Errr. I thought dev-hardcoded checkpoints prevent a complete reversal even in the face of stupidly overwhelming adversary...

That sounds like a whole lot of fuss for a rather meager goal.

Don't get me wrong, messaging is sweet and all that, but bitcoin devs have finite resources, and I'd very much rather prefer they spend their resources on bitcoin's core functionality.

I am not experiencing a lack of IM software with varying degree of decentralization and anonymity.

Back in the good old schooldays, a teacher told us that the core distinguishing feature of a government is a monopoly, or near-monopoly, on violence.

So I don't think govenment is going to be shy about using violence to procure stuff that it "thinks" belongs to it.

Also, even if they fail to procure the keys, they could still send one to jail for tax offenses (and possibly a lot of bla-bla bla in regards to "transaction structuring" and whatnot)

Bitcoin is, essentially, equivalent to an unbreakable safe.

It can protect your wealth from forced seizure (to a fairly large extent), but not from taxation per se.

I am confident in my hiding abilities - despite advanced age, I am still capable of concealing smallish items beyond most people's (and I would be willing to claim, police's) ability to find them.

However, I am also confident in government's ability to facilitate cooperation on fund recovery, so I don't see why government couldn't be very convincing about handing over the private keys to undeclared btc.

Full disclosure: I intend to pay taxes on my profits from wallet.is

Unless you run a bitcoin service with aspirations to eventual greatness (which  I do ), doublespends that require immense hashrates should not be a concern for you at all (unless you happen to be good at making enemies among major pool operators )

His issue can be boiled down to "server side storage is not trustworthy".

We at wallet.is don't aim to somehow mend the fundamental trust assymetry of server-side wallets, but we intend to make up for that in valueable features and ease of use. We hope that, by providing a reliable and feature-rich service over a long period of time we shall, eventually, prove ourselves to be "trustworthy enough" for certain use cases.

If I wanted to steal coins, I would have been far better off with something along the lines of pirate scam (entraping people with greed is far easier than entrapping them with a feature rich service - much less code that way )

Can someone explain, in small, grampa-compatible words, why is bitcoin un-taxeable?

I mean, I am an old, possibly senile, Canadian, and maybe I am missing something big, but... I recieve payment to single-use addresses, but I pay my gas, my taxes, my food, and pretty much everything else in fiat, so I exchange btc > fiat (and since I want money to go to my bank account, I do that in my very own name)

Obviously, government can detect income at this point, and tax me (also possibly audit me because I have this very strange income structure going)

Even if I could buy stuff with BTC, if I want to stay below tax radar, I would only be able to buy small-time stuff, like groceries and occasional small items, because as soon as I buy something huge (like a house) with my undeclared BTC riches, tax folks can come down on me like a blivet, right ?

So... where does the "cannot be taxed" idea come from, again?

How is getting BTC different from getting small-denomination worn cash?

The thing with "pruning" is that, as far as I understand, it deals only with storage, not with bandwidth.

Pruning doesn't really "dislodge" old spent TX from a block (that would screw over the hashes )
It just allows you to discard obviously "spent" stuff after you have recieved it (assuming you follow the "trust no one" doctrine of Satoshi client) - but if the blockchain has bloated to 2 TB due to everyone and their dog putting a message in it, you would still have to download it (somehow).

I believe that Bitcoin should follow its initial design goals, and should not try being everyone's everything (chat client, name resolver, distributed evernote, torrent seeder... )

Just say no to feature bloat.

Personally, I am not convinced it is needed.

There was so far... about 2 "emergencies" with the blockchain (that "generate a lot of bitcoins" bug, and the doublespend in the recent fork) none of which were exploited by a real malicious party.

As far as I can tell, many major banks have a less stelar record.

It doesn't seem to me that bitcoin's "the hashiest chain wins" approach is "broken", so maybe we should refrain from "fixing" it.

You can create your quick and disposable litecoin wallet here:
https://ltc.wallet.is

Stay tuned for more features

Hi guys!

Just a quick update: We have support for LTC:
https://ltc.wallet.is

More to come - working frantically on new features

Posting from mobile.

P.S.:

Matoking, will add (better safe than sorry )

apetersson, I think that having privkey in the url creates more issues than it solves (it does not solve the trust issue itself, and may create additional nasty edge cases)

P.P.S.:
I have, recently, devised something very special for "internal transactions" thing.

Stay tuned for more updates

At the risk of being accused of necromancy, has this vulnerability been fixed (and has the fix been tested) ?

tvbcof and passerby

Thanks a lot for suggestions!

I like many of them, so I'll discuss them with the rest of the team and we'll start working right away. I like the "internal transaction" suggestion, though I'd rather avoid using either emails or long "bitcoin not-a-bank account numbers" as internal identifiers. I am considering bitcoin address of the vault itself (gox style) though I am open to other suggestions.

Also, I have a few ideas of my own that, to the best of my knowledge, aren't part of any wallet service currently done
Wallet.is team will do our best to amaze

What features would you suggest?


I'm not easily offended, and I certainly see why people might be suspicious of a wallet service.

Thanks for the welcome - very appreciated.

As to google auth - well, it's not exactly a nice thing code-wise, but it is rather useful, thanks for the suggestion.

I think that adding support for their two-factor auth system is not out of the question if/when we decide to expand beyond "quickiewallet" philosophy (which is what I think passerby is hinting at)


Well, so far we're just on BTC fees - would be kinda unfair to charge people for an early beta of a service, I think.

Speaking of fees, it seems that if we were to expand to a more... comprehensive feature suite, we'd have to either adopt some fee system or place ads, and it appears to me that people loathe ads in  wallet services (and not only the rather risky "rich media" ads, it seems)

Well, doing stuff user side in javascript isn't exactly a pretty thing to do, it turns out

A good way to do proper user-side browser key management would be browser plugin (Nadim eventually went that way with the cryptocat chat), but that kind of defeats the whole "no hassle" aspect of the service in a very fundamental way (as do mandatory passwords / registrations - hence our passwords are optional)

Of course there is a certain inherent risk to having a server-centric design, but I have good reasons to believe it is reasonably small*.

Neither web frontends nor backends serving them are inherently insecure (You can always prove me wrong and hack Gox, taking their hot wallet   ), and we intend our design to be very robust.

____________
* it should be noted that there is oftentimes a tradeoff between comfort and security going on


Strictly speaking, nothing is absolutely safe, only safe to varying degrees.

Javascript crypto isn't safe by a very long shot, and it would be rather hard to tell whether a well-done classic approach would not turn out "safer" than a user-side implementation done via such means (cryptocat abandoned this approach after almost singlehandedly pioneering it, after all)

Your stuff isn't absolutely safe even if stored in a physical safe

There are, however, degrees to safety, and tradeoffs between safety and other utility forms (such as comfort, ease of use, setup speed, additional valuable functionality, etc.)

You mean, a built-in cryptocoin exchange ?

Well, that would be nice, but it would complicate things considerably (KYC paperwork, bank transfers...) and I don't have enough staff for that.

Hello everyone!
I'm here on behalf of wallet.is, a young yet audacious online wallet service (main forum thread here ).

I'd like to ask you a simple question - would you like us to add litecoin support ? Perhaps some other coin (and why?).

See attached poll.

Feedback welcome.

While security is, sadly, a bit like a scientific theory (can only really be disproved for good), we are committed to doing our best.
When we grow big, we'll have a proper audit.

Well, since I am not an Instawallet employee (and not a member of a forensics team I hope is working on their case) I don't have the details...

But they mentioned a database intrusion.

Wallet.is team has taken proper steps to keep little Bobby Tables out.

Hello!
I am the founder of  a small team working on wallet.is , a simple yet versatile wallet service.

Our service was conceived when Instawallet suffered a break-in. With some of my bitcoins still there (probably stolen), I decided that I should do something about it.
Something like a small, simple wallet service that would be more secure, and which could eventually grow to provide additional features to its users (I'll talk about that in more details a bit later). So I got a few guys together, took some nice open source code and got down to work.

And here we are, at your service - https://wallet.is

BTW, we will release most of our code when it goes out of beta  - wallet.is not afraid of competition !

Feedback, suggestions, and constructive criticism are very welcome.