[PULL] private key and wallet export/import - page 7.

drrussellshane

hero member

Activity: 546

Merit: 500

Quote from: SgtSpike on July 10, 2011, 10:44:52 PM

Quote from: drrussellshane on July 10, 2011, 07:56:53 PM

Quote from: molecular on July 10, 2011, 07:40:41 PM

Quote from: Stardust on July 10, 2011, 04:29:17 AM

Quote from: molecular on July 08, 2011, 06:07:16 PM

Exporting of a key has a problem, doesn't it: the key is still in the source wallet. There's no way to remove it, is there? Even if there is, it's easy to screw up and people will wonder where their money went.

I do not seet it as a problem, so what if I have the same private key in many wallets? Actually for me that is the case, because I store my wallets in many places on the internet. Encrypted of course.

That's backup-copies. I have those, too.

But say I give a privkey to a friend as birthday present. He imports it at some point and I still have it in my wallet. Now there are two active bitcoin clients showing the balance of that key. If one of the two spends the money, it will disappear from the other client, also.

So my friend or I will wonder "where the hell my/his money went"

That's only if you gave your friend an address generated by the bitcoin client, or an imported address.

If you generated one for him with "vanitygen" or some other bitcoin address generator, and never imported it to your own wallet, you could freely give a private key to a friend and intentionally "lose" the key yourself so that you cannot access his funds.

So you're willing to make the assumption that I'll never want to give my friend an address generated by the bitcoin client, or imported by myself? I think that is a terrible assumption to make...

Give people the freedom to import/export as they want. Sheesh, this is getting as bad as government. "Well, I know what the people SHOULD have, and that's more important than what they want."

I was making no assumptions; I was under the impression that molecular was pondering a way to gift his friend a "pre-loaded" bitcoin address/privkey without being able to accidentally spend the coins himself. I was merely pointing out that there is a way to do this, albeit not with standard, unmodified client alone.

I'm all for freedom to import/export as people want.

SgtSpike

legendary

Activity: 1400

Merit: 1005

Quote from: drrussellshane on July 10, 2011, 07:56:53 PM

Quote from: molecular on July 10, 2011, 07:40:41 PM

Quote from: Stardust on July 10, 2011, 04:29:17 AM

Quote from: molecular on July 08, 2011, 06:07:16 PM

Exporting of a key has a problem, doesn't it: the key is still in the source wallet. There's no way to remove it, is there? Even if there is, it's easy to screw up and people will wonder where their money went.

I do not seet it as a problem, so what if I have the same private key in many wallets? Actually for me that is the case, because I store my wallets in many places on the internet. Encrypted of course.

That's backup-copies. I have those, too.

But say I give a privkey to a friend as birthday present. He imports it at some point and I still have it in my wallet. Now there are two active bitcoin clients showing the balance of that key. If one of the two spends the money, it will disappear from the other client, also.

So my friend or I will wonder "where the hell my/his money went"

That's only if you gave your friend an address generated by the bitcoin client, or an imported address.

If you generated one for him with "vanitygen" or some other bitcoin address generator, and never imported it to your own wallet, you could freely give a private key to a friend and intentionally "lose" the key yourself so that you cannot access his funds.

So you're willing to make the assumption that I'll never want to give my friend an address generated by the bitcoin client, or imported by myself? I think that is a terrible assumption to make...

Give people the freedom to import/export as they want. Sheesh, this is getting as bad as government. "Well, I know what the people SHOULD have, and that's more important than what they want."

drrussellshane

hero member

Activity: 546

Merit: 500

Quote from: molecular on July 10, 2011, 07:40:41 PM

Quote from: Stardust on July 10, 2011, 04:29:17 AM

Quote from: molecular on July 08, 2011, 06:07:16 PM

Exporting of a key has a problem, doesn't it: the key is still in the source wallet. There's no way to remove it, is there? Even if there is, it's easy to screw up and people will wonder where their money went.

I do not seet it as a problem, so what if I have the same private key in many wallets? Actually for me that is the case, because I store my wallets in many places on the internet. Encrypted of course.

That's backup-copies. I have those, too.

But say I give a privkey to a friend as birthday present. He imports it at some point and I still have it in my wallet. Now there are two active bitcoin clients showing the balance of that key. If one of the two spends the money, it will disappear from the other client, also.

So my friend or I will wonder "where the hell my/his money went"

That's only if you gave your friend an address generated by the bitcoin client, or an imported address.

If you generated one for him with "vanitygen" or some other bitcoin address generator, and never imported it to your own wallet, you could freely give a private key to a friend and intentionally "lose" the key yourself so that you cannot access his funds.

molecular

donator

Activity: 2772

Merit: 1019

Quote from: Stardust on July 10, 2011, 04:29:17 AM

Quote from: molecular on July 08, 2011, 06:07:16 PM

Exporting of a key has a problem, doesn't it: the key is still in the source wallet. There's no way to remove it, is there? Even if there is, it's easy to screw up and people will wonder where their money went.

I do not seet it as a problem, so what if I have the same private key in many wallets? Actually for me that is the case, because I store my wallets in many places on the internet. Encrypted of course.

That's backup-copies. I have those, too.

But say I give a privkey to a friend as birthday present. He imports it at some point and I still have it in my wallet. Now there are two active bitcoin clients showing the balance of that key. If one of the two spends the money, it will disappear from the other client, also.

So my friend or I will wonder "where the hell my/his money went"

Stardust

full member

Activity: 189

Merit: 100

Users should have maximum freedom, so I am all for importprivkey, dumpprivkey, and removeprivkey.

Ukigo

jr. member

Activity: 42

Merit: 1000

Is it safe to compile "showwallet" branch
with gcc's '-fstack-protector' flag enabled ?!

Stardust

full member

Activity: 189

Merit: 100

Quote from: molecular on July 08, 2011, 06:07:16 PM

Exporting of a key has a problem, doesn't it: the key is still in the source wallet. There's no way to remove it, is there? Even if there is, it's easy to screw up and people will wonder where their money went.

I do not seet it as a problem, so what if I have the same private key in many wallets? Actually for me that is the case, because I store my wallets in many places on the internet. Encrypted of course.

SgtSpike

legendary

Activity: 1400

Merit: 1005

Quote from: ?? on ??

Quote

There are other, much better ways to deal with potential user incompetence. Have a checkbox with big red flashing text, saying "Are you sure you want to delete this key from your wallet? It is unrecoverable unless you have saved it safely elsewhere," and then a more detailed explanation beneath that.

There are indeed many ways to deal with user incompetence, and
this is one way I like very much, especially the "I'd have to recompile
the client every time a new version comes out" part.

This is a barrier of entry, it's guaranteed to keep the great unwashed
masses away from using the feature, and it's not an elitist one because
all you have to do to overcome the barrier is educate yourself, which
no one prevents you from doing.

Also: the 20th century is long over. High time to ditch windows unless
you want to be increasingly perceived as a has-been.

Here we go, another Linux elitist. Roll Eyes

I happen to like Windows, so I use it. Sorry if that means I'm stuck in the dark ages to you.

Quote from: molecular on July 09, 2011, 08:28:20 AM

Quote from: Pieter Wuille on July 09, 2011, 07:00:57 AM

You should know that whenever you import a private key, you need to trust the one who gave it to you. There is no way around that, not even a patch that would make dumpprivkey remove a key by default. If you do not have the necessary level of trust in the person you're dealing with, you shouldn't be exchanging private keys, but using normal bitcoin transactions.

That said, a removeprivkey would be very useful, as a separate command (i believe i saw an implementation already somewhere). I don't think removing within dumpprivkey by default is safe - what if you intend to write it down on paper, but the computer crashes before you're able to do so? The correct procedure would be dumpprivkey to extract a key, and as soon as it is safe, issue removeprivkey.

Yes, +1 for removeprivkey as extra command.

Because without it, how could I trust even myself to not spend the money if I'm not even able to remove the key!?!

Another +1 for having removeprivkey as a command. What's the point of exporting if you can't delete the key from the wallet? I mean, really, honestly, I can't think of any reason to export a key other than to get the address out of that particular wallet and into safe storage or into another wallet. Tis pointless to export a key otherwise.

molecular

donator

Activity: 2772

Merit: 1019

Quote from: Pieter Wuille on July 09, 2011, 07:00:57 AM

You should know that whenever you import a private key, you need to trust the one who gave it to you. There is no way around that, not even a patch that would make dumpprivkey remove a key by default. If you do not have the necessary level of trust in the person you're dealing with, you shouldn't be exchanging private keys, but using normal bitcoin transactions.

That said, a removeprivkey would be very useful, as a separate command (i believe i saw an implementation already somewhere). I don't think removing within dumpprivkey by default is safe - what if you intend to write it down on paper, but the computer crashes before you're able to do so? The correct procedure would be dumpprivkey to extract a key, and as soon as it is safe, issue removeprivkey.

Yes, +1 for removeprivkey as extra command.

Because without it, how could I trust even myself to not spend the money if I'm not even able to remove the key!?!

Pieter Wuille

legendary

Activity: 1072

Merit: 1181

You should know that whenever you import a private key, you need to trust the one who gave it to you. There is no way around that, not even a patch that would make dumpprivkey remove a key by default. If you do not have the necessary level of trust in the person you're dealing with, you shouldn't be exchanging private keys, but using normal bitcoin transactions.

That said, a removeprivkey would be very useful, as a separate command (i believe i saw an implementation already somewhere). I don't think removing within dumpprivkey by default is safe - what if you intend to write it down on paper, but the computer crashes before you're able to do so? The correct procedure would be dumpprivkey to extract a key, and as soon as it is safe, issue removeprivkey.

rabit

member

Activity: 62

Merit: 10

I want remove key because i will be able to use it in a crappy smart card solution:
Load key from SC -> add to wallet -> Make transaction -> Remove from wallet.

molecular

donator

Activity: 2772

Merit: 1019

Quote from: Pieter Wuille on July 09, 2011, 06:40:08 AM

dumpprivkey only exports, it does not modify your wallet at all.

Should dumpprivkey remove the key from the wallet, though?

Not doing so can very easily lead to having the key in multiple wallets. This can even happen to people who are able to patch and compile bitcoin on windows.

So please, let's discuss what we should do, because clearly, key import is a great feature many people want. Key export is also wanted by many, but dangerous to bitcoin credibility (I can see the posts: "my bitcoin just disappeared for no reason!! the sky is falling!") in it's current form.

My suggestion is to either..

put key export into separate patch and pull only importprivkey into default, or

or

make dumpprivkey remove the key from the wallet (maybe rename to "removeprivkey" or similar)

What to do?

Pieter Wuille

legendary

Activity: 1072

Merit: 1181

dumpprivkey only exports, it does not modify your wallet at all.

rabit

member

Activity: 62

Merit: 10

Quote from: molecular on July 08, 2011, 06:07:16 PM

Exporting of a key has a problem, doesn't it: the key is still in the source wallet. There's no way to remove it, is there? Even if there is, it's easy to screw up and people will wonder where their money went.

So how about splitting this and putting importprivkey in default, but not dumpprivkey?

Does this mean that dumpprivkey removes the private key from the wallet, because the documentation is not clear for me and i am too lazy to learn C++ (it could also just show the data of the key without removing it)?

Quote

Well, I did a patch to remove keys, but it doesn't apply to the current state (after wallet class rework) anymore.
Also, you should really know what you are doing and review my code thoroughly before you use it, as I'm a total noob when it comes to C++ and I'm not confident on my grasp of the inner workings of bitcoin either...

https://github.com/mhanne/bitcoin/tree/showwallet-removeprivkey

http://forum.bitcoin.org/index.php?topic=19451

Unfortunately i need both import and export and my C++ is limited to the C part without the (confusing Cheesy

) ++, but i will try to use it if no better solution is implemented. Will send you and sipa 0.5 BTCs.

EDIT: Nice, your version also have importkey if i read your code correct, will try it out

samr7

full member

Activity: 140

Merit: 430

Firstbits: 1samr7

Quote from: ?? on ??

If you're desperate enough for the feature and not smart enough to follow
a wiki explaining how to recompile it, you'll find a way by asking someone
to do it for you.

I had no trouble building a patched bitcoin client on Linux. However, building bitcoin on Windows would seem to be a black art. I don't think it's fair to use it as a barrier to entry. Plus, this feature requires the JSON-RPC server to be enabled, and use of the command line. Isn't that enough of a barrier?

SgtSpike

legendary

Activity: 1400

Merit: 1005

Quote from: ?? on ??

Quote from: SgtSpike on July 08, 2011, 12:58:37 PM

Quote from: ?? on ??

Quote from: Hans0 on July 08, 2011, 12:29:00 PM

I am not sure this a suitable to be on by default. This will cause a great amount of lost bitcoins because unsophisticated users are careless.

+1

This is fine living in a separate branch.

Being able to recompile a branch is a nice
barrier of entry for the tech. clueless.

This SHOULD be included in the default client. Reason being, it is incredibly useful for people who know how to use it, and not all of us know how to use linux or feel like spending hours on Windows attempting to compile the source with all of the dependencies.

Discluding a feature like this from anyone who doesn't know how to compile c code would be a terrible thing.

No it wouldn't.

If you're desperate enough for the feature and not smart enough to follow
a wiki explaining how to recompile it, you'll find a way by asking someone
to do it for you.

In the end very few percentage of the user base will do this and people
will prefer the 'official' client because it'll be perceived as more 'safe'.

Again: barrier of entry, which will lower the percentage of fools screwing
around with their wallet not realizing the giant security risk they expose
themselves to when manipulating private keys directly.

Don't get me wrong, I find the feature very useful. But in the same way
you don't hand out a loaded AK-47 to a 5 year old, this feature belongs
in a branch.

Would you walk out of your bank with a 1kg gold bar sticking out of your
pocket ? You can argue that you're a grown man and that decision belong
to you. Fair enough, but when you're allowed to do this and it jeopardizes
the entire bitcoin ecosystem ... I don't agree.

I guess we're all entitled to our own opinions.

And where is this wiki article you speak of? The only detailed compile instructions I've seen were posted on this forum, and involved MinGW and about 3 hrs of work downloading dependencies and waiting for things to compile. It worked, after I figured out why a couple of things weren't working.

I still have no clue what to do with a patch file either.

Also, I certainly don't want to have to spend another 3 hours recompiling bitcoin with the patch every time a new version comes out. That's just a waste of my time. It's a waste of everyone's time to have to compile their own client in order to import/export keys.

There are other, much better ways to deal with potential user incompetence. Have a checkbox with big red flashing text, saying "Are you sure you want to delete this key from your wallet? It is unrecoverable unless you have saved it safely elsewhere," and then a more detailed explanation beneath that.

bmgjet

member

Activity: 98

Merit: 10

Thank you EricJ2190.

---

getting a error with bitcoind

Entry point not found
msvcr100.dll

Have the latest VC redistribution installed.

--
fixed by taking the one from the VC10 folder.

EricJ2190

full member

Activity: 134

Merit: 102

Quote from: bmgjet on July 08, 2011, 08:26:58 PM

+1 tried compiling it but mingw and vc10 dont seem to like it.

As I mentioned in the pull request comments, you need to add an include for fstream in headers.h. Anyway, here is my Windows MSVC10 build:
http://www.sendspace.com/file/lkoufm

riush

member

Activity: 73

Merit: 10

Well, I did a patch to remove keys, but it doesn't apply to the current state (after wallet class rework) anymore.
Also, you should really know what you are doing and review my code thoroughly before you use it, as I'm a total noob when it comes to C++ and I'm not confident on my grasp of the inner workings of bitcoin either...

https://github.com/mhanne/bitcoin/tree/showwallet-removeprivkey

http://forum.bitcoin.org/index.php?topic=19451

bmgjet

member

Activity: 98

Merit: 10

Quote from: Ryland R. Taylor-Almanza on July 08, 2011, 08:18:32 PM

Quote from: SgtSpike on July 08, 2011, 06:32:15 PM

Quote from: molecular on July 08, 2011, 06:07:16 PM

Quote from: samr7 on July 08, 2011, 05:01:20 PM

Quote from: SgtSpike on July 08, 2011, 12:58:37 PM

This SHOULD be included in the default client. Reason being, it is incredibly useful for people who know how to use it, and not all of us know how to use linux or feel like spending hours on Windows attempting to compile the source with all of the dependencies.

Discluding a feature like this from anyone who doesn't know how to compile c code would be a terrible thing.

+1 more. This is a very important feature, whether it's exposed to end users or not.

Actually, I might have changed my mind (partly)

Exporting of a key has a problem, doesn't it: the key is still in the source wallet. There's no way to remove it, is there? Even if there is, it's easy to screw up and people will wonder where their money went.

The importing of a privkey is the part that is important for users (bitbill, import key generated with external tool like vanitygen) and this part, luckyly, poses no problems (that I can see), does it?

So how about splitting this and putting importprivkey in default, but not dumpprivkey?

I still disagree. I'd like to be able to export private keys from wallets, but really don't want to have to try to compile bitcoin again. That was a complete PITA.

SgtSpike, are you on windows? Do you have a binary with this patch that you can provide? I've been looking for one for a while.

+1 tried compiling it but mingw and vc10 dont seem to like it.

Topic: [PULL] private key and wallet export/import - page 7. (Read 39577 times)