Re: [Bitcoin-development] minor bitcoin-qt gripes moving BTC off specific key

2013-05-07 Thread Craig B Agricola
BTW, Adam, I suspect you might be using the console in the GUI, and that might 
be
under Windows for all I know, but I usually do it this way on the command line
under Linux:

echo -n Password: ;bitcoind walletpassphrase `stty -echo;read p;echo $p;stty 
echo` 60; echo

This uses the JSON API to unlock the wallet (for 60 seconds; which is the 60
at the end), and should work for either the GUI (if you start it with the
-server flag) or the headless bitcoind.  It keeps the password that you type
off the console, and also keeps it out of the history file.  The only issue
with it is that it will show up in the process tree as an argument of the
command for the period of time that the JSON API is being prepared and sent,
which should be fairly short.  This might be a concern if you are on a
multi-user system (you probably shouldn't be doing this anyway), or
worry that spyware might be monitoring for passwords (though if you are
worried about spyware, you should already be concerned about keyloggers,
so...) I doubt this will work (without significant modifications) on
Windows without Cygwin, though.

 -Craig

On Tue, May 07, 2013 at 02:16:41PM +0200, Adam Back wrote:
 Hi
 
 Three minor security/other issues:
 
 1. please a way to unlock the wallet without displaying wallet password in
console screen (console unlock wallet, to import priv key); or 

--
Learn Graph Databases - Download FREE O'Reilly Book
Graph Databases is the definitive new guide to graph databases and 
their applications. This 200-page book is written by three acclaimed 
leaders in the field. The early access version is available now. 
Download your free book today! http://p.sf.net/sfu/neotech_d2d_may
___
Bitcoin-development mailing list
Bitcoin-development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-development


Re: [Bitcoin-development] Sending Bitcoins using RSA keys

2013-04-24 Thread Craig B Agricola
Maybe I'm missing something crucial, but what benefit does this dance give over
the slightly more obvious mechanism of simply:
1) Alice generates a new address with her bitcoin client and sends the BTC to
   this new address
2) Alice exports the private key for that address (there is a well supported
   format for that)
3) Alice writes a nice email to Bob, including that exported private key
4) Alice encrypts the email with Bob's public key using GPG and sends it to him
   by email
5) Bob decrypts the email
6) Bob imports the private key into his wallet

There's no need for sending a whole wallet; just the one key is needed.  Every
bit of infrastructure needed above already exists.  And of course, the above
has the same issue as your proposal; this is a way for two trusting parties to
send BTC without using the Bitcoin network, but it's not a payment mechanism.
They now share control of an address; whoever spends that BTC first wins, so
until Bob uses the Bitcoin network to spend that BTC to another address that
only he controls, it's still in joint custody.  And if ensuring that he has
control of the BTC is the last (implicit) step in the procedure above, as well
as yours, then they might as well have simply used the Bitcoin network to do
the transfer in the first place.

Did I miss the point entirely?

 -Craig

PS. Re-reading, I realize that the above might come off sounding snarky or
dismissive; it's not intended that way.  I'm wondering if I'm missing the
big picture.

On Wed, Apr 24, 2013 at 04:18:38PM +0200, Melvin Carvalho wrote:
 So there's a slight world divide in digital payments with bitcoin using
 ECDSA and GPG, payswarm / webid etc using largely RSA
 
 Here's how to bring the two worlds together and enable bitcoins be sent
 over webid or payswarm
 
 
 Problem: Alice and Bob have RSA key pairs, but no public bitcoin
 addresses.  Alice wants to send 1 BTC to Bob.
 
 1. Alice takes Bob's WebID and encrpyts it with her private key (to create
 entropy) ...
 
 2. Alice uses that message as the seed to produce btc address (as per
 http://brainwallet.org ) with ECDSA key pair
 
 3. Alice sends coins to this address
 
 4. Alice and then encrypts the seed again with Bob's public key
 
 5. Bob decrypts the seed using his private key
 
 6. Bob can now use the seed to recreate the wallet and spend the coins
 
 Unless I've made an error, I believe this unites the web paradigm and
 crypto currency paradigm into one potentially giant eco system ...

 --
 Try New Relic Now  We'll Send You this Cool Shirt
 New Relic is the only SaaS-based application performance monitoring service 
 that delivers powerful full stack analytics. Optimize and monitor your
 browser, app,  servers with just a few lines of code. Try New Relic
 and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_apr

 ___
 Bitcoin-development mailing list
 Bitcoin-development@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/bitcoin-development


--
Try New Relic Now  We'll Send You this Cool Shirt
New Relic is the only SaaS-based application performance monitoring service 
that delivers powerful full stack analytics. Optimize and monitor your
browser, app,  servers with just a few lines of code. Try New Relic
and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_apr
___
Bitcoin-development mailing list
Bitcoin-development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-development