Search content
Sort by
Showing 20 of 92 results by samadamsbeer
Re: way to sign/verify to prove ownership of an address without revealing it?
So what you are looking to do is:
Text:
Signature:
BUT not tell people what address it's signed with.
So, until there is a NEED to prove you wrote something there is no way to know if it's valid or not.
So in theory 10 years from now I could prove that on 4-Feb-2024 because of the above text and signature I controlled the address bc1qugdlj4sghspzyx5w74xm77mn67auyzc2y6huls
I cannot see another need other than that.
-Dave
Text:
Code:
This is DaveF saying this
Signature:
Code:
IGd595fz/NXdZJSV0DDA4grRZAf4kDqBB7fa8LnI7wuIf7Ihu8chopvTsWWXGieVFqysnZ3laZZzAJ0Enw5x8cc=
BUT not tell people what address it's signed with.
So, until there is a NEED to prove you wrote something there is no way to know if it's valid or not.
So in theory 10 years from now I could prove that on 4-Feb-2024 because of the above text and signature I controlled the address bc1qugdlj4sghspzyx5w74xm77mn67auyzc2y6huls
I cannot see another need other than that.
-Dave
Yes that is what I was trying to explain I was trying to do. If the document is public, this allows people to view it, but I can selectively prove the ownership to parties I want to do that with. Sounds like a 2nd hashing is a good way to do this.
way to sign/verify to prove ownership of an address without revealing it?
I understand I can sign a message Y to prove I own an address X that produces a hash Z. However is there a way to sign/verify to prove ownership of X without revealing X? This would be for purposes of establishing ownership in documentation now in case of audit later. I imagine in said document you could simply reveal Y & Z but in theory, an attacker could then cycle thru known addresses until one hash matches, so was looking to avoid this. Is the simplest method to just hash the revealed components one more time, withholding one of the inputs?
Re: CoinTracking - Profit/Loss Portfolio and Tax Reporting for Digital Currencies
If I exchange one asset directly for another - is there a way to assign the fiat value of the sold asset at that point to calculate the gains? Or would you break that transaction into two steps?
In the history of crypto$ what is the average profitable lifetime of GPUs ASICs
In the history of cryptocurrencies - what is the average profitable lifetime of a GPU or ASIC? This assumes you mine alts with your miners always switching to the most profitable. I assume ASICs have a shorter lifespan but I am interested to hear actual anecdotes.
George, thanks for this. NH looks like it will explicitly define BTC as not a MSB https://legiscan.com/NH/bill/HB436/2017 once governor signs. Sounds like Nevada is in same boat. For these states, if one were to operate a cash>bitcoin ATM, drawing from a hot wallet (not an exchange), I assume one still needs to register with Fincen. In doing so what is the simplest way to comply with AML/KYC? For example requiring all transactions above a certain $ amount to supply a phone number or ID? Would like it to be simple from the customer and the ATM owner perspective. Does below a certain $ amount require no KYC procedure that the customer must supply?
Re: Is there any place I can find FinCEN AML/KYC requirements for a BTC trader?
Just to clarify - let's say someone wants to setup a cash>BTC ATM machine. Ignoring the state requirements for a moment - what constitutes compliance at the Federal level? I see many of these machines simply asking for a. fingerprints b. IDs or c. cellphone numbers alone to enable transactions. Would these methods suffice to KYC at the federal level? I know the states can make things vastly more complex but again, ignoring the states for a moment.
Hmm, tried to install in Ubtuntu. Got:
Dumb question, but do I need to be root to install? Just use sudo before "aptitude"? Always makes me nervous to install this stuff when I am not sure what Im doing.
Quote
~$ aptitude install build-essential python-dev python-twisted python-bsddb3
E: Could not open lock file /var/lib/dpkg/lock - open (13: Permission denied)
E: Unable to lock the administration directory (/var/lib/dpkg/), are you root?
E: Could not open lock file /var/lib/dpkg/lock - open (13: Permission denied)
E: Unable to lock the administration directory (/var/lib/dpkg/), are you root?
Dumb question, but do I need to be root to install? Just use sudo before "aptitude"? Always makes me nervous to install this stuff when I am not sure what Im doing.
The predecessor to Armory (PyBtcEngine) used pure-python implementation of ECDSA. This implementation was created by forum user "Lis" here:
http://bitcointalk.org/index.php?topic=23241.0
If you plug that into google translate, you'll see that he declared that code to be public domain. It's not exactly fast, but it most definitely works. I was able to create, sign, and verify blockchain transactions with it. It is based on python's native handling of arbitrary-sized integers -- go ahead, open a python shell and type "2**10000" ... you'll see what I mean
)
Not only can you verify that the code is just a basic EC library with hardcoded secp256k1 constants, it's stupid easy to wrap in a shell script to get whatever you need out of it. I would recommend using entropy generated from a reliable source (OpenSSL?), and pass that into Lis' script. His script uses the python "random" solely for testing that signing and verification work. But as is mentioned in python's own docs "python's PRNG is wholly unsuitable for cryptographic purposes".
EDIT: also, you can use armoryengine.py, but it doesn't use Lis' code anymore... it uses Crypto++ libraries made available to python via SWIG. It has turned out to be pretty simple to compile and run on any Linux (even OSX, because you can use armoryengine.py without any Qt dependencies). But that could be a lot of code just to get to its ECDSA implementation. (you can probably strip out 90% of armoryengine.py, though, and keep just the ECDSA parts)
Alternatively, you could extract my wrapper around Crypto++ and use that somehow. It does exactly what you want, and you can use publicly-verifiable download the crypto++ libraries, which have no external dependencies. (use only SecureBinaryData objects and all methods below this line).
http://bitcointalk.org/index.php?topic=23241.0
If you plug that into google translate, you'll see that he declared that code to be public domain. It's not exactly fast, but it most definitely works. I was able to create, sign, and verify blockchain transactions with it. It is based on python's native handling of arbitrary-sized integers -- go ahead, open a python shell and type "2**10000" ... you'll see what I mean
)Not only can you verify that the code is just a basic EC library with hardcoded secp256k1 constants, it's stupid easy to wrap in a shell script to get whatever you need out of it. I would recommend using entropy generated from a reliable source (OpenSSL?), and pass that into Lis' script. His script uses the python "random" solely for testing that signing and verification work. But as is mentioned in python's own docs "python's PRNG is wholly unsuitable for cryptographic purposes".
EDIT: also, you can use armoryengine.py, but it doesn't use Lis' code anymore... it uses Crypto++ libraries made available to python via SWIG. It has turned out to be pretty simple to compile and run on any Linux (even OSX, because you can use armoryengine.py without any Qt dependencies). But that could be a lot of code just to get to its ECDSA implementation. (you can probably strip out 90% of armoryengine.py, though, and keep just the ECDSA parts)
Alternatively, you could extract my wrapper around Crypto++ and use that somehow. It does exactly what you want, and you can use publicly-verifiable download the crypto++ libraries, which have no external dependencies. (use only SecureBinaryData objects and all methods below this line).
You lost me at secp256k1 ;-)
If I install Armory on a machine, say without the Satoshi client, can I use it from a command line (or within Armory) to generate key pairs from passphrases? And if so what commands would I use? I don't see the option within Armory.
Proff, at the link you mentioned installing Armory would seem to do the trick? But what command do I use?
Would like to use something other than bitaddress or brainwallet.org since I am looking to verify the output from those in the first place. Does not have to be command line based but I was looking for something command line because I was looking to do this on a bootable Puppy Linux machine.
Quote
echo -n C4BBCB1FBEC99D65BF59D85C8CB62EE2DB963F0FE106F483D9AFA73BD4E39A8A | python ArmoryQt.py -genPublicKey
did not seem to work. Would like to use something other than bitaddress or brainwallet.org since I am looking to verify the output from those in the first place. Does not have to be command line based but I was looking for something command line because I was looking to do this on a bootable Puppy Linux machine.
Pretty much anything that transforms your passphrase into 256 bits
sha256, first half of sha512, last half of sha512, sha1+sha1, ridemd256, etc
sha256, first half of sha512, last half of sha512, sha1+sha1, ridemd256, etc
Thanks - but can you tell me what the actual commands/steps would be though for Linux to get from seed passphrase to the private/public key?
Sorry I almost posted this to newbie section but thought the folks here would know how to answer.
In Linux I know "echo -n passphrase | sha256sum" will give me a string which then you convert to base58 to get a private key, and then you need to do something to that to get the corresponding public key.
What are the Linux commands to do this beyond the first one "echo -n passphrase | sha256sum" to get the private/public key pairs? Or how would I do that? I am trying to verify pairs given to me by bitaddress.org or brainwallet.org...
What are the Linux commands to do this beyond the first one "echo -n passphrase | sha256sum" to get the private/public key pairs? Or how would I do that? I am trying to verify pairs given to me by bitaddress.org or brainwallet.org...
Re: Bitcoin Address Utility I made (Visual C#, Source Only)
Thanks for this tool. I was hoping to use this to verify addresses from brainwallet/bitaddress. Can someone explain how to compile this in Linux/Ubuntu step by step? or if you have a compiled version for that OS, awesome! Thx
FYI - if you are in the area - MIT has been having weekly Bitcoin meetups every Friday at 4pm in the Stata Center, 9th Floor Lounge.
To get on the email list for the group, sign up here:
http://mailman.mit.edu/mailman/listinfo/bitcoin-related
MIT Bitcoin meets every Friday at 4p at Stata in the G9 Lounge (take the elevator on the Gates side of the building to the 9th floor and it's the large area right in front of you).
The Stata Center is that funky looking building:
http://whereis.mit.edu/?mapterms=32&mapsearch=go
To get on the email list for the group, sign up here:
http://mailman.mit.edu/mailman/listinfo/bitcoin-related
MIT Bitcoin meets every Friday at 4p at Stata in the G9 Lounge (take the elevator on the Gates side of the building to the 9th floor and it's the large area right in front of you).
The Stata Center is that funky looking building:
http://whereis.mit.edu/?mapterms=32&mapsearch=go
I like this. Puppy Linux is great for older computers since its so lightweight. Only think I could find that would run on this old HP laptop. Can you include some additional independent address generators? Perhaps brainwallet.org and the Cascascius tool? If I'm going to send a significant amount of BTC to cold storage I'd like to be able to verify the keypairs or passphrase>addresses with more than one tool, ideally at least 3. This will be handy for people who can also not afford the latest-greatest tech.
Agreed on never connecting to the internet and using a temporarily loaded OS. On brainwallet.org - I thought I remember some threads here questioning that site since no one knew who created it. Do we now know the source?
I know I can save bitaddress.org to a hard drive for use as an offline address generator. If I want to double or triple check seeded key pairs from bitaddress, what other offline methods can I use to confidently verify the bitaddress pairs? I'm worried about errors and malicious code. Ideally the tools used would have independent development and not be based on the same flawed/malicious component source code.
Richard Stallman/Free Software Found.'s Librefest 3/23-24 Harvard/Cambridge, MA
This is a gathering of active Linux/Unix types that might be great to promote to. The group generally might be good to get involved with at some level. And they gotta take Bitcoin as payment/donation!
http://libreplanet.org/wiki/Main_Page
March 23rd-24th 2013 in Cambridge, MA
http://libreplanet.org/wiki/Main_Page
March 23rd-24th 2013 in Cambridge, MA
Quote
LibrePlanet is an annual conference of the Free Software Foundation. What started out as our annual membership meeting has grown into a two-day conference open to the general public. At LibrePlanet, software developers, policy experts, activists and computer users come together to celebrate and advance the movement for software freedom.
LibrePlanet 2013: Commit Change
LibrePlanet is where global free software community members and newcomers meet together to learn from each other, share accomplishments and face challenges.
The free software movement is built around the concept that computer programs should be "free, as in freedom"; available for everyone to use or modify as they see fit. Software that is developed collaboratively and shared freely can help us create a more just and abundant world for everyone. We need the free software movement now more than ever, as giant IT corporations are working to restrict our freedom, stifle disruptive innovation, and invade our privacy, threatening our ability to create change in areas beyond technology.
This year, the conference focuses on bringing together the diverse voices that have a stake in free software. From software developers to activists, academics to computer users, this convergence is about working together for the software freedom we need. If you're interested in technology's role in struggles for justice, community, and freedom, then you will find a lot to be excited about at LibrePlanet.
LibrePlanet 2013: Commit Change
LibrePlanet is where global free software community members and newcomers meet together to learn from each other, share accomplishments and face challenges.
The free software movement is built around the concept that computer programs should be "free, as in freedom"; available for everyone to use or modify as they see fit. Software that is developed collaboratively and shared freely can help us create a more just and abundant world for everyone. We need the free software movement now more than ever, as giant IT corporations are working to restrict our freedom, stifle disruptive innovation, and invade our privacy, threatening our ability to create change in areas beyond technology.
This year, the conference focuses on bringing together the diverse voices that have a stake in free software. From software developers to activists, academics to computer users, this convergence is about working together for the software freedom we need. If you're interested in technology's role in struggles for justice, community, and freedom, then you will find a lot to be excited about at LibrePlanet.
Escrow.com is a leading service to escrow domain name sales. Vote here to show support to accept Bitcoin! Would be useful since many of their transactions are international.
http://www.elliotsblog.com/what-other-currencies-should-escrow-com-consider-adding-0822
http://www.elliotsblog.com/what-other-currencies-should-escrow-com-consider-adding-0822