Pages:
Author

Topic: Wallet encryption bug found (IMPORTANT!) - page 3. (Read 30665 times)

legendary
Activity: 2576
Merit: 1186
November 11, 2011, 07:06:42 PM
#10
This issue can be "worked around" by generating a new address and sending all bitcoin there.
That's not quite right-- you need to exhaust all of the keys in your 'key pool' to be safe, so you'd have to ask for 101 new keys.

Part of the fix is marking all of the keys in the keypool as used.


This fix should be back-ported to version 0.4.0
It will be, for bitcoind at least. If someone wants to step up to maintain wxBitcoin, contact me (or join #bitcoin-stable on FreeNode).
full member
Activity: 227
Merit: 100
November 11, 2011, 07:02:50 PM
#9
This issue can be "worked around" by generating a new address and sending all bitcoin there.
That's not quite right-- you need to exhaust all of the keys in your 'key pool' to be safe, so you'd have to ask for 101 new keys.

Part of the fix is marking all of the keys in the keypool as used.


This fix should be back-ported to version 0.4.0
legendary
Activity: 1652
Merit: 2301
Chief Scientist
November 11, 2011, 07:00:42 PM
#8
This issue can be "worked around" by generating a new address and sending all bitcoin there.
That's not quite right-- you need to exhaust all of the keys in your 'key pool' to be safe, so you'd have to ask for 101 new keys.

Part of the fix is marking all of the keys in the keypool as used.
full member
Activity: 227
Merit: 100
November 11, 2011, 06:38:04 PM
#7
constructive suggestions on how to improve the testing and release processes ... are welcome.

How was this particular bug discovered?  That might help us formulate strategies for catching similar problems going forward.

https://bitcointalksearch.org/topic/wallet-encryption-issue-51474
hero member
Activity: 518
Merit: 500
November 11, 2011, 06:37:42 PM
#6
Just a wild idea; but Google and others give bounties for security bugs that are submitted. Perhaps we could set up a small fund, and pay anyone who finds critical bugs in beta versions?
vip
Activity: 447
Merit: 258
November 11, 2011, 06:29:48 PM
#5
constructive suggestions on how to improve the testing and release processes ... are welcome.

How was this particular bug discovered?  That might help us formulate strategies for catching similar problems going forward.
full member
Activity: 227
Merit: 100
November 11, 2011, 06:22:08 PM
#4
This issue can be "worked around" by generating a new address and sending all bitcoin there.

You should also remember to change all existing static addresses left on the web
full member
Activity: 184
Merit: 100
November 11, 2011, 05:19:04 PM
#3
Thanks for the heads-up. We appreciate your hard work.
legendary
Activity: 1008
Merit: 1023
Democracy is the original 51% attack
November 11, 2011, 05:09:43 PM
#2
Very much appreciate the notice, Gavin. Thank you!
legendary
Activity: 1652
Merit: 2301
Chief Scientist
November 11, 2011, 04:57:20 PM
#1
A serious bug was been found in the "encrypt wallet" function of bitcoin versions 0.4 and 0.5: private keys may be left unencrypted in the wallet.dat file after encryption.

If your encrypted 0.4 wallet file is stolen, an attacker may be able to recover some or all of your private keys and steal some or all of your bitcoins.

The development team has been working on fixes for bitcoin versions 0.4 and 0.5, but it will take at least a few days to test them thoroughly. Until they are available, you should assume that your 'encrypted' wallets are as vulnerable as an unencrypted wallet, and follow all the best practices for keeping them safe (see here for a list).

It is embarrassing and astonishing that this critical a bug was not caught before the 0.4 release; constructive suggestions on how to improve the testing and release processes that do not assume access to hundreds of thousands of dollars of funds to hire security consultants or QA teams are welcome. Getting sufficient testing of code BEFORE it is released has been a chronic problem for this project.
Pages:
Jump to: