Gregory Maxwell [ARCHIVE] on Nostr: 📅 Original date posted:2015-03-12 📝 Original message:On Thu, Mar 12, 2015 at ...
📅 Original date posted:2015-03-12
📝 Original message:On Thu, Mar 12, 2015 at 2:41 AM, devrandom <c1.sf-bitcoin at niftybox.net> wrote:
> I think there are some important advantages to not being forced to use
> the old wallet to send coins when switching wallets. The three I can
> think of right now are: maintaining transaction history,
Just loading a key doesn't keep transaction history however, if the
loading wallet can't understand or infer metadata about the
transactions. You get some mass of data but to tell actually what the
transactions are, or what they were for, forensic accounting is
required and some data will be potentially unrecoverable.
The best way to preserve historical information is to use reporting
from the wallet in question; which will accurately record the best
available output for this. (E.g. Bitcoin-qt has a CSV export or you
can take a json list-transactions out of it).
> emergency transition when a wallet has a serious (e.g. money losing) bug
This cuts both ways, we've seen significant losses for users in
Bitcoin Core where they've used the console to import keys that they
also used in other insecure clients.
For an emergency transition the user is probably better off with an
explicit unstructured mass private key export, and a sweep function;
and guaranteeing compatibility with that is much easier; and because
it moves funds in one direction there is much less chance of going
from secure to insecure.
> and web
> wallet with server down.
I suppose it would be too much to ask that these web wallets actually
not be totally centrally controlled and have the potential of just
having someone else stand up a server. I guess not. :(
Emergencies being what the are you do with what you can... indeed, I
agree thats a reason that better compatibility is better. (But perhaps
best is that its insane to use software to handle your money that can
just be taken away from you like that...)
> Another important reason to standardize is to reduce the "roll your own
> crypto" temptation on the wallet creator part, where the wallet-specific
> algorithm is more likely to contain weaknesses.
> I do agree that trying to come up with one uber standard will likely
> fail and is probably counter productive.
Careful with this line of thinking: We have no mechanism in the BIP
process to exclude weak cryptography.
A BIP is not a measure of cryptographic integrity. There are existing
BIPs which I consider flawed and would not use or recommend.
It result in some level of review, maybe, and so it can be productive
to at least have more eyes on fewer things; which is a reason I
wouldn't say don't bother trying.
And indeed, I do think that what can be standardized should be, my
words weren't intended to dismiss anyone's efforts, only to encourage
realistic (I think) expectations around what will come of it.
And while I hope for no gratuitous incompatibility, I also hope that
no one working on a wallet hesitates for a minute to offer a new and
interesting functionality just because it doesn't fit into a prefab
shape.
Published at
2023-06-07 15:31:29Event JSON
{
"id": "857541e1615af1ea916aa5f4eafeba3c2f34c93fc26c771ec6562d846e85602c",
"pubkey": "4aa6cf9aa5c8e98f401dac603c6a10207509b6a07317676e9d6615f3d7103d73",
"created_at": 1686151889,
"kind": 1,
"tags": [
[
"e",
"bf192ab1459041905386f8a0c7782f07de04af2932326a4e49fe0d6ce14ed93c",
"",
"root"
],
[
"e",
"52c7d6fd0620fc865d86d83eb5b2870959f9f401b8b68ec3b3a94b50e3a4b5e0",
"",
"reply"
],
[
"p",
"ebeb63b9f045163c648f5d84faefa323220f6883ca98091c831d7e9da63b294a"
]
],
"content": "📅 Original date posted:2015-03-12\n📝 Original message:On Thu, Mar 12, 2015 at 2:41 AM, devrandom \u003cc1.sf-bitcoin at niftybox.net\u003e wrote:\n\u003e I think there are some important advantages to not being forced to use\n\u003e the old wallet to send coins when switching wallets. The three I can\n\u003e think of right now are: maintaining transaction history,\n\nJust loading a key doesn't keep transaction history however, if the\nloading wallet can't understand or infer metadata about the\ntransactions. You get some mass of data but to tell actually what the\ntransactions are, or what they were for, forensic accounting is\nrequired and some data will be potentially unrecoverable.\n\nThe best way to preserve historical information is to use reporting\nfrom the wallet in question; which will accurately record the best\navailable output for this. (E.g. Bitcoin-qt has a CSV export or you\ncan take a json list-transactions out of it).\n\n\u003e emergency transition when a wallet has a serious (e.g. money losing) bug\n\nThis cuts both ways, we've seen significant losses for users in\nBitcoin Core where they've used the console to import keys that they\nalso used in other insecure clients.\n\nFor an emergency transition the user is probably better off with an\nexplicit unstructured mass private key export, and a sweep function;\nand guaranteeing compatibility with that is much easier; and because\nit moves funds in one direction there is much less chance of going\nfrom secure to insecure.\n\n\u003e and web\n\u003e wallet with server down.\n\nI suppose it would be too much to ask that these web wallets actually\nnot be totally centrally controlled and have the potential of just\nhaving someone else stand up a server. I guess not. :(\n\nEmergencies being what the are you do with what you can... indeed, I\nagree thats a reason that better compatibility is better. (But perhaps\nbest is that its insane to use software to handle your money that can\njust be taken away from you like that...)\n\n\u003e Another important reason to standardize is to reduce the \"roll your own\n\u003e crypto\" temptation on the wallet creator part, where the wallet-specific\n\u003e algorithm is more likely to contain weaknesses.\n\u003e I do agree that trying to come up with one uber standard will likely\n\u003e fail and is probably counter productive.\n\nCareful with this line of thinking: We have no mechanism in the BIP\nprocess to exclude weak cryptography.\n\nA BIP is not a measure of cryptographic integrity. There are existing\nBIPs which I consider flawed and would not use or recommend.\n\nIt result in some level of review, maybe, and so it can be productive\nto at least have more eyes on fewer things; which is a reason I\nwouldn't say don't bother trying.\n\nAnd indeed, I do think that what can be standardized should be, my\nwords weren't intended to dismiss anyone's efforts, only to encourage\nrealistic (I think) expectations around what will come of it.\n\nAnd while I hope for no gratuitous incompatibility, I also hope that\nno one working on a wallet hesitates for a minute to offer a new and\ninteresting functionality just because it doesn't fit into a prefab\nshape.",
"sig": "fff81659d6c33dc5e0501fc8824ce08f5bfbfca7e386b0c23d6e88ba2923c249e64860e798bf0c49e93b2c6c31bff4b575be11fb10a2835ce85f463761a2007d"
}