Bitcoin Wiki - User contributions [en]

Bitcoin

2018-09-19T16:29:48Z

Waldyrious: /* Transaction fees */ use lowercase in {{as of}} template

'''Bitcoin''' is a decentralized [[digital currency]] created by an unknown person or group of people under the name [[Satoshi Nakamoto]] and released as open-source software in 2009. It does not rely on a central server to process transactions or store funds. There are a maximum of 2,099,999,997,690,000 Bitcoin elements (called Satoshis, the unit has been named in collective homage to the original creator), which are currently most commonly measured in units of 100,000,000 known as BTC. There will only ever be 21 million Bitcoin (BTC) to ever be created.

{{As of|January 2018}}, it is the most widely used alternative currency,<ref name="Quantitative Analysis of the Full Bitcoin Transaction Graph">{{cite web|title=Quantitative Analysis of the Full Bitcoin Transaction Graph|url=https://eprint.iacr.org/2012/584.pdf|publisher=Cryptology ePrint Archive|accessdate=18 October 2012|author=Ron Dorit|coauthors=Adi Shamir|page=17|quote=The Bitcoin system is the best known and most widely used alternative payment scheme,...}}</ref><ref name="Cryptocurrency Market Capitalization">{{Cite web|title=Coinmarketcap.com|url=https://coinmarketcap.com/}}</ref> now with the total market cap around 250 billion US dollars.<ref>{{cite web|title=Market Capitalization|url=https://coinmarketcap.com/currencies/bitcoin/|publisher= [[Coinmarketcap.com]] |accessdate=10 January 2018}}</ref>

Bitcoin has no central issuer; instead, the peer-to-peer network regulates Bitcoins, transactions and issuance according to consensus in network software. These transactions are verified by network nodes through the use of cryptography and recorded in a public distributed ledger called a blockchain.

Bitcoins are issued to various nodes that verify transactions through computing power;
it is established that there will be a limited and scheduled release of no more than 21 million BTC worth of coins, which will be fully issued by the year 2140.

Bitcoins are created as a reward for a process known as mining. They can be exchanged for other currencies, products, and services. As of February 2015, over 100,000 merchants and vendors accepted Bitcoin as payment. Research produced by the University of Cambridge estimates that in 2017, there were 2.9 to 5.8 million unique users using a cryptocurrency wallet, most of them using Bitcoin.

Internationally, Bitcoins can be exchanged and managed through various websites and [[software]] along with physical banknotes and coins.<ref>{{Cite web|title=Physical Bitcoins by Casascius|url=https://www.casascius.com/|publisher=Casascius Coins|accessdate=29 September 2012}}</ref><ref>{{Cite web|title=Bitbills|url=http://www.bitbills.com/|publisher=Bitbills|accessdate=29 September 2012}}</ref>

==History==
{{main|History}}

A cryptographic system for untraceable payments was first described by David Chaum in 1982.<ref>[http://blog.koehntopp.de/uploads/Chaum.BlindSigForPayment.1982.PDF David Chaum, Blind signatures for untraceable payments], Advances in Cryptology - Crypto '82, Springer-Verlag (1983), 199–203.</ref> In 1990 Chaum extended this system to create the first cryptographic anonymous electronic cash system.,<ref>{{cite journal|journal=Lecture Notes in Computer Science|last1=Chaum|first1=David|last2=Fiat|first2=Amos|last3=Naor|first3=Moni|title=Untraceable Electronic Cash|url=http://blog.koehntopp.de/uploads/chaum_fiat_naor_ecash.pdf}}</ref> which became known as ecash.
<ref>{{cite web|url=https://www.wired.com/wired/archive/2.12/emoney.html|publisher=Wired|title=E-Money (That's What I Want)|date=1994–2012|author=Steven Levy}}</ref> In 1998 [[Wei Dai]] published a description of an anonymous, distributed electronic cash system which he called "b-money".<ref>{{cite web|title=B-Money|url=http://www.weidai.com/bmoney.txt|author=Wei Dai|year=1998}}</ref> Around the same time, Nick Szabo created ''bit gold''.<ref>{{cite web|url=https://spectrum.ieee.org/computing/software/bitcoin-the-cryptoanarchists-answer-to-cash/0|title=Bitcoin: The Cryptoanarchists’ Answer to Cash|publisher=IEEE Spectrum|quote=Around the same time, Nick Szabo, a computer scientist who now blogs about law and the history of money, was one of the first to imagine a new digital currency from the ground up. Although many consider his scheme, which he calls “bit gold,” to be a precursor to Bitcoin}}</ref><ref name="bitgold">{{cite web|title=Bit gold|url=https://unenumerated.blogspot.co.uk/2005/12/bit-gold.html|author=Nick Szabo|quote=My proposal for bit gold is based on computing a string of bits from a string of challenge bits, using functions called variously "client puzzle function," "proof of work function," or "secure benchmark function.". The resulting string of bits is the proof of work.... The last-created string of bit gold provides the challenge bits for the next-created string.}}</ref> Like Bitcoin, ''Bit gold'' was a currency system where users would compete to solve a [[proof of work]] function, with solutions being cryptographically chained together and published via a distributed property title registry. A variant of ''Bit gold'', called ''Reusable Proofs of Work'', was implemented by Hal Finney.<ref name="bitgold"/>

In 2008, Satoshi Nakamoto published a [[Bitcoin_white_paper|paper]]<ref name="whitepaper">{{cite web
|last= Nakamoto
|first= Satoshi
|title= Bitcoin: A Peer-to-Peer Electronic Cash System
|url= http://www.cs.kent.edu/~JAVED/class-P2P12F/papers-2012/PAPER2012-p2p-bitcoin-satoshinakamoto.pdf
|accessdate = 14 December 2010
|date= 24 May 2009
|postscript=
}}</ref><ref>{{cite web
|url= https://article.gmane.org/gmane.comp.encryption.general/12588/
|title= Bitcoin P2P e-cash paper
}}</ref> on The Cryptography Mailing list at metzdowd.com<ref>[https://www.mail-archive.com/search?l=cryptography@metzdowd.com&q=from:%22Satoshi+Nakamoto%22 Satoshi's posts to Cryptography mailing list]</ref> describing the Bitcoin protocol.

The Bitcoin network came into existence on 3 January 2009 with the release of the first Bitcoin client, [[wxBitcoin]], and the issuance of the first Bitcoins.<ref>{{cite web |title=Block 0 – Bitcoin Block Explorer |url=https://blockexplorer.com/block/000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f }}</ref><ref>{{cite web |url=https://www.mail-archive.com/cryptography@metzdowd.com/msg10142.html |title=Bitcoin v0.1 released}}</ref><ref>{{cite web |url=https://sourceforge.net/news/?group_id=244765 |title=SourceForge.net: Bitcoin}}</ref>
A year after, the initial exchange rates for Bitcoin were set by individuals on the bitcointalk forums.{{Citation needed|date=October 2012}} The most significant transaction involved a 10,000 BTC pizza.<ref>{{cite web|title=The Rise and Fall of Bitcoin|url=https://www.wired.com/magazine/2011/11/mf_bitcoin/|publisher=Wired|accessdate=13 October 2012}}</ref>
Today, the majority of Bitcoin exchanges occur on the [[Bitstamp]] Bitcoin exchange.<ref>{{cite web | title = Exchange volume distribution | work = by market | publisher = [[Bitcoin Charts]] | date = April 15, 2014 | url = https://bitcoincharts.com/charts/volumepie/ | accessdate = 2014-04-15 }}</ref>

In 2011, Wikileaks,<ref>{{cite news
|last= Greenberg
|first= Andy
|url= http://blogs.forbes.com/andygreenberg/2011/06/14/wikileaks-asks-for-anonymous-bitcoin-donations/
|title= WikiLeaks Asks For Anonymous Bitcoin Donations – Andy Greenberg – The Firewall – Forbes
|publisher= Blogs.forbes.com
|date= 2011-06-14
|accessdate = 2011-06-22
}}</ref> [[Freenet]],<ref>{{cite web
|url= https://freenetproject.org/donate.html
|title= /donate
|publisher= The Freenet Project
|date=
|accessdate = 2011-06-22
}}</ref> Singularity Institute,<ref>[http://singinst.org/donate/ SIAI donation page]</ref> Internet Archive,<ref>[https://www.archive.org/donate/index.php Internet Archive donation page]</ref> Free Software Foundation<ref>[https://my.fsf.org/donate/other/ Other ways to donate]</ref> and others, began [[Receiving_donations_with_bitcoin|to accept donations in Bitcoin]]. The Electronic Frontier Foundation did so for a while but has since stopped, citing concerns about a lack of legal precedent about new currency systems, and because they "generally don't endorse any type of product or service."<ref>{{cite web
|url= https://www.eff.org/deeplinks/2011/06/eff-and-bitcoin
|title= EFF and Bitcoin | Electronic Frontier Foundation
|publisher= Eff.org
|date= 2011-06-14
|accessdate = 2011-06-22
}}</ref> Some small businesses had started to adopt Bitcoin. LaCie, a public company, accepts Bitcoin for its Wuala service.<ref>{{Cite web|url=http://www.wuala.com/en/bitcoin |title=Secure Online Storage – Backup. Sync. Share. Access Everywhere |publisher=Wuala |date= |accessdate = 2012-01-24}}</ref>

In 2012, BitPay reports of having over 1000 merchants accepting Bitcoin under its payment processing service.<ref>{{cite web|title=BitPay Signs 1,000 Merchants to Accept Bitcoin Payments|url=http://www.americanbanker.com/issues/177_176/bitpay-signs-1000-merchants-to-accept-bitcoin-payments-1052538-1.html|publisher=American Banker|accessdate=12 October 2012}}</ref>

==Administration==
Bitcoin is administered through a decentralized peer-to-peer network.<ref name="whitepaper"/> Cryptographic technologies and the peer-to-peer network of computing power enables users to make and verify irreversible, instant online Bitcoin payments, without an obligation to trust and use centralized banking institutions and authorities. Dispute resolution services are not made directly available. Instead it is left to the users to verify and trust the parties they are sending money to through their choice of methods.

Bitcoins are issued according to rules agreed to by the majority of the computing power within the Bitcoin network. The core rules describing the predictable issuance of Bitcoins to its verifying servers, a voluntary and competitive transaction fee system and the hard limit of no more than 21 million BTC issued in total.<ref name="whitepaper"/>

Bitcoin does not require a central bank, State,<ref>{{cite web
|url= https://spectrum.ieee.org/computing/software/bitcoin-the-cryptoanarchists-answer-to-cash/3
|title= Bitcoin: The Cryptoanarchists' Answer to Cash
|publisher= IEEE.org
|date= June 2012
|accessdate = 2012-06-05
}}</ref> or incorporated backers.

==Services==
{{main|Wallet}}

Bitcoins are sent and received through software and websites called wallets. They send and confirm transactions to the network through Bitcoin addresses, the identifiers for users' Bitcoin wallets within the network.<ref name="whitepaper"/>

===Bitcoin addresses===
{{main|Address}}

Payments are made to Bitcoin "addresses": human-readable strings of numbers and letters around 33 characters in length, always beginning with the digit 1 or 3, as in the example of ''31uEbMgunupShBVTewXjtqbBv5MndwfXhb''.

Users obtain new Bitcoin addresses from their Bitcoin software. Creating a new address can be a completely offline process and require no communication with the Bitcoin network. Web services often generate a new Bitcoin address for every user, allowing them to have their custom deposit addresses.{{dubious}}

===Transaction fees===
{{main|Transaction fees}}
Transaction fees may be included with any transfer of Bitcoins. While it's technically possible to send a transaction with zero fee, {{as of|2017|lc=on}} it's highly unlikely that one of these transactions confirms in a realistic amount of time, causing most nodes on the network to drop it. For transactions which consume or produce many outputs (and therefore have a large data size), higher transaction fees are usually expected.

===Confirmations===
{{main|Confirmation}}

The network's software confirms a transaction when it records it in a block. Further blocks of transactions confirm it even further. After six confirmations/blocks, a transaction is confirmed beyond reasonable doubt.

The network must store the whole transaction history inside the blockchain, which grows constantly as new records are added and never removed. Nakamoto conceived that as the database became larger, users would desire applications for Bitcoin that didn't store the entire database on their computer. To enable this, the blockchain uses a [[merkle tree]] to organize the transaction records in such a way that client software can locally delete portions of its own database it knows it will never need, such as earlier transaction records of Bitcoins that have changed ownership multiple times.

==Economics==

===Initial distribution===

Bitcoin has no centralized issuing authority.<ref name="ars-06-08-11">
{{Cite news
|first= Thomas
|last= Lowenthal
|title= Bitcoin: inside the encrypted, peer-to-peer digital currency
|newspaper= Ars Technica
|date= 8 June 2011
|url= https://arstechnica.com/tech-policy/news/2011/06/bitcoin-inside-the-encrypted-peer-to-peer-currency.ars
}}</ref><ref>{{cite news
|author= Sponsored by
|url= http://www.economist.com/blogs/babbage/2011/06/virtual-currency
|title= Virtual currency: Bits and bob
|publisher= The Economist
|date=
|accessdate = 2011-06-22
}}</ref><ref>{{cite web
|last= Geere
|first= Duncan
|url= https://www.wired.co.uk/news/archive/2011-05/16/bitcoin-p2p-currency
|title= Peer-to-peer currency Bitcoin sidesteps financial institutions (Wired UK)
|publisher= Wired.co.uk
|date=
|accessdate = 2011-06-22
}}</ref> The network is programmed to increase the money supply as a geometric series until the total number of Bitcoins reaches 21 million BTC.<ref name="Quantitative Analysis of the Full Bitcoin Transaction Graph"/> {{As of|2012|10}} slightly over 10 million of the total 21 million BTC had been created; the current total number created is available online.<ref>{{cite web
|title= Total Number of Bitcoins in Existence
|url= https://blockexplorer.com/q/totalbc
|work= Bitcoin Block Explorer
|accessdate = 2012-10-03
}}</ref> By 2013 half of the total supply will have been generated, and by 2017, three-quarters will have been generated. To ensure sufficient granularity of the [[money supply]], clients can divide each BTC unit down to eight decimal places (a total of 2.1 × 1015 or 2.1 quadrillion units).<ref name="lwn">{{Cite news
|author= Nathan Willis
|date= 2010-11-10
|title= Bitcoin: Virtual money created by CPU cycles
|publisher= LWN.net
|url= https://lwn.net/Articles/414452/
}}</ref>

The network {{As of|2012|lc=on}} required over one million times more work for confirming a block and receiving an award (25 BTC {{As of|2012|2|lc=on}}) than when the first blocks were confirmed.
The difficulty is automatically adjusted every 2016 blocks based on the time taken to find the previous 2016 blocks such that one block is created roughly every 10 minutes.

Those who chose to put computational and electrical resources toward mining early on had a greater chance at receiving awards for block generations. This served to make available enough processing power to process blocks. Indeed, without miners there are no transactions and the Bitcoin economy comes to a halt.

===Exchange rate===
Prices fluctuate relative to goods and services more than more widely accepted currencies;
the price of a Bitcoin is not static.

In August 2012, 1 BTC traded at around $10.00 USD. Taking into account the total number of Bitcoins mined, the monetary base of the Bitcoin network stands at over 110 million USD.<ref>[http://www.bitcoinwatch.com/ http://www.bitcoinwatch.com/] Bitcoin statistics</ref>

== Anonymity ==
{{main|Anonymity & Security}}

=== Transactions ===

While using Bitcoins is an excellent way to make your purchases, donations, and p2p payments, without losing money through inflated transaction fees, transactions are never truly anonymous. Buying Bitcoin you pass identification, Bitcoin transactions are stored publicly and permanently on the network, which means anyone can see the balance and transactions of any Bitcoin address. Bitcoin activities are recorded and available publicly via the [[blockchain]], a comprehensive database which keeps a record of Bitcoin transactions.

=== Buying/selling Bitcoins ===

All exchange companies require the user to scan ID documents, and large transactions must be reported to the proper governmental authority.

This means that a third party with an interest in tracking your activities can use your visible balance and ID information as a basis from which to track your future transactions or to study previous activity. In short, you have compromised your [[security]] and [[privacy]].

In addition to conventional exchanges there are also peer-to-peer exchanges. Peer to peer exchanges will often not collect KYC and identity information directly from users, instead they let the users handle KYC amongst themselves. These can often be a better alternative for those looking to purchase Bitcoin quickly and without KYC delay.

=== Mixing services ===

[http://anonymity.co.in/mixing_services.html Mixing services] are used to avoid compromising of privacy and security. Mixing services provide to periodically exchange your Bitcoin for different ones which cannot be associated with the original owner.

== Security ==
{{seealso|Weaknesses}}

In the history of Bitcoin, there have been a few [[incidents]], caused by problematic as well as malicious transactions. In the worst such incident, and the only one of its type, a person was able to pretend that he had a practically infinite supply of Bitcoins, for almost 9 hours.

Bitcoin relies, among other things, on [https://en.wikipedia.org/wiki/Public-key_cryptography public key cryptography] and thus may be vulnerable to [https://en.wikipedia.org/wiki/Elliptic_curve_cryptography#Quantum_computing_attacks quantum computing attacks] if and when practical quantum computers can be constructed.

If multiple different software packages, whose usage becomes widespread on the Bitcoin network, disagree on the protocol and the rules for transactions, this could potentially cause a fork in the block chain, with each faction of users being able to accept only their own version of the history of transactions. This could influence the price of Bitcoins.

A global, organized campaign against the currency or the software could also influence the demand for Bitcoins, and thus the exchange price.

==Bitcoin mining==
{{main|Mining}}

Bitcoin mining nodes are responsible for managing the Bitcoin network.

Bitcoins are awarded to Bitcoin nodes known as "miners" for the solution to a difficult [[proof-of-work]] problem which confirms transactions and prevents double-spending. This incentive, as the Nakamoto white paper describes it, encourages "nodes to support the network, and provides a way to initially distribute coins into circulation, since no central authority issues them."<ref name="whitepaper" />

Nakamoto compared the generation of new coins by expending CPU time and electricity to gold miners expending resources to add gold to circulation.<ref name="whitepaper"/>

[[File:Cryptocurrency Mining Farm.jpg|right|350px|thumb|Iceland is a good location for [[mining]] Bitcoin because of the natural cold temperature.]]

===Node operation===

The node software for the Bitcoin network is based on peer-to-peer networking, digital signatures and cryptographic proof to make and verify transactions. Nodes broadcast transactions to the network, which records them in a public record of all transactions, called the ''blockchain'', after validating them with a [[proof-of-work|proof-of-work system]].

Satoshi Nakamoto designed the first Bitcoin node and mining software<ref name="processors">{{Cite news
|last= Davis
|first= Joshua
|title= The Crypto-Currency
|url= https://www.wired.com/magazine/2011/11/mf_bitcoin/all
|accessdate = 11 November 2011
|newspaper= Wired Magazine
|date= 10 November 2011
}}</ref> and developed the majority of the first implementation, Bitcoind, from 2007 to mid-2010.<ref name="code_start">{{cite web
|url= https://bitcointalk.org/index.php?topic=13.msg46#msg46
|title= Questions about Bitcoin
|publisher= Bitcoin forum
|date= 2009-12-10
}}</ref>

Node implementations include core software such as Bitcoind/Bitcoin-Qt, [[libbitcoin]], [[cbitcoin]]<ref>{{Cite web|title=cbitcoin|url=https://github.com/MatthewLM/cbitcoin|accessdate=3 October 2012}}</ref> and [[BitCoinJ|bitcoinj]].<ref>{{cite web
|url= https://news.slashdot.org/story/11/03/23/0210207/Google-Engineer-Releases-Open-Source-Bitcoin-Client
|title= Google Engineer Releases Open Source Bitcoin Client
|author= angry tapir, timothy
|date= 23 March 2011
|publisher= Slashdot
|accessdate = 2011-05-18
}}</ref><ref>{{cite web
|url= http://www.javaworld.com/javaworld/jw-01-2012/120110-bitcoin-for-beginners-3.html?page=1
|title= Bitcoin for beginners: The BitcoinJ API
|author= Dirk Merkel
|date= 10 January 2012
|publisher= JavaWorld
|accessdate = 2012-08-03
}}</ref>

Every node in the Bitcoin network collects all the unacknowledged transactions it knows of in a file called a ''block'', which also contains a reference to the previous valid block known to that node. It then appends a [[nonce]] value to this previous block and computes the SHA-256 cryptographic hash of the block and the appended nonce value. The node repeats this process until it adds a nonce that allows for the generation of a hash with a value lower than a specified ''target''. Because computers cannot practically reverse the hash function, finding such a nonce is hard and requires on average a predictable amount of repetitious trial and error. This is where the ''[[proof-of-work]]'' concept comes in to play. When a node finds such a solution, it announces it to the rest of the network. Peers receiving the new solved block validate it by computing the hash and checking that it really starts with the given number of zero bits (i.e., that the hash is within the target). Then they accept it and add it to the chain.

===Mining rewards===
In addition to receiving the pending transactions confirmed in the block, a generating node adds a ''generate'' transaction, which awards new Bitcoins to the operator of the node that generated the block. The system sets the payout of this generated transaction according to its defined inflation schedule. The miner that generates a block also receives the fees that users have paid as an incentive to give particular transactions priority for faster confirmation.<ref>[https://www.bitcoinmining.com Bitcoin Mining]</ref>

The network never creates more than a 50 BTC reward per block and this amount will decrease over time towards zero, such that no more than 21 million BTC will ever exist.<ref name="lwn" /> As this payout decreases, the incentive for users to run block-generating nodes is intended to change to earning [[#Transaction fees|transaction fees]].

===Mining pools===
{{main|Pooled mining}}

Bitcoin users often pool computational effort to increase the stability of the collected fees and subsidy they receive.<ref name="We Use Coins Mining">{{cite web|title=About Bitcoin Mining|url=https://www.weusecoins.com/en/mining-guide/|publisher=We Use Coins|accessdate=27 May 2015}}</ref>

===Mining difficulty===
{{main|Difficulty}}

In order to throttle the creation of blocks, the difficulty of generating new blocks is adjusted over time. If mining output increases or decreases, the difficulty increases or decreases accordingly.

The adjustment is done by changing the threshold that a hash is required to be less than. A lower threshold means fewer possible hashes can be accepted, and thus a higher degree of difficulty. The target rate of block generation is one block every 10 minutes, or 2016 blocks every two weeks. Bitcoin changes the difficulty of finding a valid block every 2016 blocks, using the difficulty that would have been most likely to cause the prior 2016 blocks to have taken two weeks to generate, according to the timestamps on the blocks. Technically, this is done by modeling the generation of Bitcoins as Poisson process. All nodes perform and enforce the same difficulty calculation.

Difficulty is intended as an automatic stabilizer allowing mining for Bitcoins to remain profitable in the long run for the most efficient miners, independently of the fluctuations in demand of Bitcoin in relation to other currencies.

===Mining hardware===
{{main|Mining Hardware Comparison}}

Bitcoins used to be mined through Intel/AMD CPUs. {{As of | 2012}}, mining has gradually moved to [[GPU]] and [[FPGA]] hardware.<ref name="bitcoinmag-butterfly" /> [[Application-specific integrated circuit|ASIC]]-based hardware for Bitcoin mining has been announced by several manufacturers who intend to ship products from late 2012 to early 2013.<ref name="bitcoinmag-butterfly">{{Cite web|title=Bitpay Breaks Daily Volume Record with Butterfly ASIC mining release|url=http://bitcoinmagazine.net/bitpay-breaks-daily-volume-record-with-butterfly-asic-mining-release/|publisher=Bitcoin Magazine}}</ref>

==Concerns==

===As an investment===
{{main|Bitcoin as an investment}}

Bitcoin describes itself as an experimental digital currency. Reuben Grinberg has noted that Bitcoin's supporters have argued that Bitcoin is neither a security or an investment because it fails to meet the criteria for either category.<ref name="grinberg">{{cite web | url=http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1817857 | title=Bitcoin: An Innovative Alternative Digital Currency | publisher=SSRN | date=9 December 2011 | accessdate=4 December 2012 | author=Grinberg, Reuben}}</ref> Although it is a virtual currency, some people see it as an investment<ref name="cnbc">{{cite web | url=http://www.cnbc.com/id/45030812/The_Pros_And_Cons_Of_Biting_on_Bitcoins | title=The Pros And Cons Of Biting on Bitcoins | publisher=CNBC | date=23 November 2011 | accessdate=4 December 2012 | author=Gustke, Constance}}</ref> or accuse it of being a form of investment fraud known as a Ponzi scheme.<ref>{{cite web |url=https://www.theregister.co.uk/2011/06/08/bitcoin_under_attack/ |title=US senators draw a bead on Bitcoin |last1=Chirgwin |first1=Richard |date=8 June 2011 |publisher=The Register |accessdate=14 November 2012}}</ref><ref>{{cite web |url=http://uk.reuters.com/article/2012/04/01/uk-traders-bitcoin-idUKBRE8300JL20120401 |title=Bitcoin, the City traders' anarchic new toy |last1=O'Leary |first1=Naomi |date=2 April 2012 |publisher=Reuters |accessdate=14 November 2012}}</ref> A report by the European Central Bank, using the U.S. Securities and Exchange Commission's definition of a Ponzi scheme, found that the use of Bitcoins shares some characteristics with Ponzi schemes, but also has characteristics of its own which contradict several common aspects of Ponzi schemes.<ref name="ecbreport">{{cite web | url=http://www.ecb.europa.eu/pub/pdf/other/virtualcurrencyschemes201210en.pdf | title=Virtual Currency Schemes | publisher=European Central Bank | date=October 2012 | accessdate=4 December 2012}}</ref>

===Privacy===
Because transactions are broadcast to the entire network, they are inherently public. Unlike regular banking,<ref>{{cite web
|url= https://spectrum.ieee.org/computing/software/bitcoin-the-cryptoanarchists-answer-to-cash/0
|title= Bitcoin: The Cryptoanarchists' Answer to Cash
|publisher= IEEE.org
|date= June 2012
|accessdate = 2012-06-05
}}</ref> which preserves customer privacy by keeping transaction records private, loose transactional privacy is accomplished in Bitcoin by using many unique addresses for every wallet, while at the same time publishing all transactions. As an example, if Alice sends 123.45 BTC to Bob, the network creates a public record that allows anyone to see that 123.45 has been sent from one address to another. However, unless Alice or Bob make their ownership of these addresses known, it is difficult for anyone else to connect the transaction with them. However, if someone connects an address to a user at any point they could follow back a series of transactions as each participant likely knows who paid them and may disclose that information on request or under duress.

It can be difficult to associate Bitcoin identities with real-life identities.<ref name="An Analysis of Anonymity in the Bitcoin System">Fergal Reid and Martin Harrigan (24 July 2011). [https://anonymity-in-bitcoin.blogspot.com/2011/07/bitcoin-is-not-anonymous.html An Analysis of Anonymity in the Bitcoin System]. An Analysis of Anonymity in the Bitcoin System.</ref> This property makes Bitcoin transactions attractive to sellers of illegal products.<ref name="Forbes">Andy Greenberg (20 April 2011). [http://www.forbes.com/forbes/2011/0509/technology-psilocybin-bitcoins-gavin-andresen-crypto-currency.html Crypto Currency]. Forbes Magazine.</ref><ref>{{cite web
|last= Madrigal
|first= Alexis
|title= Libertarian Dream? A Site Where You Buy Drugs With Digital Dollars
|publisher= The Atlantic Monthly
|date= 2011-06-01
|url= https://www.theatlantic.com/technology/archive/2011/06/libertarian-dream-a-site-where-you-buy-drugs-with-digital-dollars/239776/
|accessdate = 2011-06-05
}}</ref>

===Illicit use===

====Cracking====
The cracking organization "LulzSec" accepted donations in Bitcoin, having said that the group "needs Bitcoin donations to continue their hacking efforts".<ref name="CNET">{{cite web
|last= Reisinger
|first= Don
|url= https://news.cnet.com/8301-13506_3-20070268-17/senators-target-bitcoin-currency-citing-drug-sales/
|title= Senators target Bitcoin currency, citing drug sales | The Digital Home – CNET News
|publisher= News.cnet.com
|date= 2011-06-09
|accessdate = 2011-06-22
}}</ref><ref>{{cite news
|last= Olson
|first= Parmy
|url= http://blogs.forbes.com/parmyolson/2011/06/06/lulzsec-hackers-posts-sony-dev-source-code-get-7k-donation/
|title= LulzSec Hackers Post Sony Dev. Source Code, Get $7K Donation – Parmy Olson – Disruptors – Forbes
|publisher= Blogs.forbes.com
|date= 6 June 2011
|accessdate = 2011-06-22
}}</ref>

====Silk Road====
[[Silk Road]] is an anonymous black market that uses only the Bitcoin.<ref name="npr-06-12-11">
{{Cite news
|url= https://www.npr.org/2011/06/12/137138008/silk-road-not-your-fathers-amazon-com
|date= 12 June 2011
|newspaper= NPR
|title= Silk Road: Not Your Father's Amazon.com
|author= Staff
}}</ref>

In a 2011 letter to Attorney General Eric Holder and the Drug Enforcement Administration, senators Charles Schumer of New York and Joe Manchin of West Virginia called for an investigation into Silk Road and the Bitcoin.<ref name="npr-06-12-11"/>
Schumer described the use of Bitcoins at Silk Road as a form of money laundering.<ref name="ars-06-08-11"/>

====Botnet mining====
In June 2011, Symantec warned about the possibility of botnets engaging in covert "mining" of Bitcoins,<ref>{{Cite web|author=Updated: 17 June 2011 | Translations available: 日本語 |url=http://www.symantec.com/connect/blogs/bitcoin-botnet-mining |title=Bitcoin Botnet Mining | Symantec Connect Community |publisher=Symantec.com |date=2011-06-17 |accessdate = 2012-01-24}}</ref><ref>{{Cite web|url=http://www.zdnet.com/blog/security/researchers-find-malware-rigged-with-bitcoin-miner/8934 |title=Researchers find malware rigged with Bitcoin miner |publisher=ZDNet |date=2011-06-29 |accessdate = 2012-01-24}}</ref> consuming computing cycles, using extra electricity and possibly increasing the temperature of the computer (not associated with [http://snowafter.com Snow Day Calculator]). Later that month, the Australian Broadcasting Corporation caught an employee using the company's servers to generate Bitcoins without permission.<ref>{{Cite web|url=http://thenextweb.com/au/2011/06/23/abc-employee-caught-mining-for-bitcoins-on-company-servers/ |title=ABC employee caught mining for Bitcoins on company servers |publisher=The Next Web |date=2011-06-23 |accessdate = 2012-01-24}}</ref> Some malware also uses the parallel processing capabilities of the GPUs built into many modern-day video cards.<ref>{{Cite news |url=https://www.theregister.co.uk/2011/08/16/gpu_bitcoin_brute_forcing/ |title=Malware mints virtual currency using victim's GPU |date=16 August 2011|first=Dan |last=Goodin }}</ref> In mid August 2011, Bitcoin miner botnets were found;<ref>{{Cite web|url=http://www.infosecurity-magazine.com/view/20211/researcher-discovers-distributed-bitcoin-cracking-trojan-malware/ |title=Infosecurity – Researcher discovers distributed bitcoin cracking trojan malware |publisher=Infosecurity-magazine.com |date=2011-08-19 |accessdate = 2012-01-24}}</ref> trojans infecting Mac OS X have also been uncovered.<ref>{{Cite web|url=http://www.techworld.com.au/article/405849/mac_os_x_trojan_steals_processing_power_produce_bitcoins |title=Mac OS X Trojan steals processing power to produce Bitcoins – sophos, security, malware, Intego – Vulnerabilities – Security |publisher=Techworld |date=2011-11-01 |accessdate = 2012-01-24}}</ref>

===Theft and fraud===
On 19 June 2011, a security breach of the Mt.Gox (an acronym for ''M''agic: ''T''he ''G''athering ''O''nline E''x''change, its original purpose) Bitcoin Exchange caused the price of a Bitcoin to briefly drop to US$0.01 on the Mt.Gox exchange (though it remained unaffected on other exchanges) after a hacker allegedly used credentials from a Mt.Gox auditor's compromised computer to illegally transfer a large number of Bitcoins to him- or herself and sell them all, creating a massive "ask" order at any price. Within minutes the price rebounded to over $15 before Mt.Gox shut down their exchange and canceled all trades that happened during the hacking period.<ref>[https://mtgox.com/press_release_20110630.html Clarification of Mt Gox Compromised Accounts and Major Bitcoin Sell-Off]</ref><ref>[https://www.youtube.com/watch?v=T1X6qQt9ONg YouTube. Bitcoin Report]</ref> The exchange rate of Bitcoins quickly returned to near pre-crash values.<ref name="mick">Jason Mick, 19 June 2011, [http://www.dailytech.com/Inside+the+MegaHack+of+Bitcoin+the+Full+Story/article21942.htm Inside the Mega-Hack of Bitcoin: the Full Story], DailyTech</ref><ref>Timothy B. Lee, 19 June 2011, [https://arstechnica.com/tech-policy/news/2011/06/bitcoin-price-plummets-on-compromised-exchange.ars Bitcoin prices plummet on hacked exchange], Ars Technica</ref><ref>Mark Karpeles, 20 June 2011, [https://support.mtgox.com/entries/20208066-huge-bitcoin-sell-off-due-to-a-compromised-account-rollback Huge Bitcoin sell off due to a compromised account – rollback], Mt.Gox Support</ref><ref name="register1">{{Cite news
|title= Bitcoin collapses on malicious trade – Mt Gox scrambling to raise the Titanic
|url= https://www.theregister.co.uk/2011/06/19/bitcoin_values_collapse_again/
|date= 2011-06-19
|author= Chirgwin, Richard
|publisher= The Register
}}</ref> Accounts with the equivalent of more than USD 8,750,000 were affected.<ref name="mick" />

In July 2011, The operator of Bitomat, the third largest Bitcoin exchange, announced that he lost access to his wallet.dat file with about 17,000 Bitcoins (roughly equivalent to 220,000 USD at that time). He announced that he would sell the service for the missing amount, aiming to use funds from the sale to refund his customers.<ref>[http://siliconangle.com/blog/2011/08/01/third-largest-bitcoin-exchange-bitomat-lost-their-wallet-over-17000-bitcoins-missing/ Third Largest Bitcoin Exchange Bitomat Lost Their Wallet, Over 17,000 Bitcoins Missing]. SiliconAngle</ref>

In August 2011, MyBitcoin, one of popular Bitcoin transaction processors, declared that it was hacked, which resulted in it being shut down, with paying 49% on customer deposits, leaving more than 78,000 BitCoins (roughly equivalent to 800,000 USD at that time) unaccounted for.<ref>[http://betabeat.com/2011/08/mybitcoin-spokesman-finally-comes-forward-what-did-you-think-we-did-after-the-hack-we-got-shitfaced/ MyBitcoin Spokesman Finally Comes Forward: “What Did You Think We Did After the Hack? We Got Shitfaced”]. BetaBeat</ref><ref>[http://betabeat.com/2011/08/search-for-owners-of-mybitcoin-loses-steam/ Search for Owners of MyBitcoin Loses Steam]. BetaBeat</ref>

In early August 2012, a lawsuit was filed in San Francisco court against Bitcoinica, claiming about 460,000 USD from the company. Bitcoinica was hacked twice in 2012, which led to allegations of neglecting the safety of customers' money and cheating them out of withdrawal requests.<ref>[https://arstechnica.com/tech-policy/2012/08/bitcoinica-users-sue-for-460k-in-lost-bitcoins/ Bitcoinica users sue for $460k in lost Bitcoins]. Arstechnica</ref><ref>[https://spectrum.ieee.org/tech-talk/computing/networks/first-bitcoin-lawsuit-filed-in-san-francisco First Bitcoin Lawsuit Filed In San Francisco]. IEEE Spectrum</ref>

In late August 2012, Bitcoin Savings and Trust was shut down by the owner, allegedly leaving around $5.6 million in debts; this led to allegations of the operation being a Ponzi scheme.<ref>{{Cite web|title=Bitcoin ponzi scheme – investors lose $5 million USD in online hedge fund|url=https://rt.com/usa/news/investors-currency-digital-fund-868/|publisher=RT}}</ref><ref>{{Cite web|last=Jeffries|first=Adrianne|title=Suspected multi-million dollar Bitcoin pyramid scheme shuts down, investors revolt|url=http://www.theverge.com/2012/8/27/3271637/bitcoin-savings-trust-pyramid-scheme-shuts-down|publisher=The Verge}}</ref><ref>{{Cite web|last=Mick|first=Jason|title="Pirateat40" Makes Off $5.6M USD in Bitcoin From Pyramid Scheme|url=http://www.dailytech.com/Pirateat40+Makes+Off+56M+USD+in+BitCoins+From+Pyramid+Scheme/article25538.htm|publisher=DailyTech}}</ref><ref>[https://pandodaily.com/2012/08/31/bitcoin-how-a-virtual-currency-became-real-with-a-5-6m-fraud/ Bitcoin: How a Virtual Currency Became Real with a $5.6M Fraud]. PandoDaily</ref> In September 2012, it was reported that U.S. Securities and Exchange Commission has started an investigation on the case.<ref>[http://blogs.telegraph.co.uk/technology/willardfoxton2/100007836/bitcoin-pirate-scandal-sec-steps-in-amid-allegations-that-the-whole-thing-was-a-ponzi-scheme/ Bitcoin 'Pirate' scandal: SEC steps in amid allegations that the whole thing was a Ponzi scheme ]. The Telegraph</ref>

In September 2012, Bitfloor Bitcoin exchange also reported being hacked, with 24,000 Bitcoins (roughly equivalent to 250,000 USD) stolen. As a result, Bitfloor suspended operations.<ref>[http://www.bbc.co.uk/news/technology-19486695 Bitcoin theft causes Bitfloor exchange to go offline]. BBC</ref><ref>[http://www.theverge.com/2012/9/5/3293375/bitfloor-bitcoin-exchange-suspended-theft Bitcoin exchange BitFloor suspends operations after $250,000 theft Bitcoin exchange BitFloor suspends operations after $250,000 theft]. The Verge</ref> The same month, Bitfloor resumed operations, with its founder saying that he reported the theft to FBI, and that he is planning to repay the victims, though the time frame for such repayment is unclear.<ref>[http://www.pcworld.com/article/2010586/bitcoin-exchange-back-online-after-hack.html?tk=rel_news Bitcoin exchange back online after hack]. PCWorld</ref>

===Taxation===
In September 2012, the Intra-European Organization of Tax Administrations (IOTA), in Tbilisi, Georgia, held a workshop titled "Auditing Individuals and Legal Entities in the Use of e-Money." The workshop was attended by representatives from 23 countries.<ref name="Bitcoin Tax issues Oct 2012">{{cite journal | title=2012 TNT 209-4 NEWS ANALYSIS: VIRTUAL CURRENCY: A NEW WORRY FOR TAX ADMINISTRATORS?. (Release Date: OCTOBER 17, 2012) (Doc 2012-21516) | author=Stewart, David D. and Soong Johnston, Stephanie D. | journal=Tax Notes Today | year=2012 | month=October 29 | volume=2012 TNT 209-4 | issue=2012 TNT 209-4}}</ref> Jerry Taylor, IOTA's technical taxation expert, said, "There's an awful lot happening on the Internet environment which is fascinating at the moment and introducing new challenges for auditors when it comes to virtual currency."<ref name="Bitcoin Tax issues Oct 2012">{{cite journal | title=2012 TNT 209-4 NEWS ANALYSIS: VIRTUAL CURRENCY: A NEW WORRY FOR TAX ADMINISTRATORS?. (Release Date: OCTOBER 17, 2012) (Doc 2012-21516) | author=Stewart, David D. and Soong Johnston, Stephanie D. | journal=Tax Notes Today | year=2012 | month=October 29 | volume=2012 TNT 209-4 | issue=2012 TNT 209-4}}</ref> Bitcoin was mentioned during the workshop.<ref name="Bitcoin Tax issues Oct 2012">{{cite journal | title=2012 TNT 209-4 NEWS ANALYSIS: VIRTUAL CURRENCY: A NEW WORRY FOR TAX ADMINISTRATORS?. (Release Date: OCTOBER 17, 2012) (Doc 2012-21516) | author=Stewart, David D. and Soong Johnston, Stephanie D. | journal=Tax Notes Today | year=2012 | month=October 29 | volume=2012 TNT 209-4 | issue=2012 TNT 209-4}}</ref>

Matthew Elias, founder of the [[Cryptocurrency Legal Advocacy Group]] (CLAG) published "Staying Between the Lines: A Survey of U.S. Income Taxation and its Ramifications on Cryptocurrencies", which discusses "the taxability of cryptocurrencies such as Bitcoin."<ref name="Bitcoin Tax issues Oct 2012">{{cite journal | title=2012 TNT 209-4 NEWS ANALYSIS: VIRTUAL CURRENCY: A NEW WORRY FOR TAX ADMINISTRATORS?. (Release Date: OCTOBER 17, 2012) (Doc 2012-21516) | author=Stewart, David D. and Soong Johnston, Stephanie D. | journal=Tax Notes Today | year=2012 | month=October 29 | volume=2012 TNT 209-4 | issue=2012 TNT 209-4}}</ref> CLAG "stressed the importance for taxpayers to determine on their own whether taxes are due on a Bitcoin-related transaction based on whether one has "experienced a realization event."<ref name="Bitcoin Tax issues Oct 2012">{{cite journal | title=2012 TNT 209-4 NEWS ANALYSIS: VIRTUAL CURRENCY: A NEW WORRY FOR TAX ADMINISTRATORS?. (Release Date: OCTOBER 17, 2012) (Doc 2012-21516) | author=Stewart, David D. and Soong Johnston, Stephanie D. | journal=Tax Notes Today | year=2012 | month=October 29 | volume=2012 TNT 209-4 | issue=2012 TNT 209-4}}</ref> Such examples are "when a taxpayer has provided a service in exchange for Bitcoins, a realization event has probably occurred, and any gain or loss would likely be calculated using fair market values for the service provided."<ref name="Bitcoin Tax issues Oct 2012">{{cite journal | title=2012 TNT 209-4 NEWS ANALYSIS: VIRTUAL CURRENCY: A NEW WORRY FOR TAX ADMINISTRATORS?. (Release Date: OCTOBER 17, 2012) (Doc 2012-21516) | author=Stewart, David D. and Soong Johnston, Stephanie D. | journal=Tax Notes Today | year=2012 | month=October 29 | volume=2012 TNT 209-4 | issue=2012 TNT 209-4}}</ref>

[[Peter Vessenes]], [[Bitcoin Foundation|Bitcoin Foundation's]] executive director, said, since the foundation is trying to pay for everything in Bitcoin, including salaries, "How do we W-2 someone for their Bitcoins? Do we mark-to-market every time a transfer happens? Payroll companies cringe."<ref name="BitCoin Tax issues Oct 2012">{{cite journal | title=2012 TNT 209-4 NEWS ANALYSIS: VIRTUAL CURRENCY: A NEW WORRY FOR TAX ADMINISTRATORS?. (Release Date: OCTOBER 17, 2012) (Doc 2012-21516) | author=Stewart, David D. and Soong Johnston, Stephanie D. | journal=Tax Notes Today | year=2012 | month=October 29 | volume=2012 TNT 209-4 | issue=2012 TNT 209-4}}</ref> The Bitcoin Foundation hopes "to push for solid guidance about its legal and tax treatment." [[Patrick Murck]], legal counsel for the Bitcoin Foundation, said he would like "to help regulators understand the technology better so they can make better decisions."<ref name="BitCoin Tax issues Oct 2012">{{cite journal | title=2012 TNT 209-4 NEWS ANALYSIS: VIRTUAL CURRENCY: A NEW WORRY FOR TAX ADMINISTRATORS?. (Release Date: OCTOBER 17, 2012) (Doc 2012-21516) | author=Stewart, David D. and Soong Johnston, Stephanie D. | journal=Tax Notes Today | year=2012 | month=October 29 | volume=2012 TNT 209-4 | issue=2012 TNT 209-4}}</ref> Murck said, "Bitcoin has the potential to become much more than a niche currency, but it needs the guidance and understanding of regulators." and "The full potential of Bitcoin could be realized through clearer guidelines and a better understanding by financial and tax regulators." and "Part of making that happen is to talk to regulators, the IRS, and tax professionals and helping them understand that Bitcoin is not this nefarious thing, it's just software, it's a community, and there's nothing inherently nefarious about either of those things."<ref name="BitCoin Tax issues Oct 2012">{{cite journal | title=2012 TNT 209-4 NEWS ANALYSIS: VIRTUAL CURRENCY: A NEW WORRY FOR TAX ADMINISTRATORS?. (Release Date: OCTOBER 17, 2012) (Doc 2012-21516) | author=Stewart, David D. and Soong Johnston, Stephanie D. | journal=Tax Notes Today | year=2012 | month=October 29 | volume=2012 TNT 209-4 | issue=2012 TNT 209-4}}</ref>

==See Also==
* [[Introduction]]
* [[Getting started]]
* [[Using_Bitcoin|Detailed tutorial]]
* [[FAQ]]
* [https://www.weusecoins.com What Is Bitcoin?]
* [https://www.bitcoinmining.com What Is Bitcoin Mining?]

==References==
<references />

[[Category:Digital currencies]]
{{wp}}{{p-move}}{{good}}
[[es:Bitcoin]][[de:Bitcoin]]

Template:As of

2018-09-19T16:29:11Z

Waldyrious: make documentation visible in template page

<noinclude>

;Usage
* mandatory parameter 1 is the year
* optional parameter 2 is the month
* optional parameter 3 is the day of the month
* optional named parameter <code>alt=[text]</code> is alternative display text (may include wiki markup)
* optional named parameter <code>df=US</code> produces American date format in displayed text
* optional named parameter <code>lc=on</code> gives lower-case-first output
* optional named parameter <code>url=[URL]</code> gives statement reference

</noinclude><includeonly>{{#if: {{{alt|}}} | {{{alt}}} | {{#ifeq: {{{lc}}} | {{{lc|}}} | a | A }}s of {{#if: {{{3|}}} | {{Start date | {{{1}}} | {{MONTHNUMBER|{{{2}}}}} | {{{3}}} | df={{#ifeq:{{lc:{{{df|}}}}}|us||yes}} }} | {{#if: {{{2|}}} | {{MONTHNAME|{{{2}}}}} }} {{{1}}} }}}}[{{#if:{{{url|}}}|{{{url}}} [ref]|{{fullurl:{{PAGENAME}}|action=edit}} [update]}}]{{DMCA|Articles containing potentially dated statements|from|{{#if: {{#ifexpr: {{{1}}} = 1 }} | {{#ifexpr: {{#time:Y|{{{1}}}}} > 2004 | {{{1}}} | {{#ifexpr: {{#time:Y|{{{1}}}}} > 1989 | {{#time:Y|{{{1}}}}} | before 1990 }}}} | {{#ifexpr: {{{1}}} > 2004 | {{#if:{{{2|}}} | {{MONTHNAME|{{{2}}}}} }} {{{1}}} | {{#ifexpr:{{{1}}} > 1989 | {{{1}}} | before 1990 }}}}}}|All articles containing potentially dated statements}}</includeonly><noinclude>;Example output: As of {{Start date|{{CURRENTYEAR}}|{{CURRENTMONTH}}|{{CURRENTDAY}}|df=yes}}[http://en.wikipedia.org/wiki/Template:As_of [ref]]

</noinclude>

Thin Client Security

2018-05-22T08:20:05Z

Waldyrious: tweak category sort key

Recently there have been a number of proposals for bitcoin clients which do not store a complete copy of every block in the entire block chain. This page will refer to all such clients as "thin clients". This page is meant to be a place to try to make sense of the security and trust implications of the various schemes.

== Full Node vs. Thin Clients ==

It is important to distinguish between block height verification and block depth verification.

A full node client verifies that all preceding blocks are valid in order to guarantee that a transaction is valid. Currently only the Satoshi client, libbitcoin, and btcd do full node verification. Full nodes are the fundamental anchor of trustless security in the Bitcoin system.

A client verifies the depth D of a block by checking that there are D blocks '''after''' it (also called "confirmations"), all of which are well-formed. Thin clients don't verify the preceding blocks, they use the number of confirmations (whether they are valid or not) as a measure of the likelihood of a [[Chain_Reorganization|block chain reorganization]] producing a new longer fork which excludes the transaction.

== Full Node Clients ==

The "thick" bitcoin client downloads a copy of the entire chain, including all transactions (not just headers). It will be used as the reference point for security comparisons below.

A full-node client uses the [[Protocol_rules#Blocks well-formed|difficultywise-longest]] valid block chain it can find. A transaction's ''depth'' (the number of blocks or confirmations ''after'' it) is used to determine the likelihood of the transaction being double-spent due to the emergence of a longer fork.

==== [[bitcoind|bitcoin-qt]] ====

==== [https://github.com/conformal/btcd btcd] ====

==== [[Libbitcoin|libbitcoin-server]] ====

=== Block Retention ===

Once a full-chain client has downloaded the entire chain, it typically retains it (as the Satoshi client did/does).

Satoshi's original paper mentions the possibility of pruning individual transactions, which allows for full nodes which verify the entire transaction history but do not retain it. Because users are required to download and verify the block chain from some other node initially, this change isn't costless.

== Thin Clients ==

This client downloads a complete copy of the headers for all blocks in the entire block chain. This means that the download and storage requirements scale linearly with the amount of time since Bitcoin was invented.

This scheme is described in section 8 of the [http://bitcoin.org/bitcoin.pdf original bitcoin whitepaper].

==== Block Depth Check ====

As Satoshi writes, "[the thin client] can't check the transaction for himself, but by linking it to a place in the chain, he can see that a network node has accepted it, and blocks added after it further confirm the network has accepted it." If we take "X" to be the "number of blocks added after it", then a thin client essentially trusts that a transaction X blocks deep will be costly to forge.

This is very different from the trust model in the "thick" client: the thick client verifies that a transaction's inputs are unspent by actually checking the whole chain up to that point -- there is no "X blocks deep" involved here. At that point it uses "X blocks deep" to decide how likely it is that a longer fork in the chain will emerge which excludes that transaction.

==== [[BitCoinJ|bitcoinj]] ====

A security analysis of some of the issues in bitcoinj can be found [https://bitcoinj.github.io/security-model here]; however:

* The claim that "picking 10 nodes and requiring all of them to be consistent needs much less trust" overlooks the problem of [https://en.bitcoin.it/wiki/Weaknesses#Cancer_nodes "cancer nodes"] and [http://en.wikipedia.org/wiki/Sybil_attack Sybil attacks].
* Many of the security claims are qualified by some form of "if you don't think an attacker controls your internet connection"; see the previous section for a discussion of why this is problematic.

==== [https://bitcointalk.org/index.php?topic=128055.0 picocoin] ====

The library (libccoin) that picocoin is based on includes code for validating scripts and blocks; this could potentially be used to implement a full-chain client.

==== [[Electrum]] ====

Electrum fetches blockchain information from Electrum servers, bitcoin nodes that index the blockchain by address.
Electrum performs Simple Payment Verification to check the transactions returned by servers.
For this, it fetches blokchain headers from about 10 random servers.
In addition, Electrum servers are authenticated by SSL, in order to protect users from MITM attacks.

=== Unused Output Tree in the Block chain (UOT) ===

There have been several proposals (the first appears to be [https://bitcointalk.org/index.php?topic=21995.0 this one] by gmaxwell, who called it an "open transaction tree", although the term "open" is now taken to mean "not yet mined into the block chain" rather than "unspent") to form a tree of unused transaction outputs at each block in the chain, hash it as a Merkle tree, and encode the root hash in the block chain (probably as part of the coinbase input). This will be called an Unused Output Tree (UOT). The first detailed proposal so far appears to be [https://en.bitcoin.it/wiki/User:DiThi/MTUT Alberto Torres' proposal]; etotheipi's [https://bitcointalk.org/index.php?topic=88208.0 ultimate block chain compression] is a variant of this.

If such UOT hashes were included in the block chain, a client which shipped with a [https://en.bitcoin.it/wiki/Vocabulary checkpoint] block that had a UOT would only need to download blocks after the checkpoint. Moreover, once the client had downloaded those blocks and confirmed their UOTs, it could discard all but the most recent block containing a UOT.

Hostile miners may insert blocks into the chain which have what claims to be a UOT, but which is actually invalid. It is unlikely that such blocks could be kept out of the chain because, again, this would require adding a new block validity criterion, and miners implementing this new criterion would risk "mining on the wrong side" of a fork, which could cost them a lot of money. Therefore, any UOT strategy would need to cope with the fact that not every block containing a UOT entry can be trusted.

Note that at the present moment no standard format for such Unused Output Tree hashes has been agreed upon, nor do any of the blocks in the chain contain them. The [https://bitcointalk.org/index.php?topic=91954 ultraprune] feature added to bitcoind-0.8 maintains a similar data structure on the client's disk. It does not put this data structure or its hash anywhere in the block chain.

== Server-Trusting Clients ==

These clients involve a high level of trust in the server they rely upon. Mechanisms for authenticating the server, and for confirming that the server has not been compromised, are usually not explained.

All thin clients listed below currently connect to a single server, and are vulnerable to an attack similar to a double-spend. The attack can be run by that single server - the server can just lie to them that they received a Bitcoin transaction, and they, assuming the server does not lie, perform some service, transfer funds or send goods without actually receiving any Bitcoin in exchange. Therefore, they are implicitly trusting it.

Future enhancements have been suggested that will have the client talk to multiple servers and broadcast transactions and query all of them. Unfortunately it is well known to security researchers that this does not actually increase security; it simply makes the exploits more complicated and difficult to find. Security researchers have a name for this phenomenon: it is called a "Sybil attack"<ref>http://en.wikipedia.org/wiki/Sybil_attack</ref>. [https://bitcointalk.org/index.php?topic=88208.msg975201#msg975201 This post] on bitcointalk explains how some governments (notably Iran and China) already perform these sorts of attacks on their own citizens, with the coerced assistance of SSL certificate authorities.

Clients with a checkpoint (even a very old one) that download and validate the headers for the whole block chain are [http://bitcoinmedia.com/the-irc-bootstrap-method-is-flawed/#comment-4243 not vulnerable] to Sybil attacks in the following sense: they can always ensure that an attack would cost more than the amount being stolen.

=== [[BCCAPI]] ===

== Other ==

* A [http://sourceforge.net/mailarchive/message.php?msg_id=28633866 thread] on bitcoin-dev
* A [http://bitcoin.stackexchange.com/questions/2584/is-reclaiming-disk-space-already-implemented-how-effective-will-it-be/2589 question] on bitcoin.stackexchange.com
* The [[Weaknesses#Sybil_attack|sybil attack (also known as "cancer nodes")]] paragraph explains some of the issues with thin clients that base security on trusting whatever "a majority of the IP addresses I can see" say.
* [http://bitcoin.stackexchange.com/questions/2613/how-secure-are-various-models-of-bitcoin-clients related discussion on Stack Exchange]
* A hypothesized [https://bitcointalk.org/index.php?topic=134318.msg1441171#msg1441171 intermediate security class] between thin clients and full-chain validation.

<references>

[[Category:Technical]]
[[category:Clients| ]]
[[Category:Security]]

Hardware wallet

2018-05-22T08:19:19Z

Waldyrious: tweak category sort key

A '''hardware wallet''' is a special type of [[wallet|bitcoin wallet]] which stores the user's private keys in a secure hardware device.

They have major advantages over standard software wallets:

* private keys are often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext
* immune to computer viruses that steal from software wallets
* can be used securely and interactively, as opposed to a [[paper wallet]] which must be imported to software at some point
* much of the time, the software is open source, allowing a user to validate the entire operation of the device

This page is an attempt to summarize all the known developments of hardware wallets that can use Bitcoin as part of their operation.

== Security risks ==

To date there have been no verifiable incidents of Bitcoins stolen from hardware wallets. Hardware wallets are relatively new, but at least for the time being they have maintained a good track record, unlike the numerous incidents of Bitcoin theft from Internet-connected computers.

However, it's important to understand that hardware wallets are a high value target and depend on various assumptions holding true to maintain security. They are not a silver bullet, and there are several realistic ways in which a hardware wallet can fail to protect your Bitcoin. These risks need to be carefully considered when deciding how much trust to place in a hardware wallet, and which hardware wallet to buy.

How a hardware wallet could fail to protect your Bitcoin:

# '''Malware swaps recipient Bitcoin addresses''': a hardware wallet won't protect you from being tricked into sending Bitcoin to the wrong address. For example, malware on a PC could monitor for high value transactions and then swap out the recipient's authentic Bitcoin address for an address controlled by the attacker. When the stakes are high, multi factor (e.g., over the phone) confirmation of a recipient's Bitcoin address is recommended.
# '''Insecure RNG ([https://en.wikipedia.org/wiki/Random_number_generation Random Number Generator])''': hardware wallets rely on the security of an RNG, often embedded in hardware, to generate your wallet's private keys securely. Unfortunately, it is notoriously difficult to verify the true randomness of the RNG. An insecure RNG may create wallet keys that can later be recreated by an attacker, by generating psuedo-randomness that would seem statistically indistinguishable from true randomness yet still be predictable to an advanced attacker. An RNG may become insecure as a result of malicious weakening or an unintentional mistake. This failure mode is common to any wallet generation procedure in which the true randomness of the source of entropy being used can not be verified.
# '''Imperfect implementation''': the security of all computing devices relies on the quality of their implementation. Hardware wallets are no exception. Bugs at the software, firmware or hardware level may allow attackers to break into a hardware wallet and gain unauthorized access to secrets. Even if the design is perfect, proving the security of a hardware or software implementation is a very hard, mostly unsolved problem. To date, no wallet in existence is implemented using provably correct software.
# '''Compromised production process''': even a perfect software and hardware implementation of a hardware wallet would be vulnerable to a corrupt production process that introduces intentional or unintentional holes into the final product. The introduction of hardware backdoors is a [https://www.wired.com/2016/06/demonically-clever-backdoor-hides-inside-computer-chip/ real concern] for high risk financial and military applications.
# '''Compromised shipping process''': a compromised fulfillment process may substitute or modify secure devices for superficially identical but insecure replacements. Government programs that intercept hardware and modify them in route to insert backdoors [https://arstechnica.com/.../photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/ are known to exist].

In summary:

* While not a silver bullet hardware wallets can still be extremely useful, assuming you take care to use a good one: an authentic device manufactured by trustworthy, technically competent security experts with a good reputation (e.g., [[TREZOR]]).

* [[Cold storage]] solutions implemented with open source software and general purpose hardware (e.g., [[BitKey]], Pi Wallet), using a verifiable source of entropy such as physical dice may provide superior security for some use cases (e.g., long term savings).

== Commercial hardware wallets (ordered chronologically) ==

=== Pi Wallet - cold storage ===
[[File:Piwallet.jpeg|300px|thumb|left|Pi-Wallet]]

The Pi-Wallet is a small computer with the [[Armory]] bitcoin client.

Transactions are signed offline, then transferred on a USB stick via [https://en.wikipedia.org/wiki/Sneakernet Sneakernet] to an online system for broadcasting.

[https://www.pi-wallet.com/ pi-wallet.com]

 

=== [[TREZOR]] The Bitcoin Safe ===
[[File:Trezor-tx.jpg|300px|thumb|left|Confirming the transaction with TREZOR]]

[[TREZOR]] is a secure bitcoin storage and a transaction signing tool. The private keys are generated by the device and never leave it thus they cannot be accessed by a malware.

It uses a deterministic wallet structure which means it can hold an unlimited number of keys ([[BIP 0032]]/[[BIP 0044]]). A recovery seed is generated when the device is initialized. In case TREZOR gets lost or stolen, all its contents can be recovered using this seed (private keys, bitcoin balance and transaction history) into a new device or another [[BIP 0039]]/[[BIP 0044]] compatible wallet.

TREZOR also introduced a unique way of PIN entering preventing keyloggers from recording it even when entered on a compromised computer. An encryption passphrase can be set on top of the PIN protection. More passphrases can be used for plausible deniability.

[https://BuyTrezor.com E-shop BuyTrezor.com] | [https://doc.satoshilabs.com/ TREZOR Documentation] | [https://bitcointrezor.com BitcoinTrezor.com]

 

=== Ledger HW.1 - USB Smartcard Hardware Wallet ===
[[File:Btchip_dongle.jpg|220px|thumb|left|HW.1 inserted in a laptop]]

HW.1 is an implementation of a deterministic ([[BIP 0032]]) Hardware Wallet on a USB smartcard.

It is typically used as a blind secure device for multi signature transactions - holding a set of derived private keys and signing transactions without requiring user confirmation.

Power users can rely on it to confirm all transactions with a second factor scheme turning the dongle into a keyboard typing what the user is supposed to have signed, as a protection against malware.

It is also possible to customize HW.1 for more specific needs, such as creating a prepaid card without revealing the deterministic seed before it is received by the user, or securing bitcoin transactions on a server.

[https://www.ledgerwallet.com/products/3-ledger-hw-1 E-shop] | [https://ledgerhq.github.io/btchip-doc/bitcoin-technical.html Technical Documentation]

 

=== Ledger Nano - USB Smartcard Hardware Wallet ===
[[File:ledger_wallet_photo.jpg|300px|thumb|left|Ledger Wallet USB]]

Ledger Nano protects your Bitcoin data within a smartcard. Its micro-processor certified against all types of attacks (both physical and logical), and has been used in the banking industry for decades (think credit card chips). The device connects to your computer through the USB port and will do all the Bitcoin cryptographic heavy lifting such as signing transactions inside its secure environment. You can therefore use your Bitcoin account with maximum trust, even on an insecure or compromised computer.

The second factor verification of the transaction signature can be done either with a paired smartphone (Android, iOS) or a physical security card.

The Ledger Wallet Chrome application (available also on Chromium) provides an easy onboarding as well as a seamless user experience, and the Nano is compatible with numerous third party software: [[Electrum]], [[Mycelium]], [[GreenAddress]], Greenbits, [[Coinkite]] and Copay.

[https://www.ledgerwallet.com/products/1-ledger-nano Ledger Nano product page] | [https://github.com/LedgerHQ Source and specifications]

 

=== Ledger Unplugged - NFC Smartcard Hardware Wallet ===
[[File:ledger_unplugged_photo.jpg|300px|thumb|left|Ledger Unplugged NFC]]

The Ledger Unplugged is a credit card sized NFC hardware wallet. It embeds an open source Java Card app and is compatible with all NFC enabled Android phones.

The device can be used with Mycelium or Greenbits. In case of loss, you can restore it on any Ledger Wallet (Nano or another one) or all other compatible solutions (BIP 39).

[https://www.ledgerwallet.com/products/6-ledger-unplugged Ledger Unplugged product page] | [https://github.com/LedgerHQ/ledger-javacard Source code]

 

=== BWALLET TREZOR clone ===

[[File:BWALLET_Trezor_Clone.jpeg|200px|thumb|left|Chinese clone of Trezor]]

BWALLET is a clone of Trezor by a Chinese company.
Trezor code is open source and this device operates like a Trezor.
However, this product has been [https://www.reddit.com/r/Bitcoin/comments/2tyier/bwallet_review_by_trezor_developer/ reviewed by Merek aka Slush(Trezor developer)] and he has found some problems which makes this device less than 100% compatible, for example it doesn't work with [http://mytrezor.com myTREZOR.com] website and it does not work with Trezor official firmware.

[http://mybwallet.com MyBWALLET.com] | [http://www.bidingxing.com/en/bwallet Buy BWALLET]

 

=== KeepKey: Your Private Bitcoin Vault ===
[[File:keepkey.jpg|300px|thumb|left|KeepKey showing a bitcoin transaction that needs to be manually approved.]]

KeepKey is a USB device that stores and secures your bitcoins. When you entrust KeepKey with your money, each and every bitcoin transaction you make must be reviewed and approved via it's OLED display and confirmation button.

KeepKey has a unique recovery feature utilizing a rotating cipher to restore private keys with a [[BIP 0039]] recovery seed. This means it is not necessary to store your private keys on KeepKey: the recovery process is secure enough so that KeepKey can be used as a transaction device for paper wallets.

[https://www.keepkey.com keepkey.com]

 

=== Opendime: Bitcoin Credit Stick ===

[[file:Opendime.jpeg|400px|thumb|left|Opendime Package]]

The 1st Bitcoin Bearer Bond or just call it a "Bitcoin Stick"

Opendime is a small USB stick that allows you to spend Bitcoin like a dollar bill. Pass it along multiple times.
Connect to any USB to check balance. Unseal anytime to spend online. Trust no one.

It comes in the shape of a mini USB, and [[Opendime-ui.png|setting it up is astonishingly quick and simple]]. You plug OpenDime into a USB port, and it behaves just like a USB drive with a tiny amount of storage. In its folder, is a web page. You open the webpage in your browser, and there’s only one instruction to follow: “Drop a file onto the drive”. Once you do that, the OpenDime automagically generates a unique address for you to receive Bitcoin with.

[http://www.opendime.com Opendime.com]

* [https://opendime.com/#faq Opendime FAQ]
* You can watch a [https://www.youtube.com/watch?v=9UFF9d3Y1BY video here]
* Read this [https://medium.com/@beautyon_/exquisite-opendime-ad1195a2790e review]
* Multi-language user interface: 中文 • 日本語 • English • Portuguese • Français • Deutsch • Русский
* Works as USB drive with no need for software
* [https://github.com/opendime/electrum Opendime Electrum plugin]
* [https://github.com/opendime/ Opendime source files and key verification]

 

=== CoolWallet: The Ultimate Bitcoin Safe ===


[[File:CoolWallet in the box.jpeg|300px|thumb|left|CoolWallet showing Launch App, waiting for user to connect with smartphone via Bluetooth]]

CoolWallet is a credit card sized Bluetooth device that stores and secures your bitcoins and private keys. It fits in your wallet and works wirelessly.

Every Bitcoin transaction must be manually confirmed and approved through its e-paper display and button.

CoolWallet only acknowledges the paired smartphone. Whoever stole the CoolWallet are not able to steal any bitcoins. Using recovery Seed can restore all your bitcoins in case you lost the device.

[https://coolbitx.com coolbitx.com] | [https://github.com/CoolBitX-Technology/coolwallet-ios Source and specifications]

 

=== BlochsTech card: Your user friendly Bitcoin wallet ===


[[file:BlochsTech Bitcoin card hardware wallet.jpg|300px|thumb|left|Graphic printed on front of BlochsTech cards.]]

The BlochsTech open Bitcoin card is an open protocol secure hardware Bitcoin wallet your grandmother could use.
For shops it's faster to accept than slow QR code based wallets and more reliable as it works offline.

Currently it's of course in a novelty phase like Casascius coins (of which thousands were sold),
however in the long run it is fully capable of functionally replacing the VISA system in all nations.

[http://www.BlochsTech.com BlochsTech.com]

 

=== BitLox Bitcoin Hardware Wallet ===
[[file:Bitlox.jpg|300px|thumb|left|BitLox Bitcoin Hardware Wallet]]

BitLox is a metal cased (aluminum or titanium) bitcoin hardware wallet that works with their own web based wallet by USB and apps for iPhone and Android using Bluetooth LE.

At present it is the only bitcoin hardware wallet you can buy that works with iPhone. The device weighs one ounce and is the size of a credit card 4 mm thick.

Bitlox allows you to set up hidden wallets. Unlike other hardware wallets your seed is never displayed on a connected computer or phone but only on the Bitlox. All your wallet, device and transaction PINs are only entered on the BitLox and never on any app.

BitLox has also implemented several advanced security features not available on any other bitcoin hardware wallet.

[http://www.bitlox.com bitlox.com]

 

=== Digital Bitbox ===
[[file:Digital-bitbox.png|thumb|left|Digital Bitbox Hardware Wallet]]

* Secure hardware RNG & key storage using [http://www.atmel.com/Images/Atmel-8914-CryptoAuth-ATAES132A-Datasheet.pdf crypto element] with 50 year lifespan and an epoxy-filled case.
* Offline backup and recovery of [[BIP_0032|BIP-32]] seed with a micro SD card rather than [[BIP_0039|BIP-39]] phrase written on paper as in Trezor.
* Native software wallet client and ability to use a mobile phone for 2FA and to verify transaction details.
* Multisig out-of-the-box including Copay support.
* [https://github.com/digitalbitbox Open Source] ([https://github.com/digitalbitbox/mcu#digital-bitbox-firmware firmware], [https://github.com/digitalbitbox/mcu/blob/bf48984fd4a47d9ebf6814f7d01b078964587c7c/src/bootloader.c bootloader], [https://github.com/digitalbitbox/dbb-app desktop client]).
* Full FIDO U2F support (https://en.wikipedia.org/wiki/Universal_2nd_Factor)
* Made in Switzerland (a country with strong privacy laws) by [[Bitcoin Core]] developer Jonas Schnelli.

[https://digitalbitbox.com digitalbitbox.com]

 

=== Ledger Nano S - USB Smartcard Hardware Wallet ===
[[File:ledger_wallet_nanos_photo.png|300px|thumb|left|Ledger Wallet Nano S]]

Ledger Nano S is a secure Bitcoin hardware wallet. It connects to any computer through USB and embeds a built-in OLED display to double-check and confirm each transaction with a single tap on its buttons. It is architectured around a Secure Element (ST31 family) and built on top of the BOLOS platform, a powerful and flexible Operating System allowing the secure execution of multiple Open Source applications in full isolation.

Main features:
* cryptographic secrets protected by a secure chip
* open source embedded Bitcoin app
* Confirmation of transactions on the embedded screen
* Built-in 4 digits PIN security lock
* Built-in onboarding (seed generation and recovery)
* BIP39 seed (12/18/24 words), easy backup and restoration
* Multi-apps support: FIDO U2F, GPG, SSH…
* USB connectivity
* Foldable and compact casing

[https://www.ledgerwallet.com/products/12-ledger-nano-s Ledger Nano S product page]

 

=== Swiss Bank in Your Pocket - Hardware wallet ===
[[File:SBIYP.png|300px|thumb|left|Swiss Bank In Your Pocket]]

The Swiss Bank in Your Pocket is a Windows Desktop Application providing functionality for 5 Bitcoin Wallets and a Bitcoin Vault.

The Bitcoin Vault can only send Bitcoins to the Bitcoin Wallets with in the application. Each Bitcoin wallet can have up to 5 Receive addresses. The intuitive user interface is designed for ease of use. USB security key is required to make any type of transaction. frontend software is installed on windows. Package includes secure USB key, and an additional recovery USB key. So in case of an accident, customer will have an additional backup to access their wallets.

The device currently have Bitcoin and Ethereum wallets. More upgrades coming to include other altcoin wallets (e.g. Bitcoin Cash, EOT Coin).

[https://swissbankinyourpocket.com/ swissbankinyourpocket.com]

 

=== Secalot ===
[[File:secalot_wallet.png|300px|thumb|left|Secalot]]

Main features:
* Software and hardware are fully open sourced.
* Utilizes a secure microcontroller with a high performance dedicated cryptographic co-processor.
* Integrates with the popular Electrum wallet.
* PIN-code protected.
* Confirm transactions with a touch button press on the device.
* Supports P2PKH, P2SH, and segWit transactions.
* Updatable firmware.
* Extra functionality: OpenPGP smart card, FIDO U2F authenticator, one-time password generator.

Website: [https://www.secalot.com www.secalot.com]

 

== Not purchasable hardware wallets ==

=== BitcoinCard Megion Technologies-Card based wallet ===
[[File:Bitcoincard-medley-large.jpg|400px|thumb|left|Bitcoin Card]]
[http://www.bitcoincard.org/ Bitcoincard Home Page]

[http://blog.bitinstant.com/blog/2012/6/19/our-discovery-in-vienna-the-bitcoin-card.html Excellent review by evoorhees]

Incorporates a e-paper display, keypad, and radio (custom ISM band protocol.) Unfortunately it is fairly limited in terms of transaction I/O, requiring a radio gateway or another bitcoincard wherever funds need to be transferred.

 

=== BitSafe - allten/someone42's hardware wallet ===
[[File:Bitsafe-wallet-sizecompare.jpg|200px|thumb|left|Bitsafe wallet]]
[https://bitcointalk.org/index.php?topic=152517.0 Final BitSafe announcement]

Signing transactions only, requires USB host software for transactions & USB power. Has a OLED display and Confirm/Cancel buttons. Evolved out of someone42's prototype below, and has significant contributions from someone42 as well.
 
=== someone42's original prototype ===
[[File:Someone42-wallet-prototype.jpg|300px|thumb|left|someone42's original prototype]]
[https://bitcointalk.org/index.php?topic=78614.0 Hardware Bitcoin wallet - a minimal Bitcoin wallet for embedded devices]

Signing transactions only, requires USB host software for transactions & USB power. All work is rolled into the above BitSafe wallet currently.
 
=== Other/Defunct but with good discussion: ===
* natman3400's BitClip Jun 2011 [https://bitcointalk.org/index.php?topic=24852.0 https://bitcointalk.org/index.php?topic=24852.0]
:Seems to have gone defunct around Dec 2011. Some good ideas though and seemed to have started on execution.
* jim618 hardware wallet proposal Apr 2012 [https://bitcointalk.org/index.php?topic=77553.0 Dedicated bitcoin devices - dealing with untrusted networks]
:Great discussion and good ideas from jim618. Also linked the following video:
* Prof. Clemens Cap's hardware wallet? (video:)[https://www.youtube.com/watch?v=IavQ-Wc8S1U Clemens Cap about electronic bitcoin wallet at EuroBit]
:Clemens Cap of Uni Rostock explains the Electronic Bitcoin wallet device he's working on. It's based on adafruit microtouch device.
* ripper234's discussion based on Yubikeys Aug 2012 [https://bitcointalk.org/index.php?topic=99492 Having a YUBIKEY as one of the parties for m-of-n signatures]
:The use of Yubikeys. They only support symmetric crypto, so you'd have to trust the host device.
* kalleguld's hardware wallet proposal Oct 2012 [https://bitcointalk.org/index.php?topic=115294.0 Proposal: Hardware wallet (Win 3 BTC)]
* Vaporware: Matthew N Wright's ellet [https://bitcointalk.org/index.php?topic=85931.0 ANN The world's first handheld Bitcoin device, the Ellet!] (Vaporware)

== Smart Card based wallets ==
This type of device requires complete trust in the host device, as there is no method for user input.
See [[Smart card wallet]]

== Related Resources ==
* [https://bitcoinnewsmagazine.com/best-bitcoin-hardware-wallet-2015/ Best Bitcoin Hardware Wallet 2015] - reviews of all bitcoin hardware wallets.
* [http://99bitcoins.com/trezor-vs-ledger-hands-hardware-wallets-review/ TREZOR vs. Ledger] - User reviews and Reddit feedback
* [https://bitcointalk.org/index.php?topic=125383.0 Hardware wallet wire protocol]: slush's Hardware wallet wire protocol discussion
* [https://bitcointalk.org/index.php?topic=19080.msg272348#msg272348 Re: Split private keys]: kjj's Todo List discussion for client protocol requirements
* [https://bitcointalk.org/index.php?topic=134277.0 Hardware Wallet Roundup]
* [https://www.buybitcoinworldwide.com/wallets/ Bitcoin Hardware Wallet Comparison] - information about using Bitcoin hardware wallets for cold storage.
* [https://www.weusecoins.com/bitcoin-ledger-wallet-review/ Ledger Wallet Review]

== See Also ==

* [[Storing bitcoins]]
* [[How to set up a secure offline savings wallet]]
* [[Cold storage]]

[[Category:Security]]
[[Category:Wallets| ]]
[[Category:Hardware]]

Two-factor paper wallet

2018-05-22T08:19:07Z

Waldyrious: tweak category sort key

'''This is an old idea which is much better implemented by [[Mnemonic_phrase#Two-Factor_Mnemonic_Phrases|Two-factor mnemonic phrases]]'''

I believe it was Casascius that [https://bitcointalk.org/index.php?topic=56414.0 first talked about the idea] of a "2 factor paper wallet". TL;DR - it's a system to securely generate BTC addresses given the risk of any particular machine being injected with trojans.

(If you can find the original discussion, that would be great)

See also [[User:Casascius/Base58Check-encoded_objects_proposal#Proposed_specification_for_a_multi-part_key_using_EC_multiplication|this BIP]].

== How it works ==

# Trusted 3rd party generates a key pair (''Private_1'', ''Public_1''), and sends them to you in the form of laminated paper. ''Public_1'' is derivable from ''Private_1''. The keys are deleted after sending.
# You generate an addition key pair (''Private_2'', ''Public_2'') on your own machine.
# You cryptographically combine ''Public_1'' and ''Public_2'' and get ''Public_final'' - a Bitcoin address.
# You transfer BTC into ''Public_final''
# At a later time, when you want to withdraw funds from it, you combine ''Private_1'' and ''Private_2'' to get ''Private_final'', and withdraw.

The point of the system is that an attacker would have to break into both your systems in order to withdraw funds. It is a way to securely store Bitcoins even if your system potentially contains trojans, without trusting a 3rd party. This scheme can in fact be done with N parties, with each additional part just adding security to the system (suspect Party1 is a CIA snitch? That's ok, because all it takes for this to be secure is one secure party).

[[category:Security]]
[[category:Wallets| ]]

Smart card wallet

2018-05-22T08:18:56Z

Waldyrious: tweak category sort key

This pages gathers resources for the implementation of a Bitcoin wallet on a smart card.

===Rationale===

*Computers and smartphones are target for malware. The software on a smart card can be protected.
*Smart cards do not need a battery, nor internet connection, they are robust.
*Adoption: people are already used to paying with smart cards.

===Desired features===

*no blockchain, no node; the card contains only private keys, and an algorithm to sign a transaction
*the smart card should have its own keyboard (for pin code protection) and display (to show the transaction amount)
(<- Alternative to this is the card returning, to the terminal screen, the debit amount multiplied by a number only the card holder knows which cycles from 1 to 100 to 1 incrementing by 1 each transfer - the card is locked 10 minutes if a second amount is send before a pin is typed.)
* The card holder will know pin, puk, private key and address only from when he programmed it or ordered his smart card.
*the card should implement a deterministic wallet, so that funds can be recovered if the card is lost.

===Usage scenario===

* the reading device may belong to a merchant at a point of sale; it cannot be trusted with private keys.
* the reading device is connected to a full bitcoin node; it can be trusted for getting and sending blockchain information.
* the reading device sends to the card the current balance of its bitcoin addresses. This information can be cached in the card.
* the reading device sends a bitcoin receiving address and transaction amount to the card.
* the amount is displayed by the card ; the user confirms the transaction with his pin code.
* the smart card creates a signed transaction and sends it to the reading device
* the transaction is checked and broadcast by the bitcoin node.

==Implementation steps==

===1. write a bitcoin daemon that can talk to a lightweight wallet===
*this has been done already, see for example bitcoinjs: https://github.com/bitcoinjs/bitcoinjs-lib
*See also this pull request: [https://github.com/piotrnar/bitcoin/tree/importexporttx importexporttx] can be used to broadcast the transaction
* https://bitcointalk.org/index.php?topic=28278.msg383312#msg383312

===2. write a lightweight wallet===
*wallet without blockchain, in order to test the daemon
*this lightweight wallet will be later implemented on the card
*use it to define the communication protocol between card and reading device.

update: this is done, see [[Electrum]]

===3. implement wallet on a simple smart card===

* http://www.opensc-project.org/opensc openSC : tools and libraries for smart cards.
* amadousarr.free.fr/crypto/ECDSAJAVACARD.pdf : A Software Implementation of ECDSA on a Java Smart Card
* http://www.acs.com.hk : cards, readers, development kits; no display, pincode needs to be typed on the reading device
* http://www.basiccard.com/index.html?overview.htm : Smart Card (ZC7.5) which contains RSA/EC and DES/AES coprocessors. Used in an implementation of the OpenPGP Card 2.0 standard (http://g10code.com/p-card.html)

===4. implement wallet on a smart card with display and pincode ===

list of vendors:
* http://www.nidsecurity.com/products/solution-enterprise.html (smart cards with LCD displays)
* http://www.avesodisplays.com/ (smard cards with flexible displays)

==references==
*https://bitcointalk.org/index.php?topic=7539.0 Bitcoin smartcard Point of Sale terminal
*https://bitcointalk.org/index.php?topic=20933.0 Bitcoin and Smart Cards

[[category:Developer]]
[[category:Technical]]
[[category:Wallets| ]]
[[Category:Mobile]]

Mobile Payment Apps

2018-05-22T08:18:43Z

Waldyrious: tweak category sort keys

List of Mobile apps used for payments.

{| class = "wikitable"|
|-
| App || Android || iPhone || Nokia || BlackBerry || QR-code || NFC || Btc Storage || OpenSource || Last Active || Comments
|-
| [[Airbitz_Bitcoin_Wallet_&_Directory|Airbitz Wallet & Directory Map]] || {{Table Value Yes}} || {{Table Value Yes}} || {{Table Value No}} || {{Table Value No}} || {{Table Value Yes}} || {{Table Value No}} || On Phone + encyrpted backup on server || [https://github.com/Airbitz Github] || 2014-Nov-19 || [https://bitcointalk.org/index.php?topic=815256.0 Forum]
|-
| [[Bitcoin Wallet|Bitcoin Wallet for Android/BB10]] || {{Table Value Yes}} || {{Table Value No}} || {{Table Value No}} || {{Table Value Yes}} || {{Table Value Yes}} || {{Table Value Yes}} || On Phone + encrypted backup || [https://github.com/schildbach/bitcoin-wallet Github] [https://code.google.com/p/bitcoin-wallet/ Google] || 2014-Jan-08 || [https://bitcointalk.org/index.php?board=100.0 Forum]
|-
| [[BitcoinApp]] || {{Table Value No}} || {{Table Value Yes}} || {{Table Value No}} || {{Table Value No}} || ? || ? || On Phone || [https://github.com/udibr/bitcoinApp Github] || 2011-May-18
|-
| [[BitPay]] || {{Table Value Yes}} || {{Table Value No}} || ? || ? || {{Table Value Yes}} || {{Table Value No}} || [[Instawallet]] || [https://github.com/warpi/BitPay Github] || 2011-Sep-26
|-
| [[Bitcoin Express]] || {{Table Value No}} || {{Table Value Yes}} || {{Table Value No}} || {{Table Value No}} || ? || ? || ? || [https://github.com/fingster/BTC-Express Github] || 2011-Jul-24 || [http://bitcointalk.org/index.php?topic=31362.0 Forum]
|-
| [[BitcoinSpinner]] || {{Table Value Yes}} || {{Table Value No}} || {{Table Value No}} || {{Table Value No}} || {{Table Value Yes}} || {{Table Value No}} || On Phone, chain on server || [http://code.google.com/p/bitcoinspinner/ Google] || 2011-12-01 || [http://bitcointalk.org/index.php?topic=52674.0 Forum]
|-
| [[BitStore]] || {{Table Value No}} || {{Table Value Yes}} || {{Table Value No}} || {{Table Value No}} || {{Table Value Yes}} || {{Table Value No}} || On Phone || [https://github.com/BitStore/BitStore-iOS Github] || 2014-08-18 || [https://bitcointalk.org/index.php?topic=661780.0 Forum]
|-
| [[BlockChain.info|Blockchain for iPhone]] || {{Table Value No}} || {{Table Value Yes}}<ref>Cydia / Jailbroken only.</ref> || {{Table Value No}} || {{Table Value No}} || {{Table Value Yes}} || {{Table Value No}} || On Phone, encrypted backup on server || [https://github.com/zootreeves/My-Wallet-iPhone GitHub] || 2012-05-12 || [http://bitcointalk.org/index.php?topic=75673.0 Forum]
|-
| [[BlockChain.info|Blockchain for Android]] || {{Table Value Yes}} || {{Table Value No}} || {{Table Value No}} || {{Table Value No}} || {{Table Value Yes}} || {{Table Value No}} || On Phone, encrypted backup on server || [https://github.com/zootreeves/My-Wallet-Android Github] || 2012-05-12 || [http://bitcointalk.org/index.php?topic=74191.0 Forum]
|-
| [[Bridgewalker]] || {{Table Value Yes}} || {{Table Value No}} || {{Table Value No}} || {{Table Value No}} || {{Table Value Yes}} || {{Table Value No}} || Not applicable, balance is in Euros || Proprietary || 2013-10-03 || [https://bitcointalk.org/index.php?topic=156943.0 Forum]
|-
| [[Instawallet]] || {{Table Value Yes}} || {{Table Value No}} || ? || ? || {{Table Value No}} || {{Table Value No}} || [[Instawallet]] || Proprietary || 2012-06-18 || [https://bitcointalk.org/index.php?topic=73388.msg972384#msg972384 Forum]
|-
| [[FriendlyPay]] || {{Table Value No}} || {{Table Value Yes}} || {{Table Value No}} || {{Table Value No}} || {{Table Value Yes}} || {{Table Value No}} || [[Instawallet]] || Proprietary || 2012-05-12 || [http://bitcointalk.org/index.php?topic=6785.msg869671#msg869671 Forum]
|-
| [[Paytunia]] || {{Table Value Yes}} || {{Table Value Yes}}<ref>Private Beta</ref> || ? || ? || {{Table Value Yes}} || {{Table Value No}} || Server (Hosted) || Proprietary || 2012-05-12 || [http://bitcointalk.org/index.php?topic=75550.0 Forum]
|-
| [[Easywallet.org]] || {{Table Value Yes}} || {{Table Value Yes}} || ? || ? || {{Table Value Yes}} || {{Table Value No}} || Easywallet.org || Proprietary || 2012-05-12 || [https://bitcointalk.org/index.php?topic=75665.0 Forum]
|-
| [[ResponsePay]] || {{Table Value Yes}} || {{Table Value Yes}} || {{Table Value No}} || {{Table Value No}} || {{Table Value Yes}} || {{Table Value No}} || ResponsePay.com || Proprietary || 2012-07-10 || [https://bitcointalk.org/index.php?topic=91431.0 Forum]
|}

==See Also==

* [[Payment methods]]
* [http://dre.tx0.org/compare.htm Open-Source Bitcoin Clients for the Desktop]

==References==
<references />

[[Category:Mobile]]
[[Category:Software]]
[[Category:Clients| ]]
[[Category:Wallets| ]]
[[Category:Free Software]]
[[Category:Open Source]]

User:Waldyrious

2018-05-22T08:17:55Z

Waldyrious: Created page with "Hi, I'm User:Waldir on Wikimedia wikis. Please visit that page for more information about me."

Hi, I'm [[wikipedia:meta:user:waldir|User:Waldir]] on Wikimedia wikis. Please visit that page for more information about me.