Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Wallet software
Topic OP
Is it my understanding or Jaxx being pants?
by
DevaVictrix
on 17/06/2017, 09:38:00 UTC
I think I have questions about Jaxx because its buggy but before I migrate I thought i'd make sure it isn't me being dumb! I only started out with cryptocurrencys 5-6 days ago and have only amounted £20 so if my inexperience is going to lose me money it's best done now!

When searching for a wallet/s I quickly learned that downloading the full node for each respective currency is a sure way to fill up my 128gb harddrive. After lots and lots of googling I settled with Jaxx. I understand it as a wallet that doesn't require you to download the full node, the private keys are stored locally and that it supports multi-currencys. I am interested in BTC, ETH and ZEC.

First quick question... If the private keys are stored locally how come when I installed Jaxx on my android phone did I just have to enter the 12 word pass phrase to get access to my private keys? They must have been downloaded from somewhere which means they are stored at a location other than 'local'. Is this a vulnerability (surely, 'Yes' ?). Jaxx was reported to have been insecure earlier this week but I dont know exactly how. Some of what I have read seems to suggest the security issue comes from thieves accessing your harddrive for the 12 word pass phrase. Most of my reading was on forums, and news websites I have never heard of so I concluded I might be contaminating my mind with potentially misinformation and just swallowed that Jaxx could be insecure. I'm assuming the locally stored private keys are kept in C:\Users\%User%\AppData\Roaming\Jaxx. Does my encrypted C: help my security? Couldn't the developers just code Jaxx so that this folder can be kept on a USB stick so that the private keys are offline until you need to use them?

My frustration with Jaxx started yesterday when I tried to use Shapeshift to exchange some ZEC for ETH. The transaction debited my ZEC wallet and I knew I would have to wait a little while for it to appear in my ETH wallet. So I went to bed only to find this morning that the ZEC had been returned to my ZEC wallet and nothing credited to my ETH wallet. The transaction failed. No real loss to me other than ETH was a relatively good price given my point of entry to the cryptocurrency game. But I cant find any record of the attempted exchange or the return of the ZEC. The transaction history in Jaxx only shows the very first payment from the pool. So I reset the Jaxx cache. Still only one entry in the transaction history only now its the most recent payment from the pool, oh and the value of my ZEC coins now says £0.00. The ZEC balance is there (all of what I have mined) but no figure for £ or $. Long story short... bar a few minor differences, the same happened with the Jaxx android app too. I have typed my public address into the ZCash block explorer and it reports 6 transactions received but nothing sent. I kind of expected to 1 sent (my exchange) and 7 received (my 6 pool payments and the returned exchange).

Another thing that has me scratching my head is when I view my private keys. When I first tried mining to my wallet address. It failed, it wouldn't mine. So I clicked on 'view private keys' and there were two private keys, each with a different public key. I just selected one the of the public keys and mined to that. Its been working fine. I have read that its a good idea to change the wallet address for each transaction so expected this to change after each transaction. Sure enough this has changed but its changed to the other public key (the one I didn't use to mine to). I'm confused by this because that new wallet address is an existing public key that is derived from a different private key. I thought that your wallet has/is a private key. From this, you get a public key and from that you get a wallet address. Even if the public key changes too I expected the private key to always be the same. Is this normal?

Is Jaxx just buggy and worth steering clear of? Am I just not well enough read. Or both!? I suspect both but Jaxx really isnt helping my understanding.

Am I right to expect just one private key with a public that may, or may not, change and a wallet address that does change after each transaction.
Should I expect to see a complete list of all transactions made to and from my wallet or just the most recent since a cache reset?
Does a failed/returned transaction get logged as a transaction so that the attempt can be traced?
Where are the public and private keys actually stored? I thought on my C: so how are they now viewable on my phone after only entering the 12 word passphrase.

(The convenience of only having to remember the passphrase is great (no backing up of files, and backing up the backup etc!) but it seems to me that you can access all my crypto-wealth by forcing the discovery of the 12 word passphrase. Couldn't you just write some code to punch in 12 word combos repeatedly until you hit gold? There are only so many words in English dictionary. EDIT, well 171,476, but as time goes on there will be a lot of wallets created and thus increasing the chances of finding an active combination. EDIT again, actually, there are about 1.348x10^54 combinations! Quite a few!)