Bitcoin Forum>Bitcoin>Development & Technical Discussion
Pages:
Author

Topic: wallet destruction - page 2. (Read 2447 times)

gmaxwell
staff
Activity: 4242
Merit: 8672
Re: wallet destruction
January 12, 2012, 09:15:51 PM
#13
Quote from: DeathAndTaxes on January 12, 2012, 05:05:44 PM
I would a deterministic wallet is even EASIER to use than one that requires backups (automatic or not).

You should take care to not describe a deterministic wallet as requiring no backup at all, ever.  I'm completely confident that the official client will _never_ implement a deterministic wallet that has no known-random component. Moreover, you should not use any client which implements such a thing because its developers obviously have a poor grasp on security.

Instead, what you would have is a deterministic wallet with a random component with at least 128 bits of real entropy. Perhaps it can convert it into a special list of words that you can memorize if you really want (e.g. electrum does this) plus whatever pass-phrase you use,  you'd backup this random data _once_.  Then you don't have to back it up anymore.  (it's, in fact, arguably better to actually leave the password out of the generation and only use it to decrypt the stored seed— so that its possible for you to change the password if you worry that someone might have seen you type it in)
etotheipi
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
Re: wallet destruction
January 12, 2012, 09:03:14 PM
#12
Quote from: vuce on January 12, 2012, 06:38:45 PM
I really hope the official client will also have the option of creating a deterministic wallet one day...

Doesn't sound like the devs want to go that direction yet, though I have seen Gavin mention that it's the right direction to go.... eventually...

For now, you can simply wait for Armory, which should be officially released (alpha) next week.  It not only has deterministic wallets, but paper backup print option (see the screenshot on the thread).  Digital backups are great and all, but you never know if that USB key sitting in your safe will still work when you plug it in for the first time in a year... paper backups are forever!
vuce
sr. member
Activity: 476
Merit: 250
Re: wallet destruction
January 12, 2012, 06:38:45 PM
#11
I really hope the official client will also have the option of creating a deterministic wallet one day...
DeathAndTaxes
donator
Activity: 1218
Merit: 1079
Gerald Davis
Re: wallet destruction
January 12, 2012, 05:05:44 PM
#10
Quote from: bracek on January 12, 2012, 02:38:04 PM
Quote from: DeathAndTaxes on January 12, 2012, 02:29:32 PM

Just use a deterministic wallet.


tell it to my grandma Smiley

I would a deterministic wallet is even EASIER to use than one that requires backups (automatic or not).

Quote from: bracek on January 12, 2012, 02:38:04 PM
Quote from: DeathAndTaxes on January 12, 2012, 02:29:32 PM
Anything stored in block chain "seed" or not would obviously need to be encrypted thus you still need a passphrase.
Not sure what storing an encrypted wallet in the blockchain would gain you over simply using a wallet where your passphrase IS your wallet.

It would allow people to act irresponsible (as usual), without being punished for it.

Most of the people is mentally stuck in 7th grade, basically kids with mustache or boobs...
they often do not have due attention

You still haven't explained why one is easier than the other:

ENCRYPTED WALLET
1. You create wallet.
2. You backup wallet
3. If wallet is lost you need to use passphrase AND redownload wallet (which may be difficult or confusing for user)

I would also point out if user's passphrase is weak having them in the block chain allows attacks remotely.  The user's machine doesn't need to be compromised an attack can simply brute force all backed up wallets hoping for a hit.

DETERMINISTIC WALLET
1. To create a wallet you ... enter a passphrase.
2. To access wallet you ... enter same passphrase.
3. To restore a corrupted/deleted/stolen wallet you ... enter same passphrase.

So I will ask again what exactly does backing up an encrypted wallet into block chain accomplish that a deterministic wallet doesn't?

bracek
hero member
Activity: 530
Merit: 500
Re: wallet destruction
January 12, 2012, 04:35:42 PM
#9
Quote from: gmaxwell on January 12, 2012, 03:09:34 PM

You should sit down and do the math — the value to you in destroy other people's bitcoin is very small unless you happen to own most of the bitcoin, far less value than stealing it.  In fact the attacker is best off living that potential victim alone, because his bitcoins will be worth more if people are not afraid to use bitcoin due to the attacks.


and if motivation is political or psychotic ?
simply to destroy or disrupt


Quote from: gmaxwell on January 12, 2012, 03:09:34 PM

Attempts to destroy your bitcoin can also be foiled with a simple offline backup— a $2 usb key or two is cheap insurance. You're a fool if you don't have an offline backup because dataloss happens even when there are no attackers.

'Backing up' to the blockchain is a horrific idea. It would provide no security (what is the point of 'secret' data which is known to everyone) over just using the password alone— and using a password alone is itself a terrible idea because people are bad at producing strong passwords even when they are trying, it would burden the bitcoin network and prematurely degrade our decenteralization.


I suggest writing it somewhere automatically,
block chain is a suggestion because it is always there, unlike USB stick

in near future 2 passwords will be required to send/steal coins
so if there is encrypted wallet online, it could be brute forced once,
but that would not be enough, if it requires confirmation via SMS or some other method to send coins

thief could find all wallets and look at balances, but not steal
if they require additional confirmation
bracek
hero member
Activity: 530
Merit: 500
Re: wallet destruction
January 12, 2012, 04:24:06 PM
#8
Quote from: kjj on January 12, 2012, 03:08:46 PM

No one will lose a wallet without a backup twice.


I am just saying that someone could lose it once

that would bring bad publicity, slower adoption...
uncomfortable and risky use turns people away
gmaxwell
staff
Activity: 4242
Merit: 8672
Re: wallet destruction
January 12, 2012, 03:09:34 PM
#7
Quote from: bracek on January 12, 2012, 01:56:42 PM
If i was a bad guy, and saw that it is almost impossible to steal bitcoin,
I would try to destroy other people's bitcoin

You should sit down and do the math — the value to you in destroy other people's bitcoin is very small unless you happen to own most of the bitcoin, far less value than stealing it.  In fact the attacker is best off living that potential victim alone, because his bitcoins will be worth more if people are not afraid to use bitcoin due to the attacks.


Attempts to destroy your bitcoin can also be foiled with a simple offline backup— a $2 usb key or two is cheap insurance. You're a fool if you don't have an offline backup because dataloss happens even when there are no attackers.

'Backing up' to the blockchain is a horrific idea. It would provide no security (what is the point of 'secret' data which is known to everyone) over just using the password alone— and using a password alone is itself a terrible idea because people are bad at producing strong passwords even when they are trying, it would burden the bitcoin network and prematurely degrade our decenteralization.
kjj
legendary
Activity: 1302
Merit: 1026
Re: wallet destruction
January 12, 2012, 03:08:46 PM
#6
Quote from: bracek on January 12, 2012, 01:56:42 PM
If i was a bad guy, and saw that it is almost impossible to steal bitcoin,
I would try to destroy other people's bitcoin

by erasing wallets or uninstalling or whatever.

There will be some people that will not make backups of their wallets.

No one will lose a wallet without a backup twice.

And my hat is off to anyone that can find my long term storage wallet burned to several M*Disc DVDs and erase them all.
bracek
hero member
Activity: 530
Merit: 500
Re: wallet destruction
January 12, 2012, 02:42:37 PM
#5
Quote from: MysteryMiner on January 12, 2012, 02:23:16 PM
Copy the wallet.dat to yourself, steal coins available and then erase original wallet.dat from target machine for lulz. Or copy the wallet.dat file, wait when lamer recieves more coins in the wallet and then steal the coins. Some users will send more coins to compromised wallet even after the coins are stolen Cheesy

on install, encrypted one is created (with 2 factor authentication)
only one of those passwords will be used to recover the wallet from the blockchain
other password would enable spending

and this is protection from destruction, not from (both) passwords being sniffied
bracek
hero member
Activity: 530
Merit: 500
Re: wallet destruction
January 12, 2012, 02:38:04 PM
#4
Quote from: DeathAndTaxes on January 12, 2012, 02:29:32 PM

Just use a deterministic wallet. 


tell it to my grandma Smiley

Quote from: DeathAndTaxes on January 12, 2012, 02:29:32 PM

Anything stored in block chain "seed" or not would obviously need to be encrypted thus you still need a passphrase.

Not sure what storing an encrypted wallet in the blockchain would gain you over simply using a wallet where your passphrase IS your wallet.

It would allow people to act irresponsible (as usual), without being punished for it.

Most of the people is mentally stuck in 7th grade, basically kids with mustache or boobs...
they often do not have due attention
DeathAndTaxes
donator
Activity: 1218
Merit: 1079
Gerald Davis
Re: wallet destruction
January 12, 2012, 02:29:32 PM
#3
Quote from: bracek on January 12, 2012, 01:56:42 PM
Or is it possible to store in block chain only some kind of "seed" of a wallet
to reduce storage size ?

Just use a deterministic wallet.  If you have the passphrase you can rebuild the wallet.  Period.

What could be better than that.  Anything stored in block chain "seed" or not would obviously need to be encrypted thus you still need a passphrase.

Not sure what storing an encrypted wallet in the blockchain would gain you over simply using a wallet where your passphrase IS your wallet.
MysteryMiner
legendary
Activity: 1512
Merit: 1049
Death to enemies!
Re: wallet destruction
January 12, 2012, 02:23:16 PM
#2
Copy the wallet.dat to yourself, steal coins available and then erase original wallet.dat from target machine for lulz. Or copy the wallet.dat file, wait when lamer recieves more coins in the wallet and then steal the coins. Some users will send more coins to compromised wallet even after the coins are stolen Cheesy
bracek
hero member
Activity: 530
Merit: 500
Re: wallet destruction
January 12, 2012, 01:56:42 PM
#1
If i was a bad guy, and saw that it is almost impossible to steal bitcoin,
I would try to destroy other people's bitcoin

by erasing wallets or uninstalling or whatever.

There will be some people that will not make backups of their wallets.

question is :
are those encrypted wallets too big to be written into a block chain ?
Someone attacked would know approximately when he created his wallet
or would have some other reference
to restore that wallet.

Customized tool would scoop wallets in chosen period of time,
and try user provided password on those wallets...
since sending will require 2 passwords soon, coins would not be stolen,
but wallets could be restored

and maybe wallets could be written into namecoins block chain,
since there is merged mining, to let namecoin return the favor...

Or is it possible to store in block chain only some kind of "seed" of a wallet
to reduce storage size ?
Pages:
Bitcoin Forum>Bitcoin>Development & Technical Discussion
Jump to: