BitShares Forum

Main => General Discussion => Topic started by: zhangweis on July 29, 2014, 09:19:32 pm

Title: Bitshares offline wallet (cold storage)?
Post by: zhangweis on July 29, 2014, 09:19:32 pm
How can I protect my private key using similar way of offline wallet without ever exposing private key in any way in online machine/wallet? I guess it can be split in 2 sub-questions.
1. How can I generate a transaction without private key?
I don't know whether it's possible with TITAN. If it's not and I choose to compromise the anonymity, how can I generate the raw transaction on an online machine?
2. How can I sign it on an offline machine?
Is it the same algorithms as bitcoin? If yes, then it's quite easy to sign and for me, I need to sign in javascript as I'm using chromebook as offline machine for even higher security.
Title: Re: Bitshares offline wallet (cold storage)?
Post by: bitmeat on August 01, 2014, 05:47:58 am
I've asked the same question multiple times. It would be nice to hear from the team.

I think I've found a work around but would like to know that this is in fact correct.

Can someone confirm, if I do wallet_import_private_key with some private key of my choosing, on a computer that is offline, and then get the BTSX public address associated with it and send some amount to it. Would I be able to then later down the road import that address using the saved private key when I want to use it?

Title: Re: Bitshares offline wallet (cold storage)?
Post by: xeroc on August 01, 2014, 09:45:18 am
1. How can I generate a transaction without private key?
I don't know whether it's possible with TITAN. If it's not and I choose to compromise the anonymity, how can I generate the raw transaction on an online machine?
with TITAN each unspend output has a seperate private key that can be derived from the master private key of your account. You will not be able to sign any transactions if you do not have the corresponding privkey of the unspent outputs.
However, you do not necessarily need the master private key .. but I am not sure if it is wise to work on derived private keys (and possibly expose them) as there are some security issues with ECC concerning derived private keys .. best practice would be to let the wallet handle derived priv keys..

Or are you talking about unsigned raw transactions .. that should be possible with titan .. but currently is not yet implemented.

Quote
2. How can I sign it on an offline machine?
Is it the same algorithms as bitcoin? If yes, then it's quite easy to sign and for me, I need to sign in javascript as I'm using chromebook as offline machine for even higher security.
TITAN is based on ECC as is bitcoin .. I don't know about the explicit transaction structure but I am very sure something like 'offline' signing is possible and will be implemented in future .


Further .. BM once stated that he has some nice ideas about some observer-keys that can only do read-only .. (ECC magic)
Title: Re: Bitshares offline wallet (cold storage)?
Post by: zhangweis on August 02, 2014, 10:04:08 am
with TITAN each unspend output has a seperate private key that can be derived from the master private key of your account. You will not be able to sign any transactions if you do not have the corresponding privkey of the unspent outputs.
However, you do not necessarily need the master private key .. but I am not sure if it is wise to work on derived private keys (and possibly expose them) as there are some security issues with ECC concerning derived private keys .. best practice would be to let the wallet handle derived priv keys..

Or are you talking about unsigned raw transactions .. that should be possible with titan .. but currently is not yet implemented.

TITAN is based on ECC as is bitcoin .. I don't know about the explicit transaction structure but I am very sure something like 'offline' signing is possible and will be implemented in future .

Further .. BM once stated that he has some nice ideas about some observer-keys that can only do read-only .. (ECC magic)

Thanks for the answer. If I choose not to use TITAN, will things be easier? At least from blockchain point of view, I don't see any barrier. I withdraw some from an account and deposit to an account with a public key. Wrap them into 2 operations in a transaction, sign it and broadcast it. The barrier is at wallet which doesn't allow generation of a raw transaction and transmission of a signed transaction.
Title: Re: Bitshares offline wallet (cold storage)?
Post by: xeroc on August 02, 2014, 01:12:01 pm
Should ne no problem .. the blockchain should not care about weather its aa titan or a rwa tx