I have the same problem, I sent money to an instawallet and even though the transaction is confirmed there is nothing showing up in instawallet.
Really annoying.
Topic: New, simple online wallet: www.instawallet.org - no signup required - page 3. (Read 28915 times)
March 09, 2013, 01:44:40 PM
March 09, 2013, 01:16:32 PM
Another software glitch?
It seems instawallet bitcoin daemon has died, all in & out transactions are not reflected in instawallet addresses.
It seems instawallet bitcoin daemon has died, all in & out transactions are not reflected in instawallet addresses.
February 24, 2013, 12:04:59 PM
This is a simply problem that should have a simple fix.
The URL https://instawallet.org should be set up as a landing page, populate with simple content and one button. Upon clicking the button, the familiar page, or similar, we now see would then appear showcasing the new wallet with 0 bitcoins, whereupon the newly generated URL will be the address of the user's new online wallet.
Currently, as it is set up now, there is no instawallet.org page one can visit. This simple change would take very little effort.
Problem solved!
~Bruno K~
The URL https://instawallet.org should be set up as a landing page, populate with simple content and one button. Upon clicking the button, the familiar page, or similar, we now see would then appear showcasing the new wallet with 0 bitcoins, whereupon the newly generated URL will be the address of the user's new online wallet.
Currently, as it is set up now, there is no instawallet.org page one can visit. This simple change would take very little effort.
Problem solved!
~Bruno K~
The problem is not the experienced user but the noob. You could still trick a noob into believing that
is a referral link.
Valid point! Then on the landing page I mentioned above, a popup warning box appears that has to be manually ticked (If you don't want to see this box again from this IP, click this box and exit). In fact, besides just the landing page, ANY page generated for the first time visitor via a unique IP.
I'm sure the above should eliminate a high percentage of the scams. Hell, there are people still being spoofed by fake PayPal sites, and I'm sure they're throwing everything in their arsenal to combat the problem.
February 23, 2013, 03:08:10 PM
This is a simply problem that should have a simple fix.
The URL https://instawallet.org should be set up as a landing page, populate with simple content and one button. Upon clicking the button, the familiar page, or similar, we now see would then appear showcasing the new wallet with 0 bitcoins, whereupon the newly generated URL will be the address of the user's new online wallet.
Currently, as it is set up now, there is no instawallet.org page one can visit. This simple change would take very little effort.
Problem solved!
~Bruno K~
The URL https://instawallet.org should be set up as a landing page, populate with simple content and one button. Upon clicking the button, the familiar page, or similar, we now see would then appear showcasing the new wallet with 0 bitcoins, whereupon the newly generated URL will be the address of the user's new online wallet.
Currently, as it is set up now, there is no instawallet.org page one can visit. This simple change would take very little effort.
Problem solved!
~Bruno K~
The problem is not the experienced user but the noob. You could still trick a noob into believing that
is a referral link.
February 23, 2013, 02:36:07 PM
This is a simply problem that should have a simple fix.
The URL https://instawallet.org should be set up as a landing page, populate with simple content and one button. Upon clicking the button, the familiar page, or similar, we now see would then appear showcasing the new wallet with 0 bitcoins, whereupon the newly generated URL will be the address of the user's new online wallet.
Currently, as it is set up now, there is no instawallet.org page one can visit. This simple change would take very little effort.
Problem solved!
~Bruno K~
The URL https://instawallet.org should be set up as a landing page, populate with simple content and one button. Upon clicking the button, the familiar page, or similar, we now see would then appear showcasing the new wallet with 0 bitcoins, whereupon the newly generated URL will be the address of the user's new online wallet.
Currently, as it is set up now, there is no instawallet.org page one can visit. This simple change would take very little effort.
Problem solved!
~Bruno K~
February 23, 2013, 05:39:32 AM
Oh this really looks like a big problem. I could advertise instawallet.org and claim there was some sort of referral program. You get 0.01Ƀ if you use my referral link: instawallet.org/referrer/Giszmo.
The problem is the attacker could even use some new addresses here but generate them himself and send the "referrer reward" only seconds later.
I think instawallet.org should definitely distinguish between deep link and generated url. I really feel sad for all the noobs that were and will get scammed
This attack works with all the users that take help to get started no matter what wallet but with instawallet it is easier. I sold many people bitcoins that had no clue about bitcoin and could have easily installed them my wallet for their use without them noticing that now I will have access.
I think the minimum instawallet should do is to show a creation time stamp of that wallet with some advice that if the user feels like he might have started using it later, he better should move on to a new wallet. Moving on to new wallets is actually a good advice to just about every user.
The problem is the attacker could even use some new addresses here but generate them himself and send the "referrer reward" only seconds later.
I think instawallet.org should definitely distinguish between deep link and generated url. I really feel sad for all the noobs that were and will get scammed
This attack works with all the users that take help to get started no matter what wallet but with instawallet it is easier. I sold many people bitcoins that had no clue about bitcoin and could have easily installed them my wallet for their use without them noticing that now I will have access.I think the minimum instawallet should do is to show a creation time stamp of that wallet with some advice that if the user feels like he might have started using it later, he better should move on to a new wallet. Moving on to new wallets is actually a good advice to just about every user.
February 22, 2013, 03:03:53 PM
Please let me know, if my concern makes sense to you, or if I might need to clarify it a bit better.
You are correct that the only secure way to use Instawallet is to use only an InstaWallet (URL) that was assigned to you by the site (which occurs EVERY time you access the URL without specifying any path, i.e,., https://instawallet.org ).
If someone passes you some funds with another InstaWallet (URL), you can send the funds to the Bitcoin address to your own InstaWallet but you should never add new funds to that InstaWallet -- it should be treated as having been compromised.
If the user goes straight to an existing wallet, then it would be good to "welcome back"
The site does give the message:
"Only share your bitcoin address, NOT the wallet URL or key, with the public."
So if a person gets the wallet URL from elsewhere hopefully that person can realize that a problem exists.
The problem is, that bad guys in chat-rooms redirect newbies to "compromised" instawallets, labelling
the links merely "Instawallet", thus tricking newbies into believing it was a new one. Since they typically
use short-url services, it often really isn't obvious to the user where the link actually went to.
Open your own wallet in one tab, and create a new wallet in a second tab: except for the identifiers,
(and the balance) there's nothing that would tell one, if it is a newly created or a used wallet.
So, to protect newbies from accidentally "adopting" a compromised wallet, the wallet-page itself
should use specific wording like "welcome to your new wallet" versus "welcome back to your w."
in big letters on top and explain, that if the "welcome back" sounds unexpected, then it definitely *is*.
Also, there must definitely be no way to re-trigger the "new"-tag through crafted URLs, either.
I hope the problem became clear, this time.
February 22, 2013, 02:40:04 PM
Please let me know, if my concern makes sense to you, or if I might need to clarify it a bit better.
You are correct that the only secure way to use Instawallet is to use only an InstaWallet (URL) that was assigned to you by the site (which occurs EVERY time you access the URL without specifying any path, i.e,., https://instawallet.org ).
If someone passes you some funds with another InstaWallet (URL), you can send the funds to the Bitcoin address to your own InstaWallet but you should never add new funds to that InstaWallet -- it should be treated as having been compromised.
If the user goes straight to an existing wallet, then it would be good to "welcome back"
The site does give the message:
"Only share your bitcoin address, NOT the wallet URL or key, with the public."
So if a person gets the wallet URL from elsewhere hopefully that person can realize that a problem exists.
February 22, 2013, 10:43:58 AM
Recently, I saw a couple of instances (in chat rooms), where people published private URLs of instawallets, sometimes with some dust (less than 0.01 BTC) in it, sometimes empty. I think that newbies could be tricked by referrers to believe that the wallet they arrive at might be theirs, and start depositing money.
I'd like to see Instawallet make it perfectly clear to a user, whether a wallet displayed has just been created anew, or is being "re-visited".
In the former case the wallet should contain all the advisories about about saving it to a bookmark for lack of recovery-procedures (and of course about not sharing the wallet's URL).
If the user goes straight to an existing wallet, then it would be good to "welcome back" him, with an extra note, that if he hasn't previously created that one wallet himself, that it would then probably be unsafe to deposit funds there.
Please let me know, if my concern makes sense to you, or if I might need to clarify it a bit better.
I'd like to see Instawallet make it perfectly clear to a user, whether a wallet displayed has just been created anew, or is being "re-visited".
In the former case the wallet should contain all the advisories about about saving it to a bookmark for lack of recovery-procedures (and of course about not sharing the wallet's URL).
If the user goes straight to an existing wallet, then it would be good to "welcome back" him, with an extra note, that if he hasn't previously created that one wallet himself, that it would then probably be unsafe to deposit funds there.
Please let me know, if my concern makes sense to you, or if I might need to clarify it a bit better.
January 21, 2013, 05:18:36 PM
... and because bitcoind's wallet code hasn't been optimized for massive wallets. "patches welcome"
(although I think the wallet code needs a complete rewrite, we've learned a lot over the last couple of years and need wallets that are much easier to back up and keep secure).
January 09, 2013, 04:53:19 AM
Why so long?
Because the wallet is massive January 08, 2013, 11:24:32 PM
Instawallet's Bitcoin daemon apparently just crashed.
Sit tight while it's starting up again. For the record, the Instawallet bitcoin client takes approximately an hour to start up.
Why so long? Sit tight while it's starting up again. For the record, the Instawallet bitcoin client takes approximately an hour to start up.
December 24, 2012, 08:43:23 AM
Instawallet's Bitcoin daemon apparently just crashed.
Sit tight while it's starting up again. For the record, the Instawallet bitcoin client takes approximately an hour to start up.
Sit tight while it's starting up again. For the record, the Instawallet bitcoin client takes approximately an hour to start up.
December 14, 2012, 03:21:18 AM
No reporting requirements are imposed upon Bitcoin-only services, and even if Instawallet is operated by Paymium it remains a Bitcoin-only service.
But without Instawallet being a separate legal entity I am assuming that if Paymium were to be ordered to turn over any and all records relating to Bitcoin-Central account #nnnnn and those records included a deposit from an Instawallet bitcoin address that those Instawallet records too would need to be turned over, in order to comply with the order.Bitcoin-Central and instawallet are different services.
They have no direct connection and communicate to each other only through the Bitcoin network itself.
December 13, 2012, 10:52:32 PM
No reporting requirements are imposed upon Bitcoin-only services, and even if Instawallet is operated by Paymium it remains a Bitcoin-only service.
But without Instawallet being a separate legal entity I am assuming that if Paymium were to be ordered to turn over any and all records relating to Bitcoin-Central account #nnnnn and those records included a deposit from an Instawallet bitcoin address that those Instawallet records too would need to be turned over, in order to comply with the order. December 13, 2012, 04:40:16 PM
With Paymium (operator of Instawallet)' Bitcoin-Central exchange becoming partnered to a Payment Services Provider (PSP), how will this affect Instawallet?
In no way. Bitcoins are and remain unregulated. No reporting requirements are imposed upon Bitcoin-only services, and even if Instawallet is operated by Paymium it remains a Bitcoin-only service.
We welcome Tor users on Instawallet.
Specifically, let's say I buy a piece of silver bullion and send bitcoins as payment from my Instawallet. And that seller happened to use Bitcoin-Central. Then they cashed out and withdrew the funds via the PSP/bank. But unbeknownst to me the bullion seller was in trouble with the authorities for something and the EU authorities are monitoring each transaction of the seller.
What we would do is pull the data we have from the Bitcoin-Central logs. We'd see a Bitcoin transaction incoming. And that would be it.We keep the strict minimum logs for Instawallet so there's really not much to share.
Would that mean the link to my Instawallet might also be shared, and possibly all of my Instawallet transactions be shared with the authorities?
If as a company we get a court order, we have to comply. However :
- we can only give what we log, which is, again, not much for Instawallet,
- it's quite dubious a court would issue an order to surrender Instawallet data "just to see if the transaction didn't originate from there"
The beauty with Bitcoin is that you don't have to trust my word. Your financial privacy is in your very own hands, all the tools are yours to use.
December 13, 2012, 03:14:42 PM
With Paymium (operator of Instawallet)' Bitcoin-Central exchange becoming partnered to a Payment Services Provider (PSP), how will this affect Instawallet?
Specifically, let's say I buy a piece of silver bullion and send bitcoins as payment from my Instawallet. And that seller happened to use Bitcoin-Central. Then they cashed out and withdrew the funds via the PSP/bank. But unbeknownst to me the bullion seller was in trouble with the authorities for something and the EU authorities are monitoring each transaction of the seller.
Would that mean the link to my Instawallet might also be shared, and possibly all of my Instawallet transactions be shared with the authorities?
Specifically, let's say I buy a piece of silver bullion and send bitcoins as payment from my Instawallet. And that seller happened to use Bitcoin-Central. Then they cashed out and withdrew the funds via the PSP/bank. But unbeknownst to me the bullion seller was in trouble with the authorities for something and the EU authorities are monitoring each transaction of the seller.
Would that mean the link to my Instawallet might also be shared, and possibly all of my Instawallet transactions be shared with the authorities?
December 13, 2012, 07:44:18 AM
I just transfered some BTC from instawallet to my clients BTC address. After hitting send, the site gave me an error, something like "oops, something went wrong". The amount was deducted from my instawallet but never showed up on my address/the blockchain.
I'm getting a little nervous here, what's happening? I triple-checked the address before sending, so that shouldn't be the issue.
I'm getting a little nervous here, what's happening? I triple-checked the address before sending, so that shouldn't be the issue.
Issue resolved, thanks a lot!
December 13, 2012, 06:14:29 AM
I just transfered some BTC from instawallet to my clients BTC address. After hitting send, the site gave me an error, something like "oops, something went wrong". The amount was deducted from my instawallet but never showed up on my address/the blockchain.
I'm getting a little nervous here, what's happening? I triple-checked the address before sending, so that shouldn't be the issue.
I'm getting a little nervous here, what's happening? I triple-checked the address before sending, so that shouldn't be the issue.
December 06, 2012, 03:09:52 AM
I'm on it.
Jump to: