Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Not only is it tremendously volatile, it's very easy for it to be lost or stolen from your wallet, or defrauded by the exchanges.

(Unless you're really good at information security and very disciplined. I'd be very uncomfortable keeping a £10k investment on a PC in my house.)



So don't keep it in your house. Keep it in a safe deposit box, just like you would keep gold coins or bearer bonds.

Paper wallets are easy to make, and hardware wallets have been available for years.


That's actually the biggest issue with Bitcoin. And what I meant with "dabble with the tech".

There is just no way to securely create a secret key.

Because the algorithm is so complex, you have to trust somebody else's software to create the key. How do you know that software is neither malicious nor buggy?


If you really want to be sure, you can create your own private key with dice:

http://www.swansontec.com/bitcoin-dice.html

https://www.reddit.com/r/Bitcoin/comments/2s2w1r/generate_ad...


Thanks! That bitcoin-dice.html link is awesome. It links to a rather short bash script that seems to do the key to public address conversion. That is exactly what is needed.


> There is just no way to securely create a secret key.

That is wrong. You can generate one relatively easily with dice (google for it).

> Because the algorithm is so complex, you have to trust somebody else's software to create the key.

You're conflating generating the key, which is just generating a random number in a certain range, with calculating the public address, which involves some operations on elliptic curves.

The algorithm is not that complex. Using a library like openssl/ec it is not that hard to generate the public address. It takes about 30 lines of C code using that library.

> How do you know that software is neither malicious nor buggy?

You can read the source code.


    You can read the source code.
Which code? Any link to that 30 lines of C code?


The source code of whatever software you're using.

Here's some C code I used when I played around with it 5 years ago. No guarantees that it is bug-free or does anything useful (you still need a double sha256 and base58 encoding to get a string representation), but it gives you an idea of the complexity/simplicity.

  void sha256_ripe160(uint8_t *bytes, size_t len, uint8_t result[RIPEMD160_DIGEST_LENGTH])
  {
    uint8_t buf[32];
    CC_SHA256(bytes, len, buf);
    RIPEMD160(buf, 32, result);
  }

  void privkey_to_pubsig_hash(uint8_t privkey[32], uint8_t pubsig[20])
  {
    static EC_GROUP *curve = 0;
    if (!curve) {
      curve = EC_GROUP_new_by_curve_name(NID_secp256k1);
    }
    assert(curve);

    BIGNUM *priv_bn = BN_new();
    priv_bn = BN_bin2bn(privkey, 32, priv_bn);
    assert(priv_bn);

    EC_POINT *pub_pt = EC_POINT_new(curve);
    BN_CTX *ctx = BN_CTX_new();
    int result = EC_POINT_mul(curve, pub_pt, priv_bn, NULL, NULL, ctx);
    assert(result);
    BN_free(priv_bn);

    BIGNUM *pub_bn = BN_new();
    EC_POINT_point2bn(curve, pub_pt, POINT_CONVERSION_UNCOMPRESSED, pub_bn, ctx);
    EC_POINT_free(pub_pt);
    BN_CTX_free(ctx);
    assert(BN_num_bytes(pub_bn) == 65);

    uint8_t pub_bytes[65];
    BN_bn2bin(pub_bn, pub_bytes);
    BN_free(pub_bn);

    sha256_ripe160(pub_bytes, 65, pubsig);
  }
One of the myriad Python libraries to deal with bitcoin is probably a better starting point if you want to explore more.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: