Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1U9uZS-0006OE-Fe for bitcoin-development@lists.sourceforge.net; Mon, 25 Feb 2013 09:42:06 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.216.54 as permitted sender) client-ip=209.85.216.54; envelope-from=jtimonmv@gmail.com; helo=mail-qa0-f54.google.com; Received: from mail-qa0-f54.google.com ([209.85.216.54]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1U9uZR-00020R-6Q for bitcoin-development@lists.sourceforge.net; Mon, 25 Feb 2013 09:42:06 +0000 Received: by mail-qa0-f54.google.com with SMTP id hg5so1436140qab.20 for ; Mon, 25 Feb 2013 01:41:26 -0800 (PST) MIME-Version: 1.0 X-Received: by 10.229.171.139 with SMTP id h11mr2394417qcz.67.1361785286754; Mon, 25 Feb 2013 01:41:26 -0800 (PST) Received: by 10.49.11.140 with HTTP; Mon, 25 Feb 2013 01:41:26 -0800 (PST) In-Reply-To: <20130222230851.GO2030@giles.gnomon.org.uk> References: <20130222230851.GO2030@giles.gnomon.org.uk> Date: Mon, 25 Feb 2013 10:41:26 +0100 Message-ID: From: =?ISO-8859-1?B?CUpvcmdlIFRpbfNu?= To: Roy Badami Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -1.6 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (jtimonmv[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1U9uZR-00020R-6Q Cc: bitcoin-development@lists.sourceforge.net Subject: Re: [Bitcoin-development] Key retirement and key compromise X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Feb 2013 09:42:06 -0000 Just create a new wallet and send everything to a new address. I don't think additional tools for this are needed. On 2/23/13, Roy Badami wrote: > Has anyone been thinking about providing tools to allow users to cope > with key compromise - or more generally, to manage key retirement etc? > > atm, if you suspect that your keys may be liable to compromise then > what would you have to do? You'd have to create a new wallet (on a > new computer? or is it easy to have two coexisting installs on one > computer?) And then you'd have to make one or more payments from the > old wallet to the new wallet, to transfer the coins. It's a pain, and > you've lost your address book, your transaction history, etc. And > unless you keep the old wallet about, too, you're a bit stuck if > someone makes a payment to one of the old addresses. It's something > that most users would baulk at unless they're really sure they're at > significant risk. > > Of course, there are a spectrum of scenarios, ranging from having an > unencrypted wallet stolen by someone who knows what it is, through to > deciding that the passphrase you used to use when you only had a few > dollars worth of BTC maybe isn't good enough now you've got tens of > thousands of dollars worth of coins. Or maybe you have no reason to > suspect there is a risk of compromise, but just have a corporate key > management policy that recommends retiring keys after a period of > time. > > What would be really nice is for bitcoin to have a big key compromise > button, which would automatically transfer all coins to newly > generated addresses (optionally with a pause between generation and > transaction - to allow for a new wallet backup). Optionally, too, the > compromised/retired addresses could be marked with a flag such that if > someone sends coins to that address bitcoind immediately generates a > transaction to transfer the coins to address(es) which are good. > > I know deterministic wallets have many proponents - but personally I > like having a bag of keys - with the idea that over a period of time, > old keys will routinely be retired and their balances automatically > transfered to newly generated keys. If someone really manages to > crack the passphrase on that 10-year-old wallet backup they got hold > of, then if would be nice to minimise the damage they could do... > > And, of course, I want a big panic button that allows me to > automatically transfer all my coins to new addresses ASAP if I > suddenly do something stupid, like accidentally type my passphrase > into my IRC window :-) > > Thoughts? Is this functionality that there is any interest in > developing within the official client? If there is any interest in > this then obviously the first step would be to specify exactly what > functionality is wanted... > > roy > > -------------------------------------------------------------------------= ----- > Everyone hates slow websites. So do we. > Make your web apps faster with AppDynamics > Download AppDynamics Lite for free today: > http://p.sf.net/sfu/appdyn_d2d_feb > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > --=20 Jorge Tim=F3n http://freico.in/ http://archive.ripple-project.org/