Pages:
Author

Topic: Owner specified bitcoin escheat mechanism (Read 1614 times)

newbie
Activity: 28
Merit: 0
January 05, 2012, 07:43:20 PM
#24
thanks guys - glad it's only half a cent  Roll Eyes

aaaand this is why i am practicing with a slow-ass laptop - 10.8mh/s yay me
newbie
Activity: 24
Merit: 0
January 05, 2012, 07:41:29 PM
#23
or will encrypting my wallet now, make their copy useless?
wat do?
new wallet.dat?
i only have 0.005 in the old one (from a faucet no less)

No, encrypting your wallet now won't protect it.  You need to create a new wallet with new addresses and spend your coins to it.

-B
donator
Activity: 1218
Merit: 1079
Gerald Davis
January 05, 2012, 07:40:09 PM
#22
one more thing.
i discovered today my computer is/was infected with InstallMonetizer.exe - i believe this to be some kind of stealthcoin or wallet-stealer.
my wallet, being new @ all of this, is unencrypted to date.
now, it is totally possible somebody has a copy of my unencrypted wallet.dat

Then those keys are potentially compromised forever.  If someone else has a copy of the wallet then they could take funds from it now, next year, next century.

Luckily you have a negligible amount of money.  To be safe I would create a new wallet (and if you want to retain the 0.05 then send it to an address in your new encrypted wallet).
newbie
Activity: 28
Merit: 0
January 05, 2012, 07:33:50 PM
#21

My approach is, we can't say "Gavin, we're changing to deterministic wallets the first thing tomorrow" but we can tweak the existing client easily and make some impact now.

but we could implement deterministic wallets + wallet.dat
therefore we have a physical backup (for those so inclined) & a deterministic system can simply be applied overtop, without affecting the user or changing the way they use the system - except they now MUST make a password.


one more thing.
i discovered today my computer is/was infected with InstallMonetizer.exe - i believe this to be some kind of stealthcoin or wallet-stealer.
my wallet, being new @ all of this, is unencrypted to date.
now, it is totally possible somebody has a copy of my unencrypted wallet.dat

if i now encrypt it, does this protect me from them simply opening up my old (unencrypted) wallet and refreshing with any new transactions???
or will encrypting my wallet now, make their copy useless?
wat do?
new wallet.dat?
i only have 0.005 in the old one (from a faucet no less)
full member
Activity: 210
Merit: 100
January 05, 2012, 06:41:10 PM
#20
DAT,

I proposed automatic backups made by the client itself (or even a wallet-caretaker background service installed together with the client).
That would take care of lack of backups, outdated backups or corruption.
A hard drive failure might still be a pain, I know, but synchronizing and backing data up in the cloud is becoming more and more prevalent.
"Documents" is gotta be THE folder to receive this special treatment. Windows 8 might very well do that out of the box.
Even unsophisticated users know there is a Documents folder with their data in it and putting the wallet file there isn't much pain, is it?

Unsophisticated users do what their computer tells them to do, that's why I think offering encryption to the user by default a very prudent step. Isn't it?
Think of it this way, Windows had a firewall since Win2000 but until XP SP2 it was off by default. Since SP2 everybody is running a firewall whether they know it or not.
Let's offer encryption by default. The users will comply... for their own benefit.
That they might choose a poor passphrase is a sad but unaviodable fact of life and can't be helped.
Of course they are already chosing poor passphrases for their internet banking and e-mail so let's not cry over this issue, ok?

My approach is, we can't say "Gavin, we're changing to deterministic wallets the first thing tomorrow" but we can tweak the existing client easily and make some impact now.

Nighty night, I'm spent. See you tomorrow.
newbie
Activity: 24
Merit: 0
January 05, 2012, 06:36:06 PM
#19
so this is for transactions as well? ok, thats alot more limiting.
so your client could just tell you to backup every 100 actions?
cosmetic interface, i know, but best instafix for the current system & lazy/forgetful (like me)

By default when you make a payment the change is sent to a new address in your wallet.

-B
donator
Activity: 1218
Merit: 1079
Gerald Davis
January 05, 2012, 06:33:39 PM
#18
so, i can backup my old wallet.dat with 1 address in it, then make 99 more keys, lost the 100 keyful wallet, and my good ole 1 key wallet will download all my keys + contents?

YES.  Technically your first wallet has 101 keys.  1 key in active usage. 100 more in the "keypool".

Quote
so what the bloody hell - how hard is it to have a few copies of your wallet lying around on usb sticks & cd-rom.
who actually uses 100+ keys?!

Everytime you spend/send coins the bitcoin client will grab the oldest address from the keypool to send your change to.  It doesn't send change back to the address the coins came from to improve psuedo-anonymity.  So you may use more keys than you think.  Still as long as your backup is 100 keys or "younger" you are fine.  The size of keypool can be increased and IMHO it should be (500 key keypool keypool) would only increase wallet size by ~100KB and likely would make an backup that is months or even years old viable for casual users.
newbie
Activity: 28
Merit: 0
January 05, 2012, 06:31:56 PM
#17
as for the whole "docs are inside word" people (i know a few personally)

one could just do the old popup notice
"you need to back up your wallet, enter email address to continue"

password lost? well, too bad. send that to your email too but if you manage to forget it, you'll probably forget your email password to, or get it hacked.

sadly, there is no help for the docs-are-in-word people. we must train our children in the art of proper computing and let the dummies die out - there really is no other solution that provides the unhackable security of the no-password-reset-feature




also for backup purpose, say my old wallet has 3 addresses in it
then i make a new address, but lose that wallet - is that new address & content permanently lost or is it recoverable (linked) to my other addresses?

Your wallet is always front loaded/buffered with 100 spare addresses.  If you make more than 100 transfers and/or new addresses between your back up and restore, the latest info will be lost/inaccessible.

-B
so this is for transactions as well? ok, thats alot more limiting.
so your client could just tell you to backup every 100 actions?
cosmetic interface, i know, but best instafix for the current system & lazy/forgetful (like me)
newbie
Activity: 24
Merit: 0
January 05, 2012, 06:25:23 PM
#16
also for backup purpose, say my old wallet has 3 addresses in it
then i make a new address, but lose that wallet - is that new address & content permanently lost or is it recoverable (linked) to my other addresses?

Your wallet is always front loaded/buffered with 100 spare addresses.  If you make more than 100 transfers and/or new addresses between your back up and restore, the latest info will be lost/inaccessible.

-B
newbie
Activity: 28
Merit: 0
January 05, 2012, 06:21:37 PM
#15

A more simple solution is a deterministic wallet.  Your passphrase is the wallet.  If you have the passphrase you have the wallet (or can recreate it).

No issues w/ file corruption (just recreate the wallet).
Lost wallets (just recreate it).
Forgetting to backup (why backup something which can be instantly recreated).

If someone gains access to your passphrase they can recreate your wallet but likely if someone has access to your passphrase they have an encrypted copy of your wallet too.

i was kinda getting at that with my 2nd post  - why not just have your password download your current wallet Smiley



The Satoshi client (and those based on it) use a keypool.  By default the keypool is 100 keys.
So if you make a backup today.  That backup has every key you have used PLUS the next 100 keys you haven't used yet.
Every time you get a  "new" key the client actually pulls the oldest one from the keypool and creates a NEW key to replace it in the keypool.
If you used 100 "new" keys since your backup you are fine.  All of them are in the backup.
If you use 101+ "new" keys since your backup anything sent to keys 101+ will be unrecoverable.
so, i can backup my old wallet.dat with 1 address in it, then make 99 more keys, lost the 100 keyful wallet, and my good ole 1 key wallet will download all my keys + contents?

so what the bloody hell - how hard is it to have a few copies of your wallet lying around on usb sticks & cd-rom.
who actually uses 100+ keys?!
newbie
Activity: 24
Merit: 0
January 05, 2012, 06:19:57 PM
#14
...or die without telling others' how to access your bitcoins...

It's you who first raised the issue of the user passing away Smiley

Providing others with information on how to access your bitcoins defeats one of the benefits of bitcoin.  I believe it was Benjamin Franklin who said, "Two people can keep a secret, if one of them is dead."  What's needed is a "dead man switch" that you ping periodically (i.e. issue a send), and if a timely ping is not forthcoming, specified action is taken.  I remember reading about a proposed encrypted will service where you ping it periodically, and if a timely ping is not forthcoming, your will is published to specified parties.

-B
donator
Activity: 1218
Merit: 1079
Gerald Davis
January 05, 2012, 06:17:49 PM
#13
A more simple solution is a deterministic wallet.

Well... that solution might ultimately prove to be the best but it's quite a serious change...
Don't you agree that a couple of purely cosmetic changes to the client could make a difference?

No.  The current setup if fine for "power users".  As Bitcoin becomes more popular and tech savy of users goes down any cosmetic changes will be completely insufficient to keep those users safe from themselves.

There are people who believe word docs are inside word.  The concept of a file outside of the application is beyond there level of understanding.  Ultimately they will lose their wallet to:
* plain text attack (my computer has a password so I thought it was safe)
* corruption (backup?  my backup is on the hard drive, yeah the one that is corrupt)
* outdated backup (I made a backup in Dec ... 8 years ago and still have it)
* forgetting or not wanting to backup (it will be fine I haven't had a hard drive crash in years)
* erasure (what?  my wallet is gone.  I reinstalled windows not Bitcoin)

IMHO Deterministic wallet is the only thing that even come remotely close to making Bitcoin "easy" enough for the average user.
donator
Activity: 1218
Merit: 1079
Gerald Davis
January 05, 2012, 06:13:53 PM
#12
also for backup purpose, say my old wallet has 3 addresses in it
then i make a new address, but lose that wallet - is that new address & content permanently lost or is it recoverable (linked) to my other addresses?

The Satoshi client (and those based on it) use a keypool.  By default the keypool is 100 keys.

So if you make a backup today.  That backup has every key you have used PLUS the next 100 keys you haven't used yet.

Every time you get a  "new" key the client actually pulls the oldest one from the keypool and creates a NEW key to replace it in the keypool.

If you used 100 "new" keys since your backup you are fine.  All of them are in the backup.
If you use 101+ "new" keys since your backup anything sent to keys 101+ will be unrecoverable.
full member
Activity: 210
Merit: 100
January 05, 2012, 06:13:52 PM
#11
A more simple solution is a deterministic wallet.

Well... that solution might ultimately prove to be the best but it's quite a serious change...
Don't you agree that a couple of purely cosmetic changes to the client could make a difference?
donator
Activity: 1218
Merit: 1079
Gerald Davis
January 05, 2012, 06:09:59 PM
#10
It seems to me, the bitcoin client should periodically make a backup copy of the wallet.dat file once it has been user-encrypted.
Encryption should be offered each time an unencrypted wallet is being opened (with a stop-bugging-me checkbox to opt out).
Does the phrase "tyranny of the default values" ring a bell?

Let's grant the most non-technical user access to their wallet file by moving wallet.dat from the normally hidden %appdata% directory to Documents. If thay can't see it, they sure as hell won't back it up. Let's keep the automatically generated backup copies in %appdata%/roaming/bitcoin with everything else the user does not have to be aware of but let's give him the wallet file.

There you go: encryption and propagation for data security.

Yes, I know full well that a hard drive can crap out any time but we can't do EVERYTHING for the uninformed non-techie user, now can we?

As to dying... since Death (andTaxes, hi there Smiley ) is unavoidable, doesn't everyone keep a sealed list of passwords to vitally important files/services at their lawyer's? Together with their will? Oh gosh...

How do these ideas strike you, DAT? Worth starting a thread in the /Development subforum?

BTW, the BITCOINS themselves exist in the block chain, NOT in the wallet. The wallet has only the key pairs and addresses required to access your bitcoins.

A more simple solution is a deterministic wallet.  Your passphrase is the wallet.  If you have the passphrase you have the wallet (or can recreate it).

No issues w/ file corruption (just recreate the wallet).
Lost wallets (just recreate it).
Forgetting to backup (why backup something which can be instantly recreated).

If someone gains access to your passphrase they can recreate your wallet but likely if someone has access to your passphrase they have an encrypted copy of your wallet too.
newbie
Activity: 28
Merit: 0
January 05, 2012, 06:08:46 PM
#9
...
BTW, the BITCOINS themselves exist in the block chain, NOT in the wallet. The wallet has only the key pairs and addresses required to access your bitcoins.
so.. your wallet is simply and basically....your eftpos card...and your encryption password (if set) is your PIN..

so the current system is about the same as current cash systems?
what escrow systems exist for dead peoples bank accounts, if they leave no heir or benefactor to it? bank takes it?
also for backup purpose, say my old wallet has 3 addresses in it
then i make a new address, but lose that wallet - is that new address & content permanently lost or is it recoverable (linked) to my other addresses?
full member
Activity: 210
Merit: 100
January 05, 2012, 06:04:50 PM
#8
...or die without telling others' how to access your bitcoins...

It's you who first raised the issue of the user passing away Smiley
newbie
Activity: 24
Merit: 0
January 05, 2012, 06:00:24 PM
#7
As to dying... since Death (andTaxes, hi there Smiley ) is unavoidable, doesn't everyone keep a sealed list of passwords to vitally important files/services at their lawyer's? Together with their will? Oh gosh...

I imagine if you had $75,000 in bitcoin, and a family you cared about, and you're not a nutjob, it would seem quite reasonable to me that you have taken some measures to reclaim this value for your heirs or beneficiaries in the event of your untimely demise.  This issue doesn't arise with most property as most property is not locked in an unbreakable safe. Even short of death, accidents do happen ...

-B
full member
Activity: 210
Merit: 100
January 05, 2012, 05:51:20 PM
#6
It seems to me, the bitcoin client should periodically make a backup copy of the wallet.dat file once it has been user-encrypted.
Encryption should be offered each time an unencrypted wallet is being opened (with a stop-bugging-me checkbox to opt out).
Does the phrase "tyranny of the default values" ring a bell?

Let's grant the most non-technical user access to their wallet file by moving wallet.dat from the normally hidden %appdata% directory to Documents. If thay can't see it, they sure as hell won't back it up. Let's keep the automatically generated backup copies in %appdata%/roaming/bitcoin with everything else the user does not have to be aware of but let's give him the wallet file.

There you go: encryption and propagation for data security.

Yes, I know full well that a hard drive can crap out any time but we can't do EVERYTHING for the uninformed non-techie user, now can we?

As to dying... since Death (andTaxes, hi there Smiley ) is unavoidable, doesn't everyone keep a sealed list of passwords to vitally important files/services at their lawyer's? Together with their will? Oh gosh...

How do these ideas strike you, DAT? Worth starting a thread in the /Development subforum?

BTW, the BITCOINS themselves exist in the block chain, NOT in the wallet. The wallet has only the key pairs and addresses required to access your bitcoins.
newbie
Activity: 24
Merit: 0
January 05, 2012, 05:44:41 PM
#5
how easy would it be, to hack the protocol & reduce the time to 1 minute - also how would this bypass a lost password and/or lost wallet?
afaik the bitcoins are not floating around the net, but are actually physically stored in your wallet, thus, lost your wallet & nothing can be done.

the system could be designed, however, to lookup the internal code of bitcoins, identify bitcoins that have been out of circulation (for a set time, say 100 years) and reintroduce the coins back into unminted blocks?

  Actually your bitcoins are floating around on the net.  They are stored in the block chain.  What's stored in your wallet are your private keys which lets you prove title to the bitcoins that are "floating around on the net".    Bitcoins are like subdividable realestate.  What's stored in your wallet are deeds (bitcoin addresses). Try this sometime,  copy your wallet to a backup, then receive some coins,  backup the new wallet (for your safety and comfort), restore the old wallet, watch your post backup coins magically reappear in your old backup wallet.

  Any escheat instructions would be signed, same as any other send, so they could not be forged anymore than any regular transfer could be forged.

-B
Pages:
Jump to: