Download Armory - Best Bitcoin Wallet Armory

Bitcoin Wallet

Everything about bitcoin wallets.
[link]

New to Bitcoin? Confused? Need help? You've come to the right place.

Bitcoin is an internet based decentralised currency. Similarly to Bittorrent, but Bitcoin uses a public ledger called the blockchain to record who has sent and received money. It's very new, and for many very confusing. BitcoinHelp aims to rectify this. Whether it be explaining how it works, how to use it, how to buy Bitcoins, how to integrate Bitcoins into your business. Sharing your successes as well as failures in order to help others is also gladly received. Ask away!
[link]

Attention anyone with a significant sum of money on an exchange or other web wallet

  1. Go to https://www.bitaddress.org and save the page to a USB stick.
  2. Get a secure, completely offline computer.
  3. Put the USB stick in this computer and open up the page.
  4. Go to the Paper Wallet tab and check the BIP38 box.
  5. Enter a secure pass phrase (write it down someplace safe) and generate your paper wallets.
  6. Print the wallets.
  7. Withdraw your funds from the exchange to the "Load and Verify" QR code.
  8. Put the paper wallet somewhere safe.
Congratulations!
Now you won't become one of these people:
http://www.reddit.com/Bitcoin/comments/1rrnrg/39917_bitcoins_stolen_from_users_of_sheep_market/
http://www.reddit.com/Bitcoin/comments/1rs0bq/woke_up_to_an_email_from_mt_gox_there_has_been_a/
http://www.reddit.com/Bitcoin/comments/1fnna1/53_bitcoins_were_just_stolen_from_my_mt_gox/
http://www.reddit.com/Bitcoin/comments/1li3v9/102_btc_stolen_of_my_blockchain_can_anything_be/
http://www.reddit.com/Bitcoin/comments/1g4vwk/100_bitcoins_stolen_from_my_mtgox_account/
http://www.reddit.com/Bitcoin/comments/1rexob/bitcoin_payment_processor_bips_attacked_over_1m/
http://www.reddit.com/Bitcoin/comments/hzgja/computer_compromised_and_bitcoins_worth_500000/
http://www.reddit.com/Bitcoin/comments/1rjd9d/1295_bitcoins_stolen_in_heist/
http://www.reddit.com/Bitcoin/comments/1r9rtp/i_just_had_39_btc_stolen_from_my_mtgox_account/
If you do choose to leave any bitcoins online, use 2-Factor-Authentication!!!
Thanks to Amanojack for this disclaimer:
Do your own research about change addresses and other technical aspects before attempting to retrieve bitcoins from your paper wallets.
Thanks to kilorat for this reminder:
PRACTICE! Go through all the steps, then make sure you can load up the private key with a wallet software. Then once you know that you are doing it right, destroy the address and make a new one for real.
submitted by PotatoBadger to Bitcoin [link] [comments]

Last Forking Warning

Last Forking Warning submitted by MineForeman to Bitcoin [link] [comments]

I'm tired of bitcoin-qt

Mini rant. I was happy using bitcoin-qt for quite a few months now, It had gave me a few headaches, sometimes the database was corrupted or something, just re-index it. It worked fine.
I always exit bitcoin-qt before shutting down the computer, to never let this happen again, but it happens from time to time.
Anyway, five days ago, it started again with the database problem. I tried to reindex it, delete last blocks and reindex it, nothing was working. So, OK, screw it, delete all (except wallet file) and let download the whole blockchain again. ... Well... it stopped syncing after a while. It tells me that I need to update the client. Other times I it tells me it's syncing, but it shows a 0 blocks indexed (and no arrows icon on bottom-right).
After 5 days, I just delete everything (again) and started from 0.
I don't like the idea of thin client, but for the moment I've downloaded MultiBit, I read that Armory works on top of bitcoin-qt, should I try it or I will have the same problems?
I know this is my problem, not a problem with bitcoin-qt itself, it worked very good for months. I don't think it's a network problem (I have a good connection), not a software problem (Debian Squeeze), as I said, I exit the program before the computer. Just a mini-rant about all this.
I'm also concerned this happens to less techie people, they could easily delete the wallet file, or just get tired of bitcoins because of similar problems with the programs.
submitted by still_unregistered to Bitcoin [link] [comments]

In early 2013, it became a common belief that new Bitcoin users should not be recommended Bitcoin-QT, the full node client. Bitcoin.org was changed to no longer exclusively recommend it. Two years later, the block size conservatives are saying the drop in full node count was due to block size

I distinctly remember that the recommending of Bitcoin-QT to new Bitcoin users became a faux pas in early 2013. It was claimed that regular people should download and install an SPV client like Multibit.
Predictably, there was a large drop in the full node count, as the wallet market became dominated by a large number of new, light clients, and the most trafficked Bitcoin website, bitcoin.org, stopped exclusively recommending people to install Bitcoin-QT.
Now, we have important developers like Luke-Jr claiming that this 95% drop in full node count can be mainly attributed to the growing size of the block chain, despite the fact that the drop began right when light clients began being recommended..
EDIT to add some data:
This is the image that GMaxwell and Peter Todd, two individuals who are conservative about the block size (in particular Peter Todd, who's been warning about increasing the 1 MB size limit since 2013), have linked to to make their point about the full node count:
http://i.imgur.com/EL0zHRe.jpg
Up until at least March 18, 2013, the only client recommended to visitors of bitcoin.org was Bitcoin-QT, and an installation link for it was provided right on the landing page:
https://web.archive.org/web/20130318211940/http://bitcoin.org/
The WayBack Machine shows that by March 25th, 2013, this had changed, and a 'Choose Your Wallet' button appeared on Bitcoin.org/:
https://web.archive.org/web/20130513214959/http://bitcoin.org/en/
From March 25th 2013 onward, the number of non-full-node wallets recommended by bitcoin.org increased, in response to a general increase in the number of high quality and/or well marketed light and mobile wallets on the market.
Now a days, Bitcoin-QT is one of twelve clients displayed on bitcoin.org's Choose Your Wallet page:
https://bitcoin.org/en/choose-your-wallet
Other than Bitcoin-QT and Bitcoin Armory, all of them are non-full-node clients.
This shift, from a wallet market where only Bitcoin-QT was available and recommended to one that is increasingly diverse and dominated by light clients, coincides with the point (Spring 2013) where we start seeing a rapid decline in the full node count.
submitted by aminok to Bitcoin [link] [comments]

PSA: Clearing up some misconceptions about full nodes

It's time to clear up some misconceptions floating around about full nodes.
Myth: There are only about 5500 full nodes worldwide
This number comes from this site and it measured by trying to probe every nodes on their open ports.
Problem is, not all nodes actually have open ports that can be probed. Either because they are behind firewalls or because their users have configured them to not listen for connections.
Nobody knows how many full nodes there are, since many people don't know how to forward ports behind a firewall, and bandwidth can be costly, its quite likely that the number of nodes with closed ports is at least another several thousand.
Nodes with open ports are able to upload blocks to new full nodes. In all other ways they are the same as nodes with closed ports. But because open-port-nodes can be measured and closed-port-nodes cannot, some members of the bitcoin community have been mistaken into believing that open-port-nodes are that matters.
Myth: This number of nodes matters and/or is too low.
Nodes with open ports are useful to the bitcoin network because they help bootstrap new nodes by uploading historical blocks, they are a measure of bandwidth capacity. Right now there is no shortage of bandwidth capacity, and if there was it could be easily added by renting cloud servers.
The problem is not bandwidth or connections, but trust, security and privacy. Let me explain.
Full nodes are able to check that all of bitcoin's rules are being followed. Rules like following the inflation schedule, no double spending, no spending of coins that don't belong to the holder of the private key and all the other rules required to make bitcoin work (e.g. difficulty)
Full nodes are what make bitcoin trustless. No longer do you have to trust a financial institution like a bank or paypal, you can simply run software on your own computer. To put simply, the only node that matters is the one you use
Myth: There is no incentive to run nodes, the network relies on altruism
It is very much in the individual bitcoin's users rational self interest to run a full node and use it as their wallet.
Using a full node as your wallet is the only way to know for sure that none of bitcoin's rules have been broken. Rules like no coins were spent not belonging to the owner, that no coins were spent twice, that no inflation happens outside of the schedule and that all the rules needed to make the system work are followed (e.g. difficulty.) All other kinds of wallet involve trusting a third party server.
All these checks done by full nodes also increase the security. There are many attacks possible against lightweight wallets that do not affect full node wallets.
This is not just mindless paranoia, there have been real world examples where full node users were unaffected by turmoil in the rest of the bitcoin ecosystem. The 4th July 2015 accidental chain fork effected many kinds of wallets. Here is the wiki page on this event https://en.bitcoin.it/wiki/July_2015_chain_forks#Wallet_Advice
Notice how updated node software was completely unaffected by the fork. All other wallets required either extra confirmations or checking that the third-party institution was running the correct version.
Full nodes wallets are also currently the most private way to use Bitcoin, with nobody else learning which bitcoin addresses belong to you. All other lightweight wallets leak information about which addresses are yours because they must query third-party servers. The Electrum servers will know which addresses belong to you and can link them together. Despite bloom filtering, lightweight wallets based on BitcoinJ do not provide much privacy against nodes who connected directly to the wallet or wiretappers.
For many use cases, such privacy may not be required. But an important reason to run a full node and use it as a wallet is to get the full privacy benefits.
Myth: I can just set up a node on a cloud server instance and leave it
To get the benefits of running a full node, you must use it as your wallet, preferably on hardware you control.
Most people who do this do not use a full node as their wallet. Unfortunately because Bitcoin has a similar name to Bittorrent, some people believe that upload capacity is the most important thing for a healthy network. As I've explained above: bandwidth and connections are not a problem today, trust, security and privacy are.
Myth: Running a full node is not recommended, most people should use a lightweight client
This was common advice in 2012, but since then the full node software has vastly improved in terms of user experience.
If you cannot spare the disk space to store the blockchain, you can enable pruning. In Bitcoin Core 0.12, pruning being enabled will leave the wallet enabled. Altogether this should require less than 900MB of hard disk space.
If you cannot spare the bandwidth to upload blocks to other nodes, there are number of options to reduce or eliminate the bandwidth requirement. These include limiting connections, bandwidth targetting and disabling listening. Bitcoin Core 0.12 has the new option -blocksonly, where the node will not download unconfirmed transaction and only download new blocks. This more than halves the bandwidth usage at the expense of not seeing unconfirmed transactions.
Synchronizing the blockchain for a new node has improved since 2012 too. Features like headers-first and libsecp256k1 have greatly improved the initial synchronization time.
It can be further improved by setting -dbcache=3000 which keeps more of the UTXO set in memory. It reduces the amount of time reading from disk and therefore speeds up synchronization. Tests showed that the entire blockchain can now be synchronized in less than 3 and a half hours (Note that you'll need Bitcoin Core 0.12 or later to get all these efficiency improvements) Another example with 2h 25m
How to run a full node as your wallet.
I think every moderate user of bitcoin would benefit by running a full node and using it as their wallet. There are several ways to do this.
So what are you waiting for? The benefits are many, the downsides are not that bad. The more people do this, the more robust and healthy the bitcoin ecosystem is.
Further reading: http://www.truthcoin.info/blog/measuring-decentralization/
submitted by belcher_ to Bitcoin [link] [comments]

Basic Bitcoin security guide

Hello,
This post is to give you a quick introduction into Bitcoin security. While nobody can guarantee you 100% security, I hope to mitigate some problems you can run into. This is the “20% of effort to get you to 80% safe”.
First of all, you have to determine how much money you want to hold in Bitcoin and how much effort are you willing to put in. If you are happy just holding a few dollars worth and don’t care if you lose them, that’s one approach to take. For everyone else, lets get started.
Password strength
A lot of the times how secure your money is will be determined by the strength of your password. Since in the worst case scenario we are talking about someone trying to brute force your wallet, casual online passwords are too weak. Under 10 characters is too weak. Common words and phrases are too weak. Adding one number to a password at the end is too weak.
Moreover, you can consider your password much weaker if you:
If you want a really strong password:
Wallet security
Now we are getting to the meat of things.
There are a number of wallets available to store your hard earned bitcoins. If you have a decent amount of coins to store, you should look into software wallets - BitcoinQT, MultiBit, Armory or Electrum. They are among the best place to store your money safely (provided your computer is secure as well). Chose one you think best suits you, install it and encrypt your wallet file with your strong password. You should take your wallet file and back it up (location of the file is different for different clients, so you have to do some research as to where to find that file). Back it up on a CD, safe USB drive or the like. Keep them safe. If you lose that file, you will lose your money.
A quick word on deterministic wallets. Electrum and Armory allow you to create wallets from a seed. If you use the same seed later, you can recreate your wallet on other machines. With deterministic wallets, you only need to keep that seed secure to have access to your money.
In comparison, in BitcoinQT's traditional wallet, every address you use is random, meaning that after you send 50-100 outgoing transactions your backups can be obsolete. Always keep an up-to-date backup of such wallet file if possible.
Okay, sometimes you need to have your Bitcoins with you when you leave your computer. In this case, you should look into either online or mobile wallets. A staple for both of those is Blockchain.info, but there are others to chose from.
A good rule of thumb with these is to not store more money in them than you can afford to lose. They are best used as a convenient way of accessing some money, not storing your savings. Online wallets are especially vulnerable to their servers getting hacked and people’s money getting stolen.
What to keep in mind while using online wallets:
  • Use a secure password (the more money you have in them the stronger the password should be)
  • Always keep a backup of your wallet in case you need to recover your money
  • Whenever possible, enable two factor authentication
  • Don’t use your online wallets from unsafe computers
Cold storage
Sometimes you want to store your bitcoins for a long time in a safe place. This is called “cold storage”. There are a few ways one can do this.
First of all, paper wallets. They are nice for giving people small bitcoin gifts, but also for long-term storage if properly used. What you want to do is generate and print them offline. You can save the linked page for example and run that offline. If you are really paranoid, you can put it on read-only media and access that from a different computer. For really long term storage, use archival-grade paper.
Another approach to take is using a separate computer for storing your money that is offline 99+% of the time. You could set one up easily by buying an old laptop, reformatting it, installing Linux and a Bitcoin client. Generate an address on that machine and send money to it from your main wallet. Depending on how paranoid you are you can connect that computer to the Internet afterwards to synchronize data with the Bitcoin Network and then turn it off and put it away somewhere safe until it’s needed.
Brain wallets
Don’t. They are not for you. Unless you are a security-conscientious programmer, those are not for you.
Diversifying
Keeping all of your eggs in one basket is never a good thing. You should look into diversifying some of your Bitcoin assets in case your other storage methods fail. Some ways you can diversify:
  • Buy a physical Bitcoin. As long as you trust the coin creator such coins can be an effective cold storage
  • Invest - I wouldn’t recommend this for more than some trivial amount unless you know what you are doing, but investing in some Bitcoin stocks could be a way to get more money out of your bitcoins
How not to diversify:
  • Avoid keeping your bitcoins at exchanges or other online sites that are not your online wallets. Such sites can be closed down or disappear along with your money.
  • Alt-coins - there are few cryptocurrencies that are worthwhile, but most of them are just Bitcoin clones. If a currency brings nothing new, it’s worthless in comparison to Bitcoin. Namecoin is a distributed domain name server (although recently it had a fatal flaw uncovered, so be warned), Ripple is a distributed currency exchange and payment system. Litecoin will only be useful in case Bitcoin’s hashing algorithm gets compromised (very unlikely at this time). Beyond that there are few if any alt-coins that are a worthwhile way of diversifying.
Accepting payments and safety
We’ve covered safe ways to store money, now a quick note about bitcoin payments and their safety.
First of all, when you are sending a transaction, pay your fees. Transactions without fees can take forever to propagate, confirm and clear. This can cause you a lot of stress, so pay your fees.
Secondly, when accepting large Bitcoin payments (say you want to suddenly cash in a gold bar into bitcoins), wait for at the very least 1 confirmation on those transactions. 6 is best, but having even 1 confirmations is a lot better than having none. This is mainly a rule of thumb for the paranoid (I wouldn’t be doing this for most casual transaction), but maybe it will save you if you are dealing with some shady people.
Wrapping up...
That should cover the basics. If you want to read more about Bitcoin’s security in general, here is my master thesis on the subject. A lot of questions about Bitcoin and security have also been answered on Bitcoin StackExchange - be sure to check it out.
Comments and improvement suggestions welcome.
EDITS:
  • Removed link to insecure site
  • Removed random article section
  • Added information about deterministic wallets
submitted by ThePiachu to Bitcoin [link] [comments]

Secure paper wallet tutorial

This is my handout for paranoid people who want a way to store bitcoin safely. It requires a little work, but this is the method I use because it should be resistant to risks associated with:
  1. Bad random number generators
  2. Malicious or flawed software
  3. Hacked computers
If you want a method that is less secure but easier, skip to the bottom of this post.
The Secure Method
  1. Download bitaddress.org. (Try going to the website and pressing "ctrl+s")
  2. Put the bitaddress.org file on a computer with an operating system that has not interacted with the internet much or at all. The computer should not be hooked up to the internet when you do this. You could put the bitaddress file on a USB stick, and then turn off your computer, unplug the internet, and boot it up using a boot-from-CD copy of linux (Ubuntu or Mint for example). This prevents any mal-ware you may have accumulated from running and capturing your keystrokes. I use an old android smart phone that I have done a factory reset on. It has no sim-card and does not have the password to my home wifi. Also the phone wifi is turned off. If you are using a fresh operating system, and do not have a connection to the internet, then your private key will probably not escape the computer.
  3. Roll a die 62 times and write down the sequence of numbers. This gives you 2160 possible outcomes, which is the maximum that Bitcoin supports.
  4. Run bitaddress.org from your offline computer. Input the sequence of numbers from the die rolls into the "Brain Wallet" tab. By providing your own source of randomness, you do not have to worry that the random number generator used by your computer is too weak. I'm looking at you, NSA ಠ_ಠ
  5. Brain Wallet tab creates a private key and address.
  6. Write down the address and private key by hand or print them on a dumb printer. (Dumb printer means not the one at your office with the hard drive. Maybe not the 4 in 1 printer that scans and faxes and makes waffles.) If you hand copy them you may want to hand copy more than one format. (WIF and HEX). If you are crazy and are storing your life savings in Bitcoin, and you hand copy the private key, do a double-check by typing the private key back into the tool on the "Wallet Details" tab and confirm that it recreates the same public address.
  7. Load your paper wallet by sending your bitcoin to the public address. You can do this as many times as you like.
  8. You can view the current balance of your paper wallet by typing the public address into the search box at blockchain.info
  9. If you are using an old cell phone or tablet do a factory reset when you are finished so that the memory of the private keys is destroyed. If you are using a computer with a boot-from-CD copy of linux, I think you can just power down the computer and the private keys will be gone. (Maybe someone can confirm for me that the private keys would not be able to be cached by bitaddress?)
  10. To spend your paper wallet, you will need to either create an offline transaction, or import the private key into a hot wallet. Creating an offline transaction is dangerous if you don't know what you are doing. Importing to a client side wallet like Bitcoin-Qt, Electrum, MultiBit or Armory is a good idea. You can also import to an online wallet such as Blockchain.info or Coinbase.
Trusting bitaddress.org
The only thing you need bitaddress.org to do is to honestly convert the brainwallet passphrase into the corresponding private key and address. You can verify that it is doing this honestly by running several test passphrases through the copy of bitaddress that you plan on using, and several other brainwallet generators. For example, you could use the online version of bitaddress, and brainwallet and safepaperwallet and bitcoinpaperwallet. If you are fancy with the linux command line, you can also try "echo -n my_die_rolls | sha256sum". The linux operating system should reply with the same private key that bitaddress makes. This protects you from a malicious paper wallet generator.
Trusting your copy of bitaddress.org
Bitaddress publishes the sha1 hash of the bitaddress.org website at this location:
https://www.bitaddress.org/pgpsignedmsg.txt
The message is signed by the creator, pointbiz. I found his PGP fingerprint here:
https://github.com/pointbiz/bitaddress.org/issues/18
"527B 5C82 B1F6 B2DB 72A0 ECBF 8749 7B91 6397 4F5A"
With this fingerprint, you can authenticate the signed message, which gives you the hash of the current bitaddress.org file. Then you can hash your copy of the file and authenticate the file.
I do not have a way to authenticate the fingerprint itself, sorry. According to the website I linked to, git has cryptographic traceability that would enable a person to do some research and authenticate the fingerprint. If you want to go that far, knock yourself out. I think that the techniques described in this document do not really rely on bitaddress being un-corrupt. Anyway, how do we know pointbiz is a good guy? ;-)
There are a lot of skilled eyes watching bitaddress.org and the signed sha1 hash. To gain the most benefit from all of those eyes, it's probably worthwhile to check your copy by hashing it and comparing to the published hash.
"But we aren't supposed to use brainwallets"
You are not supposed to use brainwallets that have predictable passphrases. People think they are pretty clever about how they pick their passphrases, but a lot of bitcoins have been stolen because people tend to come up with similar ideas. If you let dice generate the passphrase, then it is totally random, and you just need to make sure to roll enough times.
How to avoid spending your life rolling dice
When I first started doing this, I rolled a die 62 times for each private key. This is not necessary. You can simply roll the die 62 times and keep the sequence of 62 numbers as a "seed". The first paper address you create would use "my die rolls-1" as the passphrase, the second would be "my die rolls-2" and so on. This is safe because SHA256 prevents any computable relationship between the resulting private key family.
Of course this has a certain bad security scenario -- if anyone obtains the seed they can reconstruct all of your paper wallets. So this is not for everyone! On the other hand, it also means that if you happen to lose one of your paper wallets, you could reconstruct it so long as you still had the seed.
One way to reduce this risk is to add an easy to remember password like this: "my die rolls-password-1".
If you prefer, you can use a technique called diceware to convert your die rolls to words that still contain the same quantity of entropy, but which could be easier to work with. I don't use diceware because it's another piece of software that I have to trust, and I'm just copy/pasting my high entropy seed, so I don't care about how ugly it is.
Why not input the dice as a Base 6 private key on the Wallet Details tab?
Two reasons. First of all, this option requires that you roll the die 99 times, but you do not get meaningful additional protection by rolling more than 62 times. Why roll more times if you don't have to? Second, I use the "high entropy seed" method to generate multiple private keys from the same die rolls. Using the Base 6 option would require rolling 99 times for every private key.
I'm a big nerd with exotic dice. How many times to roll?
Put this formula in Excel to get the number of times to roll: "=160*LOG(2,f)" where f = number of faces on the die. For example, you would roll a d16 40 times. By the way, somewhat unbelievably casino dice are more fair than ordinary dice
The "Change address" problem:
You should understand change addresses because some people have accidentally lost money by not understanding it.
Imagine your paper wallet is a 10 dollar bill. You use it to buy a candy bar. To do this you give the cashier the entire 10 dollar bill. They keep 1 dollar and give you 9 dollars back as change.
With Bitcoin, you have to explicitly say that you want 9 dollars back, and you have to provide an address where it should go to. If you just hand over the 10 dollar bill, and don't say you want 9 dollars back, then the miner who processes the transaction gives 1 dollar to the store and keeps the remainder themselves.
Wallet software like Bitcoin-Qt handles this automatically for you. They automatically make "change addresses" and they automatically construct transactions that make the change go to the change address.
There are three ways I know of that the change problem can bite you:
  1. You generate a raw transaction by hand, and screw up. If you are generating a transaction "by hand" with a raw transaction editor, you need to be extra careful that your outputs add up to the same number as your inputs. Otherwise, the very lucky miner who puts your transaction in a block will keep the difference.
  2. You import a paper wallet into a wallet software and spend part of it, and then think that the change is in the paper wallet. The change is not in the paper wallet. It is in a change address that the wallet software generated. That means that if you lose your wallet.dat file you will lose all the change. The paper wallet is empty.
  3. You import a paper wallet into a wallet software and spend part of it, and then think that the change is in the change address that the wallet software generated. If the transaction did not need to consume all of the "outputs" used to fund the paper wallet, then there could be some unspent outputs still located at the address of the paper wallet. If you destroyed the paper wallet, and destroyed the copy of the private key imported to the wallet software, then you could not access this money. (E.g. if you restored the software wallet from its seed, thinking all of the money was moved to the wallet-generated change addresses.)
For more on this, see here
The hot paper wallet problem
Your bitcoin in your paper wallet are secure, so long as the piece of paper is secure, until you go to spend it. When you spend it, you put the private key onto a computer that is connected to the internet. At this point you must regard your paper wallet address as hot because the computer you used may have been compromised. It now provides much less protection against theft of your coins. If you need the level of protection that a cold paper wallet provides, you need to create a new one and send your coins to it.
Destroying your paper wallet address
Do not destroy the only copy of a private key without verifying that there is no money at that address. Your client may have sent change to your paper wallet address without you realizing it. Your client may have not consumed all of the unspent outputs available at the paper wallet address. You can go to blockchain.info and type the public address into the search window to see the current balance. I don't bother destroying my used/empty paper wallet addresses. I just file them away.
Encrypting your private key
BIP 0038 describes a standardized way to encrypt your paper wallet private key. A normal paper wallet is vulnerable because if anyone sees the private key they can take the coins. The BIP38 protocol is even resistant to brute force attacks because it uses a memory intensive encryption algorithm called scrypt. If you want to encrypt your wallets using BIP38, I recommend that you use bitcoinpaperwallet because they will let you type in your own private key and will encrypt it for you. As with bitaddress, for high security you should only use a local copy of this website on a computer that will never get connected to the internet.
Splitting your private key
Another option for protecting the private key is to convert it into multiple fragments that must be brought together. This method allows you to store pieces of your key with separate people in separate locations. It can be set up so that you can reconstitute the private key when you have any 2 out of the 3 fragments. This technique is called Shamir's Secret Sharing. I have not tried this technique, but you may find it valuable. You could try using this website http://passguardian.com/ which will help you split up a key. As before, you should do this on an offline computer. Keep in mind if you use this service that you are trusting it to work properly. It would be good to find other independently created tools that could be used to validate the operation of passguardian. Personally, I would be nervous destroying the only copy of a private key and relying entirely on the fragments generated by the website.
Looks like Bitaddress has an implementation of Shamir's Secret Sharing now under the "Split Wallet" tab. However it would appear that you cannot provide your own key for this, so you would have to trust bitaddress.
Durable Media
Pay attention to the media you use to record your paper wallet. Some kinds of ink fade, some kinds of paper disintegrate. Moisture and heat are your enemies.
In addition to keeping copies of my paper wallet addresses I did the following:
  1. Order a set of numeric metal stamps. ($10)
  2. Buy a square galvanized steel outlet cover from the hardware store ($1)
  3. Buy a sledgehammer from the hardware store
  4. Write the die rolls on the steel plate using a sharpie
  5. Use the hammer to stamp the metal. Do all the 1's, then all the 2's etc. Please use eye protection, as metal stamp may emit sparks or fly unexpectedly across the garage. :-)
  6. Use nail polish remover to erase the sharpie
Electrum
If you trust electrum you might try running it on an offline computer, and having it generate a series of private keys from a seed. I don't have experience with this software, but it sounds like there are some slick possibilities there that could save you time if you are working with a lot of addresses.
Message to the downvoters
I would appreciate it if you would comment, so that I can learn from your opinion. Thanks!
The Easy Method
This method is probably suitable for small quantities of bitcoin. I would not trust it for life-altering sums of money.
  1. Download the bitaddress.org website to your hard drive.
  2. Close your browser
  3. Disconnect from the internet
  4. Open the bitaddress.org website from your hard drive.
  5. Print a paper wallet on your printer
  6. Close your browser
submitted by moral_agent to BitcoinWallet [link] [comments]

Is anyone else freaked out by this whole blocksize debate? Does anyone else find themself often agreeing with *both* sides - depending on whichever argument you happen to be reading at the moment? And do we need some better algorithms and data structures?

Why do both sides of the debate seem “right” to me?
I know, I know, a healthy debate is healthy and all - and maybe I'm just not used to the tumult and jostling which would be inevitable in a real live open major debate about something as vital as Bitcoin.
And I really do agree with the starry-eyed idealists who say Bitcoin is vital. Imperfect as it may be, it certainly does seem to represent the first real chance we've had in the past few hundred years to try to steer our civilization and our planet away from the dead-ends and disasters which our government-issued debt-based currencies keep dragging us into.
But this particular debate, about the blocksize, doesn't seem to be getting resolved at all.
Pretty much every time I read one of the long-form major arguments contributed by Bitcoin "thinkers" who I've come to respect over the past few years, this weird thing happens: I usually end up finding myself nodding my head and agreeing with whatever particular piece I'm reading!
But that should be impossible - because a lot of these people vehemently disagree!
So how can both sides sound so convincing to me, simply depending on whichever piece I currently happen to be reading?
Does anyone else feel this way? Or am I just a gullible idiot?
Just Do It?
When you first look at it or hear about it, increasing the size seems almost like a no-brainer: The "big-block" supporters say just increase the blocksize to 20 MB or 8 MB, or do some kind of scheduled or calculated regular increment which tries to take into account the capabilities of the infrastructure and the needs of the users. We do have the bandwidth and the memory to at least increase the blocksize now, they say - and we're probably gonna continue to have more bandwidth and memory in order to be able to keep increasing the blocksize for another couple decades - pretty much like everything else computer-based we've seen over the years (some of this stuff is called by names such as "Moore's Law").
On the other hand, whenever the "small-block" supporters warn about the utter catastrophe that a failed hard-fork would mean, I get totally freaked by their possible doomsday scenarios, which seem totally plausible and terrifying - so I end up feeling that the only way I'd want to go with a hard-fork would be if there was some pre-agreed "triggering" mechanism where the fork itself would only actually "switch on" and take effect provided that some "supermajority" of the network (of who? the miners? the full nodes?) had signaled (presumably via some kind of totally reliable p2p trustless software-based voting system?) that they do indeed "pre-agree" to actually adopt the pre-scheduled fork (and thereby avoid any possibility whatsoever of the precious blockchain somehow tragically splitting into two and pretty much killing this cryptocurrency off in its infancy).
So in this "conservative" scenario, I'm talking about wanting at least 95% pre-adoption agreement - not the mere 75% which I recall some proposals call for, which seems like it could easily lead to a 75/25 blockchain split.
But this time, with this long drawn-out blocksize debate, the core devs, and several other important voices who have become prominent opinion shapers over the past few years, can't seem to come to any real agreement on this.
Weird split among the devs
As far as I can see, there's this weird split: Gavin and Mike seem to be the only people among the devs who really want a major blocksize increase - and all the other devs seem to be vehemently against them.
But then on the other hand, the users seem to be overwhelmingly in favor of a major increase.
And there are meta-questions about governance, about about why this didn't come out as a BIP, and what the availability of Bitcoin XT means.
And today or yesterday there was this really cool big-blockian exponential graph based on doubling the blocksize every two years for twenty years, reminding us of the pure mathematical fact that 210 is indeed about 1000 - but not really addressing any of the game-theoretic points raised by the small-blockians. So a lot of the users seem to like it, but when so few devs say anything positive about it, I worry: is this just yet more exponential chart porn?
On the one hand, Gavin's and Mike's blocksize increase proposal initially seemed like a no-brainer to me.
And on the other hand, all the other devs seem to be against them. Which is weird - not what I'd initially expected at all (but maybe I'm just a fool who's seduced by exponential chart porn?).
Look, I don't mean to be rude to any of the core devs, and I don't want to come off like someone wearing a tinfoil hat - but it has to cross people's minds that the powers that be (the Fed and the other central banks and the governments that use their debt-issued money to run this world into a ditch) could very well be much more scared shitless than they're letting on. If we assume that the powers that be are using their usual playbook and tactics, then it could be worth looking at the book "Confessions of an Economic Hitman" by John Perkins, to get an idea of how they might try to attack Bitcoin. So, what I'm saying is, they do have a track record of sending in "experts" to try to derail projects and keep everyone enslaved to the Creature from Jekyll Island. I'm just saying. So, without getting ad hominem - let's just make sure that our ideas can really stand scrutiny on their own - as Nick Szabo says, we need to make sure there is "more computer science, less noise" in this debate.
When Gavin Andresen first came out with the 20 MB thing - I sat back and tried to imagine if I could download 20 MB in 10 minutes (which seems to be one of the basic mathematical and technological constraints here - right?)
I figured, "Yeah, I could download that" - even with my crappy internet connection.
And I guess the telecoms might be nice enough to continue to double our bandwidth every two years for the next couple decades – if we ask them politely?
On the other hand - I think we should be careful about entrusting the financial freedom of the world into the greedy hands of the telecoms companies - given all their shady shenanigans over the past few years in many countries. After decades of the MPAA and the FBI trying to chip away at BitTorrent, lately PirateBay has been hard to access. I would say it's quite likely that certain persons at institutions like JPMorgan and Goldman Sachs and the Fed might be very, very motivated to see Bitcoin fail - so we shouldn't be too sure about scaling plans which depend on the willingness of companies Verizon and AT&T to double our bandwith every two years.
Maybe the real important hardware buildout challenge for a company like 21 (and its allies such as Qualcomm) to take on now would not be "a miner in every toaster" but rather "Google Fiber Download and Upload Speeds in every Country, including China".
I think I've read all the major stuff on the blocksize debate from Gavin Andresen, Mike Hearn, Greg Maxwell, Peter Todd, Adam Back, and Jeff Garzick and several other major contributors - and, oddly enough, all their arguments seem reasonable - heck even Luke-Jr seems reasonable to me on the blocksize debate, and I always thought he was a whackjob overly influenced by superstition and numerology - and now today I'm reading the article by Bram Cohen - the inventor of BitTorrent - and I find myself agreeing with him too!
I say to myself: What's going on with me? How can I possibly agree with all of these guys, if they all have such vehemently opposing viewpoints?
I mean, think back to the glory days of a couple of years ago, when all we were hearing was how this amazing unprecedented grassroots innovation called Bitcoin was going to benefit everyone from all walks of life, all around the world:
...basically the entire human race transacting everything into the blockchain.
(Although let me say that I think that people's focus on ideas like driverless cabs creating realtime fare markets based on supply and demand seems to be setting our sights a bit low as far as Bitcoin's abilities to correct the financial world's capital-misallocation problems which seem to have been made possible by infinite debt-based fiat. I would have hoped that a Bitcoin-based economy would solve much more noble, much more urgent capital-allocation problems than driverless taxicabs creating fare markets or refrigerators ordering milk on the internet of things. I was thinking more along the lines that Bitcoin would finally strangle dead-end debt-based deadly-toxic energy industries like fossil fuels and let profitable clean energy industries like Thorium LFTRs take over - but that's another topic. :=)
Paradoxes in the blocksize debate
Let me summarize the major paradoxes I see here:
(1) Regarding the people (the majority of the core devs) who are against a blocksize increase: Well, the small-blocks arguments do seem kinda weird, and certainly not very "populist", in the sense that: When on earth have end-users ever heard of a computer technology whose capacity didn't grow pretty much exponentially year-on-year? All the cool new technology we've had - from hard drives to RAM to bandwidth - started out pathetically tiny and grew to unimaginably huge over the past few decades - and all our software has in turn gotten massively powerful and big and complex (sometimes bloated) to take advantage of the enormous new capacity available.
But now suddenly, for the first time in the history of technology, we seem to have a majority of the devs, on a major p2p project - saying: "Let's not scale the system up. It could be dangerous. It might break the whole system (if the hard-fork fails)."
I don't know, maybe I'm missing something here, maybe someone else could enlighten me, but I don't think I've ever seen this sort of thing happen in the last few decades of the history of technology - devs arguing against scaling up p2p technology to take advantage of expected growth in infrastructure capacity.
(2) But... on the other hand... the dire warnings of the small-blockians about what could happen if a hard-fork were to fail - wow, they do seem really dire! And these guys are pretty much all heavyweight, experienced programmers and/or game theorists and/or p2p open-source project managers.
I must say, that nearly all of the long-form arguments I've read - as well as many, many of the shorter comments I've read from many users in the threads, whose names I at least have come to more-or-less recognize over the past few months and years on reddit and bitcointalk - have been amazingly impressive in their ability to analyze all aspects of the lifecycle and management of open-source software projects, bringing up lots of serious points which I could never have come up with, and which seem to come from long experience with programming and project management - as well as dealing with economics and human nature (eg, greed - the game-theory stuff).
So a lot of really smart and experienced people with major expertise in various areas ranging from programming to management to game theory to politics to economics have been making some serious, mature, compelling arguments.
But, as I've been saying, the only problem to me is: in many of these cases, these arguments are vehemently in opposition to each other! So I find myself agreeing with pretty much all of them, one by one - which means the end result is just a giant contradiction.
I mean, today we have Bram Cohen, the inventor of BitTorrent, arguing (quite cogently and convincingly to me), that it would be dangerous to increase the blocksize. And this seems to be a guy who would know a few things about scaling out a massive global p2p network - since the protocol which he invented, BitTorrent, is now apparently responsible for like a third of the traffic on the internet (and this despite the long-term concerted efforts of major evil players such as the MPAA and the FBI to shut the whole thing down).
Was the BitTorrent analogy too "glib"?
By the way - I would like to go on a slight tangent here and say that one of the main reasons why I felt so "comfortable" jumping on the Bitcoin train back a few years ago, when I first heard about it and got into it, was the whole rough analogy I saw with BitTorrent.
I remembered the perhaps paradoxical fact that when a torrent is more popular (eg, a major movie release that just came out last week), then it actually becomes faster to download. More people want it, so more people have a few pieces of it, so more people are able to get it from each other. A kind of self-correcting economic feedback loop, where more demand directly leads to more supply.
(BitTorrent manages to pull this off by essentially adding a certain structure to the file being shared, so that it's not simply like an append-only list of 1 MB blocks, but rather more like an random-access or indexed array of 1 MB chunks. Say you're downloading a film which is 700 MB. As soon as your "client" program has downloaded a single 1-MB chunk - say chunk #99 - your "client" program instantly turns into a "server" program as well - offering that chunk #99 to other clients. From my simplistic understanding, I believe the Bitcoin protocol does something similar, to provide a p2p architecture. Hence my - perhaps naïve - assumption that Bitcoin already had the right algorithms / architecture / data structure to scale.)
The efficiency of the BitTorrent network seemed to jive with that "network law" (Metcalfe's Law?) about fax machines. This law states that the more fax machines there are, the more valuable the network of fax machines becomes. Or the value of the network grows on the order of the square of the number of nodes.
This is in contrast with other technology like cars, where the more you have, the worse things get. The more cars there are, the more traffic jams you have, so things start going downhill. I guess this is because highway space is limited - after all, we can't pave over the entire countryside, and we never did get those flying cars we were promised, as David Graeber laments in a recent essay in The Baffler magazine :-)
And regarding the "stress test" supposedly happening right now in the middle of this ongoing blocksize debate, I don't know what worries me more: the fact that it apparently is taking only $5,000 to do a simple kind of DoS on the blockchain - or the fact that there are a few rumors swirling around saying that the unknown company doing the stress test shares the same physical mailing address with a "scam" company?
Or maybe we should just be worried that so much of this debate is happening on a handful of forums which are controlled by some guy named theymos who's already engaged in some pretty "contentious" or "controversial" behavior like blowing a million dollars on writing forum software (I guess he never heard that reddit.com software is open-source)?
So I worry that the great promise of "decentralization" might be more fragile than we originally thought.
Scaling
Anyways, back to Metcalfe's Law: with virtual stuff, like torrents and fax machines, the more the merrier. The more people downloading a given movie, the faster it arrives - and the more people own fax machines, the more valuable the overall fax network.
So I kindof (naïvely?) assumed that Bitcoin, being "virtual" and p2p, would somehow scale up the same magical way BitTorrrent did. I just figured that more people using it would somehow automatically make it stronger and faster.
But now a lot of devs have started talking in terms of the old "scarcity" paradigm, talking about blockspace being a "scarce resource" and talking about "fee markets" - which seems kinda scary, and antithetical to much of the earlier rhetoric we heard about Bitcoin (the stuff about supporting our favorite creators with micropayments, and the stuff about Africans using SMS to send around payments).
Look, when some asshole is in line in front of you at the cash register and he's holding up the line so they can run his credit card to buy a bag of Cheeto's, we tend to get pissed off at the guy - clogging up our expensive global electronic payment infrastructure to make a two-dollar purchase. And that's on a fairly efficient centralized system - and presumably after a year or so, VISA and the guy's bank can delete or compress the transaction in their SQL databases.
Now, correct me if I'm wrong, but if some guy buys a coffee on the blockchain, or if somebody pays an online artist $1.99 for their work - then that transaction, a few bytes or so, has to live on the blockchain forever?
Or is there some "pruning" thing that gets rid of it after a while?
And this could lead to another question: Viewed from the perspective of double-entry bookkeeping, is the blockchain "world-wide ledger" more like the "balance sheet" part of accounting, i.e. a snapshot showing current assets and liabilities? Or is it more like the "cash flow" part of accounting, i.e. a journal showing historical revenues and expenses?
When I think of thousands of machines around the globe having to lug around multiple identical copies of a multi-gigabyte file containing some asshole's coffee purchase forever and ever... I feel like I'm ideologically drifting in one direction (where I'd end up also being against really cool stuff like online micropayments and Africans banking via SMS)... so I don't want to go there.
But on the other hand, when really experienced and battle-tested veterans with major experience in the world of open-souce programming and project management (the "small-blockians") warn of the catastrophic consequences of a possible failed hard-fork, I get freaked out and I wonder if Bitcoin really was destined to be a settlement layer for big transactions.
Could the original programmer(s) possibly weigh in?
And I don't mean to appeal to authority - but heck, where the hell is Satoshi Nakamoto in all this? I do understand that he/she/they would want to maintain absolute anonymity - but on the other hand, I assume SN wants Bitcoin to succeed (both for the future of humanity - or at least for all the bitcoins SN allegedly holds :-) - and I understand there is a way that SN can cryptographically sign a message - and I understand that as the original developer of Bitcoin, SN had some very specific opinions about the blocksize... So I'm kinda wondering of Satoshi could weigh in from time to time. Just to help out a bit. I'm not saying "Show us a sign" like a deity or something - but damn it sure would be fascinating and possibly very helpful if Satoshi gave us his/hetheir 2 satoshis worth at this really confusing juncture.
Are we using our capacity wisely?
I'm not a programming or game-theory whiz, I'm just a casual user who has tried to keep up with technology over the years.
It just seems weird to me that here we have this massive supercomputer (500 times more powerful than the all the supercomputers in the world combined) doing fairly straightforward "embarassingly parallel" number-crunching operations to secure a p2p world-wide ledger called the blockchain to keep track of a measly 2.1 quadrillion tokens spread out among a few billion addresses - and a couple of years ago you had people like Rick Falkvinge saying the blockchain would someday be supporting multi-million-dollar letters of credit for international trade and you had people like Andreas Antonopoulos saying the blockchain would someday allow billions of "unbanked" people to send remittances around the village or around the world dirt-cheap - and now suddenly in June 2015 we're talking about blockspace as a "scarce resource" and talking about "fee markets" and partially centralized, corporate-sponsored "Level 2" vaporware like Lightning Network and some mysterious company is "stess testing" or "DoS-ing" the system by throwing away a measly $5,000 and suddenly it sounds like the whole system could eventually head right back into PayPal and Western Union territory again, in terms of expensive fees.
When I got into Bitcoin, I really was heavily influenced by vague analogies with BitTorrent: I figured everyone would just have tiny little like utorrent-type program running on their machine (ie, Bitcoin-QT or Armory or Mycelium etc.).
I figured that just like anyone can host a their own blog or webserver, anyone would be able to host their own bank.
Yeah, Google and and Mozilla and Twitter and Facebook and WhatsApp did come along and build stuff on top of TCP/IP, so I did expect a bunch of companies to build layers on top of the Bitcoin protocol as well. But I still figured the basic unit of bitcoin client software powering the overall system would be small and personal and affordable and p2p - like a bittorrent client - or at the most, like a cheap server hosting a blog or email server.
And I figured there would be a way at the software level, at the architecture level, at the algorithmic level, at the data structure level - to let the thing scale - if not infinitely, at least fairly massively and gracefully - the same way the BitTorrent network has.
Of course, I do also understand that with BitTorrent, you're sharing a read-only object (eg, a movie) - whereas with Bitcoin, you're achieving distributed trustless consensus and appending it to a write-only (or append-only) database.
So I do understand that the problem which BitTorrent solves is much simpler than the problem which Bitcoin sets out to solve.
But still, it seems that there's got to be a way to make this thing scale. It's p2p and it's got 500 times more computing power than all the supercomputers in the world combined - and so many brilliant and motivated and inspired people want this thing to succeed! And Bitcoin could be our civilization's last chance to steer away from the oncoming debt-based ditch of disaster we seem to be driving into!
It just seems that Bitcoin has got to be able to scale somehow - and all these smart people working together should be able to come up with a solution which pretty much everyone can agree - in advance - will work.
Right? Right?
A (probably irrelevant) tangent on algorithms and architecture and data structures
I'll finally weigh with my personal perspective - although I might be biased due to my background (which is more on the theoretical side of computer science).
My own modest - or perhaps radical - suggestion would be to ask whether we're really looking at all the best possible algorithms and architectures and data structures out there.
From this perspective, I sometimes worry that the overwhelming majority of the great minds working on the programming and game-theory stuff might come from a rather specific, shall we say "von Neumann" or "procedural" or "imperative" school of programming (ie, C and Python and Java programmers).
It seems strange to me that such a cutting-edge and important computer project would have so little participation from the great minds at the other end of the spectrum of programming paradigms - namely, the "functional" and "declarative" and "algebraic" (and co-algebraic!) worlds.
For example, I was struck in particular by statements I've seen here and there (which seemed rather hubristic or lackadaisical to me - for something as important as Bitcoin), that the specification of Bitcoin and the blockchain doesn't really exist in any form other than the reference implementation(s) (in procedural languages such as C or Python?).
Curry-Howard anyone?
I mean, many computer scientists are aware of the Curry-Howard isomorophism, which basically says that the relationship between a theorem and its proof is equivalent to the relationship between a specification and its implementation. In other words, there is a long tradition in mathematics (and in computer programming) of:
And it's not exactly "turtles all the way down" either: a specification is generally simple and compact enough that a good programmer can usually simply visually inspect it to determine if it is indeed "correct" - something which is very difficult, if not impossible, to do with a program written in a procedural, implementation-oriented language such as C or Python or Java.
So I worry that we've got this tradition, from the open-source github C/Java programming tradition, of never actually writing our "specification", and only writing the "implementation". In mission-critical military-grade programming projects (which often use languages like Ada or Maude) this is simply not allowed. It would seem that a project as mission-critical as Bitcoin - which could literally be crucial for humanity's continued survival - should also use this kind of military-grade software development approach.
And I'm not saying rewrite the implementations in these kind of theoretical languages. But it might be helpful if the C/Python/Java programmers in the Bitcoin imperative programming world could build some bridges to the Maude/Haskell/ML programmers of the functional and algebraic programming worlds to see if any kind of useful cross-pollination might take place - between specifications and implementations.
For example, the JavaFAN formal analyzer for multi-threaded Java programs (developed using tools based on the Maude language) was applied to the Remote Agent AI program aboard NASA's Deep Space 1 shuttle, written in Java - and it took only a few minutes using formal mathematical reasoning to detect a potential deadlock which would have occurred years later during the space mission when the damn spacecraft was already way out around Pluto.
And "the Maude-NRL (Naval Research Laboratory) Protocol Analyzer (Maude-NPA) is a tool used to provide security proofs of cryptographic protocols and to search for protocol flaws and cryptosystem attacks."
These are open-source formal reasoning tools developed by DARPA and used by NASA and the US Navy to ensure that program implementations satisfy their specifications. It would be great if some of the people involved in these kinds of projects could contribute to help ensure the security and scalability of Bitcoin.
But there is a wide abyss between the kinds of programmers who use languages like Maude and the kinds of programmers who use languages like C/Python/Java - and it can be really hard to get the two worlds to meet. There is a bit of rapprochement between these language communities in languages which might be considered as being somewhere in the middle, such as Haskell and ML. I just worry that Bitcoin might be turning into being an exclusively C/Python/Java project (with the algorithms and practitioners traditionally of that community), when it could be more advantageous if it also had some people from the functional and algebraic-specification and program-verification community involved as well. The thing is, though: the theoretical practitioners are big on "semantics" - I've heard them say stuff like "Yes but a C / C++ program has no easily identifiable semantics". So to get them involved, you really have to first be able to talk about what your program does (specification) - before proceeding to describe how it does it (implementation). And writing high-level specifications is typically very hard using the syntax and semantics of languages like C and Java and Python - whereas specs are fairly easy to write in Maude - and not only that, they're executable, and you state and verify properties about them - which provides for the kind of debate Nick Szabo was advocating ("more computer science, less noise").
Imagine if we had an executable algebraic specification of Bitcoin in Maude, where we could formally reason about and verify certain crucial game-theoretical properties - rather than merely hand-waving and arguing and deploying and praying.
And so in the theoretical programming community you've got major research on various logics such as Girard's Linear Logic (which is resource-conscious) and Bruni and Montanari's Tile Logic (which enables "pasting" bigger systems together from smaller ones in space and time), and executable algebraic specification languages such as Meseguer's Maude (which would be perfect for game theory modeling, with its functional modules for specifying the deterministic parts of systems and its system modules for specifiying non-deterministic parts of systems, and its parameterized skeletons for sketching out the typical architectures of mobile systems, and its formal reasoning and verification tools and libraries which have been specifically applied to testing and breaking - and fixing - cryptographic protocols).
And somewhat closer to the practical hands-on world, you've got stuff like Google's MapReduce and lots of Big Data database languages developed by Google as well. And yet here we are with a mempool growing dangerously big for RAM on a single machine, and a 20-GB append-only list as our database - and not much debate on practical results from Google's Big Data databases.
(And by the way: maybe I'm totally ignorant for asking this, but I'll ask anyways: why the hell does the mempool have to stay in RAM? Couldn't it work just as well if it were stored temporarily on the hard drive?)
And you've got CalvinDB out of Yale which apparently provides an ACID layer on top of a massively distributed database.
Look, I'm just an armchair follower cheering on these projects. I can barely manage to write a query in SQL, or read through a C or Python or Java program. But I would argue two points here: (1) these languages may be too low-level and "non-formal" for writing and modeling and formally reasoning about and proving properties of mission-critical specifications - and (2) there seem to be some Big Data tools already deployed by institutions such as Google and Yale which support global petabyte-size databases on commodity boxes with nice properties such as near-real-time and ACID - and I sometimes worry that the "core devs" might be failing to review the literature (and reach out to fellow programmers) out there to see if there might be some formal program-verification and practical Big Data tools out there which could be applied to coming up with rock-solid, 100% consensus proposals to handle an issue such as blocksize scaling, which seems to have become much more intractable than many people might have expected.
I mean, the protocol solved the hard stuff: the elliptical-curve stuff and the Byzantine General stuff. How the heck can we be falling down on the comparatively "easier" stuff - like scaling the blocksize?
It just seems like defeatism to say "Well, the blockchain is already 20-30 GB and it's gonna be 20-30 TB ten years from now - and we need 10 Mbs bandwidth now and 10,000 Mbs bandwidth 20 years from - assuming the evil Verizon and AT&T actually give us that - so let's just become a settlement platform and give up on buying coffee or banking the unbanked or doing micropayments, and let's push all that stuff into some corporate-controlled vaporware without even a whitepaper yet."
So you've got Peter Todd doing some possibly brilliant theorizing and extrapolating on the idea of "treechains" - there is a Let's Talk Bitcoin podcast from about a year ago where he sketches the rough outlines of this idea out in a very inspiring, high-level way - although the specifics have yet to be hammered out. And we've got Blockstream also doing some hopeful hand-waving about the Lightning Network.
Things like Peter Todd's treechains - which may be similar to the spark in some devs' eyes called Lightning Network - are examples of the kind of algorithm or architecture which might manage to harness the massive computing power of miners and nodes in such a way that certain kinds of massive and graceful scaling become possible.
It just seems like a kindof tiny dev community working on this stuff.
Being a C or Python or Java programmer should not be a pre-req to being able to help contribute to the specification (and formal reasoning and program verification) for Bitcoin and the blockchain.
XML and UML are crap modeling and specification languages, and C and Java and Python are even worse (as specification languages - although as implementation languages, they are of course fine).
But there are serious modeling and specification languages out there, and they could be very helpful at times like this - where what we're dealing with is questions of modeling and specification (ie, "needs and requirements").
One just doesn't often see the practical, hands-on world of open-source github implementation-level programmers and the academic, theoretical world of specification-level programmers meeting very often. I wish there were some way to get these two worlds to collaborate on Bitcoin.
Maybe a good first step to reach out to the theoretical people would be to provide a modular executable algebraic specification of the Bitcoin protocol in a recognized, military/NASA-grade specification language such as Maude - because that's something the theoretical community can actually wrap their heads around, whereas it's very hard to get them to pay attention to something written only as a C / Python / Java implementation (without an accompanying specification in a formal language).
They can't check whether the program does what it's supposed to do - if you don't provide a formal mathematical definition of what the program is supposed to do.
Specification : Implementation :: Theorem : Proof
You have to remember: the theoretical community is very aware of the Curry-Howard isomorphism. Just like it would be hard to get a mathematician's attention by merely showing them a proof without telling also telling them what theorem the proof is proving - by the same token, it's hard to get the attention of a theoretical computer scientist by merely showing them an implementation without showing them the specification that it implements.
Bitcoin is currently confronted with a mathematical or "computer science" problem: how to secure the network while getting high enough transactional throughput, while staying within the limited RAM, bandwidth and hard drive space limitations of current and future infrastructure.
The problem only becomes a political and economic problem if we give up on trying to solve it as a mathematical and "theoretical computer science" problem.
There should be a plethora of whitepapers out now proposing algorithmic solutions to these scaling issues. Remember, all we have to do is apply the Byzantine General consensus-reaching procedure to a worldwide database which shuffles 2.1 quadrillion tokens among a few billion addresses. The 21 company has emphatically pointed out that racing to compute a hash to add a block is an "embarrassingly parallel" problem - very easy to decompose among cheap, fault-prone, commodity boxes, and recompose into an overall solution - along the lines of Google's highly successful MapReduce.
I guess what I'm really saying is (and I don't mean to be rude here), is that C and Python and Java programmers might not be the best qualified people to develop and formally prove the correctness of (note I do not say: "test", I say "formally prove the correctness of") these kinds of algorithms.
I really believe in the importance of getting the algorithms and architectures right - look at Google Search itself, it uses some pretty brilliant algorithms and architectures (eg, MapReduce, Paxos) which enable it to achieve amazing performance - on pretty crappy commodity hardware. And look at BitTorrent, which is truly p2p, where more demand leads to more supply.
So, in this vein, I will close this lengthy rant with an oddly specific link - which may or may not be able to make some interesting contributions to finding suitable algorithms, architectures and data structures which might help Bitcoin scale massively. I have no idea if this link could be helpful - but given the near-total lack of people from the Haskell and ML and functional worlds in these Bitcoin specification debates, I thought I'd be remiss if I didn't throw this out - just in case there might be something here which could help us channel the massive computing power of the Bitcoin network in such a way as to enable us simply sidestep this kind of desperate debate where both sides seem right because the other side seems wrong.
https://personal.cis.strath.ac.uk/neil.ghani/papers/ghani-calco07
The above paper is about "higher dimensional trees". It uses a bit of category theory (not a whole lot) and a bit of Haskell (again not a lot - just a simple data structure called a Rose tree, which has a wikipedia page) to develop a very expressive and efficient data structure which generalizes from lists to trees to higher dimensions.
I have no idea if this kind of data structure could be applicable to the current scaling mess we apparently are getting bogged down in - I don't have the game-theory skills to figure it out.
I just thought that since the blockchain is like a list, and since there are some tree-like structures which have been grafted on for efficiency (eg Merkle trees) and since many of the futuristic scaling proposals seem to also involve generalizing from list-like structures (eg, the blockchain) to tree-like structures (eg, side-chains and tree-chains)... well, who knows, there might be some nugget of algorithmic or architectural or data-structure inspiration there.
So... TL;DR:
(1) I'm freaked out that this blocksize debate has splintered the community so badly and dragged on so long, with no resolution in sight, and both sides seeming so right (because the other side seems so wrong).
(2) I think Bitcoin could gain immensely by using high-level formal, algebraic and co-algebraic program specification and verification languages (such as Maude including Maude-NPA, Mobile Maude parameterized skeletons, etc.) to specify (and possibly also, to some degree, verify) what Bitcoin does - before translating to low-level implementation languages such as C and Python and Java saying how Bitcoin does it. This would help to communicate and reason about programs with much more mathematical certitude - and possibly obviate the need for many political and economic tradeoffs which currently seem dismally inevitable - and possibly widen the collaboration on this project.
(3) I wonder if there are some Big Data approaches out there (eg, along the lines of Google's MapReduce and BigTable, or Yale's CalvinDB), which could be implemented to allow Bitcoin to scale massively and painlessly - and to satisfy all stakeholders, ranging from millionaires to micropayments, coffee drinkers to the great "unbanked".
submitted by BeYourOwnBank to Bitcoin [link] [comments]

I just saw this one and had a doubt, does wallet leaks my IP? Does vpn requires special config for wallet?

Avoid Thin Clients and Hosted Wallets
Almost all thin clients leak which addresses you own to whatever Simple Payment Verification (SPV) server they connect to. Thin clients do not store the blockchain locally. Instead, they query a single SPV server for the transactions that involve the addresses in your wallet. While this functionality is far more efficient and fast than parsing the blockchain locally, the trade-off is that every Bitcoin address you own is submitted to the SPV server.
Some thin clients, such as Multibit, have the capability of using bloom filters to help conceal which addresses you own by requesting extra transactions that don’t involve your wallet. However, Multibit currently favors efficiency over privacy and does not utilize bloom filters for address anonymization. The Electrum thin client doesn’t use bloom filters at all, so just like Multibit, any server you connect to knows every address that you own.
Hosted clients are even worse in terms of anonymity. All of your private and public keys reside on 3rd party servers, so it is trivial for the operator to know which Bitcoin addresses you own. Additionally, any other information you’ve submitted to the service is associated with your Bitcoin addresses and can be easily accessed by the service’s operators.
These types of wallets make it easy for a SPV server operator or service administrator to not only know which Bitcoin addresses you own, but also associate them with your IP address. The operator could potentially publish the information, they could be hacked and the info stolen, or they could be subpoenaed or NSL’d to provide logs to law enforcement or government agencies.
One of the fundamentals of Bitcoin is not having to trust any single party. In terms of anonymity, it’s best to use a full Bitcoin client like Bitcoin-Qt or Armory, and store the entire blockchain locally.
tl;dr; Thin clients and hosted wallets leak which addresses you own — use a full client like Bitcoin-Qt or Armory instead.
source: https://99bitcoins.com/know-more-using-bitcoin-anonymously/
submitted by Ruban28 to Bitcoin [link] [comments]

Bitcoin client comparison? Ease of use, functionality, security etc..

Hey everyone,
I've recently started using bitcoins, and been trying to figure out the best way to store them.. There are a bunch of desktop clients available, each with it's ups and downs, supporting different features, and using different amount of resources..
I wanted to find a nice overview of them all, but so far I'm not finding anything that I wanted to know.. So I think we should have some kind of wiki page, that describes them in more details. Explains how to start using each of them, and how to ensure it's safe.
For example, to try and secure my wallet files, I'm storing them in a TrueCrypt volume, that's archived to the cloud. This way they are backed up to multiple locations, incase my machine dies, and are also encrypted, in case one of the machines is compromised! I'm not sure if that's overkill or not :)
I thought I'd start with a short write-up of my opinions on some of the clients and my impressions of them. It's by no means a comprehensive review (that would take a lot more space than a single reddit post). All of this is just a subjective view on each of the clients.. I hope more people will add to it, maybe even compoling a nice and informative comparison of all the popular clients!
  1. Bitcoin-QT: The official client. Somewhat basic in functionality, advanced functions (like backing up the private key) available through the "debug" window., but works well for a lot of people.. You can backup the wallet.dat file in the TrueCrypt volume to secure the coins, but the client will store the main working copy of the wallet file in %APPDATA% in Windows - leaving it potentially compromised, unless you encrypt the wallet file (part of the client's functionality). There's no obvious way to change the storage location.
    The downside (upside for some?) of the client is that it stores the whole blockchain.. (almost 15GB atm) Initial synchronisation takes a lot of time.. If you don't use it for some time, you'll have to synchronise again, which takes time (and CPU resources btw)..
    At the end of the day, the wallet is as secure as your machine is. No support for paper wallets / watch-only wallets / offline storage, transactions.. But for basic use - it works perfectly fine.
  2. Bitcoin Armory: A popular powerful client, runs "on top" of Bitcoin-QT, which means the blockchain is also stored on the local drive.. On top of that, the Armory client will also build a local database to manage it, which means it needs more storage on it's own.. (at the moment, that's an extra 16GB on top of the blockchain!). Also, the synchronisation status is not very helpful, just saying the % synchronised.. At least Bitcoin-QT states how many weeks/days you are behind, so you can somewhat estimate how soon the sync will work.
    The Armory client supports multiple wallets, compared to the official client, which can be stored separately. The wallets use (correct me if I'm wrong?) a deterministic key to generate the private keys, which means if you backup your wallet in cold storage - you can restore it at any point, and restore all the new addresses generated after the backup - a very useful feature. The Armory client has more advanced functionality like paper backups (described above), offline wallets and offline transactions, and a lot more.. Some features are missing, like importing watch-only addresses. You can though create a watch-only backup of a wallet, and import that on a different machine, but if you only have an address - not supported atm.
    The client seems rather powerful, but also feels a bit clunky and hard to use.. Some functionality is missing, and just strange (not all private key formats are supported.. even if most other clients have no problems with them)
  3. MultiBit: A lite bitcoin client, that doesn't store the whole blockchain locally. This makes it a lot easier to start using, even on a new machine. It will only synchronise a part of the blockchain that is relevant for a specific address, which means you save on both time and storage when using it, but it can be (potentially, but quite unlikely) compromised, if the only nodes it can see are rogue.
    It also supports multiple wallets, you can select where to store the wallet files, and they can be password protected as well. You can store them on a TrueCrypt volume, to secure it even more. The app is still relatively simple to use, while providing more functionality than just the basics.
    Compared to Armory and Bitcoin-QT, you can also create a portable installation, which can be stored on a USB key / True Crypt volume along with the key files.
  4. Electrum: This is one of the clients I've hardly used so far.. It has a full and a portable version! With the portable version I can store they keys where I want, and keep them secure as I see fit. As MultiBit, it doesn't store the full chain, but instead will use a server to keep and manage the blockchain. But nothing is stopping you from running your own electrum server and connecting to it, if you're worried.
    The client seems rather simple, but powerful at the same time. Same as Armory - it will create a seed that will be used to generate addresses. The nice thing is that it will generate multiple receiving addresses, and will also maintain change addresses, which (if I'm right) means that each transaction will not reuse the same address twice, unless you force it to. My only gripe so far with it is that it's the only client so far where you can't send to multiple addresses in one transaction, forcing only a single recipient per transaction.. I hope that'll change in the future :(
submitted by artiomchi to Bitcoin [link] [comments]

(1) Is it true that encrypting an *existing* bitcoin-qt wallet.dat file will "invalidate" any existing backups? (2) Can I use unicode characters - eg ♥ - in the bitcoin-qt wallet passphrase?

I have an existing bitcoin-qt wallet.dat file which I want to encrypt - using the command in the bitcoin-qt Settings menu, involving creating a passphrase.
I have 2 (possibly somewhat related) questions:
TL;DR
(1) If you encrypt an existing wallet.dat file, will the backups of the old wallet.dat file still work?
(2) Can you include unicode characters - eg ♥ - in the passphrase used to encrypt a bitcoin-qt wallet.dat file?
Worst-case scenario: The answers to (1) and (2) are both "no" - and I attempt to encrypt an existing wallet using unicode, and my backups no longer work (due to a new pool of addresses somehow being created?) and the passphrase isn't what I think it is (due to the unicode characters somehow being misinterpreted?) - and then I could lose all my coins??
Details
(1) The following (old, short) thread claims that after you encrypt an existing wallet, any previous backups of that wallet will no longer work:
https://pay.reddit.com/Bitcoin/comments/1ccfdk/encrypting_walletdat_in_bitcoinqt/
Obviously, the the first response in that thread was slightly wrong, for saying that the "server" creates a new pool of 100 addresses to draw on. So using word "server" here was certainly incorrect - but maybe the gist of what they were saying might still be correct? (if you simply change "server" to "client").
I can actually understand that there might be reasons why encrypting a wallet.dat file could cause a new pool of 100 addresses to be generated.
But it does not make sense to me that this would make any older (unencrypted) backups instantly useless.
It seems to me that these older, unencrypted backups would still have their private keys intact, and could thus be used in certain (perhaps limited?) ways - such as:

(2) It seems that including a few unicode characters in the bitcoin-qt wallet passphrase would make it a lot stronger (since unicode is a much larger set of characters than ascii), so I would like to include a few.
But it would be more reassuring if it could be explicitly stated that this is indeed supported.

Possible catastrophic interaction between (1) and (2)?
If the answers to (1) and (2) were both "no" (ie, if you encrypt an existing bitcoin-qt wallet.dat file then any existing backups will not work, and unicode characters do not work in bitcoin-qt passphrases), then I'm worried there could be some kind of catastrophic interaction between (1) and (2) where I lose all my coins, as follows:
(1) I encrypt my existing wallet - making my old, unencrypted wallet.dat file now invalidated (due to something involving a new pool of addresses being generated?)
and
(2) I use a passphrase which includes unicode characters which bitcoin-qt appears to accept at the time of creation, but which doesn't work at the time of trying to decrypt the wallet.dat file (due to something going wring with how the supposed unicode characters are actually interpreted while being entered or copied-and-pasted?).
In this possible worst-case scenario, my old backups of wallet.dat no longer work, and my newly encrypted wallet.dat has some password which I'm not able to correctly enter anymore.
Sorry to be so paranoid about this!
Other remarks:
(a) I did do a (limited) test of unicode capability for bitcoin-qt wallet.dat passphrases: simply by creating a new (empty) wallet.dat file, and creating a passphrase for it involving unicode characters, and then attempting to change the passphrase (which requires entering the old passphrase that contained unicode characters).
This did seem to work ok: it let me re-enter the old passphrase (which included unicode characters) to create a new passphrase.
However, since this is an empty wallet (and since bitcoin-qt would ask for the passphrase only when attempting to actually spend from an encrypted wallet), I did not see a way to fully test whether the passphrase actually worked to decrypt a unicode-passphrase-encrypted wallet for the purpose of spending from it.
(I'm still downloading the rest of the blockchain and it's going to take at least another week on my slow connection, so don't see how I could send a small amount to the new wallet to test it either. My existing wallet.dat file was originally created on an internet-connected machine a long time ago, but it's been offline ever since, so in some sense it's kinda-sorta been in somewhat "cold" storage all this time, and I would prefer to avoid putting it online on a "hot" internet-connected machine until absolutely necessary.)
(b) Long-term, I am actually also in the process of setting up a proper cold storage system based on Armory, which I have installed on 2 Ubuntu machines (one offline and one online).
But I have a slow internet connection, and the backups of this old wallet.dat file have been sitting around unencrypted for ages (I've been relying simply on then being physically inaccessible).
Now some "things" are coming up over the next few days where I some better security right away, and it's probably going to take over a week for Armory/bitcoind to update my local copy of the blockchain.
So in the meantime, I also need some basic additional security right now - so encrypting the existing bitcoin-qt wallet.dat file using a strong passphrase (and making some new backups) seems like it could be a reasonable initial approach.
Thanks for any help!
submitted by encrypt_throwaway to Bitcoin [link] [comments]

Colored coin client preview #1 (based on Bitcoin Armory)

I think it's already good enough for people to play with it. (Although certainly it's not ready for anything serious.)
For people who are not familiar with concept, colored coins is a technology which allows people to represent arbitrary tokens (e.g. issue private currencies, stocks, bonds, etc.) using small quantities of bitcoins. It is interesting because it would allow us to create decentralized and secure markets. (As decentralized and secure as Bitcoin itself, at least in theory.) See here.
Notes about current release:
Windows binaries: http://killerstorm.xen.prgmr.com/alex/ArmoryX-0.2.5.zip
There are no Linux binaries, but it's really easy to build it on Ubuntu or Debian:
(Note: if you're already using Armory, it is a good idea to hide you ~/.armory so it won't be seen by this experimental Armory mod. Or, perhaps, just don't run this experimental mod.)
Before you run it, make sure that bitcoind or Bitcoin-Qt is running and fully sync'ed. Armory takes up to 10 minutes to start (this version is slower because it additionally scans for colored transactions) and requires ~ 1 GB of RAM.
At start it will offer to create a wallet, do not enable encryption, otherwise issuing colored coins won't work.
Send some bitcoins to this new wallet, 0.02 BTC is probably enough to issue some colored coins and to pay for tx fees.
There is a drop down to choose color. Balance is displayed for a currently chosen color (i.e. if you chose TESTcc it will show how many TESTcc units this wallet owns), and when you send coins you send coins of that color.
Initially 'uncolored' is selected, it means normal BTC. This drop down also has TESTcc ("test colored coins") and "All colors" (this mode is just for debugging, you cannot send coins in this mode).
Here's what you can do now:
  1. Ask somebody to send you TESTcc. (We want to make it automatic, Satoshi Dice style, but unfortunately that code isn't quite ready.)
  2. Find and install other color definitions.
  3. Issue your own colored coins and send them to somebody who wants them. (LOL.)
Let's start from option #3. There is 'Hallucinate' menu. (It is called 'hallucinate' because colors do not exist on blockchain level, it is a client-side convention.) Choose 'Issue colored coins'. Likely all you need to change is name, but you can tweak satoshi-per-unit and number of units if you want.
When you click Issue it will create a new transaction (using your uncolored BTC) and will create a color definition. Optionally it will also upload your color definition to color definition registry. (This registry runs on my server, it might be down.)
You should note ColorID, this is how other people can refer to these coins (name is ambiguous).
You can now choose this new color in drop down and it will show your balance. (E.g. 1000 units.)
Now you'll perhaps want to send these coins to somebody. That person would need to install your color definition first. If you send colored coins without warning they might be lost, i.e. mixed with uncolored ones. For same reason it makes no sense to send them to wallet which isn't color aware.
For example, you can post on some forum:
I've issued LOLwut coins (ColorID: 36738fe78a443656535503efb585fee140a37d54), each unit represents a bond with face value of 0.1 BTC payable by me, Trololo, via buy back. I promise to buy back all bonds in a month.
Now people who are interested in this LOLwut coin issue will copy ColorID, paste it into Hallucinate > Download color definition dialog, and if this color definition is published it will be downloaded and installed. Armory restart is required to complete installation.
After installation that person will be able to see these LOLwut coins.
Note that if you do not trust my registration server, you can publish color definition yourself: go to ~/.armory/colordefs, find 36738fe78a443656535503efb585fee140a37d54.colordef and upload it to your web server. Then you can give people URL like http://example.com/36738fe78a443656535503efb585fee140a37d54.colordef and they can download it by URL.
Or they can just obtain this file by any means and copy it to ~/.armory/colordefs directory. It is decentralized, nobody can prevent you from issuing colored coins.
I think that's all. There is also Hallucinate > Manage color definitions dialog, but I hope it's easy to figure out how it works.
We are working on improved version, particularly on p2p exchange feature.
I've set up an IRC channel for people to talk about trying out colored coins: #colored-coins-otc on Freenode.
submitted by killerstorm to Bitcoin [link] [comments]

PSA For Noobs: Getting started in the bitcoin economy

Wallets: Electrum, armory, bitcoin wallet (android), blockchain (android/iphone), bitcoin-Qt, coinbase
Bitcoin-Qt is the "full" client and requires you to download every transaction ever made onto your computer. This file is ~13GB(?) and the process can take several days.
Here is a basic introductory video: http://www.weusecoins.com/en/
Here are paper wallets: www.bitcoinpaperwallet.com
Here is an HTML file of 100+ bookmarks to bitcoin services/merchants/news/information which you will find very fascinating. http://www.fileswap.com/dl/8U3bZPAyOD/
A 'public key' is your bank address/account, and a 'private key' gives you access to the funds stored in a public key. Never share your private keys with anyone, ever.
When encrypting your wallet, WRITE DOWN YOUR PASSWORD. If you lose this password, you lose your coins. Period.
Here is an advanced video of the inner workings of the software: http://www.youtube.com/watch?v=Lx9zgZCMqXE
Enjoy!!!
submitted by TheSelfGoverned to Bitcoin [link] [comments]

Can a virus be injected into the blockchain?

This is not a cry for alarm, just information.
Updating my online Armory client this morning, getting ready to move some coin to my offline storage, and Windows Defender pops up with a message saying it cleaned a virus (DOS/ASUZA) from my computer. Looking into it further, I see that the file was in the bitcoin\chainstate folder. I doubt it’s Armory; it could well be caused a previous infection injecting files into the folder, but it looks it was downloaded by Bitcoin-Qt while downloading the blockchain. I’m no BtC expert, so I'm asking is that a possibility? Anyone seen anything like this before? I’m sure my offline storage is fine, but it may be time to format the online machine and start from scratch again.
EDIT: A false positive seems to be the most likely cause.
Imgur
submitted by Atook to Bitcoin [link] [comments]

[uncensored-r/Bitcoin] I'm attempting to return stolen bitcoin and warning soon to be victims

The following post by MrBeanCoin is being replicated because the post has been silently removed.
The original post can be found(in censored form) at this link:
np.reddit.com/ Bitcoin/comments/7lnsdx
The original post's content was as follows:
Hello!
My name is MrBeanCoin (Not a obvious throw away! Of course not!). I'm my professional life I am a Malware Analyst, Pen Tester, and Engineer. However when im not working my eyes have been glued to the BTC charts, kicking myself for spending my BTC back when times were rough. But enough about me, lets get to the point.
 
Since the rise in price and popularity of Crypto's, Malware Authors have been leaving Ransomware, Botnets, and Spam in droves to create very simple Bitcoin and Altcoin stealing Malware, in a attempt to make the most money quicker, and separate good people like yourself from your coins. Miners have also reached unbelievable heights (Surpassing even when BTC first came out), and they make sure not to use safe settings, and a lot have been causing hardware damage. The spike has been so large that this week, the GTX 1080 i have in my Cuckoo Server (Automated Malware Analysis Platform) burned out from the constant throttling up and down.
 
So obviously, with my job, i have been having to deal with these fuckers and their shitty coded applications a lot. Some go as far as ripping your wallets from your machine and uploading them to a C2 server, but the absolute most common way people are losing bitcoins by the THOUSANDS is by the most simplest application i have ever seen. It simply lays low on the machine, and when it detects a BTC Address on the clipboard, it replaces the address you copied, with the Malware Authors. I know, right? At first i thought it would never be effective. However, so many newcomers are coming on the scene, it is paying off big. Nearly every wallet i have seen had at least 1 Million USD in it or more..... From a damn copy and paste switch. The worst part is, most people's security protection will not help them here, because the application does not look Malicious! All it is, is 3 lines of code changing the clipboard. Whats wrong with that? Well in this case, everything is. Please Please be on the look out for these. They make me so angry.. Other common ones are applications that try to pass as a update to , Bitcoin Duplicators (Ya...), Bitcoin Accelerators (I get this one, Noobs aren't getting why the TX's are fucking around), Fake Miners (If no one has heard of it, DONT USE IT), and Fake Wallets. I can go into these later if people are interested.
 
Anyways, I was looking at a sample today, and noticed this was one of the braver ones that scoop up the whole Wallet.Dat (Or similar) file, and kick it off to their servers. It does this for nearly 25 popular clients, even one called Armory which i thought was ironic.
 
This sample is hitting people through fake ad's to update their miners when visiting Crypto Sites, and more commonly, through email they are somehow getting for many exchange users. The emails claim either that they found your wallet publicly online! And that you should verify right away that it is actually yours. Its conveniently named "Wallet.dat .exe" with the spaces allowing the exe to hide in some email clients. When downloading and running, of course, you are infected. Other emails include free books on Crypto Currency that have a surprise for you inside! And Insider Information that you could use on a up coming pump and dump!
 
I loaded it into a IDA on a VM, and noticed that it wasn't sending the wallets to a domain, but rather a IP, and not only that, but what looked like a residential ISP IP. I allowed it to send up my fake wallets so i could get the scheme of the HTTP POST, and then started investigating the server. The guy receives loads of wallets a day, but he also runs a small botnet, proxy server, and password unhashing service on the same server. What was weird is i didn't see any templates, control panels, or mail for a web hosting company, which i normally see right away. I was starting to think this guy was actually dumb enough to use some server sitting at his house for this shit.
 
On further investigation of the client code talking to the server, i noticed he had a exploitable vulnerability in the way he uploaded files to the server. This allowed me to send up a payload with my wallet that later became my backdoor and reverse shell into his server. He was running a older kernel, so i was able to also exploit my way to root, and at this point i had full control over the server.
 
After further investigation, it was clear that indeed he IS running this out of his house. I somehow got lucky and out of 350 proxy servers, i managed to hop on his main node. Which he is a idiot anyways for accepting connections from anything but his proxies on this machine, or even using a home machine! Don't worry, i will be handing the needed information over to the feds for this little prick.
 
Now to my main point. It's obvious i must stay anonymous in this whole ordeal because, even though this dude is a POS, some people still might not be okay with what i did. And i also would like to keep my job haha. But seeing as i had full access, and this guy was dealing with BTC, this was a first for me. Most take overs i have done before, never had the actual wallets on the server. I really want to warn the victims he has FRESH wallets for ( IT COULD BE YOU! ), and also attempt to recover some BTC in the criminals wallets back to some, most likely worried sick, people.
 
I'm posting this today not only for the hope that if someone did notice Malware stole their coins, they can contact me and see if we can verify it was him, BUT ALSO in hopes that maybe any of you here would have any ideas on how i could go about finding these people, and then verifying its actually their BTC? I really can't think of any sure fire way accepting hoping people contact me and can match up the exact Transaction ID, Date, and Amount that was stolen from them. Please let me know your ideas.
 
I also want to finish this with a small list of FRESH VICTIMS that will most likely be getting hit very soon if they do not make a different wallet ASAP. I have hindered his processing further, but this doesn't help for already uploaded wallets. If these machine names match yours, PLEASE MAKE A NEW WALLET RIGHT AWAY: (Format is _.dat )
   
  • BitcoinQT_PC-4A095E27CB
  • BitcoinQT_KRK8HCPUDQP-PC
  • BitcoinQT_DESKTOP-MD6CE0T
  • BitcoinQT_EEW8HH-PC
  • BitcoinQT_JCNHJN8XRO0-PC
  • BitcoinQT_L1MKEWAMYWOT-PC
  • BitcoinQT_QBEY678-PC
  • BitcoinQT_DESKTOP-AJMCAK1
  • BitcoinQT_I3HOM1VJGV2Y-PC
  • BitcoinQT_DESKTOP-GKAN490
  • BitcoinQT_SMQYPJPO-PC
   
This is just a small list i could make tonight, i will hopefully be able to recover more and get more people switched to new wallets.
Thank you for your time.
submitted by censorship_notifier to noncensored_bitcoin [link] [comments]

12-23 11:03 - 'I'm attempting to return stolen bitcoin and warning soon to be victims' (self.Bitcoin) by /u/MrBeanCoin removed from /r/Bitcoin within 89-99min

'''
Hello!
My name is MrBeanCoin (Not a obvious throw away! Of course not!). I'm my professional life I am a Malware Analyst, Pen Tester, and Engineer. However when im not working my eyes have been glued to the BTC charts, kicking myself for spending my BTC back when times were rough. But enough about me, lets get to the point.
 
Since the rise in price and popularity of Crypto's, Malware Authors have been leaving Ransomware, Botnets, and Spam in droves to create very simple Bitcoin and Altcoin stealing Malware, in a attempt to make the most money quicker, and separate good people like yourself from your coins. Miners have also reached unbelievable heights (Surpassing even when BTC first came out), and they make sure not to use safe settings, and a lot have been causing hardware damage. The spike has been so large that this week, the GTX 1080 i have in my Cuckoo Server (Automated Malware Analysis Platform) burned out from the constant throttling up and down.
 
So obviously, with my job, i have been having to deal with these fuckers and their shitty coded applications a lot. Some go as far as ripping your wallets from your machine and uploading them to a C2 server, but the absolute most common way people are losing bitcoins by the THOUSANDS is by the most simplest application i have ever seen. It simply lays low on the machine, and when it detects a BTC Address on the clipboard, it replaces the address you copied, with the Malware Authors. I know, right? At first i thought it would never be effective. However, so many newcomers are coming on the scene, it is paying off big. Nearly every wallet i have seen had at least 1 Million USD in it or more..... From a damn copy and paste switch. The worst part is, most people's security protection will not help them here, because the application does not look Malicious! All it is, is 3 lines of code changing the clipboard. Whats wrong with that? Well in this case, everything is. Please Please be on the look out for these. They make me so angry.. Other common ones are applications that try to pass as a update to , Bitcoin Duplicators (Ya...), Bitcoin Accelerators (I get this one, Noobs aren't getting why the TX's are fucking around), Fake Miners (If no one has heard of it, DONT USE IT), and Fake Wallets. I can go into these later if people are interested.
 
Anyways, I was looking at a sample today, and noticed this was one of the braver ones that scoop up the whole Wallet.Dat (Or similar) file, and kick it off to their servers. It does this for nearly 25 popular clients, even one called Armory which i thought was ironic.
 
This sample is hitting people through fake ad's to update their miners when visiting Crypto Sites, and more commonly, through email they are somehow getting for many exchange users. The emails claim either that they found your wallet publicly online! And that you should verify right away that it is actually yours. Its conveniently named "Wallet.dat .exe" with the spaces allowing the exe to hide in some email clients. When downloading and running, of course, you are infected. Other emails include free books on Crypto Currency that have a surprise for you inside! And Insider Information that you could use on a up coming pump and dump!
 
I loaded it into a IDA on a VM, and noticed that it wasn't sending the wallets to a domain, but rather a IP, and not only that, but what looked like a residential ISP IP. I allowed it to send up my fake wallets so i could get the scheme of the HTTP POST, and then started investigating the server. The guy receives loads of wallets a day, but he also runs a small botnet, proxy server, and password unhashing service on the same server. What was weird is i didn't see any templates, control panels, or mail for a web hosting company, which i normally see right away. I was starting to think this guy was actually dumb enough to use some server sitting at his house for this shit.
 
On further investigation of the client code talking to the server, i noticed he had a exploitable vulnerability in the way he uploaded files to the server. This allowed me to send up a payload with my wallet that later became my backdoor and reverse shell into his server. He was running a older kernel, so i was able to also exploit my way to root, and at this point i had full control over the server.
 
After further investigation, it was clear that indeed he IS running this out of his house. I somehow got lucky and out of 350 proxy servers, i managed to hop on his main node. Which he is a idiot anyways for accepting connections from anything but his proxies on this machine, or even using a home machine! Don't worry, i will be handing the needed information over to the feds for this little prick.
 
Now to my main point. It's obvious i must stay anonymous in this whole ordeal because, even though this dude is a POS, some people still might not be okay with what i did. And i also would like to keep my job haha. But seeing as i had full access, and this guy was dealing with BTC, this was a first for me. Most take overs i have done before, never had the actual wallets on the server. I really want to warn the victims he has FRESH wallets for ( IT COULD BE YOU! ), and also attempt to recover some BTC in the criminals wallets back to some, most likely worried sick, people.
 
I'm posting this today not only for the hope that if someone did notice Malware stole their coins, they can contact me and see if we can verify it was him, BUT ALSO in hopes that maybe any of you here would have any ideas on how i could go about finding these people, and then verifying its actually their BTC? I really can't think of any sure fire way accepting hoping people contact me and can match up the exact Transaction ID, Date, and Amount that was stolen from them. Please let me know your ideas.
 
I also want to finish this with a small list of FRESH VICTIMS that will most likely be getting hit very soon if they do not make a different wallet ASAP. I have hindered his processing further, but this doesn't help for already uploaded wallets. If these machine names match yours, PLEASE MAKE A NEW WALLET RIGHT AWAY: (Format is _.dat )
   
  • BitcoinQT_PC-4A095E27CB
  • BitcoinQT_KRK8HCPUDQP-PC
  • BitcoinQT_DESKTOP-MD6CE0T
  • BitcoinQT_EEW8HH-PC
  • BitcoinQT_JCNHJN8XRO0-PC
  • BitcoinQT_L1MKEWAMYWOT-PC
  • BitcoinQT_QBEY678-PC
  • BitcoinQT_DESKTOP-AJMCAK1
  • BitcoinQT_I3HOM1VJGV2Y-PC
  • BitcoinQT_DESKTOP-GKAN490
  • BitcoinQT_SMQYPJPO-PC
   
This is just a small list i could make tonight, i will hopefully be able to recover more and get more people switched to new wallets.
Thank you for your time.
'''
I'm attempting to return stolen bitcoin and warning soon to be victims
Go1dfish undelete link
unreddit undelete link
Author: MrBeanCoin
submitted by removalbot to removalbot [link] [comments]

A proposal of a wallet to the clever developer shibes out there which concerns all and future shibes (Would be extremely beneficial with the Talladega race coming closer and closer)

I recently watched this talk by Andreas Antonopoulos (which I recommend every shibe to watch). In this video he explained how private keys, public keys, adresses, cryptography and wallets work.
In the video, I realized how far wallets have come already, how little the QT-wallet actually matters for us common folks, and how important it is to have user friendly wallets with good features. I got especially intrigued when Alexander explained type 2 deterministic wallets based off of trees. And my question is: "Can you deveolper shibes develop a type 2 deterministic wallet (like electrum) with BIP39?"
For all who don't know what I'm talking about, I will try my best to explain how type 2 deterministic wallets work by basically paraphrasing Andreas from the video. Please correct me if anything is wrong.
Let me begin by saying that our, and every virtual currency QT client is more focused on implementing the stability into the core coin protocol rather than implementing user-based fancy wallet features. Recently the bitcoin QT client has been removed from the bitcoin.org site as the recommended wallet for new users. This is because it isn't a good interface for the common man, or really anyone. It has also been discussed by bitcoin developers to strip all the wallet functionality out of the QT-client just for this reason.
Explaining type 2 deterministic wallets: When creating a private adress, a random number is drawn, in this process you will also generate a 128-bits random seed (for example 521566b6ebfe0ab8ff7b8110b92c57d4). A seed is generally speaking a starting point for the random number generation. This seed will therefore be the generator of all future adresses in your wallet.
From this seed, you can use mathematical functions to generate keys in such a way that you can't predict those keys without having the seed.
Just to clarify: If you have one private key, you can't figure out the other, and if you have the other, you can't figure out the first. This means that as long as your seed and mathematical function is not compromised, your keys won't be compromised. This is because you generate (or regenerate) all your private keys from that seed.
These mathematical functions can for example be the following: "You generate the first key, then you jump over 5 keys, then generate another key etc.". What this leaves us with is that you need two types of information to "infiltrate a wallet": The seed and the gap. This means that the seed and gap still needs to be encrypted, the good thing is that there's no need for a backup if you lose your wallet because you know your seed, and the gap.
Now you might be wondering: "How am I going to remember my seed? Won't this be hard? Won't it be a pain to remember?" Well there is also a new really interesting implemented technology called BIP 39. What this technology does is that it creates 12 random words (called a 12-word mnemonic code). These words are deterministically derived, in this way you can convert those 12 words back to the seed.
Let me give you of an example of why this is beneficial: The first thing is that 12 random words are much easier to remember and hear than a combination of 12 random letters and numbers. This means that if you lose your wallet and you're away from where your seed is written down/stored etc., you can for example call someone you trust to help you to restore your wallet. This can be done by the person telling you the 12 words over the phone, which will again give you your seed. No need to wonder if the person said "b" or "d".
The mnemonic code for the seed I wrote down (521566b6ebfe0ab8ff7b8110b92c57d4) is "pain apologize tired bar change think off outside clear fear hot stir". You can see how this could be handy.
This is technology is at the moment restricted to the English language. More importantly, it is restricted to a specific dictionary. The reason for this is because based on those specifications, every single wallet in the world with these features can take 12 words with the gap and deterministically recreate the same seed. From this point it can then recreate the same keys.
There's of course a checksum built in, so one of the words is a checksum for the other words. This entails that not every combination you throw at it will be correct. This means that if you remember those 12 words in that specific order, you will never have to take a backup of your wallet ever again. How great is that?
So a TL:DR:
I want our smart and clever developer shibes to create a type 2 deterministic wallet with BIP39 (like electrum or armory) with a great design. This would make it much easier for both newcomers and old shibes to use their wallets. The problem with backing up you wallet would also be a thing in the past. And if you know your seed or mnemonic code, you can import your wallet with extreme ease to any other device with a wallet just by typing in some words instead of moving a backup file to your device. If this wallet is being based on a litewallet, there will also be no need for synchronisation.
Disclaimer: Like I said, I'm not a pro at this, please correct me if anything is wrong here. And please shibes discuss, is this something the community is also interested in? I would be so happy if we got a wallet like this.
submitted by ChaotropicVindicator to dogecoin [link] [comments]

Frustrated with wallets - could THIS be the stake through the heart of Bitcoin?

Actually, that should be "with wallets and fees." Both are causing some grief right now.
While in the process of building a new computer, I'm getting increasingly frustrated with Bitcoin's complexity, especially around the notion of wallets.
The Bitcoin-QT wallet becomes part of the network. Lovely, if you have a huge chunk of disk space to devote. I happen to be running a very lightweight pure SSD system, so onwards I look.
Hmm. Armory? Well, it sits on top of the QT client, so no.
How about Electrum? Not bad, but I'd rather NOT have my wallet stored elsewhere, encrypted or not. If I'm going to do that, I might as well just use a web wallet.
Multibit? Ah, here we go! Local storage, no downloading of the entire block chain, and...you can't alter the transaction fee! I wasn't going to stress out over that because as many people have said, "what's $0.25" (or .40 or .06, or whatever people claim the trivial fee is)?
But when I went to transfer my bitcoins from the old computer to the new one (because of course the wallet formats are incompatible between wallets), it came up with a fee of just under 0.05 BTC! I understand why fees are going to become important, but really - twenty bucks to transfer my own bitcoins from one computer to another, with the promise of more fees down the line.
This is not a good system; and the fact that everyone who wants to use bitcoin has to go through pages of documentation to get some vague understanding of why they have to pay nondeterministic fees sometimes and not other times.
Just venting here. This won't be the future of currency until it works as easily as currency.
submitted by swordgeek to Bitcoin [link] [comments]

Are we overlooking pgp verification of wallet installation files?

I am curious how many people use pgp to verify the new version of their favorite wallet software every time a new version comes out? To me it seems like pgp verification isn't taken very seriously. Most, but not all vendors will put out new pgp signature files with each new release however if you are relatively unaware of security this could mean you are unknowingly missing a very important step. Importing the authors pgp key, downloading the associated signature file and then verifying the executable isn't very obvious to those who aren't security savvy. However it is an obvious security hole and a potential honeypot for anyone looking for some easy coin. One thing I find disturbing is how few of the major wallet developers put any significant effort into educating their users on the first step of securing their hot wallet. Multibit and armory are the only two clients I know of that give any information on pgp verification, but even multibit misses this important step on their "How to install" page. Electrum doesn't even provide a signature file for their linux version instead providing a hyperlink with an md5 hash appended to it. Bitcoin-qt from what I can tell only provides sha256 hashes of their files with zero instruction on how to use them. To me it seems like the pgp step of securing a wallet is looked at as the boring minor tidbit that you have to have that nobody really wants to put time into resulting in most vendors throwing up some hashes/signatures with little to no information on how to use them. I think that all vendors should have a section with instructions on how to verify their software, put this as the second step in getting started with their software right after the download step and make sure to provide pgp signatures for each installer package and not just hashes. For me, not being a security expert, I feel much safer verifying a pgp signature vs checking that a hash matches. With bitcoins being targeted on a daily basis through incredibly creative means this seems to me like a giant gaping hole that could be fought with a very small amount of education. Just a thought.
Edit: because I suck at the grammar Edit: after digging around I found the electrum signature files for linux. There is no direct link to the page from their website but they can be found here: http://download.electrum.org/
submitted by bitmagi to Bitcoin [link] [comments]

Online watching-only wallet?

Armory's offline wallet system is inarguably very secure but having to run the full bitcoin-qt client on the watching wallet is more of a hassle than it is worth for a lot of people (especially with the blockchain being 12gb).
Couldn't someone make a website which serves as an alternative the online armory client?
submitted by The_Mastor to Bitcoin [link] [comments]

GPG instructions and public key list for verifying Bitcoin clients.

I have noticed their is a growing problem of fake bitcoin clients, and I expect the frequency and elaboratness of these fake clients to increase.
Verifying the signatures for these clients will detect if you are receiving anything other than what the signer the of the software signed. The exception to this is if the attacker acquires the signer's private key, which should be a lot more difficult than tricking users to visit the wrong site or hacking servers. This can also be addressed by using multiple signatures per client.
An important part of this process is acquiring the public keys for the sofware signers in a secure manner.
To help with this I have included a signed list of fingerprints and where to acquire the public keys to act as another source to verify the keys used to sign bitcoin clients.
I have also included instructions for verifying the fingerprint list and bitcoin clients.
To deal with the issue that posts and comments on Reddit can be easily modified I suggest other users (especially well known ones) post a signature of the fingerprint list in a comment in this thread, or at least a hash of the fingerprint list (not as secure but still better than nothing).
List of Fingerprints:
+++ Bitcoin-Qt: Signer: Gavin Andresen (CODE SIGNING KEY) [email protected] Fingerprint: 2664 6D99 CBAE C9B8 1982 EF60 29D9 EE6B 1FC7 30C1 Key ID: 1FC730C1 Key Link: bitcoin.org/gavinandresen.asc
Electrum: Signer: ThomasV [email protected] Fingerprint: 6694 D8DE 7BE8 EE56 31BE D950 2BD5 824B 7F94 70E6 Key ID: 7F9470E6 Keyserver: pool.sks-keyservers.net Signer: Animazing [email protected] Fingerprint: 9914 864D FC33 499C 6CA2 BEEA 2245 3004 6955 06FD Key ID: 695506FD Keyserver: pool.sks-keyservers.net
Multibit: Signer: Jim Burton (multibit.org developer) [email protected] Fingerprint: 299C 423C 672F 47F4 756A 6BA4 C197 2AED 79F7 C572 Key ID: 79F7C572 Keyserver: pgp.mit.edu
Armory: Signer: Alan C. Reiner (Offline Signing Key) [email protected] Fingerprint: 821F 1229 36BD D565 366A C36A 4AB1 6AEA 9883 2223 Key ID: 98832223 Keyserver: pgp.mit.edu +++
My Key:
-----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.12 (GNU/Linux) mQINBFLB9nUBEAC/klZvqQkWP/NUD0pT09PzhKh0xIQ0XM7MxqUZLa1OytF3iUCX /fNwQD5OnSFQoEg1O4bGzrrRb+PiuKCvH19dp7sFVj3q7Dhwfb6EvsX39xqzxCr6 2AQFQ3esz4nNodnQWa48t2ujihaf/vpTn6n7+jCl6a124r+U4wNGiNIEWxLLUNNb ec8S1RcjtTp6Ue/yRpThgJN9e4rj19+vJMqKCiqL03NBZWVoCEkL6iIdjwlQK8/r CpP9m5yAsc8wkelRkZvuLmjJ1GgSFrO0WteGnURMshy59LetaSRyiIDeHaPdV5rk /n3mBv8hsK/39O6H7fYWDx/ZLnZE4rMghcndexIFLhsuPx6FJNATqQ2gHT4ijb8K NlwZ0LatlXyUEMKfC1aroa3/9RkQSf0y0GKS0XrvUWGVRn/X7gk1DRhuaHWuacCf k3w0XZOA2WpWw1w/rjZSeHbKG1w4B2/kWH3K4sXsfcLltlY85zH03HUYSx+leMFc yxiHz60ZfuV2aGjYFPL8dzF6DS106lHz51j608OZkAEO8Xssincii1k/PR1h1y2P AqgrEADzgl52iBbNw+tdnxSAIy/asEyxU/VwkUFjOzSyP7ZmBxg8ss966w2Kl6WE o9R5tkVuUG8WTMTnF0FeMxO9YOqx4KhN9bhP7RjBL7BFTvRXYVVJUGabIQARAQAB tBVkY2M0ZSA8ZGNjNGVAZ214LmNvbT6JAj4EEwECACgFAlLB9nUCGwMFCQlmAYAG CwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJECO6L0dAOWOhsNIQAKUN9Z4e0hM3 DbaUjYJx93JGdJArLmz+Ko10N/lGcao4lCNVA+xM73Ga1GBnPlhPFW9iD2VQocOv tY2PYNsPrHgGlzyMKAMSpZ8364wVEyCHdJVKFORUjhyuJGYfyhDt2iZuzQwxWbmQ 1gmlbiGvxRysmaSW5+M8CDhja/fI8+EOp5NbH/EvHJClul3cO72UBUXBPxRv4Eb+ j8k0Uozob70A3bD894F8bJ9wZ3XBX/9DEkAbvDyW7CxIZwUiCeYTQylH++8S91A1 wL3z35ELdOLzGqwetYY6gSZRwY/W+rewEfPfBDSRjXKOBfhraMBYV1Sdg0IUj10W 2XVAzkqmqaej0T/xTt6aNjFtiH1u18BUpYIcCAAZ6TJ7325bnqnI+0xWFdonyggL +AIX1nzhx5niw8ZkCX0/jlJAx3TXAuxX/Tfy7cVSVi33v0fiwoDb8ZIDBzg0P2uc PUpR13B3AevFpxuAuAFPWfTDOJQmZyn9YNswVOhNb9rfq5bkmaSBlMRefTtUKIjW XjrRhSULPJ73H+R1DNL1Y0vhclnkOVCFRB+VPChkO+6RitGQDTg/Z60fBHpnYiDz sysnsoojLwBGanHO5mZMprxADc9CmeRGRmfHwvx7eJvW1HqN+5JR3Ai+JDlT+IxX RNUQxUbOry4D8TwRn9nBEtumNyNQcBmUuQINBFLB9nUBEACyRFYCrOXxC8yWm92U qPPNa3YC+W17O4rHW/thKTze1/TeZAKTNaIMPCS7iSVBBRbuijG+8NsgFd6W9acC ihMD4VUdFhVPjRGM3HmqzsxudVI4kGlQl8w86pYZu8ceGB4LQcoUFbPmWgXDIszH NV7kIFO/2oCRJ7VIBllUMP97RRdIfDND7EZMWvDveZ40BZCBLfnD9f6VSs4Lgn2C ow/ko01ijnvUxA/BGPJKI7JTLJHbdL//RQwT3AacLSc/etIurY2Ef926XbYYI1gi qboCU/dYUkGG2D+BDcGdukwpksdZZSXPyNhkZQAPPViHuFFtHI3C+FNb5L+lnC0h /dfF73U1lN3jp/VX11U1tIsHJyPjs8aael2UJO7Qy3vgVRM6KOywNNjVRv79Z/rF YHkNzBwXrGKdwV16SdRWjgkzkB4JeNQME096SqrwAEj/j5fwMqHjR8dKqWKDT6s9 V2Z83go3n9kI8JWFh33OksBh/qpKghhwtGWrUsbVcEDOVmUn2ozXvARDzqnNw3DN PcQvzUtasD8hxGHo7fW4TczdtgS3b/DfU2VJo68Fmo1C4eqYX+Ixx05khFCtP7d0 POqX6jIIQqZq8NTea8/M8Xx1YGhR5RpA4vZe7bCLgD2VUXHL43Npmq2nuZ0/7AwY H0hc/y/T+SU70xn28XyWHHLkCwARAQABiQIlBBgBAgAPBQJSwfZ1AhsMBQkJZgGA AAoJECO6L0dAOWOhIcgP/ioKYiJFAsolS4ep1PenCPvQFjvZTq4xJnsubEJ/ERU8 zdgET0Rh5jcCLqRAxQbGW3lVsewR3N+S9Rt3zHApqfZBFg5XJkZxsk0u+0qGPHWA 4oC7U3E4ZwMfVzUDcfKrzD1h0JaiSW1+1qgCh9/YVCUYakR1n/9LgzPP8ekQLTeb nWE+ZQQfeTDgoTNFWZvUlEbh4zcHLvcay78PnK3uT3UbWPyltSxon/eD47s1dt03 P/8nqaXCZhhRZ9N3EbJyudLBgA3ctySSJJSKKQHYynH5qUQqKp4Wq1KY80161xvW FqKwN/Jr4tTpRVZPu8P82cxhwrWJdf1U3/M2F2aIgXbGS4fHbzsLZ+6zZ3AuT4D8 auW55GOrnoF9XzZV6IavtluILUXMjVzF13slo5PKzS8yyJRNxE22krbeEyUum4Zu dDiERxIB6B+RDMM9qvV9svGJoEXG+4ugwkA3R7a6LWApmkvH3eXpULfDN2g5eNcr 5efFMrI/myxmpsP3nUp5EZFJyp8+ZSzIMJ1jSzXH8mHajIGTG49xDyZGpbog3wd2 7aQf5D9WOuKfYZM9MU9PBF+ZgtNrAxWuYJcCOr4WEd/2IjayMWvLxNA/RVW66oVj puaaDc3m3hXg1fwUWv9ZJyMUv7NARLgig3KEMVZiVzos7ZMn9mZNrOk2fnkKpVJB =ufyu -----END PGP PUBLIC KEY BLOCK----- 
Signature for fingerprint list:
-----BEGIN PGP MESSAGE----- Version: GnuPG v1.4.12 (GNU/Linux) owGFk31QFGUcx48XIU/KU0YSZOhHToraHeze3u4tqd2+HZ6g4ks6ZBTLsXdud7eH ewtCV4mp4/hGKmlTQbyEkgoZxpg6kReML0RWaoohOWWN0mhK4WSZje0Zxw0zzfTP 7rPf5zfP7/N8nn22PRyliYyYfDQ9y0La6yNaotYW6hyi5BTkYlmUFJ9BKVMWdZyu mDFjhpYWFbtXlPQLlUztYtEpCXImZPGlogSUVCQLPkGCNGYBy8FiW9Z82/wsyOby poEzWMEPFVicHl50G+xeD1jDXTIBxXEMcJYkgaEpDhiSNgNCmlHgrHgGoCRLAsfh NCBWhgBjBoNos4VysLGZD5LhIEeUXJlQ+C+nwSs700d0N/A+u5ZzC3ZFLvGE97Bk hdfD+5aC8uBdiqiQZYYiQTuCEMdJDFizujuC5swqjQkHI0JzwJImlZBmTWBGMRoI q1pHZHD4MGEwCQU+QS4Ntiz2et0Gn8und4Uyn0ESlGEkShI9/Etqf5jJh4Zhd7NH opEkgoEZx1iwMkYjYCTJAM5QKADNcRSgKGZSnWWogkmTCTJwKzvMFkxCwf+xzStx K6LqNixurugBukRWvOrBe4Zmg9ahSCgV3N5iQZ4GL4oeHDFbHLxPGcI3lLhG8qNB YAw1qtQEagWMsKoGTTgFOE1hwCAkASjFsUCQVgIYE4GG1apJKBjGdxYbPCqHUFSi pWSPVy4PA1NuXgLGAIsEUf2GtAUOh1sdQXA+KFtdZhrwapFl6B/iHywQdD4S2Ywi VkBQlAQjTrPAmnBVMa4iM0b1gVE0AjiluifNZqN6AKhxGDmYhIL/Qg5etI2RydGa iEhNzKjI4N3TaEfrQjf0brJOs692U9vbzb2jMs51uP1Jl/6KXf7NoTEHolxXvvRf SjzbEylrjFvH1jXefbJxd9/tK8u8SVdLC9yv5N88N/v1Cyu7N1deXDPJMeVs8obj b9zvtW84sv9OWeJJ8tXyPX2/N+zqGn+ZnxCdGz++QXqzYGzthSRE7JJaflRu4/01 jqsFuat62ifvHujc8ZhupW1P59OBjoMtgz+crx08mdN/sDkwtUmfLecN2Hb8duuz Lxq6Aztjz3RsWV1d3TJBc4D86cbfuqjvn0iJemqvfk1/ToHQFZhtWrT555eZwh45 +vNj/jX7Fubnd/3adNxf+EhF7sWmMX+Q184dSvygFdFXBF6b2m1KjLvnoKanzEp0 2cWqgX7L2biU8/2xt5LudZ4g4pawCZVpv6T7q1JfaN9Q1xFxP2Z55fiPuo7tvXdd v6m3vrLt+Tk12bGzDn/rr8+puxl4vLsqrnPKmPg51xUZo+tiXKuf2XZ44DLd8t7N weL21tONnY2jKy+MSzi1/1o8sWrQPPPTd1tteW/tTct6fyO2NNWUJ6wT6mPWx9fz 31ml53QTe75a+2HbumVuvZCcC33V0/fFpM07wkRYUh9a0LxzK6mrOuqYChWT6u4M oGkJS2vmNkWdmdWcP5le4ulLbr+Ws+IysX37OyfSt4y70St8vLov9dE/k3Y1zNy4 SyrY/fWzvRMLP8mNrjh1eFvtznXt/wA= =5zDz -----END PGP MESSAGE----- 
Hashes for fingerprint list:
SHA-256: 7A6B9841 355B1127 E5639A9D 7040D81C F395D382 884376C2 31829C63 6FCF1B80
SHA-512: 04A49A60 A1645479 ED0B3CE9 AE32E156 E9768CC2 0D4EF393 814162BE BFA6FAF5 6C520769 C654467F 6B61EBD4 4A5A5C93 9DF81B7D AA468A50 2DD7FFF3 F637A49C
Verifying the fingerprint list:
Save fingerprint list, from the first plus to the last plus, to a text file called fingerprints.txt
Next save my key to a file called dcc4e.asc and my signature to a file called fingerprints.txt.asc
In terminal or command line run:
gpg --import dcc4e.asc gpg --verify fingerprints.txt.asc 
You should see:
Good signature from "dcc4e " 
GPG examples for verifying Bitcoin clients:
Verifying Bitcoin-Qt:
First download, import and check Gavin's key:
Download his key at bitcoin.org/gavinandresen.asc
In terminal or command line run:
gpg --import gavinandresen.asc gpg --fingerprint 
Check that the fingerprint for Gavin's key matches 01CD F462 7A3B 88AA E4A5 71C8 7588 242F BE38 D3A8.
Then download the wallet software and signature.
Verify the signature:
gpg --verify SHA256SUMS.asc 
You should see:
gpg: Good signature from "Gavin Andresen (CODE SIGNING KEY) " 
The signature for Bitcoin-Qt signs the hash values. So we must compute the hash of the specific downloaded software manually. This example is using the linux version.
gpg --print-md SHA256 bitcoin-0.8.6-linux.tar.gz 
Check that the output matches the associated hash value in SHA256SUMS.asc
Verifying Electrum:
First download, import and check ThomasV's key:
This key can be found at a keyserver.
gpg --keyserver pool.sks-keyservers.net --recv-keys 7F9470E6 gpg --fingerprint 
Check the fingerprint.
Download Electrum and the signature.
Verify the signature:
gpg --verify Electrum-1.9.6.zip.asc 
You should see:
gpg: Good signature from "ThomasV " 
For this example you do not need to manually compute any hash values because the signature is signing the downloaded file directly instead of signing a list of hashes.
submitted by dcc4e to Bitcoin [link] [comments]

photorec finds lost wallets on DESTROYED storage devices, Bitcoin-QT, Blockchain.info and now Armory wallets too.

update of this post: http://www.reddit.com/Bitcoin/comments/1byfy0/photorec_able_to_find_lost_wallets/
answer from christoph grenie:
<< Bitcoin-Qt is the most important one and most used. Armory is the most secure client and widely used. If you could recover this format, people would love you.I dont know much about the other clients. There are even more than just those 4. I suggest you support armory.>>
Done! I have added Armory detection in latest PhotoRec 6.14-WIP. Can you test it ?
I am not using armory, so maybe someone would test it and i am not sure if photorec recovers encrypted wallets.
submitted by x3oo to Bitcoin [link] [comments]

OlgaShow interview of Alan Reiner, Armory BitCoin Client. Installing Bitcoin-QT Installing Bitcoin Armory Receiving Bitcoin - Armory Guide Beginner's guide: Installing Bitcoin Armory on Windows 7

Digital money that’s instant, private, and free from bank fees. Download our official wallet app and start using Bitcoin today. Read news, start mining, and buy BTC or BCH. Bitcoin-Qt, also called "Satoshi client" is sometimes referred to as the reference client because it serves to define the Bitcoin protocol and acts as a standard for other implementations. As of version 0.9, Bitcoin-Qt has been renamed "Bitcoin Core" to more accurately describe its role in the network. Initially, Satoshi Nakamoto delegated the right to make decisions on changing the code of ... 1. Install Bitcoin-Qt Since version 0.9, Bitcoin-Qt was renamed to Bitcoin Core t o reduce confusion between Bitcoin-the-network and Bitcoin-the-software. Bitcoin Core is a full Bitcoin client. It is a thick client, meaning it requires the full blockchain (explained below) on local disk to operate and expose blockchain back to the network to help relay and verify transactions. Armory is used by some of the most heavily-invested, and most paranoid Bitcoin enthusiasts and cloud miners for maximum privacy and security. If you are in this category, it is recommended you verify that your Armory installers have not been altered in any way. Armory Ubuntu/Debian packages (*.deb files) are signed directly using our [Offline ... Bitcoin Core ist ein gemeinschaftliches, freies Software-Projekt, veröffentlicht unter der MIT-Lizenz. Release-Signaturen überprüfen Download über Torrent Quelltext Versionshistorie anzeigen. Bitcoin Core Release Signierschlüssel v0.8.6 - 0.9.2.1 v0.9.3 - 0.10.2 v0.11.0+ Oder wählen Sie Ihr Betriebssystem . Windows exe - zip. Mac OS X dmg - tar.gz. Linux (tgz) 64 bit. ARM Linux 64 bit ...

[index] [51270] [37958] [1387] [8775] [28377] [46628] [32974] [6634] [44790] [47646]

OlgaShow interview of Alan Reiner, Armory BitCoin Client.

OlgaShow interview of Alan Reiner, Armory BitCoin Client. Olga Media. Loading... Unsubscribe from Olga Media? ... How to install Bitcoin Armory in Ubuntu 14.04 - Duration: 7:00. Bitcoin Beginner ... In this video Jason explains the new update that rolls out on the bitcoin-qt client and what parts of the client were altered and positively effected. What i... Bitcoin-QT is a Bitcoin wallet and does some other functions. Running this software is the backbone to the entire Bitcoin system. You may need to open port 8333 in your firewall. For more info see Video Page: http://armoryguide.com/step-2-installing-bitcoin-armory/ But the Bitcoin plan calls for the creation of only 21 million bitcoins. In this way, Bitcoin will try to avoid the pitfalls of modern fiat currencies such as inflation, deflation, market ...

#