Pages:
Author

Topic: Wallet.is a service striving to succeed where instawallet has failed (Read 3457 times)

newbie
Activity: 48
Merit: 0
Unless I'm the only person that has my private keys, and all signing is done on my computer, you are a fucking dumbass if you use this wallet because you will lose "your" coins.

You just admitted that nothing is 100% safe. Besides, do some reading.. the chrome extension for Blockchain.info is quite secure. Not bulletproof of course, but a hundred orders of magnitudes better than your current setup with is "send me coins".

Here is what WILL happen (guaranteed):

1. Operator goes AWOL, with no renewals server goes down
2. Operator disappears along with the coins in the wallet. Possibly a "hack" explanation.
3. Site actually gets hacked by someone else, you lose some or all of your coins

Don't store private keys on server.

If you don't have the private key, you don't own the bitcoins. Period.

Sorry if I'm a bit harsh, but this will end up with people losing their bitcoins to a hacker, to you, or to /dev/null.

Especially considering how the operator was registered a couple of days ago, he most likely saw how instawallet could have stole 10 million USD and wanted to scam others.

So right, I agree that if you do not control your own private keys you do not own the coins
hero member
Activity: 668
Merit: 501

apetersson, I think that having privkey in the url creates more issues than it solves (it does not solve the trust issue itself, and may create additional nasty edge cases)


please explain to me what these edge cases are.

if the secret part of the url can leak, it is certainly equally bad as an attacker can empty the wallet.

by not keeping the actual private keys on your server only in memory for a short amount of time you avoid many hacking problems.
member
Activity: 98
Merit: 10
Two factor authentication is very important for this kind of wallet...
legendary
Activity: 4690
Merit: 1276
...
If I wanted to steal coins, I would have been far better off with something along the lines of pirate scam (entraping people with greed is far easier than entrapping them with a feature rich service - much less code that way Wink )

While I wait for your efforts and others to develop...

I was looking around for a way to dispurse more of the BTC that I wish to trust with a single on-line wallet (blockchian.info) and notice 'strongcoin' and there actions to fuck a thief (which I found both appropriate and highly amusing.)

In researching 'strongcoin' I spotted no significant discussion on this forum, and much more importantly, the actual personally identifiable information on those behind the effort was, in my opinion, sorely lacking.  Although it could be bogus, the amount of information along these lines which ~puik saw fit to publish was/is a strong selling point to me in using the blockchain.info solution.

I only mention it in case it influences how you structure your offering as things evolve.

newbie
Activity: 26
Merit: 0
tvbcof and passerby

Thanks a lot for suggestions!

I like many of them, so I'll discuss them with the rest of the team and we'll start working right away. I like the "internal transaction" suggestion, though I'd rather avoid using either emails or long "bitcoin not-a-bank account numbers" as internal identifiers. I am considering bitcoin address of the vault itself (gox style) though I am open to other suggestions.

Also, I have a few ideas of my own that, to the best of my knowledge, aren't part of any wallet service currently done Wink
Wallet.is team will do our best to amaze

I believe the fact you glossed over TF's issues without any defense shows his comments were dead on.  You are going to collect as many coins as you can then disappear.   Undecided


His issue can be boiled down to "server side storage is not trustworthy".

We at wallet.is don't aim to somehow mend the fundamental trust assymetry of server-side wallets, but we intend to make up for that in valueable features and ease of use. We hope that, by providing a reliable and feature-rich service over a long period of time we shall, eventually, prove ourselves to be "trustworthy enough" for certain use cases.

If I wanted to steal coins, I would have been far better off with something along the lines of pirate scam (entraping people with greed is far easier than entrapping them with a feature rich service - much less code that way Wink )
Vod
legendary
Activity: 3668
Merit: 3010
Licking my boob since 1970
tvbcof and passerby

Thanks a lot for suggestions!

I like many of them, so I'll discuss them with the rest of the team and we'll start working right away. I like the "internal transaction" suggestion, though I'd rather avoid using either emails or long "bitcoin not-a-bank account numbers" as internal identifiers. I am considering bitcoin address of the vault itself (gox style) though I am open to other suggestions.

Also, I have a few ideas of my own that, to the best of my knowledge, aren't part of any wallet service currently done Wink
Wallet.is team will do our best to amaze

I believe the fact you glossed over TF's issues without any defense shows his comments were dead on.  You are going to collect as many coins as you can then disappear.   Undecided

newbie
Activity: 26
Merit: 0
Hi guys!

Just a quick update: We have support for LTC:
https://ltc.wallet.is

More to come - working frantically on new features

Posting from mobile.

P.S.:

Matoking, will add (better safe than sorry Smiley )

apetersson, I think that having privkey in the url creates more issues than it solves (it does not solve the trust issue itself, and may create additional nasty edge cases)

P.P.S.:
I have, recently, devised something very special for "internal transactions" thing.

Stay tuned for more updates
sr. member
Activity: 352
Merit: 250
Firstbits: 1m8xa
http://support.google.com/webmasters/bin/answer.py?hl=en&answer=93710

Add the noindex meta-tag to your wallet pages so the pages won't get indexed by Google, even accidentally. The robots.txt file isn't sufficient enough, since it doesn't prevent links from other sites being indexed.
hero member
Activity: 668
Merit: 501
i think it would make sense to have a url structure like

https://wallet.is/key/5KdN2Qrb5peKKmtpFU9A6owijy1a2sHNo6JcuGMy1iTn5dBjKWt

where the key is the actual private key.

that way, you only have to maintain a generic index of all adresses. Intentionally do no keep any logs.

if your service goes offline anyone can still import their key into a wallet.
member
Activity: 112
Merit: 10
I kinda like z12's idea, especially since dead man's switch (which is among my fav. features) involves providing a btc address anyway.
z12
member
Activity: 63
Merit: 10
Receive a cold btc address from users so it can be used for verifications by signing messages and withdrawing user's coins to that particular address in case of "insta-wallet" kinda thing happened so users won't have to go through a claim process.
This address can be used for recovering lost address/password and the address itself should be changeable provided you can sign a 64 random letter text proving you own the address.
I think it would be far more anonymous than providing email kind of thing
member
Activity: 112
Merit: 10
I think internal transactions should be your priority.

Also, perhaps, make a special non-announcement thread for feature suggestions ?
newbie
Activity: 26
Merit: 0
tvbcof and passerby

Thanks a lot for suggestions!

I like many of them, so I'll discuss them with the rest of the team and we'll start working right away. I like the "internal transaction" suggestion, though I'd rather avoid using either emails or long "bitcoin not-a-bank account numbers" as internal identifiers. I am considering bitcoin address of the vault itself (gox style) though I am open to other suggestions.

Also, I have a few ideas of my own that, to the best of my knowledge, aren't part of any wallet service currently done Wink
Wallet.is team will do our best to amaze
member
Activity: 112
Merit: 10
Well, I guess I will first comment on tvbcof's suggestions a little bit, then will offer my own


 The 'killer app' for me was not needing to provide an e-mail addy, SMS, etc, and the lack of a password made that smooth.

Same here.


 - A team which is well known and respected (this failed in the case of ~davout though.)

I'd rather look for formal positions confirming competence - then again, I'm pretty sure that Citibank doesn't outsource its operations to 12 year old boys with ADHD and yet... THIS

- A good understanding of the funding.  Limited hot-wallet with occasional funds exhaustion is preferable to insolvency on failure.  Fees going into an auditable pool to be re-distributed absent failure would lend some credibility.  Or even let the user select thier preference on limits.

I think there definitely should be hot wallet and cold wallet, though given how insta-wallets aren't exactly Goxes, the cold wallet might be cold in more than one sense for a rather long time.

- A 'lock out' URL which, if visited, would lock the account.

 - A 'recovery token' which could be used to unlock a locked account or prove ownership of a URL

I like this, but I think the complexity added can be sidestepped with having a recovery email and a "lock account" button.

I mean, if I have to write a "de-mothballing token" I might as well just use an email recovery process.

- A 'maximum exceeded warning' mechanism whereby a user could be reminded that the service is for limited funds.

I think just adding a line of text clarifying that this is not a "bitcoin bank" should be enough. After all, "only keep as much bitcoins here as you really need" is rather subjective.
I had, at one point, about 100 btc in Instawallet (long before the whole thing went down in fire, luckily Cheesy), and would have been pretty annoyed if it started nagging me about the need to take them out.
 

Now, some suggestions of my own.

  • outgoing-fees

People hate ads. People who think they are security-conscious hate ads even more. Also, bitcoinfolk is savvier than your average soccer mom, so a lot of us have adblockers. Thus, ads won't work for paying your bills, roalwe.

Fees might.

I, however, hate the ever loving hell of "storage" fees (guys, I trust your little wallet shop with my coins, and you repay my trust and loyalty by charging me ? Yes, easywallet.org , I am looking at you Cheesy )

  • free internal transactions

You should introduce a mechanism one "vault" (in your terminology) can send BTC to another "vault"  without actually going through BTC network, and such transactions would be free.
This would require the account to have a secondary identifier that can be shared freely... I don't know, like an email. Or something.

It should NOT be related to anything that can be used for vault auth (URL, password, etc).

Ideally, I should be able to attach notes (like, "thx 4 all Z drugz - kissz, lawl nF0rc3r" Wink ) to internal payments

  • Recovery email

If I bother to set up a password, I might also bother enough to set up a recovery email.

  • Dead man's switch

Yeah, easywallet has it. So what ? It's damn cool, and I think every wallet should have it. Not like it's rocket science or a huge server load.

  • QR codes

Personally, I think they aren't all that useful, but ladies like them Wink or something.

That's all for now
sr. member
Activity: 336
Merit: 254
CEO of Privex Inc. (www.privex.io)

 - A good description of the back-end to architecture.  Opens-source if possible.  I think the pro's outweigh the con's, but it is debatable.
IIRC this is based on some code I did a while back which is public domain, they listed it on the about page: https://github.com/g2x3k/litecoin-instawallet-simple
legendary
Activity: 4690
Merit: 1276

I liked Instwallet very much for it's URL only usability.  My philosophy in using it was for spending money only.  I always knew that a whole range of possible issues existed, and am not complaining bitterly about my loss.  I am pursuing the failure vigorously, but for different reasons.

My feeling about URL access is that a whole range of issues from a different but overlapping set exist with other solutions also.  Losing one's password is high among these.  I see no reason why it could not be reasonably secure and well managed on the back end.  The 'killer app' for me was not needing to provide an e-mail addy, SMS, etc, and the lack of a password made that smooth.

---

Here are the things I would look for:

 - A team which is well known and respected (this failed in the case of ~davout though.)

 - A good description of the back-end to architecture.  Opens-source if possible.  I think the pro's outweigh the con's, but it is debatable.

 - A good understanding of the funding.  Limited hot-wallet with occasional funds exhaustion is preferable to insolvency on failure.  Fees going into an auditable pool to be re-distributed absent failure would lend some credibility.  Or even let the user select thier preference on limits.

 - A documented recovery plan in case of failure.

 - A 'lock out' URL which, if visited, would lock the account.

 - A 'recovery token' which could be used to unlock a locked account or prove ownership of a URL

 - A 'maximum exceeded warning' mechanism whereby a user could be reminded that the service is for limited funds.

 - I've already forgotten some of the stuff I thought of.

I'll use your service without any of this stuff for minor spending, temporary funds shuffling, and new user demonstration purposes.  As always, with the anticipation that you guys could rip me off at any time.  Also with the full knowledge that you could be logging my IP's, transactions, etc.  Just as was the case with Instawallet.

hero member
Activity: 756
Merit: 522
I think people are having serious trouble selling themselves on using well known, aged and trusted services like blockchain.info's wallet. Take a chance on a newcomer? Not this month. Probably not this year and quite possibly never ever.
newbie
Activity: 26
Merit: 0
'cause I can like myself a strongly pseudonymous, online wallet that is sufficiently feature-rich...So come on, AMAZE ME.

