I build systems from parts. (I mean, most miners do, right?) Motherboard, RAM, Graphics, Hard Drive, etc. If you can do that, most people who can, know if a system they are building is secure or not.
The topic about the TrueCrypt keylogger is called the Evil Maid attack. Do a little research, it's not as bad as it sounds, and it can easily be checked even if you leave your hardware unattended and quite possibly tainted.
As for cold wallets, just like passwords, it's a good idea to change it every now and then. The design of bitcoin is such that one layer of "protection" is removed when you spend anything from an unspent address.
But, for example, the best addresses to target are static ones that accept a lot of inputs, and have already spent some, since you now know the public key. Note that the public key is not the same as the bitcoin address.
Satoshidice comes to mind, I don't think they've ever changed their betting addresses, and if you manage to get the private key to any one, you'd have a lot of bitcoins. No one has ever cracked that one. (I think, I don't remember if it has been breached.)
Topic: Just-Dice.com : Invest in 1% House Edge Dice Game - page 37. (Read 435353 times)
I'm told that even full-disk encryption is no protection if your hardware falls into the wrong hands, since they can install a keylogger in the code that prompts for the passphrase at boot time. So I can't use that machine any more. It goes into the pile marked 'possibly tainted'.
So how do you make sure that new hardware you're buying is not tainted? Technically a brand new Dell laptop or a Gigabyte mobo could have a keylogger in it? Just checking how paranoid you are
Man, I wish I could find the story I'm thinking of. Someone bought a brand new PC (I don't remember the brand, but I think HP) and found out it wasn't new; someone had recycled their HDD and it ended up in that system, and he was able to recover files from the previous owner and stuff. Can't find the story now but it's definitely relevant if someone else has it, because it explains how unsafe a new system really is.
I'm told that even full-disk encryption is no protection if your hardware falls into the wrong hands, since they can install a keylogger in the code that prompts for the passphrase at boot time. So I can't use that machine any more. It goes into the pile marked 'possibly tainted'.
So how do you make sure that new hardware you're buying is not tainted? Technically a brand new Dell laptop or a Gigabyte mobo could have a keylogger in it? Just checking how paranoid you are
Has anyone ever made a mistake when using raw tx's?
I remember seeing one thread about some guy who tipped like 10 bitcoin to the miners.
I remember seeing one thread about some guy who tipped like 10 bitcoin to the miners.
Yes, I saw something like that too. I think it has happened a few times, which is why I automate the whole process, keep it simple, and check 'by eye' before broadcasting the transaction to the network.
Has anyone ever made a mistake when using raw tx's?
I remember seeing one thread about some guy who tipped like 10 bitcoin to the miners.
I remember seeing one thread about some guy who tipped like 10 bitcoin to the miners.
Indeed they have. ASICMiner refunded an accidental 200BTC fee last year.
Let's just say it was a "security measure".
You got drunk and left your computer at the bar?
Close.
We were staying in a hotel for a few days. After checking out, about two hours away by then, I noticed I had accidentally left about 20 million dollars worth of bitcoin in the drawer of the bedside table.
Found the nearest town, bought a new cold wallet machine, retrieved the wallet data from an encrypted backup, made new wallets (did I mention there were a couple of billion dogecoins in that drawer too?) and transferred the coins over.
Everything on the cold wallet was encrypted so there was no risk, but it felt scary to be so far away from it. I'm told that even full-disk encryption is no protection if your hardware falls into the wrong hands, since they can install a keylogger in the code that prompts for the passphrase at boot time. So I can't use that machine any more. It goes into the pile marked 'possibly tainted'.
So don't worry guys. Your coins are in safe hands. Most of the time.
Has anyone ever made a mistake when using raw tx's?
I remember seeing one thread about some guy who tipped like 10 bitcoin to the miners.
I remember seeing one thread about some guy who tipped like 10 bitcoin to the miners.
Ah, I didn't think about it in terms of change. So essentially when you make a transfer from the cold wallet to the hot one, you do so as a 500 BTC block, which results in 0 change. Conversely, it would send x amount and then create the new address for the rest of the change. That's actually really smart thinking!
I don't follow the code, though. The lines with - and +'s appear to be duplicates... what was actually changed?
I don't follow the code, though. The lines with - and +'s appear to be duplicates... what was actually changed?
When making raw transactions, you have to be careful that the outputs sum to the same as the inputs - otherwise you end up tipping the miners a few thousand coins. To avoid making mistakes, I want the raw transaction to be as simple as possible, and so don't want to be working with change.
So when someone wants to withdraw 2000 BTC, I make a raw transaction that takes 4 of the 500 BTC outputs from the cold wallet and sends a single 2000 BTC to my online address.
I can only fit the data for about 4 outputs into a single QR code before the resolution gets too high for my webcam to scan (I hold one laptop's screen up to the other's webcam, and it has a hard time with reflection on the screen, focus, etc.) But it seems safer than sharing a USB stick between the online and offline machines to transfer data.
The - and + indicate lines that I deleted (-) and lines that I added (+). (Really I just changed two lines, but git (which is a tool people use for storing versions of software as they work on it, to allow you to see who changed what, when) sees that as two deletions and two insertions).
While I don't understand why he changed either, I find it extremely cool how he split up the big transaction into multiple outputs. I have never in 4 years saw someone split outputs on the same address.
https://blockchain.info/tx/48d6e58a8b60e69d121eab318712e27033cbe5a76953c9a428f57cf28fbc5f29?show_adv=true
https://blockchain.info/tx/48d6e58a8b60e69d121eab318712e27033cbe5a76953c9a428f57cf28fbc5f29?show_adv=true
That's a bit odd, though. I'm curious as to why he would do this. There shouldn't be any functional difference.
I have a script which creates a raw transaction from outputs known to be in the cold wallet and sends them to my online wallet. I just tell it which outputs and it makes the (unsigned) raw transaction that sends them.
I then transfer the unsigned transaction to the cold wallet using a QR code and a webcam, sign it on the cold wallet, and transfer the signed transaction back online, again using a QR code and a webcam.
I don't want to be messing about with 'change' outputs, so I want a bunch of useful-sized outputs ready to use. 500 BTC seems like a reasonable size for the cold wallet outputs.
Interestingly, to get bitcoin-qt to create a raw transaction that spends to the same address multiple times, all you need to do is comment out two lines of code and rebuild:
Quote
$ git diff
diff --git a/src/rpcrawtransaction.cpp b/src/rpcrawtransaction.cpp
index 837aee7..e988166 100644
--- a/src/rpcrawtransaction.cpp
+++ b/src/rpcrawtransaction.cpp
@@ -375,8 +375,8 @@ Value createrawtransaction(const Array& params, bool fHelp)
if (!address.IsValid())
throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, string("Invalid Bitcoin address: ")+s.name_);
- if (setAddress.count(address))
- throw JSONRPCError(RPC_INVALID_PARAMETER, string("Invalid parameter, duplicated address: ")+s.name_);
+ // if (setAddress.count(address))
+ // throw JSONRPCError(RPC_INVALID_PARAMETER, string("Invalid parameter, duplicated address: ")+s.name_);
setAddress.insert(address);
CScript scriptPubKey;
diff --git a/src/rpcrawtransaction.cpp b/src/rpcrawtransaction.cpp
index 837aee7..e988166 100644
--- a/src/rpcrawtransaction.cpp
+++ b/src/rpcrawtransaction.cpp
@@ -375,8 +375,8 @@ Value createrawtransaction(const Array& params, bool fHelp)
if (!address.IsValid())
throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, string("Invalid Bitcoin address: ")+s.name_);
- if (setAddress.count(address))
- throw JSONRPCError(RPC_INVALID_PARAMETER, string("Invalid parameter, duplicated address: ")+s.name_);
+ // if (setAddress.count(address))
+ // throw JSONRPCError(RPC_INVALID_PARAMETER, string("Invalid parameter, duplicated address: ")+s.name_);
setAddress.insert(address);
CScript scriptPubKey;
Ah, I didn't think about it in terms of change. So essentially when you make a transfer from the cold wallet to the hot one, you do so as a 500 BTC block, which results in 0 change. Conversely, it would send x amount and then create the new address for the rest of the change. That's actually really smart thinking!
I don't follow the code, though. The lines with - and +'s appear to be duplicates... what was actually changed?
http://blockchain.info/address/19Zmw5kMbkTjA7qRUdUEiwLqgRaMRRLDkh
Why do you change the cold address once in a while?
Why do you change the cold address once in a while?
I only ever changed it once, and the reason is a little embarrassing, rather unbelievable, and quite disturbing.
Let's just say it was a "security measure".
You got drunk and left your computer at the bar?
While I don't understand why he changed either, I find it extremely cool how he split up the big transaction into multiple outputs. I have never in 4 years saw someone split outputs on the same address.
https://blockchain.info/tx/48d6e58a8b60e69d121eab318712e27033cbe5a76953c9a428f57cf28fbc5f29?show_adv=true
https://blockchain.info/tx/48d6e58a8b60e69d121eab318712e27033cbe5a76953c9a428f57cf28fbc5f29?show_adv=true
That's a bit odd, though. I'm curious as to why he would do this. There shouldn't be any functional difference.
I have a script which creates a raw transaction from outputs known to be in the cold wallet and sends them to my online wallet. I just tell it which outputs and it makes the (unsigned) raw transaction that sends them.
I then transfer the unsigned transaction to the cold wallet using a QR code and a webcam, sign it on the cold wallet, and transfer the signed transaction back online, again using a QR code and a webcam.
I don't want to be messing about with 'change' outputs, so I want a bunch of useful-sized outputs ready to use. 500 BTC seems like a reasonable size for the cold wallet outputs.
Interestingly, to get bitcoin-qt to create a raw transaction that spends to the same address multiple times, all you need to do is comment out two lines of code and rebuild:
Quote
$ git diff
diff --git a/src/rpcrawtransaction.cpp b/src/rpcrawtransaction.cpp
index 837aee7..e988166 100644
--- a/src/rpcrawtransaction.cpp
+++ b/src/rpcrawtransaction.cpp
@@ -375,8 +375,8 @@ Value createrawtransaction(const Array& params, bool fHelp)
if (!address.IsValid())
throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, string("Invalid Bitcoin address: ")+s.name_);
- if (setAddress.count(address))
- throw JSONRPCError(RPC_INVALID_PARAMETER, string("Invalid parameter, duplicated address: ")+s.name_);
+ // if (setAddress.count(address))
+ // throw JSONRPCError(RPC_INVALID_PARAMETER, string("Invalid parameter, duplicated address: ")+s.name_);
setAddress.insert(address);
CScript scriptPubKey;
diff --git a/src/rpcrawtransaction.cpp b/src/rpcrawtransaction.cpp
index 837aee7..e988166 100644
--- a/src/rpcrawtransaction.cpp
+++ b/src/rpcrawtransaction.cpp
@@ -375,8 +375,8 @@ Value createrawtransaction(const Array& params, bool fHelp)
if (!address.IsValid())
throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, string("Invalid Bitcoin address: ")+s.name_);
- if (setAddress.count(address))
- throw JSONRPCError(RPC_INVALID_PARAMETER, string("Invalid parameter, duplicated address: ")+s.name_);
+ // if (setAddress.count(address))
+ // throw JSONRPCError(RPC_INVALID_PARAMETER, string("Invalid parameter, duplicated address: ")+s.name_);
setAddress.insert(address);
CScript scriptPubKey;
http://blockchain.info/address/19Zmw5kMbkTjA7qRUdUEiwLqgRaMRRLDkh
Why do you change the cold address once in a while?
Why do you change the cold address once in a while?
I only ever changed it once, and the reason is a little embarrassing, rather unbelievable, and quite disturbing.
Let's just say it was a "security measure".
spill the beans doog, tell us!
http://blockchain.info/address/19Zmw5kMbkTjA7qRUdUEiwLqgRaMRRLDkh
Why do you change the cold address once in a while?
Why do you change the cold address once in a while?
I only ever changed it once, and the reason is a little embarrassing, rather unbelievable, and quite disturbing.
Let's just say it was a "security measure".
http://blockchain.info/address/19Zmw5kMbkTjA7qRUdUEiwLqgRaMRRLDkh
Why do you change the cold address once in a while?
Why do you change the cold address once in a while?
Yes, that is very puzzling. What's the practical gain in going through the steps of changing perfectly good and backup-ed private key?
While I don't understand why he changed either, I find it extremely cool how he split up the big transaction into multiple outputs. I have never in 4 years saw someone split outputs on the same address.
https://blockchain.info/tx/48d6e58a8b60e69d121eab318712e27033cbe5a76953c9a428f57cf28fbc5f29?show_adv=true
That's a bit odd, though. I'm curious as to why he would do this. There shouldn't be any functional difference.
http://blockchain.info/address/19Zmw5kMbkTjA7qRUdUEiwLqgRaMRRLDkh
Why do you change the cold address once in a while?
Why do you change the cold address once in a while?
Yes, that is very puzzling. What's the practical gain in going through the steps of changing perfectly good and backup-ed private key?
While I don't understand why he changed either, I find it extremely cool how he split up the big transaction into multiple outputs. I have never in 4 years saw someone split outputs on the same address.
https://blockchain.info/tx/48d6e58a8b60e69d121eab318712e27033cbe5a76953c9a428f57cf28fbc5f29?show_adv=true
http://blockchain.info/address/19Zmw5kMbkTjA7qRUdUEiwLqgRaMRRLDkh
Why do you change the cold address once in a while?
Why do you change the cold address once in a while?
Yes, that is very puzzling. What's the practical gain in going through the steps of changing perfectly good and backup-ed private key?
site is down, any update? Noticed hotwallet and cold wallet were empty, rebuilding?
The wallets are empty and the site is down. Hmmmm....
The hot wallet contains everyone's deposit address, so it's hard to see the whole balance.
The cold wallet address changed about a week ago. I updated the FAQ with the new address and a new signature.
Was the site really down for a while? I wasn't offline for long so I guess I missed it. Or maybe it was a localised cloudflare outage.
http://blockchain.info/address/19Zmw5kMbkTjA7qRUdUEiwLqgRaMRRLDkh
Why do you change the cold address once in a while?
Looking to Sell/Partner or Lease the domain Dark-Dice.com
PM Offers.
PM Offers.
@Doog: wouldn`t a Dark Dice site with DRK be great? Possibly with a masternode function (i.e. you can also invest in a masternode through the site)?
don´t you think a Doge spinoff is already enough? we don´t need other just-dice clone sites in my opinion
Dark would be the perfect third site. Great coin. But so far doog isn't interested like I said, he was offered dark-dice.com for free earlier and turned it down apparently. Maybe he'll change his mind if it keeps upswinging, who knows.
@Doog: wouldn`t a Dark Dice site with DRK be great? Possibly with a masternode function (i.e. you can also invest in a masternode through the site)?
don´t you think a Doge spinoff is already enough? we don´t need other just-dice clone sites in my opinion
Jump to: