Mutable wallets: why? | Bitcointalksearch.org

bitplane

sr. member

Activity: 321

Merit: 250

Firstbits: 1gyzhw

Quote from: 2112 on July 28, 2011, 09:26:15 PM

Your sentences above make me think that you were more involved in some commercial product development and not an open source ego-stroking fests.

Nope, but I've decided to put my money where my mouth is and do some hacking rather than being a whiny little girl about it. Over the coming weeks I'll focus on reading and understanding bitcoin-alt, hopefully, if I can find the time, I'll be able to contribute my ideas back this way.

edit: looks like bitcoin-alt isn't finished. I guess I'll have to get back into C++

2112

legendary

Activity: 2128

Merit: 1073

Quote from: bitplane on July 28, 2011, 08:09:27 PM

Shift attitudes from "works for me, lusers" to "our users are a fragile and delicate resource that must be protected at all costs"

While I agree with what you wrote above, I also think that you don't completely understand the motivation of the people who donate their time towards the project. Perhaps you could shift your thinking towards: "I invested years of my time to excavate through this shipwreck. Now it is payback time or forever hold your peace." and "the users are worth as much as the transaction fees they are willing to pay, no more & no less".

Your sentences above make me think that you were more involved in some commercial product development and not an open source ego-stroking fests. To that extent you'll probably find more people willing to listen if you modify your approach to the developers here.

ctoon6

sr. member

Activity: 350

Merit: 251

I would agree that we need an anonymous mode and a normal i don't care if someone can trace me mode. besides, if you want to be truly anonymous, you need to use a laundering service through tor. really the way the client operates now is just a futile attempt that may not be worth the trouble it causes.

bitplane

sr. member

Activity: 321

Merit: 250

Firstbits: 1gyzhw

Quote from: error on July 28, 2011, 12:50:39 PM

I know plenty of people who are diligent about backups. Of course, I also know plenty of people who are not. I also know that every single one of the latter knows they should be backing their data up, and they still don't do it. How do you solve a problem like that?

An immutable, encrypted wallet that can be posted everywhere.
An option for either maximum anonymity (new key each time), or maximum ease of use (a single address), with the latter being the default.
Nags and prompts in the client to make people back up their wallets once they contain over a certain balance.
Store the wallet in my documents, not in %appdata%, so it's actually visible and can be backed up by normal users who do make occasional backups.
Detect DropBox, Skydrive, UbuntuOne and so on, offer to store the file in these online locations by default.
Option to print private keys or deterministic wallet seed to paper as a QR code, and the option to import it again.
Shift attitudes from "works for me, lusers" to "our users are a fragile and delicate resource that must be protected at all costs"

error

hero member

Activity: 588

Merit: 500

Quote from: bitplane on July 28, 2011, 12:08:55 PM

Quote from: error on July 27, 2011, 02:37:36 PM

I backup my important stuff daily. Some really critical things get backed up hourly or even more often. I've lost enough data to know that I don't want it to ever happen again.

Let's assume that you know one other person with a computer, do they also have an anal backup procedure like yours?

If not then Bitcoin is a liability for 50% of all the computer users who you know. It should be accessible to 99.9% if it's to be successful.

I know plenty of people who are diligent about backups. Of course, I also know plenty of people who are not. I also know that every single one of the latter knows they should be backing their data up, and they still don't do it. How do you solve a problem like that?

bitplane

sr. member

Activity: 321

Merit: 250

Firstbits: 1gyzhw

Quote from: error on July 27, 2011, 02:37:36 PM

I backup my important stuff daily. Some really critical things get backed up hourly or even more often. I've lost enough data to know that I don't want it to ever happen again.

Let's assume that you know one other person with a computer, do they also have an anal backup procedure like yours?

If not then Bitcoin is a liability for 50% of all the computer users who you know. It should be accessible to 99.9% if it's to be successful.

error

hero member

Activity: 588

Merit: 500

Quote from: netrin on July 27, 2011, 10:23:06 AM

Quote from: error on July 23, 2011, 01:06:59 AM

Quote from: bitplane on July 23, 2011, 12:55:58 AM

Quote from: error on July 23, 2011, 12:39:33 AM

For purposes of backup, you only NEED to backup the wallet.dat every time a new address is generated.

That's not very user-friendly at all though, and if you mess up it can cost you everything you own.

Are there any plans to solve this issue? It's by far my biggest complaint, savings wallets are easy but actually having one for day-to-day use is a chore

Wait a minute. You're telling me you don't ALREADY backup your important data at least weekly?

Do you know any individual (in the flesh) who does? If my friends' data are backed up it's only because I do it. The number of times I've tried to restore coworkers corrupted NTFS disks never fails to amaze me. Hell just last week I was asked to help restore (assuredly non-critical) hospital data.

I think the 100 key pool is a good idea. But I think the wallet should cycle through the keys. If I want anonymity, I'll increase the pool size or create multiple wallets. But leaky wallets are disastrous.

I symmetrically encrypt each of my wallets and check them into DVCS. But its such a PITA that I've come to rely upon that 100 keypool buffer.

I backup my important stuff daily. Some really critical things get backed up hourly or even more often. I've lost enough data to know that I don't want it to ever happen again.

netrin

sr. member

Activity: 322

Merit: 251

FirstBits: 168Bc

Quote from: error on July 23, 2011, 01:06:59 AM

Quote from: bitplane on July 23, 2011, 12:55:58 AM

Quote from: error on July 23, 2011, 12:39:33 AM

For purposes of backup, you only NEED to backup the wallet.dat every time a new address is generated.

That's not very user-friendly at all though, and if you mess up it can cost you everything you own.

Are there any plans to solve this issue? It's by far my biggest complaint, savings wallets are easy but actually having one for day-to-day use is a chore

Wait a minute. You're telling me you don't ALREADY backup your important data at least weekly?

Do you know any individual (in the flesh) who does? If my friends' data are backed up it's only because I do it. The number of times I've tried to restore coworkers corrupted NTFS disks never fails to amaze me. Hell just last week I was asked to help restore (assuredly non-critical) hospital data.

I think the 100 key pool is a good idea. But I think the wallet should cycle through the keys. If I want anonymity, I'll increase the pool size or create multiple wallets. But leaky wallets are disastrous.

I symmetrically encrypt each of my wallets and check them into DVCS. But its such a PITA that I've come to rely upon that 100 keypool buffer.

bitplane

sr. member

Activity: 321

Merit: 250

Firstbits: 1gyzhw

Quote from: error on July 23, 2011, 01:06:59 AM

Wait a minute. You're telling me you don't ALREADY backup your important data at least weekly?

None of my important data is as sensitive and vulnerable as my unencrypted bitcoin wallet. I suppose if the wallet was encrypted I could drop it in my dropbox dir, or maybe if it were possible to keep my keys in KeePass and serve them over KeePassHTTP that would work. Currently backing up my wallet and synchronizing it across computers is a manual process, if it's not for you then you have a very specific type of backup/synchronization strategy that happens to work for this particular file. (lol congratulations)

error

hero member

Activity: 588

Merit: 500

Quote from: bitplane on July 23, 2011, 12:55:58 AM

Quote from: error on July 23, 2011, 12:39:33 AM

For purposes of backup, you only NEED to backup the wallet.dat every time a new address is generated.

That's not very user-friendly at all though, and if you mess up it can cost you everything you own.

Are there any plans to solve this issue? It's by far my biggest complaint, savings wallets are easy but actually having one for day-to-day use is a chore

Wait a minute. You're telling me you don't ALREADY backup your important data at least weekly?

bitplane

sr. member

Activity: 321

Merit: 250

Firstbits: 1gyzhw

Quote from: EricJ2190 on July 23, 2011, 12:35:58 AM

Having many addresses improves privacy and makes it easier to keep track of payments from multiple sources.

I guess that payments from multiple sources is useful for most people, though I've never used different addresses for each person myself. I also guess that each published address could potentially mean lost funds, so a wallet per address would be out of the question; now I see the need for deterministic wallets!

Quote from: error on July 23, 2011, 12:39:33 AM

This data could (and probably should) be stored elsewhere.

I agree. A separate cache in some table for each inbound address in some other database would be ideal. Maybe also hold the time when the address was generated so there's no need to scan the entire block chain if you add a new address to an old client.

Quote from: error on July 23, 2011, 12:39:33 AM

For purposes of backup, you only NEED to backup the wallet.dat every time a new address is generated.

That's not very user-friendly at all though, and if you mess up it can cost you everything you own.

Are there any plans to solve this issue? It's by far my biggest complaint, savings wallets are easy but actually having one for day-to-day use is a chore

error

hero member

Activity: 588

Merit: 500

Data about YOUR transactions is stored in the wallet so it can be accessed and displayed quickly. Without this, you would have to wait as long as several minutes (however long -rescan runs) every time you started the Bitcoin client. This data could (and probably should) be stored elsewhere.

For purposes of backup, you only NEED to backup the wallet.dat every time a new address is generated. But this happens almost every time you send bitcoins, and also happens the first time you receive bitcoins at any particular address. However, though new addresses are generated, Bitcoin always uses the oldest ones in the pool of 100 addresses. So using a slightly older backup won't hurt you, unless you've sent 100 transactions or something since your last backup.

EricJ2190

full member

Activity: 134

Merit: 102

Having many addresses improves privacy and makes it easier to keep track of payments from multiple sources.

bitplane

sr. member

Activity: 321

Merit: 250

Firstbits: 1gyzhw

Are there clear advantages of having a wallet that mutates whenever we open the Bitcoin client, or is this an artefact of some other design decision?

I can see several disadvantages:

1) My wallet file constantly changes, so I need to keep backing it up every time I use it.
2) It grows over time, becoming harder and harder to manage.
3) If I replace it with an old backup, I have to rescan because (I'm assuming that) transaction cache data exists within the wallet (why?!)
4) If my computer crashes while Bitcoin is writing to the wallet then it has a chance of becoming corrupted.

Is there a good reason why we don't have just one address held in a file that never changes, that's easy to back up and holds no state data?
Do we need all 100 addresses in there, do we need more than one or two?

Topic: Mutable wallets: why? (Read 1528 times)