What features would you suggest?

unlike others I would welcome you around and suggest Google Authentication as an option, honesty and trust is hard when it comes to money so maybe you understand how "others" see you

I'm not easily offended, and I certainly see why people might be suspicious of a wallet service.

Thanks for the welcome - very appreciated.

As to google auth - well, it's not exactly a nice thing code-wise, but it is rather useful, thanks for the suggestion.

I think that adding support for their two-factor auth system is not out of the question if/when we decide to expand beyond "quickiewallet" philosophy (which is what I think passerby is hinting at)


The only feature I see that instawallet didn't have, is the ability to password your wallet.
Also I don't even know if these guys charge fee's, they don't mention it anywhere on their site, so that could be a plus if there isn't a fee.

Well, so far we're just on BTC fees - would be kinda unfair to charge people for an early beta of a service, I think.

Speaking of fees, it seems that if we were to expand to a more... comprehensive feature suite, we'd have to either adopt some fee system or place ads, and it appears to me that people loathe ads in  wallet services (and not only the rather risky "rich media" ads, it seems)
newbie
Activity: 10
Merit: 0
unlike others I would welcome you around and suggest Google Authentication as an option, honesty and trust is hard when it comes to money so maybe you understand how "others" see you
member
Activity: 112
Merit: 10


You just admitted that nothing is 100% safe. Besides, do some reading.. the chrome extension for Blockchain.info is quite secure. Not bulletproof of course, but a hundred orders of magnitudes better than your current setup with is "send me coins".

I don't think he "admitted" is the right word for describing a situation when someone says a truism that is well-known in all security-related fields.

Also, is your "hundred orders of magnitudes" assessment based on some formal estimation process, or are you just fond of throwing around brown-number claims that sound BIG ?   Roll Eyes

Here is what WILL happen (guaranteed):

1. Operator goes AWOL, with no renewals server goes down
2. Operator disappears along with the coins in the wallet. Possibly a "hack" explanation.
3. Site actually gets hacked by someone else, you lose some or all of your coins

Guaranteed ?

As in, you would be willing to bet money on that ?  Interesting... We could do something... about that Cheesy

Sorry if I'm a bit harsh, but this will end up with people losing their bitcoins to a hacker, to you, or to /dev/null.

Well well... user-side encrypted keys which are stored (encrypted) elsewhere can be rather vulnerable to /dev/null incident happening "on the server side" (of course, proper service should have backups - but that does not mean a given specific service does)

Especially considering how the operator was registered a couple of days ago, he most likely saw how instawallet could have stole 10 million USD and wanted to scam others.

Are you, by any chance, related to Glenn Beck ? (I'm just asking questions Wink )

'cause I can like myself a strongly pseudonymous, online wallet that is sufficiently feature-rich...So come on, AMAZE ME.

I guess you didn't want a secure online wallet.

Now, now, it depends.

Personally, I don't think that "really fast one-time wallet" services are "done for", that's all.


Yes, they do have attack vectors and failure modes that are specific to them, but at a number of circumstances I have found such trade-offs acceptable (I have used Instawallet in the past, as an "intermediate" coin deposit of sorts, and was quite satisfied by the outcome).

Also, I don't think anything can be completely secure - my vanilla satoshi client, with password-protected wallet and regular automatic backups, can be argued to be safer than any "online-shmonline" service could ever be, but to claim it is "totally" secure would be just pure hubris.

The question is, what the tradeoffs are.

As it stands, Wallet.is doesn't do anything interesting enough to make me consider moving coins into it, though I probably will use it as a "lazy man's cheap-ass coin decorrelator" at some point in the future.
Hence, dear wallet.is, please amaze me. Or something.

I suggest we move the discussion from "Ye Greate Battle of Wallet Service Philosophies" to "what cool features one could add to a "classic" wallet service"

I can start a separate thread for great philosophical battles, if someone considers it necessary.


P.S.:
Dear TradeFortress, if Modify button was a bunch of rattlesnakes, your next-of-kin would have already received your possessions.  Roll Eyes
Pages:
Jump to: