Gavin Andresen: Why aren't bitcoin wallets encrypted?
2011 Jun 24
See all posts
Gavin Andresen: Why aren't bitcoin wallets encrypted? @ Satoshi Nakamoto
- Author
-
Gavin Andresen
- Email
-
satoshinakamotonetwork@proton.me
- Site
-
https://satoshinakamoto.network
Now that bitcoins are worth stealing, virus writers and scammers are
busy trying to steal them.
The current bitcoin software that you can download and run on your
computer makes no attempt to keep your bitcoins safe
from malware infecting your computer. None. Nada. Zip.
Your wallet.dat file is sitting right there on your hard disk,
unencrypted. A big, juicy target for viruses and malware.
So why didn't we encrypt it up the wazoo and require that you type
six passwords to unlock it? Well, two major reasons:
First, losing your wallet or forgetting your password is (arguably)
as big a threat as theft. There is a reason every online service has
some ‘recover/reset lost password' feature.
Second, encryption might give users a false sense of security. If you
use a weak password then encryption doesn't help; bad guys can steal the
encrypted wallet and, in a few seconds, try decrypting it with the most
popular passwords. And if your machine has malware running on it, then
it can easily install a keylogger and get your password when you type it
in.
Bitcoin could start playing whack-a-mole with the bad guys– they
implement dumb keyloggers, so we implement an on-screen keyboard and you
use your mouse to enter your password. So they implement a
screen+keyboard+mouse logger, we come up with some complicated
one-time-password scheme involving you printing out pieces of private
keys the first time you start bitcoin. So the bad guys wait until you
send some coins, and then modify the transaction after you've typed in
the information from the piece of paper.
If your computer is infected, then it cannot be trusted, and there is
no software in the world that can keep your bitcoins safe if they are
stored on it.
However... wallet encryption is planned for the next version of
bitcoin. It won't protect you from viruses, but it will stop your cousin
from walking up to your computer and helping himself to all of your
bitcoins while you're out walking the dog. And if you use a strong
password you won't have to worry about somebody stealing a backed-up
copy of your wallet and spending all your coins. I just hope
users DO use strong passwords and DO
NOT lose them.
The real solution is multi-device confirmation of big bitcoin
transactions. You'd send coins starting on your computer, but the
transaction wouldn't be valid until it was signed by another device,
which would somehow contact you (NOT through your computer) and ask you
for your OK before sending it along. The guts of bitcoin supports that
(and a whole lot more), but it will take a fair bit of work to make it
all fool-proof and easy to use.
Gavin Andresen: Why aren't bitcoin wallets encrypted?
2011 Jun 24 See all postsGavin Andresen
satoshinakamotonetwork@proton.me
https://satoshinakamoto.network
Now that bitcoins are worth stealing, virus writers and scammers are busy trying to steal them.
The current bitcoin software that you can download and run on your computer makes no attempt to keep your bitcoins safe from malware infecting your computer. None. Nada. Zip.
Your wallet.dat file is sitting right there on your hard disk, unencrypted. A big, juicy target for viruses and malware.
So why didn't we encrypt it up the wazoo and require that you type six passwords to unlock it? Well, two major reasons:
First, losing your wallet or forgetting your password is (arguably) as big a threat as theft. There is a reason every online service has some ‘recover/reset lost password' feature.
Second, encryption might give users a false sense of security. If you use a weak password then encryption doesn't help; bad guys can steal the encrypted wallet and, in a few seconds, try decrypting it with the most popular passwords. And if your machine has malware running on it, then it can easily install a keylogger and get your password when you type it in.
Bitcoin could start playing whack-a-mole with the bad guys– they implement dumb keyloggers, so we implement an on-screen keyboard and you use your mouse to enter your password. So they implement a screen+keyboard+mouse logger, we come up with some complicated one-time-password scheme involving you printing out pieces of private keys the first time you start bitcoin. So the bad guys wait until you send some coins, and then modify the transaction after you've typed in the information from the piece of paper.
If your computer is infected, then it cannot be trusted, and there is no software in the world that can keep your bitcoins safe if they are stored on it.
However... wallet encryption is planned for the next version of bitcoin. It won't protect you from viruses, but it will stop your cousin from walking up to your computer and helping himself to all of your bitcoins while you're out walking the dog. And if you use a strong password you won't have to worry about somebody stealing a backed-up copy of your wallet and spending all your coins. I just hope users DO use strong passwords and DO NOT lose them.
The real solution is multi-device confirmation of big bitcoin transactions. You'd send coins starting on your computer, but the transaction wouldn't be valid until it was signed by another device, which would somehow contact you (NOT through your computer) and ask you for your OK before sending it along. The guts of bitcoin supports that (and a whole lot more), but it will take a fair bit of work to make it all fool-proof and easy to use.