Author

Topic: Wallet per user (Read 1468 times)

legendary
Activity: 1498
Merit: 1000
February 10, 2013, 01:00:36 PM
#25
You guys are hopeless, nevermind that I discarded the initial approach on the first page I have explained how the system works time and time again, the users password is hashed+salted with bcrypt and sent through an RSA-2048 secured connection to the server. Impossible to sabotage unless direct access to the main server is gained and maintained while users try to connect to their account (as the hashes aren't stored on the machine), thus every account is in cold storage until he is needed.

If somehow hackers gain a momental access to all the wallets on the server and obtain a copy, most of the users could be sent messages through sms asking them to change the password before the hackers would bruteforce a single one.

I am wondering what is the best method to encrypt individual accounts within a wallet...

Yes we are hopeless, we are trying to understand your logic, first off can't encrypt individual accounts within wallet. Second SSL is good but if your not securing the server well, you could still be hacked. Third you can't brute force bcrypt it is impossible no computer can do that. The problem would be users lossing there password or the hacker copying the wallet.dat file.
legendary
Activity: 3472
Merit: 4801
February 10, 2013, 07:56:04 PM
#22
I give up.  madmadmax, go about it however you like.  You won't provide enough information for anyone to assist you and the bits and pieces of information that you do reveal don't make any sense.  gweedo, you're welcome to try and assist, but I'm done here.
hero member
Activity: 740
Merit: 501
February 10, 2013, 12:35:41 PM
#21
I agree, which is what I'm trying to get madmadmax to understand.

Meaning that anyone who has access to your server now has access to the user's password, and all their bitcoins.  That doesn't sound secure, and doesn't sound like a good idea.  The way https://bclockchain.info/wallet handles it is far more secure (and faster).

I agree.  All that in addition to the serious lack of security.

That will take too much time, I can't speak for 0.8.0 cause i have yet to play with it but anything lower than this will not be able to do. You have to rescan when you switch the wallet.dat, and that takes awhile.


No I am just talking about protecting the wallet.dat file. Honestly this not really good way to do it. But to create a new address, you would have to decrypt the wallet.dat with the password from the person and you would probably have to encrypt the bitcoin.conf so you can use JSON RPC API to create the new address. It is so many working parts that would take a long time, while keeping the connection to the user alive so they can get the address as soon as it is create.
You guys are hopeless, nevermind that I discarded the initial approach on the first page I have explained how the system works time and time again, the users password is hashed+salted with bcrypt and sent through an RSA-2048 secured connection to the server. Impossible to sabotage unless direct access to the main server is gained and maintained while users try to connect to their account (as the hashes aren't stored on the machine), thus every account is in cold storage until he is needed.

If somehow hackers gain a momental access to all the wallets on the server and obtain a copy, most of the users could be sent messages through sms asking them to change the password before the hackers would bruteforce a single one.

I am wondering what is the best method to encrypt individual accounts within a wallet...
legendary
Activity: 3472
Merit: 4801
February 09, 2013, 07:14:11 PM
#20
. . . Honestly this not really good way to do it . . .

I agree, which is what I'm trying to get madmadmax to understand.

. . . But to create a new address, you would have to decrypt the wallet.dat with the password from the person . . .
Meaning that anyone who has access to your server now has access to the user's password, and all their bitcoins.  That doesn't sound secure, and doesn't sound like a good idea.  The way https://bclockchain.info/wallet handles it is far more secure (and faster).

. . . It is so many working parts that would take a long time, while keeping the connection to the user alive so they can get the address as soon as it is create.
I agree.  All that in addition to the serious lack of security.
legendary
Activity: 3472
Merit: 4801
February 09, 2013, 06:16:46 PM
#19
First off why would he switch them out each time someone wanted to use it.
That's a really good question that I'm still trying to understand. See here:

. . . shutdown the daemon and replace the wallet.dat file . . .

. . . Easily, you have the user supply a password, hash it, use that hash to create the public key, which then would be used to encrypt the wallet file. Then you do the opposite to decrypt the wallet file. It is kinda encryption 101 . . .
I can't make sense of what you are saying. If the user wants to create a new address, what do they transmit to your server? Do they send the un-encrypted private key?  If they send only the public key, then how will your server sign transactions for them?  How will your server protect them from losing their private keys?

. . . I wouldn't store the wallet on the users side . . . because the average gullible user needs to be protected from himself . . .

The only way to keep the private keys protected is to store them encrypted, then send the encrypted key to the user so they can decrypt it with the client software on their side and sign the transactions themselves on their side.
legendary
Activity: 3472
Merit: 4801
February 09, 2013, 05:29:04 PM
#18
Obviously I wouldn't send the raw password over the network, I would send a salted bcrypt hash over RSA-2048 in a secured connection . . .
If you don't send the raw password over the network, how are you going to encrypt or decrypt the wallet? Don't you need the actual encryption password to do that?
http://en.wikipedia.org/wiki/Hash_function

http://en.wikipedia.org/wiki/Bcrypt
Bcrypt is a one way hashing function, you would be better off using private key and public key.
If madmadmax is going to store the users encrypted wallets on his server, and then try and swap them in using bitcoind, how exactly are private and public keys going to keep the user's wallets secure?
legendary
Activity: 3472
Merit: 4801
February 09, 2013, 04:36:35 PM
#17
Obviously I wouldn't send the raw password over the network, I would send a salted bcrypt hash over RSA-2048 in a secured connection . . .
If you don't send the raw password over the network, how are you going to encrypt or decrypt the wallet? Don't you need the actual encryption password to do that?
http://en.wikipedia.org/wiki/Hash_function

http://en.wikipedia.org/wiki/Bcrypt
I looked at both links.  I still don't understand how you can encrypt or decrypt the wallet without the password.
hero member
Activity: 740
Merit: 501
February 09, 2013, 11:49:06 AM
#16
Obviously I wouldn't send the raw password over the network, I would send a salted bcrypt hash over RSA-2048 in a secured connection . . .
If you don't send the raw password over the network, how are you going to encrypt or decrypt the wallet? Don't you need the actual encryption password to do that?

http://en.wikipedia.org/wiki/Hash_function

http://en.wikipedia.org/wiki/Bcrypt
legendary
Activity: 3472
Merit: 4801
February 09, 2013, 11:22:20 AM
#15
Obviously I wouldn't send the raw password over the network, I would send a salted bcrypt hash over RSA-2048 in a secured connection . . .
If you don't send the raw password over the network, how are you going to encrypt or decrypt the wallet? Don't you need the actual encryption password to do that?
hero member
Activity: 740
Merit: 501
February 09, 2013, 11:09:33 AM
#14
I see that you "want to have separate wallets all encrypted with the users password"

Wouldn't that require that they send you their password in order to decrypt and use the wallet?  That seems like a significant security flaw.  I'd think it would be better to create a database that contains a user identifier and bitcoin address as a primary key along with a column for the encrypted password.  Then any new bitcoin address can be generated and the private key can then be encrypted on the user side.  Having the bitcoin addresses would allow you to show balances, and any time the user needs/wants to send a transaction, you can supply them with the encrypted password only.  The users client program can decrypt the private key locally and sign the transaction.  That way you never have access to the user's private keys or password.

If on the other hand you plan to send the user the entire encrypted wallet, and have them decrypt it locally (and use it decrypted locally), then there isn't any need to "write an app to shutdown the daemon and replace the wallet.dat file"  Since the user will be using the wallet on their end, you don't need a daemon at all.

Obviously I wouldn't send the raw password over the network, I would send a salted bcrypt hash over RSA-2048 in a secured connection. I wouldn't store the wallet on the users side not because of a possible security flaw on the server side but because the average gullible user needs to be protected from himself, in addition to having the option to run on the deep-web in the future.
legendary
Activity: 3472
Merit: 4801
February 09, 2013, 10:47:49 AM
#13
I see that you "want to have separate wallets all encrypted with the users password"

Wouldn't that require that they send you their password in order to decrypt and use the wallet?  That seems like a significant security flaw.  I'd think it would be better to create a database that contains a user identifier and bitcoin address as a primary key along with a column for the encrypted password.  Then any new bitcoin address can be generated and the private key can then be encrypted on the user side.  Having the bitcoin addresses would allow you to show balances, and any time the user needs/wants to send a transaction, you can supply them with the encrypted password only.  The users client program can decrypt the private key locally and sign the transaction.  That way you never have access to the user's private keys or password.

If on the other hand you plan to send the user the entire encrypted wallet, and have them decrypt it locally (and use it decrypted locally), then there isn't any need to "write an app to shutdown the daemon and replace the wallet.dat file"  Since the user will be using the wallet on their end, you don't need a daemon at all.
hero member
Activity: 740
Merit: 501
February 09, 2013, 08:00:38 AM
#12
You're talking about separate users of a Windows computer in your household?  I think that the standard installation of Bitcoin-Qt already has separate wallets and seperate copies of the blockchain for each user, doesn't it?

It has "accounts" which is an arbitrary implementation of bitcoin-qt, you cannot however encrypt individual users and you cannot let every user download his wallet file if need be.
Are you trying to create a web hosted wallet service like https://blockchain.info/wallet or are you just trying to allow multiple people who are sharing a computer each have their own wallet on that computer?

I am looking for something more geared towards blockchain.info although not the same at all, performance wise it should be just as efficient as a commercial product.

If your trying to create a blockchain.info like site, I highly discourage it cause the reasons blockchain.info is so good is the hybird wallet system, which I don't think you have full grasped the concept of yet from this thread.

I know exactly how a hybrid wallet system works, unless you are talking about Belgian Canaries I know exactly what you're talking about.

As to having a system like I want it seems that exporting the private keys to a wallet files would be easier and faster as well.
legendary
Activity: 1498
Merit: 1000
February 08, 2013, 05:32:39 PM
#11
You're talking about separate users of a Windows computer in your household?  I think that the standard installation of Bitcoin-Qt already has separate wallets and seperate copies of the blockchain for each user, doesn't it?

It has "accounts" which is an arbitrary implementation of bitcoin-qt, you cannot however encrypt individual users and you cannot let every user download his wallet file if need be.
Are you trying to create a web hosted wallet service like https://blockchain.info/wallet or are you just trying to allow multiple people who are sharing a computer each have their own wallet on that computer?

I am looking for something more geared towards blockchain.info although not the same at all, performance wise it should be just as efficient as a commercial product.

If your trying to create a blockchain.info like site, I highly discourage it cause the reasons blockchain.info is so good is the hybird wallet system, which I don't think you have full grasped the concept of yet from this thread.
hero member
Activity: 740
Merit: 501
February 08, 2013, 05:08:40 PM
#10
You're talking about separate users of a Windows computer in your household?  I think that the standard installation of Bitcoin-Qt already has separate wallets and seperate copies of the blockchain for each user, doesn't it?

It has "accounts" which is an arbitrary implementation of bitcoin-qt, you cannot however encrypt individual users and you cannot let every user download his wallet file if need be.
Are you trying to create a web hosted wallet service like https://blockchain.info/wallet or are you just trying to allow multiple people who are sharing a computer each have their own wallet on that computer?

I am looking for something more geared towards blockchain.info although not the same at all, performance wise it should be just as efficient as a commercial product.
legendary
Activity: 1512
Merit: 1036
February 08, 2013, 01:57:59 PM
#9
If you are talking about different users in a household, you only need create other user accounts in your operating system. Locking down/encrypting user directories is optional depending on how much you trust local users.

Bitcoin stores it's data in a user's profile on both Windows and Linux (probably Mac too). If someone logs in with a different user name and launches Bitcoin, it will create a new %APPDATA%\Bitcoin for that account with it's own wallet, blockchain, etc. You can speed up the initial download by doing a copy %APPDATA%\Bitcoin\BLK*.DAT C:\Users\LittleJohnny\AppData\Roaming\Bitcoin to each additional user account's profile.
legendary
Activity: 3472
Merit: 4801
February 08, 2013, 01:24:29 PM
#8
You're talking about separate users of a Windows computer in your household?  I think that the standard installation of Bitcoin-Qt already has separate wallets and seperate copies of the blockchain for each user, doesn't it?

It has "accounts" which is an arbitrary implementation of bitcoin-qt, you cannot however encrypt individual users and you cannot let every user download his wallet file if need be.
Are you trying to create a web hosted wallet service like https://blockchain.info/wallet or are you just trying to allow multiple people who are sharing a computer each have their own wallet on that computer?
hero member
Activity: 740
Merit: 501
February 08, 2013, 12:37:26 PM
#7
You're talking about separate users of a Windows computer in your household?  I think that the standard installation of Bitcoin-Qt already has separate wallets and seperate copies of the blockchain for each user, doesn't it?

It has "accounts" which is an arbitrary implementation of bitcoin-qt, you cannot however encrypt individual users and you cannot let every user download his wallet file if need be.
legendary
Activity: 3472
Merit: 4801
February 08, 2013, 12:17:02 PM
#6
You're talking about separate users of a Windows computer in your household?  I think that the standard installation of Bitcoin-Qt already has separate wallets and seperate copies of the blockchain for each user, doesn't it?
hero member
Activity: 740
Merit: 501
February 08, 2013, 11:44:14 AM
#5
Not sure what you are trying to do, but it sounds like the method you are choosing may not be the best way to go about it.

Since every user has his own password I want to have separate wallets all encrypted with the users password

So you basically want individual encrypted wallets for several people all located in the same place but only accessible with their own unique password?

Yes, neither the hashes or the passwords will be stored at the same machine
edd
donator
Activity: 1414
Merit: 1002
February 08, 2013, 11:42:49 AM
#4
Not sure what you are trying to do, but it sounds like the method you are choosing may not be the best way to go about it.

Since every user has his own password I want to have separate wallets all encrypted with the users password

So you basically want individual encrypted wallets for several people all located in the same place but only accessible with their own unique password?
hero member
Activity: 740
Merit: 501
February 08, 2013, 11:38:45 AM
#3
Not sure what you are trying to do, but it sounds like the method you are choosing may not be the best way to go about it.

Since every user has his own password I want to have separate wallets all encrypted with the users password
legendary
Activity: 3472
Merit: 4801
February 08, 2013, 11:28:31 AM
#2
Not sure what you are trying to do, but it sounds like the method you are choosing may not be the best way to go about it.
hero member
Activity: 740
Merit: 501
February 08, 2013, 11:07:42 AM
#1
How can you create a wallet for every separate user and encrypt every wallet with a different hash?

EDIT: Just realized you can write an app to shutdown the daemon and replace the wallet.dat file but it seems it would slow overall performance drastically...
Jump to: