Topic: Is developing your own Wallet safer? (Read 8721 times)
Probably a cool project to learn about Bitcoin but not a good idea to store BTC in the longterm.
Would developing your own Bitcoin Wallet be safer than using known ones like Electrum? It would obviously be much simpler, with no GUI, worse overall security but no one could get their hands on its source code. I have enough programming experience myself to make it but I'm wondering if it even makes sense to do so.
Thank for your help!
Thank for your help!
Absolutely not. Security by obscurity is the lowest form of security and results in compromise *very* quickly.
I'd point you to the wikipedia article on Kerckhoffs's principle (https://en.wikipedia.org/wiki/Kerckhoffs%27s_principle)
Would developing your own Bitcoin Wallet be safer than using known ones like Electrum? It would obviously be much simpler, with no GUI, worse overall security but no one could get their hands on its source code. I have enough programming experience myself to make it but I'm wondering if it even makes sense to do so.
Thank for your help!
You said it yourself. Worse overall security. A virus capable will easily be able to sift through your private keys if it is stored in plaintext. In general, I doubt the wallet would be 100% secure. Thank for your help!
I would have to say no, as implementing a crypto wallet can be tricky and one small mistake and the private keys could be stolen or worse become unrecoverable.
It doesn't necessary.
Having a program open sourced does not necessarily mean that the program would be more vulnerable. Known wallets are open sourced to allow the user to review it themselves and search for any bugs. A zero day exploit is not all that likely.
Having a program open sourced does not necessarily mean that the program would be more vulnerable. Known wallets are open sourced to allow the user to review it themselves and search for any bugs. A zero day exploit is not all that likely.
Exactly this, as with the recent outbreak it seems obvious people take advantage of any exploit, finding it on your own is extremely difficult.
Hi!
Considering that you have a fair experience of being a program developer, I think it would be ideal to develop your own wallet because you will be in control of your money in terms of transactions, safety and security. However, it is hard in the sense that you would have to solely deal with its disadvantages as well. It is common knowledge that everything is possible in the digital world which means your account is still reachable worldwide amidst the tough security you have put your money in. Well, there are pros and cons. You just have to weigh things accordingly and align it with your expectations.
Considering that you have a fair experience of being a program developer, I think it would be ideal to develop your own wallet because you will be in control of your money in terms of transactions, safety and security. However, it is hard in the sense that you would have to solely deal with its disadvantages as well. It is common knowledge that everything is possible in the digital world which means your account is still reachable worldwide amidst the tough security you have put your money in. Well, there are pros and cons. You just have to weigh things accordingly and align it with your expectations.
You said it yourself. Worse overall security. Most people nowadays who use a local desktop client will use a customised directory to store their wallet file. A virus capable of searching through the contents of files will easily be able to sift through your private keys, if stored in plaintext.
What I would say is to simply buy a hardware wallet, but if you're really dedicated, fork electrum and try your best to obfuscate the code. It'll make it harder for malware to get through that, but it still wouldn't be 100% secure.
What I would say is to simply buy a hardware wallet, but if you're really dedicated, fork electrum and try your best to obfuscate the code. It'll make it harder for malware to get through that, but it still wouldn't be 100% secure.
Here is how you make a hack proof wallet with current tech: Android: TEE wallet query interface with lockout or timeout, IOS: TEE wallet query interface with lockout or timeout, Intel x86: SGX, AMD x86: TEE wallet query interface with lockout or timeout. AES or EC signing on all. Don't have memory corruption(hand written assembly since it's so small)
Future vulnerability: Bypassing signing in isolation loader with silicon manipulation. This is what game consoles and Apple do and except where they have memory corruption it doesn't get hacked.
Future vulnerability: Bypassing signing in isolation loader with silicon manipulation. This is what game consoles and Apple do and except where they have memory corruption it doesn't get hacked.
Would developing your own Bitcoin Wallet be safer than using known ones like Electrum? It would obviously be much simpler, with no GUI, worse overall security but no one could get their hands on its source code. I have enough programming experience myself to make it but I'm wondering if it even makes sense to do so.
Thank for your help!
Thank for your help!
Thanks For Information. But I think its not necessary For Us.. At This Time Bitcoin Wallet account is save now for Use We don't Need to create slimier Bitcoin Wallet. If we Need for other thing then we Contact With You.
Thank For your help.
but the function is the function and the code is the code, you set a fee and an amount to send with address plus private key then you send
Not exactly. The cryptography part (generating a true random number, getting the public key and signing transactions correctly and without messing up) is the hardest part.There have been enough incidents leading to losses because of poor implementation of what seems to be easy.
but have you thought about how to send out or receive if you don't have a full node?
That, my friend, is the easiest part! it is a simple code making an specific kind of message and sending it to other nodes. I say it is easy because I have done it and I am not even good at coding or Bitcoin!I want to know how could I have my wallet not of my own code but just electrum only connecting it directly to my full node and maybe I could even access my funds on full node wallet while I'm at home and Core running 45 miles away?
Or am I asking too much here? or maybe I need to put a few lilne of codes/ commands in Core wallet and set the Core IP as server in electrum?
Google JSON-RPC+bitcoin Or am I asking too much here? or maybe I need to put a few lilne of codes/ commands in Core wallet and set the Core IP as server in electrum?
How can I have my own wallet as well? lol but the function is the function and the code is the code, you set a fee and an amount to send with address plus private key then you send but have you thought about how to send out or receive if you don't have a full node?
I want to know how could I have my wallet not of my own code but just electrum only connecting it directly to my full node and maybe I could even access my funds on full node wallet while I'm at home and Core running 45 miles away?
Or am I asking too much here? or maybe I need to put a few lilne of codes/ commands in Core wallet and set the Core IP as server in electrum?
I want to know how could I have my wallet not of my own code but just electrum only connecting it directly to my full node and maybe I could even access my funds on full node wallet while I'm at home and Core running 45 miles away?
Or am I asking too much here? or maybe I need to put a few lilne of codes/ commands in Core wallet and set the Core IP as server in electrum?
I agree with achow since there are some script for output and input if someone knows about your wallet and they can not access it
they can do something about requesting script or something that they can inject a code in your site or wallet that can send your bitcoin from his bitcoin address.. So i think it is not safe unless if you have a knowledge like behind the code or punnycode js or any good script just to hide access to your main account.
Vps isn't too expensive for yearly and everyone could really afford it when we talk about yearly payments it would be also a good way on storing and for Op making wallet would be possible but making a standard one isn't really appealing on the public and for sure they will use most used wallets than yours so it would be useless unless if you just use it for yourself then it would be fine. they can do something about requesting script or something that they can inject a code in your site or wallet that can send your bitcoin from his bitcoin address.. So i think it is not safe unless if you have a knowledge like behind the code or punnycode js or any good script just to hide access to your main account.
I prefer to save the wallet in a virtual machine and protect the wallet file with a zip password 
Not good idea your vps will not stay for a long time unless if you have lots of money to pay for yearly and its still needs backup your wallet.. better to use common wallet in your pc.. and make a backup in your drive D.
You would have to consider lots of details you are probably not aware of now.
There might be some security advantages by not having the code opened to everyone (security by obscurity), but on the other hand, as soon as you have open ports, there may be other kinds of attacks on your client that make it even more vulnerable than the proven standard clients, such as memory leak attacks. And furthermore, you can see from the protocol that your client will behave slightly different than the normal one. So an attacker may detect this and focus even more on attacking your client, so it might evoke even more attention than if you just go with the masses and use a standard client.
There might be some security advantages by not having the code opened to everyone (security by obscurity), but on the other hand, as soon as you have open ports, there may be other kinds of attacks on your client that make it even more vulnerable than the proven standard clients, such as memory leak attacks. And furthermore, you can see from the protocol that your client will behave slightly different than the normal one. So an attacker may detect this and focus even more on attacking your client, so it might evoke even more attention than if you just go with the masses and use a standard client.
Would developing your own Bitcoin Wallet be safer than using known ones like Electrum? It would obviously be much simpler, with no GUI, worse overall security but no one could get their hands on its source code. I have enough programming experience myself to make it but I'm wondering if it even makes sense to do so.
Thank for your help!
Thank for your help!
Helllo Sir ..
I want to create a own coin company .. Then you tell me.. How much help me about this.
Even if you know programming, it is going to take you many man hours to code one since you don't just have to plan on how to code it and program it. You also need lots of time to test it out for any potential bugs and solve them. Just my 2 cents worth, use an existing wallet. There are many wallets out there which are packed with features, safe and free of charge most importantly.
Would developing your own Bitcoin Wallet be safer than using known ones like Electrum? It would obviously be much simpler, with no GUI, worse overall security but no one could get their hands on its source code. I have enough programming experience myself to make it but I'm wondering if it even makes sense to do so.
Thank for your help!
Great post.Thank for your help!
If you have enough programming skills, it might make sense to do so.
Moreover, there is no harm inh trying.
Just give it a shot.
Regards.
Yeah...Virtual Machine (VM) != Virtual Private Server (VPS)
♯
Virtual Machine (VM) != Virtual Private Server (VPS)I prefer to save the wallet in a virtual machine and protect the wallet file with a zip password
Not good idea your vps will not stay for a long time unless if you have lots of money to pay for yearly and its still needs backup your wallet.. better to use common wallet in your pc.. and make a backup in your drive D. And not none of these are better, you are still using a hot wallet no matter if you move it to drive D or VM or a VPS. Just use cold storage and be done with it instead of making it too complicated for yourself.
Cold storage is useful just for storage. For normal use it's better to have a desktop wallet at least, or a mobile wallet.
I would NEVER trust a VPS though. Anything that stays online can disappear. You need to back up your private key(s) no matter where you store the addresses..
♯
Virtual Machine (VM) != Virtual Private Server (VPS)I prefer to save the wallet in a virtual machine and protect the wallet file with a zip password
Not good idea your vps will not stay for a long time unless if you have lots of money to pay for yearly and its still needs backup your wallet.. better to use common wallet in your pc.. and make a backup in your drive D. And not none of these are better, you are still using a hot wallet no matter if you move it to drive D or VM or a VPS. Just use cold storage and be done with it instead of making it too complicated for yourself.
Just a heads up: VM doesn't add security to your wallet. If I execute on that host I still have your wallet, and if I get on the host of the VM I have your VHD..
Hardware wallet or watch-only on things with networking or don't bother..
Hardware wallet or watch-only on things with networking or don't bother..
Jump to: