Pages:
Author

Topic: Mental Bitcoin Wallet: I have real bitcoins stored in my head. - page 6. (Read 12769 times)

member
Activity: 84
Merit: 10
Anyone that understands the principle involved here isn't likely to be the kind of person to have insecure interfaces.
full member
Activity: 406
Merit: 100
If you'd temporarily store your passphrase in a file and execute (in Linux) the following

gpg --print-md sha256

would that do the trick also?
I'm not sure how to input the passphrase through the keyboard into gpg, but that would be much better.
full member
Activity: 406
Merit: 100
[snip>
... I will simply use the same passphrase to generate the same private keys, import them into a real wallet.dat, and then spend them.
Too bad that your hacked computer immediately after putting your keys in the 'real wallet.dat' already has transferred all your bitcoins to the thief's wallet before you were able to touch any key!
 Tongue
member
Activity: 84
Merit: 10
That is bloody brilliant.  I mean, really, really, really.

Bloody brilliant!  Given a popular and accessible conversion utility and interface...well.  I have to go outside and breath slowly now.
full member
Activity: 406
Merit: 100
I'm sure one of bitcoinporn's private keys will be generated by inputting Canticles 1:13 into this key generator.  Grin
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
Exactly.

Every private key is just a 32-byte hex number.  Every 32-byte hex number can be used as a private key.  And hence, every 32-byte hex number has a corresponding Bitcoin address.

Just by coincidence (or perhaps not), the SHA256 hash algorithm can produce a 32-byte hex number from any text input.  And while the output isn't predictable, it always produces the same output given the same input text.

So the idea is just to pair these two ideas.  Pick a passphrase, compute the SHA256 of it, use that as a private key.

All the Casascius Bitcoin Utility does, is calculate the Bitcoin address that corresponds to your 32 bytes as the matching private key.

You aren't remembering the private key itself, you're merely remembering the text that will produce your private key when plugged back into the SHA256 hash algorithm.  Which is good enough.

(When using Casascius Bitcoin Utility / SHA256, the passphrases ARE case sensitive by the way)
legendary
Activity: 1596
Merit: 1012
Democracy is vulnerable to a 51% attack.
are private and public keys case sensitive? if they are not then i could probably eventually memorize 1 key pair.
You don't memorize the keys themselves. You memorize a string whose hash is the private key. You can use any algorithm to convert the string to a key that you like, case sensitive or case insensitive.
Eli
full member
Activity: 128
Merit: 100
I have successfully transferred bitcoins into my head.  They can't be hacked.  They exist nowhere but in my head.  If I die, they die with me.

As crazy as this sounds, it's true.

I simply picked a passphrase, and turned it into a bitcoin address with my open source Casascius Bitcoin Utility (available from github).  When I want to spend the funds, I will simply use the same passphrase to generate the same private keys, import them into a real wallet.dat, and then spend them.

What's my purpose in making this point?  While the entire Bitcoin community is reeling over the loss of Mybitcoin.com - not just the site, but the realization that keeping bitcoins in a web wallet is fundamentally flawed - I really want to pound in the idea that bitcoins can be kept on paper and in the form of codes or passphrases.  And when people do this, the bitcoins cannot be hacked.

Every sentence you can think of, corresponds to a Bitcoin address.  The bitcoin address can be given out freely, the sentence is the password that allows spending of bitcoins.  Once upon a time, I stored 0.25 bitcoins in the sentence "This string contains 0.25 BTC hidden in plain sight."... others were successfully able to retrieve the 0.25 BTC given the sentence.

The future of practicing safe Bitcoin is for people to be able to keep their private keys offline.  If you operate a Bitcoin-based website or exchange or are working on client code, please, for the future of Bitcoin, include the ability for people to enter and redeem the funds off of hand-typed private keys.

Could you explain the process behind those apps?

I'm thinking of using a different type of wallet along with my Safebit wallet, one that will allow users to move addresses from place to place rather than them being attached to a singular wallet file, which I find extremely inefficient and quite simply a stupid idea in the first place when you can store individual addresses and manipulate them directly.
newbie
Activity: 20
Merit: 0
I put a bomb in the blockchain, prepare to be stricken with alzheimer's
legendary
Activity: 2940
Merit: 1090
"I want a big mac and large fries to go, but only if you accept bitcoins via passphrases like this"

"oh wait, double that order, please"

"yes its me again. still accepting bitcoins via passphrases like this?"

"the usual, please and thank you"

etc

-MarkM- (Darn, I forgot the password from Saberhagen's "Octagon". Chapel Perilous? Something related to that...)
full member
Activity: 134
Merit: 102
legendary
Activity: 1764
Merit: 1015
Nice, just wait till a "Mind Reader" gets a hold of it  Grin.
sr. member
Activity: 350
Merit: 251
are private and public keys case sensitive? if they are not then i could probably eventually memorize 1 key pair.
legendary
Activity: 1918
Merit: 1570
Bitcoin: An Idea Worth Spending
iwearcoloredcodedbvdssize34to36

mygirlfriendlikesto(insert your own words here)withme

ithinkmywifeischeatingonmehencethisbitcoinstash

if2plus2equals4thenwhyisthegrassgreen

ilikeu238special3doorsdownandb52s

And you say this idea is sound? I agree!

It's useless without the key!

legendary
Activity: 1176
Merit: 1280
May Bitcoin be touched by his Noodly Appendage
Only on Windows
*nix users, look at pp2k.py http://github.com/jackjack-jj/pp2k
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
I dont trust my memory. At all.

Not even to remember the opening line to your favorite childhood cartoon?  Or the motto of a group you belonged to?  Simply take a sentence you already know from memory, and add a few words to it (like "big fat ____" or "____ in the bed" or the name of a favorite artist etc.)

If not your memory, certainly you can use a piece of paper, or whatever you do to keep track of your regular passwords!
legendary
Activity: 1148
Merit: 1001
Radix-The Decentralized Finance Protocol
I dont trust my memory. At all.
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
I have successfully transferred bitcoins into my head.  They can't be hacked.  They exist nowhere but in my head.  If I die, they die with me.

As crazy as this sounds, it's true.

I simply picked a passphrase, and turned it into a bitcoin address with my open source Casascius Bitcoin Utility (available from github).  When I want to spend the funds, I will simply use the same passphrase to generate the same private keys, import them into a real wallet.dat, and then spend them.

What's my purpose in making this point?  While the entire Bitcoin community is reeling over the loss of Mybitcoin.com - not just the site, but the realization that keeping bitcoins in a web wallet is fundamentally flawed - I really want to pound in the idea that bitcoins can be kept on paper and in the form of codes or passphrases.  And when people do this, the bitcoins cannot be hacked.

Every sentence you can think of, corresponds to a Bitcoin address.  The bitcoin address can be given out freely, the sentence is the password that allows spending of bitcoins.  Once upon a time, I stored 0.25 bitcoins in the sentence "This string contains 0.25 BTC hidden in plain sight."... others were successfully able to retrieve the 0.25 BTC given the sentence.

The future of practicing safe Bitcoin is for people to be able to keep their private keys offline.  If you operate a Bitcoin-based website or exchange or are working on client code, please, for the future of Bitcoin, include the ability for people to enter and redeem the funds off of hand-typed private keys.

EDIT: Added, per suggestion, a reminder that any time you import Bitcoins from a private key into the current Satoshi client and spend less than all of them, you should spend the rest to new addresses, or at least back-up the wallet.dat.  This is because the portion you didn't spend (the change) gets sent to a brand new address that exists only in wallet.dat, and will be lost if you don't keep it safe.
Pages:
Jump to: