Topic: wallet.dat encrypt by multiple users question (Read 448 times)

Altcoin forums are over there ---->

Seriously tho... as I pointed out, if you need to send more coins than some arbitrary limit that the clueless altcoin/clonecoin devs have not properly considered, then send multiple transactions or create multiple outputs. Giving someone a digital copy of the wallet file DOES NOT constitute transfer of ownership.

The whole point of cryptocurrency is to create a "trustless" system... Receiver does not need to trust that the Sender is not counterfeiting or forging the transaction nor will they attempt to reverse the payment, as the network takes care of authenticating, validating and securing the transaction. By circumventing this and trying to transfer by simply copying the wallet file, you basically lose ALL of the security.

What's to stop someone simply making X copies of the file and "selling" it to X different people? Anyone attempting to "sell" a wallet file, for the purposes of "transferring funds", should be regarded as "highly untrustworthy" and potentially a scammer. Anyone trying to "buy" a wallet file (for the same purpose) is an idiot.

Altcoin's case that has way more max supply than 100 millions.

There is no maximum limit. Unless there is some arbitrary limit set by your wallet. If this is the case, simply send multiple transactions. If you don't transfer the BTC using a transaction, it will NOT be secured by the network and cryptographic security features Bitcoin provides. There is nothing to stop someone simply keeping a copy of the wallet file and spending the coins themselves. The only secure way to transfer Bitcoin to another party is by creating, signing and broadcasting a transaction and waiting for it to be confirmed.

In any case, a max limit of 100 million is fine... as there will only ever be 21 million BTC

There is situation like who want to sell whole wallet itself. Why just send whole coin through blockchain? Because there is limit of 100 million amount at send function.

Obviously, one person's encryption can't affect the use of another person.
Bitcoin determines ownership through a private key. You give the wallet to another person. The other party already knows your private key and can transfer your funds.
You are now encrypting the private key. When you use it, you still need to decrypt the private key. So your encryption has absolutely no effect on other people who already know your private key.
Remember: Don't give your private key to anyone.

No.

This is incorrect.

Keys are NOT sent.

Each user creates their own keys. Z will generate a bitcoin address from his PUBLIC key and will provide the bitcoin ADDRESS to the sender (A).  A will NOT send ANY keys to Z at all.


Then please don't give bad advice in the Technical sub-forums.  You will cause other people to lose money if they believe the false things that you say.  Do you want to be responsible for someone else losing thousands of dollars?

In fact it is even more complicated and i hope this will explain it a little bit more.
(Perhaps it makes it even more confusing.)
There is no balance in a wallet so it is not 100% correct to say you have 1000 in your wallet, however i will start talking so to explain it later.
If there is 1000 in a wallet and A wants to pay 100 to Z it is possible that A needs to sends 400:
 100 to Z, 295 to himself. and 5 as a fee for the miner.
The wallet does not contain 1000. The wallet only contains keys to unspent transactions.
Perhaps there are two keys to unspent transactions: an unspent 400 and a unspent 600. (This is only an example it can be more complicated.)
Perhaps the software decides to use the key to the unspent 400:
Z will get a key to unspent 100, a (new) key to unspent 295 is send back to the sender (A) and the miner will get a key to 5 (as a fee).
I don't know for sure if B, who had a copy the wallet.dat file, will also receive the key to the unspent 295 but i don't expect so.
If, in this example, the transaction is accepted :
- A will have in the wallet a key to unspent 600 and unspent 295.
- B will have in the wallet a key to unspent 600 and a key to 400 that is already spend.  
If now B wants to send 10 to Y only the key to the unspent 600 can be used. If he wants to pay a fee of 1 the wallet: 10 will be used for a key send to Y, 589 will be used for a key send back to B and 1 will be used for a key for the miner as a transaction fee.
After this next transaction
- A has in the wallet a key to 600 that is already spent and unspent 295. So he (or she) can still spend 295.
- B has in the wallet a key to 589 that still can be spend.
( Z has a key to 100 , Y has a key to 10, a miner has a key to 5 and a miner has a key to 1 )
( 295 + 589 + 100 + 10 + 5 + 1 = 1000 )

If you mean the software now known as Bitcoin Core, then it will automatically create new addresses when you change the password (or enable encryption for the first time) and hold them in the wallet file. The addresses will be shown when you use "File -> Receiving Addresses -> New" or when you create a payment request on the "Receive" tab.


Alternatively, as mentioned by Danny, you can "import" a generated key from elsewhere using the "importprivkey" command with the debug console: https://en.bitcoin.it/wiki/Help:How_to_import_private_keys_in_Bitcoin_Core_0.7%2B

Note:
There is no official bitcoin wallet. Bitcoin is not owned by a company/authority/anyone.
Bitcoin is an open source project. Anyone can create wallets.

Bitcoin Core is a development team which focuses on improving the bitcoin protocol. They are not deciding it themselves.
It takes the majority of the community to make changes to the network.

Core has released (and is improving) their full node wallet, which is considered the best full node wallet at this moment (this can change in the future).


While it is definetely safe (regarding security + privacy) to use the core wallet, it is important to keep in mind that it is not an 'official bitcoin wallet'.

I always use default official window wallet qt program.

Use wallet software.

Wallet software generates the private key and stores it in the wallet file for you.

Some of the wallet software also allows import of private keys that were generated in other wallets.  In that case, you need to learn how to use the import functionality of the wallet software that you choose.

Thanks for detailed description!

Some question rises inside of me,

How to add new secret key(private key) to that wallet.dat file?

No.

Not "balance".  Transaction outputs.  Wallets track each output separately.  A wallet is NOT an "account".  It is software that manages individual outputs and private keys for you.


UTXO is unspent transaction output.



BOTH

They BOTH still have the private keys for all the UTXO, so they BOTH can still spend the bitcoins.

Wallet does not have "balance", so when you change the password, you do NOT protect the balance.  Wallet has private keys.  Password is used to encrypt the private keys.  Here is an analogy...

I have a file.  I put a secret in the file.  I give you a copy of the file. I encrypt my file with a password, and you encrypt your copy of the file with your password.  Who can access my secret?

I can access my secret in my file with my password.  You can access my secret in your file with your password.  WE CAN BOTH STILL ACCESS MY SECRET.

Here is another analogy...

I have a file.  I put a secret (secret_A) in the file.  I give you a copy of the file.  I add a new secret (secret_B) to my copy of the file. I encrypt my file with my password.  You add a new secret (secret_C) to your file. You encrypt your file with your password.  Who can access the secrets?

We can BOTH access secret_A, but ONLY I can access secret_B and ONLY YOU can access secret_C.

Wallet is the same.  Wallet is a file.  Wallet has secret keys (private keys).  If I give you a copy of the file, then you can access all the private keys.  If I add password to MY file, you can still access all the keys.  If I add NEW KEYS to MY FILE AFTER I give you a copy, then you can STILL access the OLD keys, but you can NOT access the NEW keys.

Every payment that you receive with the wallet is separate UTXO.  Wallet does NOT combine UTXO into "balance".  It keeps track of each UTXO separately.  If UTXO is received associated with private key that we BOTH have, then we BOTH can spend that UTXO (whichever gets confirmed first wins).  If UTXO is received associated with private key that ONLY ONE of us has, then ONLY that ONE person can spend that UTXO.

UTXO = "Unspent Transaction Output"

Which is exactly what it's name suggests... it is an output from a Bitcoin transaction that has not been "spent" (ie. used).

Assuming that neither A nor B have spent any of the funds in the wallet... then both A *or* B could attempt to send a transaction using the 1000 balance in the wallet, as there has been no change to which private keys control which UTXOs... Both A wallet and B wallet still have the private keys that will enable them to spend the coins in the wallet.

All that has happened is that the password has changed, so each wallet.dat file will now have a different seed and will generate different addresses from THIS POINT. It does not affect UTXOs that are already in the wallet.

What is UTXO?

and if A user have 1000 balance in his wallet, then give wallet.dat file  to B, then A changed his wallet password, B also changed password to some other, then what happen? Who can access and spend existing 1000 balance?

Then you need to start all over.

Your understanding is VERY flawed.

"Behind the scene" there is no address.  Address is for humans.  There is no address in transactions.  There is no address in blockchain.

"Behind the scene" there is no balances.  Balances are for humans.  Wallets use transaction outputs.  Transaction outputs are either unspent (UTXO), or spent.  There is no partial spending of UTXO.


No.  First to get confirmed transaction assigning bitcoin value to UTXO that is under the control of a private key that the other user does not have "wins", but ONLY wins the bitcoin value that are assigned to that  UTXO.  Any bitcoins that are still under the control of a private key that exists in both wallets are still under both control.  Any bitcoins that are assigned to UTXO that is under the control of a private key that the other user does not have in UNCONFIRMED transaction are still under both control.

What exactly are you wanting to know? The use case you are describing is not a "normal" scenario for how Bitcoin Core was designed to be used.

In fact, it is pretty much the complete opposite of normal usage. That is to say, typically you should NEVER share the wallet.dat with anyone... Even trying to use the same wallet.dat on multiple computers is a bad idea.

Also, know that the advice here is specific to Bitcoin Core and the way it works. Other wallet software, like Electrum, may not necessarily exhibit the same behaviour. For instance, Electrum does not generate a new seed if you encrypt the file or change the password.

When you share your wallet.dat with someone, it's basically the same as giving him your IRL wallet. He can do anything he wants with it, and there's nothing you can do to stop him.

If you're curious about how wallets work, this isn't going to get you there. You may be interested in a multisig solution so that you and the other person both have to sign to complete a transaction.

A wallet is basically a piece of software which manages your private-/public keypairs.
Most wallets are Hierarchical Deterministic wallets. Those derive a new private key from a so called master private key (MKP).

Upon encrypting (or changing password of) your wallet.dat, core generates a new MPK.
Any generated address after this will onle be cointained in this version of your wallet.dat + futures backups, not in older ones.

Therefore if you (or the second person who has a copy of yor wallet file) spend(s) a part of the coins, the change of the transaction goes to a change address which has only been generated by the wallet the transaction came from.
The actual amount of coins not being 'available anymore' in the older version depends on the UTXO's which have been included into the transaction.

Just curious about how wallet and addresses works behind the scene. So I think I know briefly, but still there is something I don't know.
Very complicated about whole.