Difference between revisions of "Browser-based wallet"

From Bitcoin Wiki
Jump to: navigation, search
(Add note excluding some hybrid wallets from the "Don't store a significant amount of BTC there" notice)
(Remove mentions of "'from' address" and link to "no from address" guide; balance Blockchain.info-like wallet description out with downsides)
Line 17: Line 17:
  
 
* You typically have less anonymity with respect to those who run the online wallet site.
 
* You typically have less anonymity with respect to those who run the online wallet site.
* If a payment is made from an online wallet, the transaction's "from" [[address]] is an address for the wallet provider and not an address reserved specifically for the sender.  This is because the wallet service provider may service the payment from any coins in its possession - your balance is not associated with any particular coins, any more than your balance at your local bank is associated with any specific bills.  Thus if the recipient were to "return" any bitcoins to the same address they were sent from, the sender would not receive those bitcoins.
+
* If a payment is made from an online wallet, the last-sent-to [[address]] (often [https://iwilcox.me.uk/2014/no-from-address incorrectly called a 'from' address]) is an address for the wallet provider and not an address reserved specifically for the sender.  This is because the wallet service provider may service the payment from any coins in its possession - your balance is not associated with any particular coins, any more than your balance at your local bank is associated with any specific bills.  Thus if the recipient were to "return" any bitcoins to the last-sent-to address, the sender would not receive those bitcoins — but last-sent-to addresses are [https://iwilcox.me.uk/2014/no-from-address#assumptions completely unsuitable for that anyway].
  
 
* Not all wallet providers reserve a bitcoin address for the account holder indefinitely.  Bitcoin addresses generally work best when one is assigned for each use.  There is the risk of showing an address from a wallet provider in a directory or on a web page (for donations, as an example) as there is the possibility that at the future date when those bitcoins are sent that the intended recipient still has the wallet account.  The same concern applies should the wallet provider cease operations.
 
* Not all wallet providers reserve a bitcoin address for the account holder indefinitely.  Bitcoin addresses generally work best when one is assigned for each use.  There is the risk of showing an address from a wallet provider in a directory or on a web page (for donations, as an example) as there is the possibility that at the future date when those bitcoins are sent that the intended recipient still has the wallet account.  The same concern applies should the wallet provider cease operations.
  
* There is no trivial way to guarantee that the amount of bitcoins showing for the account holder's balance are truly being held in reserve by the wallet provider.
+
* While there are ways for the wallet provider to [https://iwilcox.me.uk/2014/proving-bitcoin-reserves demonstrate that they operate with full reserves], the practice is not widespread and doesn't protect against security breaches or the owner suddenly absconding with all funds.
  
 
* Transactions to a Bitcoin address from the same wallet provider are usually completed internally and, if so, will not be processed on the Bitcoin P2P network.  Auditing tools such as the [[Block Explorer]] will not show any activity for this transaction.
 
* Transactions to a Bitcoin address from the same wallet provider are usually completed internally and, if so, will not be processed on the Bitcoin P2P network.  Auditing tools such as the [[Block Explorer]] will not show any activity for this transaction.
Line 30: Line 30:
 
==Hybrid e-wallets==
 
==Hybrid e-wallets==
  
After several online bitcoin wallets were hacked, a second wave of online Bitcoin wallets entered the market. Hybrid wallets generally use Javascript on the users browser to manage private keys and create payments.
+
After several online bitcoin wallets were hacked, a second wave of online Bitcoin wallets entered the market. Hybrid wallets generally use Javascript in the user's browser to manage private keys and create payments.
  
 
These wallets differed from traditional online wallet services because the user actually owns the private keys inside their wallet. This approach has several advantages:
 
These wallets differed from traditional online wallet services because the user actually owns the private keys inside their wallet. This approach has several advantages:
  
* The "from" address of a transaction originates from the actual bitcoin address of the user.
+
* The user can look up their account balance in the blockchain and which guarantees their account balance is correct.
* The user can lookup their account balance in the blockchain and which guarantees their account balance is correct.
+
* Users can easily export their private keys out of a wallet to use with another bitcoin client or wallet provider; if they take backups of the code and wallet data, this may even be possible if the provider disappears.
* Users can easily export their private keys out of a wallet to use with another bitcoin client or wallet provider.
+
* The users' keys are stored encrypted on the server, offering some protection for security breaches if strongly encrypted.
* The users keys are stored encrypted on the server offering some protection for security breaches.
+
* As each address has only one user, it's less likely that [https://iwilcox.me.uk/2014/no-from-address misguided attempts to "return" coins] to their last-sent-to address will result in loss of coins.
 +
 
 +
However, there are limits on what this model can achieve:
 +
 
 +
* A single server compromise or abuse of trust can still result in losses for many users if the site serves maliciously modified Javascript.
 +
* Unless users make use of the backup/export facility, they're no less exposed to wallet data loss or confiscation by the provider.
 +
* The user's browser still presents a relatively large attack surface for exploits.
 +
* Facilities for obtaining entropy in the browser of a grade suitable for strong cryptography are currently poor, and custom entropy code almost never undergoes qualified review, so any keys or nonces created at the browser end may be weak.
  
 
==See Also==
 
==See Also==

Revision as of 20:50, 1 June 2014

A browser-based wallet or wallet service is an online account with an external provider where bitcoins can be stored. Examples include accounts on currency exchange Markets, online Services and with ecommerce transaction processors. This definition also includes Hybrid e-wallets.

Warning: When storing your bitcoins with a browser-based wallet on a third-party website, you are trusting that the operator will not abscond with your bitcoins, and that operator maintains secure systems that protect against theft, internal or external. It is recommended that you obtain the real-world identity of the website operator, ensure that sufficient recourse is available and avoid services that do not use an offline wallet (cold storage) for bitcoins that are not needed for daily transactions. Storing significant quantities of bitcoins on third party websites is not recommended. (Note: some Hybrid e-wallets might be exempt from this warning, and adequately safe for storing large amount of Bitcoins. In any case, do your own homework and learn how each site operates).

Benefits

  • Use of a browser-based wallet provider may help improve anonymity against third-parties who watch your IP address use.
  • An account with a wallet service can generally be established in just minutes.
  • Some bitcoin users store some or all of their bitcoins in a browser-based wallet to avoid having to worry about keeping a local wallet secure.
  • Since withdrawals can be made to any Bitcoin address, simply using the withdrawal feature to withdraw to an address that is not yours is functionally equivalent to sending a Bitcoin payment when running the Bitcoin client locally.
  • Some services offer instant, internal transfers. This allows transactions to complete without having to wait for block confirmations.

Things to be aware of

When bitcoins are stored online, the provider retains full control of those amounts. You are trusting a third party to maintain your Bitcoin balance on your behalf. In comparison, if you run the Bitcoin software yourself, you are in full control of your coins so long as the wallet file stored on your computer is kept secret and secure.

Other relevant things:

  • You typically have less anonymity with respect to those who run the online wallet site.
  • If a payment is made from an online wallet, the last-sent-to address (often incorrectly called a 'from' address) is an address for the wallet provider and not an address reserved specifically for the sender. This is because the wallet service provider may service the payment from any coins in its possession - your balance is not associated with any particular coins, any more than your balance at your local bank is associated with any specific bills. Thus if the recipient were to "return" any bitcoins to the last-sent-to address, the sender would not receive those bitcoins — but last-sent-to addresses are completely unsuitable for that anyway.
  • Not all wallet providers reserve a bitcoin address for the account holder indefinitely. Bitcoin addresses generally work best when one is assigned for each use. There is the risk of showing an address from a wallet provider in a directory or on a web page (for donations, as an example) as there is the possibility that at the future date when those bitcoins are sent that the intended recipient still has the wallet account. The same concern applies should the wallet provider cease operations.
  • Transactions to a Bitcoin address from the same wallet provider are usually completed internally and, if so, will not be processed on the Bitcoin P2P network. Auditing tools such as the Block Explorer will not show any activity for this transaction.
    • Some wallet providers allow amounts below 0.01 BTC to be sent if the transaction is to another account holder on the same service. This allows an inexpensive and immediate method to detect if the recipient is using the same wallet provider.
  • The wallet service provider's wallet may be vulnerable to security breaches, loss, or theft. Because Bitcoin transactions are irreversible, there may be limited or no recovery if a provider's master wallet is compromised. Wallet providers who implement preventative controls - such as keeping their reserves in an offline wallet - are likely to be safer.

Hybrid e-wallets

After several online bitcoin wallets were hacked, a second wave of online Bitcoin wallets entered the market. Hybrid wallets generally use Javascript in the user's browser to manage private keys and create payments.

These wallets differed from traditional online wallet services because the user actually owns the private keys inside their wallet. This approach has several advantages:

  • The user can look up their account balance in the blockchain and which guarantees their account balance is correct.
  • Users can easily export their private keys out of a wallet to use with another bitcoin client or wallet provider; if they take backups of the code and wallet data, this may even be possible if the provider disappears.
  • The users' keys are stored encrypted on the server, offering some protection for security breaches if strongly encrypted.
  • As each address has only one user, it's less likely that misguided attempts to "return" coins to their last-sent-to address will result in loss of coins.

However, there are limits on what this model can achieve:

  • A single server compromise or abuse of trust can still result in losses for many users if the site serves maliciously modified Javascript.
  • Unless users make use of the backup/export facility, they're no less exposed to wallet data loss or confiscation by the provider.
  • The user's browser still presents a relatively large attack surface for exploits.
  • Facilities for obtaining entropy in the browser of a grade suitable for strong cryptography are currently poor, and custom entropy code almost never undergoes qualified review, so any keys or nonces created at the browser end may be weak.

See Also