Author [EN] [ZH] [ES] [PT] [IT] [DE] [FR] [NL] [TR] [SR] [AR] [RU] [EN] [ZH] [ES] [PT] [IT] [DE] [FR] [NL] [TR] [SR] [AR] [RU] [EN] [ZH] [ES] [PT] [IT] [DE] [FR] [NL] [TR] [SR] [AR] [RU] Topic: A serious security concern about BitSharesX wallet [resolved]  (Read 691 times)

0 Members and 1 Guest are viewing this topic.

Offline puvar

  • Newbie
  • *
  • Posts: 15
    • View Profile
A serious security concern about BitSharesX wallet [resolved]
« on: August 30, 2014, 10:35:36 AM »

I just found a serious security flaw which can cause people all their BTSX balance.

Whenever I do a transaction (that includes orders, cancels etc) my BTSX is transferred to a new private key which doesn't have an external backup anywhere. If I spill coffee on my laptop just after making a transaction, my BTSX is lost.

Please fix it ASAP!!

Private keys that are used in transactions should be already backed up on my USB stick *before* I make a transaction, not after I remember to export my wallet. This can be easily achieved by precomputing private keys in advance (as it's done in bitcoin wallet).
« Last Edit: September 01, 2014, 08:48:24 PM by bytemaster »

Offline Riverhead

Re: A serious security concern about BitSharesX wallet
« Reply #1 on: August 30, 2014, 10:59:57 AM »
Relax, you're ok :) .

When you backup your wallet with the File->Export it creates a .json file that contains your wallet key and your account private key. Those two things combined with your passphrase can recreate your entire wallet/accounts. The new keys are deterministic as long as you have that .json file.

Each account is deterministic as well. For example I have dumped the private key to riverhead and imported it into a fresh wallet and after a rescan everything for that account repopulated.

The only time you need to refresh your .json backup is if you create a new account. The .json file is encrypted so you do also need to remember your passphrase.

This is closer to Electrum than the Bitcoin-QT wallet though unlike Electrum it's not completely deterministic from seed words.
« Last Edit: August 30, 2014, 11:05:05 AM by Riverhead »

Offline tonyk

  • Hero Member
  • *****
  • Posts: 3309
    • View Profile
Re: A serious security concern about BitSharesX wallet
« Reply #2 on: August 30, 2014, 11:14:49 AM »
@Riverhead
Sorry newbie question follows.

Where is the corresponding folder to Windows one - username\AppData\Roaming\BitShares X on Linux (Ubuntu)?

I am asking because I delete the bitsharesx folder and after what I thought fresh install all the account appeared in my new wallet. At least that's what I believe happened.
« Last Edit: August 30, 2014, 11:16:48 AM by TheOnion »
Lack of arbitrage is the problem, isn't it. And this 'should' solves it.

Offline Riverhead

Re: A serious security concern about BitSharesX wallet
« Reply #3 on: August 30, 2014, 12:15:43 PM »
The data directory for Linux is ~/.BitSharesX


This contains the same data as the %AppData%\Roaming\Bitshares X directory in Windows.

Offline kokojie

  • Sr. Member
  • ****
  • Posts: 286
    • View Profile
  • Witness: kokojie
  • Payrate: 3%
Re: A serious security concern about BitSharesX wallet
« Reply #4 on: August 30, 2014, 01:10:19 PM »
The data directory for Linux is ~/.BitSharesX


This contains the same data as the %AppData%\Roaming\Bitshares X directory in Windows.

On my windows, it's just %AppData%\Bitshares X,

%APPDATA% already goes to Roaming,

Offline Riverhead

Re: A serious security concern about BitSharesX wallet
« Reply #5 on: August 30, 2014, 01:11:27 PM »
The data directory for Linux is ~/.BitSharesX


This contains the same data as the %AppData%\Roaming\Bitshares X directory in Windows.

On my windows, it's just %AppData%\Bitshares X,

%APPDATA% already goes to Roaming,


I think there are differences here between Win 7 and Win 8.

Offline Gentso1

Re: A serious security concern about BitSharesX wallet
« Reply #6 on: August 30, 2014, 02:16:08 PM »
win7 64 bit.

user\appdata\roaming\bitsharesx

Offline puvar

  • Newbie
  • *
  • Posts: 15
    • View Profile
Re: A serious security concern about BitSharesX wallet
« Reply #7 on: August 30, 2014, 10:00:53 PM »
Relax, you're ok :) .

When you backup your wallet with the File->Export it creates a .json file that contains your wallet key and your account private key. Those two things combined with your passphrase can recreate your entire wallet/accounts. The new keys are deterministic as long as you have that .json file.

Each account is deterministic as well. For example I have dumped the private key to riverhead and imported it into a fresh wallet and after a rescan everything for that account repopulated.

The only time you need to refresh your .json backup is if you create a new account. The .json file is encrypted so you do also need to remember your passphrase.

This is closer to Electrum than the Bitcoin-QT wallet though unlike Electrum it's not completely deterministic from seed words.

Ok, even if it's deterministic, it doesn't do the repopulating automatically. Here is the experiment I did:

1. I exported my wallet to bitsharesx1.json
2. I created a BitUSD buy order for amount of X BTSX, and after some time canceled it. Amount (X - 1) BTSX was returned to me.
3. I exported my wallet to bitsharesx2.json
4. I imported bitshares1.json and made a rescan with "wallet_rescan_blockchain" from the console.
5. My account balance lacked those (X - 1) BTSX, which (I concluded) were transfered to another address which was not in bitshares1.json.

I looked at the difference between bitshares1.json and bitshares2.json and found that the latter had 1 more address:
$ grep encrypted_private_key bitshares1.json | wc -l
427
$ grep encrypted_private_key bitshares2.json | wc -l
428


If the BitSharesX program creates new addresses on demand (on every transaction), then the outcome of my experiment was expected. Now, you're saying, that the address creation is deterministic. Does it mean that if I continue using bitshares1.json (and not revert to bitshares2.json), then the next created address will be the one that's missing? I didn't do that because I was afraid of forking my sequence of addresses.

Anyway, this is a problem from a user perspective. No one wants to restore from 1 year old json and see that everything is missing. What I think BitSharesX should do:
1. Precompute a set of addresses.
2. When the precomputed set of addresses is exhausted, warn a user that they need to backup the wallet again.

Offline bytemaster

Re: A serious security concern about BitSharesX wallet
« Reply #8 on: August 30, 2014, 10:05:52 PM »
Relax, you're ok :) .

When you backup your wallet with the File->Export it creates a .json file that contains your wallet key and your account private key. Those two things combined with your passphrase can recreate your entire wallet/accounts. The new keys are deterministic as long as you have that .json file.

Each account is deterministic as well. For example I have dumped the private key to riverhead and imported it into a fresh wallet and after a rescan everything for that account repopulated.

The only time you need to refresh your .json backup is if you create a new account. The .json file is encrypted so you do also need to remember your passphrase.

This is closer to Electrum than the Bitcoin-QT wallet though unlike Electrum it's not completely deterministic from seed words.

Ok, even if it's deterministic, it doesn't do the repopulating automatically. Here is the experiment I did:

1. I exported my wallet to bitsharesx1.json
2. I created a BitUSD buy order for amount of X BTSX, and after some time canceled it. Amount (X - 1) BTSX was returned to me.
3. I exported my wallet to bitsharesx2.json
4. I imported bitshares1.json and made a rescan with "wallet_rescan_blockchain" from the console.
5. My account balance lacked those (X - 1) BTSX, which (I concluded) were transfered to another address which was not in bitshares1.json.

I looked at the difference between bitshares1.json and bitshares2.json and found that the latter had 1 more address:
$ grep encrypted_private_key bitshares1.json | wc -l
427
$ grep encrypted_private_key bitshares2.json | wc -l
428


If the BitSharesX program creates new addresses on demand (on every transaction), then the outcome of my experiment was expected. Now, you're saying, that the address creation is deterministic. Does it mean that if I continue using bitshares1.json (and not revert to bitshares2.json), then the next created address will be the one that's missing? I didn't do that because I was afraid of forking my sequence of addresses.

Anyway, this is a problem from a user perspective. No one wants to restore from 1 year old json and see that everything is missing. What I think BitSharesX should do:
1. Precompute a set of addresses.
2. When the precomputed set of addresses is exhausted, warn a user that they need to backup the wallet again.

The latest 0.4.10 has a command that will restore lost keys and rescan.  This will restore your balance properly, but the transaction ledger is still not fully accurate.  I am aware of these issues and will be working fixes into 0.4.11  because 0.4.10 already fixes some major stability issues.
For the latest updates checkout my blog: http://bytemaster.bitshares.org
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline Riverhead

Re: A serious security concern about BitSharesX wallet
« Reply #9 on: August 30, 2014, 10:12:12 PM »
The latest 0.4.10 has a command that will restore lost keys and rescan.  This will restore your balance properly, but the transaction ledger is still not fully accurate.  I am aware of these issues and will be working fixes into 0.4.11  because 0.4.10 already fixes some major stability issues.


 +5%


Also, great testing puvar!

Offline tonyk

  • Hero Member
  • *****
  • Posts: 3309
    • View Profile
Re: A serious security concern about BitSharesX wallet
« Reply #10 on: August 31, 2014, 04:00:16 AM »
The data directory for Linux is ~/.BitSharesX


This contains the same data as the %AppData%\Roaming\Bitshares X directory in Windows.

I deleted that and bithsaresx and it still found the info... I am happy right now as I just downloaded it  in win,so I do not have to wait again but can somebody provide directions how to make clean install in Ubuntu? Thanks.

[edit] And now after importing the new account the other accounts are gone...weird.. rescanning...
« Last Edit: August 31, 2014, 04:06:53 AM by TheOnion »
Lack of arbitrage is the problem, isn't it. And this 'should' solves it.

Offline tonyk

  • Hero Member
  • *****
  • Posts: 3309
    • View Profile
Re: A serious security concern about BitSharesX wallet
« Reply #11 on: September 01, 2014, 08:10:24 PM »
The data directory for Linux is ~/.BitSharesX


This contains the same data as the %AppData%\Roaming\Bitshares X directory in Windows.

I deleted that and bithsaresx and it still found the info... I am happy right now as I just downloaded it  in win,so I do not have to wait again but can somebody provide directions how to make clean install in Ubuntu? Thanks.

[edit] And now after importing the new account the other accounts are gone...weird.. rescanning...

Hehe solved the mystery... :)

When you do cd bitshatesx it actually takes you to the first sub-folder named 'bitshatesx' it finds. And as the last one accessed was the one in the trash it takes you there. If you do not pay attention you build it there...

So to be sure one must do

 cd home/username/bitshatesx

Posting this just in case somebody else runs into this 'mystery'.
Lack of arbitrage is the problem, isn't it. And this 'should' solves it.

Offline eagleeye

  • Hero Member
  • *****
  • Posts: 931
    • View Profile
Re: A serious security concern about BitSharesX wallet
« Reply #12 on: September 01, 2014, 08:21:29 PM »
The data directory for Linux is ~/.BitSharesX


This contains the same data as the %AppData%\Roaming\Bitshares X directory in Windows.

I deleted that and bithsaresx and it still found the info... I am happy right now as I just downloaded it  in win,so I do not have to wait again but can somebody provide directions how to make clean install in Ubuntu? Thanks.

[edit] And now after importing the new account the other accounts are gone...weird.. rescanning...

Hehe solved the mystery... :)

When you do cd bitshatesx it actually takes you to the first sub-folder named 'bitshatesx' it finds. And as the last one accessed was the one in the trash it takes you there. If you do not pay attention you build it there...

So to be sure one must do

 cd home/username/bitshatesx

Posting this just in case somebody else runs into this 'mystery'.

Congrats on 1000 posts. :)

 

Google+