using small numbers of addresses, which has objective negatives.

Deterministic wallets completely solve the problem of backups.
sr. member
Activity: 475
Merit: 252
Shorena said, it is bad for a phone. Phones can be attacked easier than a computer. So it is bad. That's the point here.

   ~~MZ~~
Please explain to me how iPhone is more easily attacked than a computer.
Be as in depth as possible in your justification.
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
Isnt that a bad idea for a phone? I mean you usually have 1, 2 or at least very few addresses on a phone in comparisson to the number you might have on a regular machine. But in order to send the change to a fresh address the phone would have to generate a new key pair and your backup would need an update. On the other hand if you allready have several private keys and addresses generated you could just add one of them as another receiving address.

Please lookup https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki and https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki. With just one backup, you can securely generate an unlimited number of addresses.

Breadwallet always sends change to a new address.

Shorena said, it is bad for a phone. Phones can be attacked easier than a computer. So it is bad. That's the point here.

   ~~MZ~~
member
Activity: 98
Merit: 10
Isnt that a bad idea for a phone? I mean you usually have 1, 2 or at least very few addresses on a phone in comparisson to the number you might have on a regular machine. But in order to send the change to a fresh address the phone would have to generate a new key pair and your backup would need an update. On the other hand if you allready have several private keys and addresses generated you could just add one of them as another receiving address.

Please lookup https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki and https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki. With just one backup, you can securely generate an unlimited number of addresses.

Breadwallet always sends change to a new address.
sr. member
Activity: 475
Merit: 252
Breadwallet
copper member
Activity: 1498
Merit: 1528
No I dont escrow anymore.
Isnt that a bad idea for a phone? I mean you usually have 1, 2 or at least very few addresses on a phone in comparisson to the number you might have on a regular machine. But in order to send the change to a fresh address the phone would have to generate a new key pair and your backup would need an update. On the other hand if you allready have several private keys and addresses generated you could just add one of them as another receiving address.
full member
Activity: 210
Merit: 100
Are there any iPhone wallets that correctly return the change of a transaction into a newly generated address, much like Electrum does?

BitWallet does not do this.
The blockchain.info wallet does this however you must select the send from address to be 'any address' otherwise it will put the change in the address that you selected to send from.
newbie
Activity: 25
Merit: 0
Are there any iPhone wallets that correctly return the change of a transaction into a newly generated address, much like Electrum does?

BitWallet does not do this.
Jump to: