Topic: My first experience with bitcoin was NOT positive :( - page 2. (Read 6537 times)

I would never maintain a large balance on a hosted wallet, no matter how nice, but for small purchases or for a first time user I think blockchain.info is perfect. It's very easy to use and has a lot of polish.

However people who move on to managing larger sums should learn how to use cold storage and offline transactions for security, which means a standalone client.

I've been trying to put off writing on this subject because it is a source of massive debate and flamewars in the Bitcoin community, however this user's thorough writeup of his experience has spurred me to record my thoughts on this subject.

The Bitcoin community seems to be at a theological crossroads, and the direction we take at this crossroad will have a huge impact on Bitcoin's future. On one side of the crossroads we have the more technical, more distributed approach. On the other side of the crossroads we have the more user friendly, less technical approach. Each camp hates each other, and refuses to acknowledge the benefits of each approach and work together.

The more technical approach argues that the only client that can be trusted is the main, bitcoin.org Bitcoin client. They argue that this client is superior because it has been reviewed by many, many people, and it ensures that Bitcoin is decentralized because each client acts independently of each other and has their own copy of the block chain. The more technical approach argues that each client having to download and maintain a copy of the block chain is a good thing, as it ensures the distributed nature of Bitcoin, and makes the network less susceptible to a man-in-the-middle attack by shared wallets.

The less technical approach argues that the difficulty of entry into Bitcoin with the bitcoin.org client is simply too much, and that it scares people away from Bitcoin. They argue that people on the internet have a short attention span, and many newcomers to Bitcoin will simply not wait for the block chain to download. They promote the use of alternative clients and web wallets as the solution to a new user's woes, as many alternative clients and web wallets work instantly and do not require people to wait hours to download the block chain. The less technical approach acknowledges that these alternative clients and web wallets harm the distributed nature of the Bitcoin network, but they maintain that for new users this risk is offset by the fact that adoption of Bitcoin is easier using the less technical approach.

I see no reason why these two approaches can't exist simultaneously. I tend to agree with the less technical approach's solution to new users, and I think that bitcoin.org needs to promote a "New User" approach that advocates the use of a single alternative client, one that has been approved by the Bitcoin community at large, and that advocates the use of a single web wallet, one that has been approved by the Bitcoin community at large. I also agree with the more technical approach that Bitcoin needs to maintain an option for "Advanced Users" that advocates the use of the bitcoin.org client, as this is essential to maintaing the Bitcoin network's distributed nature. This dual-user approach has been discussed previously in this thread.

Bitcoin is at a crossroads. Many new users are downloading the bitcoin.org client every day, only to be put off by the client's user unfriendliness. This is causing Bitcoin to be labeled more and more as a geek subculture, and a niche. The fact is that Bitcoin is useful for everyone, we just need to empower new users by giving them the tools they need to get tied into the Bitcoin ecosystem. We need to do this quickly, or else we will depart down the crossroads, and the public perception of Bitcoin will already be that it is a niche. We need to stop this stupid infighting, and ideological warfare, and advocate an approach that takes the best parts from both approaches, and leaves the bad parts behind.

I think coinbase is easier than blockchain for beginners. 

Sorry, but bitcoin is a 0 trust system. You need to make people aware of whom they are trusting and what is important to keep private/to themselves in each case.

With blockchain.info, you trust that their website is malware free and that they don't snoop on you themselves.
I haven't looked into Multibit, but it seems like a "lite" client, so you trust someone else who has the full blockchain to not lie to you I guess.
With Bitcoin-QT all you have to care about is that only you have access to the wallet.dat file (which is hidden in a place that is VERY inconvenient for new users btw. - I recently read about someone who installed Bitcoin to the desktop, then backed up this folder and reinstalled Windows, thus loosing his whole BTC, even though he backed up the Bitcoin folder that he explicitly put in a prominent location to remind him to keep it!). The downside is that you have to download quite a few blocks (currently all, in the future probably all since the last hardcoded checkpoint) before the software even lets you get going.

I'd rather have a link to an even more recent "bootstrap.dat" file on various P2P networks + HTTP locations (http://en.wikipedia.org/wiki/Metalink) and a button inside Bitcoin-QT to verify from genesis for the paranoid instead of advertising solutions that require far more trust in some operators of webservices.

Also a hard spec for wallet files (how to store private keys for Bitcoin) should be discussed and maybe written as a BIP so different clients have a standard format to export/import wallets.

+1

Can't see graphic.

EDIT:  I see it with this url:  img831.imageshack.us/img831/1186/bitcoinwireframe2.png

Nah it should look like this:



The further Bitcoin moves to the mainstream the less tech-savvy users will be. Even downloading and installing correctly can be a challenge.

This is a wireframe of what the front page of bitcoin.org should look like:



Edit: I still think Multibit needs encryption still.

OK, it's good that MultiBit can import blockchain wallet backups, that definitely helps a lot. It'd be nice if the earliest key time was included so there's no need to scan from the genesis block.

Also, it's been a while since I saw the iPhone app, but my impression was you needed to log in to blockchain.info for it to work. That is, if the site goes away, then it won't start up anymore. If that's not the case then I take it back.

Re: the extension. I think rather than making the extension give even scarier warnings, it'd be better to just turn it into a Chrome app that has a gitian-style bootstrap script. Stefan prototyped something like that which fits in a bookmarklet so it's not Chrome specific - very cool if rather unorthodox. I'm not sure if you can train users to always navigate to the app by clicking a bookmarklet given that no other software works that way.

Of course, if you go this route, is it really any different to just having a regular downloadable app? It's not a normal web app anymore.

The problem with having an extension that says "Something changed, watch out!" is that it's not going to work. This isn't debatable, if you think this will work you need to spend an evening reading usability studies of SSL in web browsers. For something like 90% of its history HTTPS simply had no effect despite all the fancy maths because all (seriously, all) users clicked through the warnings when something went wrong. Even since browsers have moved to big red screens that say "Don't proceed!" as plainly as possible, the clickthru rate on Chromes self-signed SSL cert interstitial is 60% - despite that accepting a self signed cert completely defeats the point of SSL.

It's better to just silently accept an upgrade if it's been signed by multiple independent parties and hard reject if not.  The hard reject should never happen in normal operation. Matt has something like this in a pull request for Bitcoin-QT and I hope it's the way every client goes.

The point about privacy seems to have been missed. It doesn't matter if you mix coins. The site still knows all your addresses and your transactions. The mixing is intended to make it harder for other people who are NOT the hosted wallet site to figure things out. Yes, if the privacy loss doesn't concern you, then I agree it's no big deal.

All the points I raised can be fixed with code. But once all that is done, what you'll have is a standard SPV client that talks directly to the P2P network - basically a MultiBit that's implemented in HTML/JS. Electrum is going through this process now.

It seems to me like people who have a good grasp will always debate things more than people with no grasp...

Mike Hearn saying blockchain.info could be "the next MyBitcoin" and saying you aren't serious about bitcoin if you have an iPhone is what I've been debating against. It's FUD. There are fundamental differences in how blockchain.info is built that make most of those issues of MyBitcoin non-existent. The iPhone doesn't even have many of these issues, so I really don't understand the attack on the jailbroken app. Additionally, these are different problems than the reddit post's problem with waiting for synchronization.

Bitcoin isn't even 1.0 yet and the synchronization problem is being worked on. 0.8 has major improvements in the time it takes to synchronize which make the reddit post moot.  No web-provider needs to be trusted or chrome extension checked because the satoshi client will not take very long.  However, I'd still say that a web wallet is much easier for the vast majority of users to use.

Installing a program that handles the blockchain and manually managing backups is always going to be more effort than creating an account that can be easily accessed from any web browser and automatically handles secure wallet backups.  This is why I think that promoting secure web wallets is a good idea.

Also, having a large number of users with a ton of coins on a secure web wallet like blockchain.info is not a security risk when they can VERY EASILY move the private keys anywhere else.  Especially considering that even if the site is compromised, it can only reveal the private keys for users that log in without checking the chrome extension.

If the chrome extension were promoted more and had a very large flashing red warning that completely disabled the page when a change is detected, I think that is enough to completely negate Mike Hearn's worries.  If the extension is not detected, every page should have an alert at the top with instructions for installing it.

So, maybe people need the 2 days of blockchain download to think if they really want the responsibility to be holding their own money without someone to bail them out when they do impulse buying or something else as stupid.

Simple solution. (at least imo)

There are good arguments being made here on both sides (hosted wallet vs. non-hosted), but what I haven't seen taken into consideration is different use cases for different users.

I think that is key.

I agree with Jeff Garzik and Mike Hearn for the reasons all users shouldn't be told their end destination should be hosted wallets. BUT the thing is Bitcoin isn't some 'no brainer' credit card; it requires thinking and responsibility ultimately always falls on the user.

Hosted wallets like Blockchain.info should be recommended to new users imo, just with a caveat of the dangers, and that it's not the truest way to use bitcoin, which should be learned at some point but is not necessary to begin getting familiar with it.


EDIT: kangasbos in the directly preceding post beat me to this concept essentially

The thing I have told the newbies, mostly people I have met via localbitcoins:

- There are many different wallets with different security and privacy models, you can choose multiple based on which suits your different use cases
- For small amounts and learning about bitcoins, web based wallets are good
- For stand-alone clients, I have recommended electrum (haven't used multibit myself, but I've heard that it is good)
- I don't recommend bitcoin-qt at all, unless you are experienced with computers
- Offline-generated paper wallets are easy concept to understand and offer understandable security for non-computer-savvy people (put it in a safe)

Edit: and most important thing - all wallets are compatible with each other. You can send money between all the different bitcoin wallet). And the switching costs are low. This is very important point to say, because people tend to think in the old frames - they think in terms of traditional technological lock-ins.

That fact that we have debated this topic for more than 2 posts highlights exactly the problem the reddit guy in OP had.

If we, users of bitcointalk.org and people who have a good grasp of what's going on, are debating it then new users are that much more disadvantaged.  Please, continue to make whatever argument but my previous sentence is the answer to whatever humph-grumph you come up with.

Super easy.  Also, it is not a deterministic wallet.  It's just some JSON with encrypted private keys.

It is off-topic but it might be useful to someone:

The 'Tools | Import Private Keys' in MultiBit can import the blockchain.info wallet backups (This is both the single and double encrypted ones. Piuk wrote the import code and I hooked it into the UI).

When you select the private key import file there is a combo box where you can choose the file extension:



It takes ages as it has to sync from the genesis block but at least you get your wallet recovered.

Most of your aforementioned reasons are not valid...  Lets go over them again.


The chrome extensions is sufficient.  Maybe it could have a better error message, but a user ignoring the error message is not the sites fault.  There should probably be a bigger message telling all the wallet users to install it, but what you are saying is FUD.

I keep as much coin on my phone as I do cash in my wallet.  It is more likely that I get mugged than the site gets compromised and I ignore the warning message telling me its compromised and I login with my two factor auth anyway.

I don't really see this as much of an issue, but if it is a problem for you, use a proxy to access the site and send all your funds through the anonymous mixer (a service not available to the standard the client and as easy to use as checking a checkbox).  So to me, this seems MORE private than the satoshi client.

The 2-factor mt.gox yubikey auth is limited.  The 2-factor through google is perfectly secure.

Definitely arguable.  If the site does go down forever or changes in a way that makes the customer uncomfortable, everyone who has a wallet has an AES encrypted backup that can easily be imported into another client.  These backups (which are incredibly easy to use) get sent any time anything in the wallet changes, so it's not like you will have to download them from a compromised site.

blockchain.info is completely different than many of the other hosted wallets we have seen.  It is not possible for piuk to run away with your coins. If a government seizes his servers, all of his customers are fine because they already have backups of their private keys.

Additionally, the jailbroken iPhone app also does not have any of your (IMO invalid) concerns about javascript security.

how will QT 0.8 reduce the time it takes to sync? will our system still be secure if people no longer download the full block chain?

Nice chart!

What I meant is you have the address queries in your logs tied to IP and so on. Or if you don't, that can change at any point (eg, if you sell the site).

Don't get me wrong, blockchain.info is a really nicely done site. But if 90% of Bitcoin users ended up on My Wallet, I wouldn't feel comfortable with that due to the aforementioned reasons.