Author

Topic: Question about Bitbills and Wallet Security (Read 1130 times)

legendary
Activity: 1148
Merit: 1008
If you want to walk on water, get out of the boat
August 14, 2011, 10:48:22 AM
#9
Remember that the creator of bitbills can know all the private keys of the bitbills created by them and it can be a scam, maybe one day they just move all the BTC of these private keys in another wallet and ta-dah, all bitbills are worth 0.

Better to specify it, remember, TRUST NO ONE
full member
Activity: 196
Merit: 100
The owner was guest on The Bitcoin Show:
http://onlyonetv.com/2011/07/the-bitcoin-show-episode-023/
... and seems trustworthy. I don't understand website contact secrecy either.
sr. member
Activity: 493
Merit: 250
Don't trust "BBOD The Best Futures Exchange"
if you have the private key there's some way to derive the public key. idk if the QR code printed on the front is a public key or an address. (the address is a base58 encoded hash of the pubkey, iirc)
full member
Activity: 196
Merit: 100
Has anyone tried to tamper these cards?

Is it possible to open the card with a scalpel, remove the code and glue everything back together? I don't really know how are these cards made (I don't have even one) so I am just speculating...

It is not possible, I tried and failed.
member
Activity: 118
Merit: 10
If I understand correctly, this means all wallets are actually held by bitbills, correct?
The only substantial pieces of information contained in the wallet.dat are the private keys.  If one knows a private key, one knows everything needed to construct a wallet.dat file.

In theory Bitbills could also keep a record of the private key.  I'm in no way accusing them of actually doing so.  But it should be noted that if they were to take the unscrupulous action of recording private keys, they could spend the coins at any point in time before you transfer them.
hero member
Activity: 602
Merit: 502
Has anyone tried to tamper these cards?

Is it possible to open the card with a scalpel, remove the code and glue everything back together? I don't really know how are these cards made (I don't have even one) so I am just speculating...
sr. member
Activity: 364
Merit: 251
If I understand this correctly, Bitbills has a great system, but they only hold the Private Key, and not the whole Wallet.dat file?
If by 'they' - you mean the card, not the company - then yeah.. seems right so far.
Each bitbill holds the private key only (hidden so that revealing it wrecks the card).   There is no longer any corresponding 'wallet'.
The corresponding address is printed openly on the card so you can verify in the blockchain that the card is worth it's face value.

If I understand correctly, this means all wallets are actually held by bitbills, correct?
I don't think it makes sense to say this.
When buying bitbills you're trusting that they keep no copy of the private key.


If this is correct so far, then how come someone doesn't just place the whole wallet file on a data storage card, then the whole bitcoin will be contained right there, essentially?
Then, when you trade cards, you actually trade the bitcoin.
Am I way off the mark? Would this not work?
That'd work.  But there's no need for a whole wallet.


This is the same for their bank card, correct? You can load and reload the card, but the wallet.dat file is still kept on their servers. So, this is ultimately unsafe, correct?
As above - no wallet or private key is kept for the bitbills or their bank cards... assuming we trust bitbills to have a secure process of generating the private key and ensuring nobody takes a photo of it etc.

Lose the card - any money loaded on it is lost forever.

I think it's a good bet that bitbills is trustworthy in this regard - in that even one proven violation would potentially ruin their business.
I would like to see more contact and business information on their website though.

EDIT:  In short - the bitbills company could go out of business - and your bitbills cards would still hold the bitcoins just fine.


Thanks Julz, your last sentence sums up my concerns. But the whole post was helpful.
I think more people should use this system if they are newbies and do not trust holding them.
legendary
Activity: 1092
Merit: 1001
If I understand this correctly, Bitbills has a great system, but they only hold the Private Key, and not the whole Wallet.dat file?
If by 'they' - you mean the card, not the company - then yeah.. seems right so far.
Each bitbill holds the private key only (hidden so that revealing it wrecks the card).   There is no longer any corresponding 'wallet'.
The corresponding address is printed openly on the card so you can verify in the blockchain that the card is worth it's face value.

If I understand correctly, this means all wallets are actually held by bitbills, correct?
I don't think it makes sense to say this.
When buying bitbills you're trusting that they keep no copy of the private key.


If this is correct so far, then how come someone doesn't just place the whole wallet file on a data storage card, then the whole bitcoin will be contained right there, essentially?
Then, when you trade cards, you actually trade the bitcoin.
Am I way off the mark? Would this not work?
That'd work.  But there's no need for a whole wallet.


This is the same for their bank card, correct? You can load and reload the card, but the wallet.dat file is still kept on their servers. So, this is ultimately unsafe, correct?
As above - no wallet or private key is kept for the bitbills or their bank cards... assuming we trust bitbills to have a secure process of generating the private key and ensuring nobody takes a photo of it etc.

Lose the card - any money loaded on it is lost forever.

I think it's a good bet that bitbills is trustworthy in this regard - in that even one proven violation would potentially ruin their business.
I would like to see more contact and business information on their website though.

EDIT:  In short - the bitbills company could go out of business - and your bitbills cards would still hold the bitcoins just fine.
sr. member
Activity: 364
Merit: 251
If I understand this correctly, Bitbills has a great system, but they only hold the Private Key, and not the whole Wallet.dat file?

If I understand correctly, this means all wallets are actually held by bitbills, correct?

If this is correct so far, then how come someone doesn't just place the whole wallet file on a data storage card, then the whole bitcoin will be contained right there, essentially?

Then, when you trade cards, you actually trade the bitcoin.

Am I way off the mark? Would this not work?

This is the same for their bank card, correct? You can load and reload the card, but the wallet.dat file is still kept on their servers. So, this is ultimately unsafe, correct?
Jump to: