In my short time on this forum I've already come across many posts that warn of the dangers of fraud in the Bitcoin market.

The Newbies board contains stickies such as Trust No One and Better protect yourself from having your account/accounts compromised.
The Service Discussion board is about the merits of various services available for Bitcoin, including ones that people believe are scams.
The Important Announcements board contains good information when there are serious changes in the market.


Bitcoin, even at its core technical levels, is about only trusting oneself. The algorithms do the heavy lifting of keeping nodes honest. You are responsible for verifying that those algorithms work as intended. You are responsible for storing your private keys safely. You are responsible for not making transactions that you will regret.

Asking people to fall back on "safe" versus "unsafe" market sections is undermining their own capability to make judgement calls, which is a necessary skill to participate in the Bitcoin community. It also puts the board at risk if somebody does get scammed in a "safe" section.

Yep, Shor's Algorithm can be applied to elliptic curve cryptography. I'm not sure if this applies specifically to the variant that Bitcoin uses however.

http://arxiv.org/abs/quant-ph/0301141
http://www.mathcs.richmond.edu/~jad/summerwork/ellipticcurvequantum.pdf

And more...

https://www.google.com/search?q=shor's+algorithm+elliptic+curve

This has been discussed in the past on this forum as well.

https://bitcointalk.org/index.php?topic=54542.0

I guess it just took time -- it's all working for me now. e4a_install.py and the e4a zip file are both accessible. The QR code for the Python script is also updated. Thanks!

Ah, I mistakenly assumed that the urlretrieve function was just performing a concatenation. This makes more sense.


Still not working for me.

I get a 404 error when accessing e4a_install.py on my desktop. My phone is able to download it through the QR code, but the Python script tries to download the the file http://ecdsa.org/electrum/e4a/e4a-0.52.zip which also doesn't exist.

I am reading through both of these code bases for the first time. What I have written here is just my take on what's going on.

Does bitaddress.org use the same method to create a brain wallet as electrum

They do not use the same method to generate private keys from a seed.

bitaddress.org -- https://github.com/pointbiz/bitaddress.org/blob/master/bitaddress.org.html#L3724
Electrum -- https://github.com/spesmilo/electrum/blob/master/lib/wallet.py#L272

With bitaddress.org, the seed that you enter is run through SHA256 to generate the private key.


In contrast, Electrum uses a random number generator to pick a seed for you.


The seed then goes through 100,000 rounds of SHA256 concatenated with itself to generate the private key.


Does anyone know how electrum does it?

Electrum generates multiple addresses from a single seed by concatenating the previous private key with a double SHA256 hash of the sequence number of the address being generated.

• secexp is the secret exponent, i.e., the private key
• n is the sequence number of the address (1, 2, 3, etc.) being generated
• for_change is a 1 or 0 value that indicates whether or not this is a change address
• order is the number of discrete points on the elliptic curve, and modding keeps the private key in range
• As far as I can tell from the code, self.master_public_key will always be an empty string

Does anyone see a problem with the above scheme?

I'm not a cryptography expert so I can't say anything definitively. Given that bitaddress.org only uses one SHA256 pass to encrypt the passphrase, I'd say there's a good chance that it's a bad idea just to append a number to the seed.

You may want to do something like what Electrum does -- concatenate the private key of the previous address with a hash based on the sequence number (e.g. SHA256 the string '2' for the second address) and mod the result by the maximum value for the private key.

I read the Electrum source code with the intention of helping robkohr in the following thread, foolishly forgetting my newbie restrictions.

https://bitcointalk.org/index.php?topic=101733.0

I figured I'd post here to speed things up although I'll gain whitelist soon enough by waiting.

Yes, in clients like Electrum, the server has the entire blockchain and uses it to keep the client updated.

To calculate wallet balances, the client just needs to know of any transactions where one of its addresses is an in/out of a transaction. In a client that downloads the entire blockchain, the balance is updated when the blockchain update reaches a relevant transaction. If the client relies on a server (like Electrum) then it would be easy for the server to send the right data when you open the wallet.

I was investigating ways to stay anonymous on the internet and bitcoin invariably comes up as a solution.

Yes, I used Torque in college for one of my game programming classes. It was a bit clunky; I wouldn't want to make an entire game with it. Especially now that Unity has taken the high ground in 3d games.

Here is a relevant article on the Bitcoin wiki about clients that don't download the entire blockchain (i.e. thin clients).

https://en.bitcoin.it/wiki/Thin_Client_Security

There are added security risks because there is no way for a thin client to verify a transaction independently of contacting other nodes or servers. This makes thin clients susceptible to a greater variety of attacks, especially on untrusted networks.

I carefully read Satoshi Nakamoto's paper and understand the security guarantees of the algorithms involved.

Hey all! I am a game programmer who first took an interest in Bitcoin because of its algorithms. I couldn't imagine how an anonymous crypto-currency would work, so I spent days studying the algorithms for transactions and the blockchain. I became convinced not only that Bitcoin has a solid foundation but that it is an ingenious and interesting idea. I wouldn't put my life savings into Bitcoins yet, but I'm excited to see where the currency goes!

Lately I have been considering taking a more active interest in the community. I would like to get a sense of how people feel about Bitcoin and what they are using it for. My continued interest will probably lead me to contribute by helping develop open-source Bitcoin-related projects and possibly operating Bitcoin-related services.

See you around!