Jump to content

Beginners Guide: Creating a Cold Ripple Wallet (3.0)

Mercury

By Mercury,
in Tutorials

 Share

Recommended Posts

gray

gray

Posted
Posted (edited)
35 minutes ago, Xilobyte said:

You are not the only dev on here.

 
 

I know I'm not every dev on here. You aren't either and don't represent the opinion of all of them either. I'm not trying to argue on the basis of someone's credentials, you are. You've yet to address the actual substance of what I'm saying once.

35 minutes ago, Xilobyte said:

 In your words specifically .. "it would take more time than the universe has existed" so then more than your lifetime and thus impossible. 

 
 

Again, as I've said before... That is *on average.* There is no guarantee that it will take that long. You are guaranteed that it would take that much time to go through the generation of every key in the key space, but you are not guaranteed the order in which you will go through it. You could get particularly lucky and generate the specific key you're looking for on the first try or you could get particularly unlucky and generate it as the last possibility. On average, it you will land exactly in the middle if you are doing a blind brute force attack. Thus, *on average,* it will take half the time that it would take to go through the entire key space to land on a specific key. But, like I just said, you *could* do it on the first try or 10th try, and thus someone *could* generate the same private key someone else already generated. The likelihood of that happening is so low that we can agree that it very unlikely to ever actually happen, and thus we can use cryptocurrency in a secure manner, but it *could* happen.

Edited by gray
Link to comment
Share on other sites
  • Replies 111
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

Mercury
Mercury

<<UPDATED THE TUTORIAL TO USE A NEW WALLET>> Please see last post for notes -Updated Jan 12, 2018   Part of the new Community Beginners Guide series. Other guides in th

ripplerm
ripplerm

a key-pair was created from random-number generator, and you won't be able to reconstruct it without the knowing the secret_key.   if you like to have more options, could try my wallet app a

pucksterpete
pucksterpete
Xilobyte

Xilobyte

Posted
Posted
1 minute ago, gray said:

Satoshi Nakamoto is another guy like you and me on a forum. Nobody knows who he is, and yet his invention has a market cap of several billion dollars, because other people can look at it, understand how it works, and see that it is valid. It doesn't matter who said it if it's true. You don't have to believe me or anyone else. You just have to understand how cryptocurrency works. It's all based on probabilities, not on certainties. That's how cryptography works. I don't know why you are so resistant to this idea. In what way does it make sense that in a bounded key space there would be no way to generate the same key (number) twice...??? It literally makes 0 sense. If you have a way to do this, please share. You'll revolutionize the world of cryptography forever.

 

You chose the argument by quoting me and arguing against me. So go ahead and prove without a doubt that it can be done in a lifetime. I say no. So until some smarty pants creates a duplicate wallet address that belongs to someone else, then no it can not be done. Regardless of your mathematical theory of the amount of time, which suggests that one possibility in millennia is correct, a human being is considering what is possible in a lifetime. 

Brainwallet hacking or colliding with other brainwallets is poor security. If I write a crappy app that produces crappy data and then produce duplicate data because it is crap, I can not go to the crypto community and say "Hey lookie how smart I am and how you are not, I created a collision." Hell for all we know, it was created on purpose hence my previous arguments, DON'T USE ONLINE WALLETS written by unknown entities. They can never be trusted.

You would have to have the exact same entrophy at the exact same millisecond with the exact same seed and the exact same "password" (if used) and then generate the exact same 33 char address using the exact same curve algo. So for the OP, there is nothing to fear. You will not accidentally create a duplicate address for some other dudes wallet (Now I add this) as long as you are using quality software. Using these github sheis and public downloads, could be a trap. Use the wallets created by the organization that have a victim in charge attached to it. Use software written by proper engineers and not some kid sitting around in a flower hat who figured out how to use an API to do generation, to manage your wallets.

To determine what is safe as a new person starting out in the wallet world, start by going directly to the Coin creator and see what software they are recommending. They are betting the success of their coin on those recommendations. If you find none, then using a github wallet or online generator is done at your extreme risk.

Link to comment
Share on other sites
Xilobyte

Xilobyte

Posted
Posted
1 minute ago, gray said:

That is *on average.* There is no guarantee that it will take that long. You are guaranteed that it would take that much time to go through the generation of every key in the key space, but you are not guaranteed the order in which you will go through it. You could get particularly lucky and generate the specific key you're looking for on the first try or you could get particularly unlucky and generate it as the last possibility. On average, it you will land exactly in the middle if you are doing a blind brute force attack. Thus, *on average,* it will take half the time that it would take to go through the entire key space to land on a specific key. But, like I just said, you *could* do it on the first try or 10th try, and thus someone *could* generate the same private key someone else already generated. The likelihood of that happening is so low that we can agree that it very unlikely to ever actually happen, and thus we can use cryptocurrency in a secure manner, but it *could* happen.

So you are determining a security risk with "luck" and other guys on other forums....... When advising newbies on forums, you are forever giving an opinion as far as the newbie is concerned. When they are asking about tech, security or fear factors, give them your opinion based on valuable experience and then argue that opinion and its accuracy with some fact behind it. Perhaps a demonstration or instruction on how they can do it themselves. That will make your opinion powerful and more respected. As a "dev" you should be able to give a better technical arguement for your opinion that can be considered a contribution. Giving us a "chart" with a but of lines is the exact same as "luck", "*could*" and "maybe."

To make you feel all warm and fuzzy inside, yes mathematically in several universes it is "possible" to collide with an address and yes there is no guarantee that the order of that collision happens in the beginning of the attempt or at the end.

Link to comment
Share on other sites
gray

gray

Posted
Posted (edited)
1 hour ago, Xilobyte said:

 

You chose the argument by quoting me and arguing against me.

 

 
 

First, I didn't want to have an argument. I saw something that was misleading and wanted to clear up any confusion for people. I thought you might have just been simplifying it for the benefit of a newbie to understand and wanted to make sure people got the full picture if they wanted it. It was never meant to be a personal attack. 

1 hour ago, Xilobyte said:

You chose the argument by quoting me and arguing against me. So go ahead and prove without a doubt that it can be done in a lifetime. I say no. So until some smarty pants creates a duplicate wallet address that belongs to someone else, then no it can not be done. Regardless of your mathematical theory of the amount of time, which suggests that one possibility in millennia is correct, a human being is considering what is possible in a lifetime. 

 

 
 

I already did prove it without a doubt if you were actually reading my replies. Mathematics is the basis of all cryptography. Trapdoor functions are created by mathematicians. The specific kind use in cryptography are operations performed on elliptic curves, and the reason that we can use them as trapdoor functions is because nobody has figured out a mathematical algorithm to solve the discrete logarithm problem within a reasonable time constraint. If you don't trust maths, then you don't trust cryptography, you don't understand it, or both.

1 hour ago, Xilobyte said:

 

Brainwallet hacking or colliding with other brainwallets is poor security. If I write a crappy app that produces crappy data and then produce duplicate data because it is crap, I can not go to the crypto community and say "Hey lookie how smart I am and how you are not, I created a collision." 

 

 

Yes, I agree, traditional brainwallets are poor security. The reason for this is shown in the Defcon talk I linked to. If you watch it, you can understand why too, instead of taking someone else's word for it. I never said I found or created a collision, I said it is possible for one to exist (indeed, it is a sure thing that they do), even if it is highly improbable for anyone to find one.

1 hour ago, Xilobyte said:

 

Hell for all we know, it was created on purpose hence my previous arguments, DON'T USE ONLINE WALLETS written by unknown entities. They can never be trusted.

 

 

They can be trusted if you understand the code yourself, or if you trust the shared knowledge of many open source developers that have reviewed them. This is dumb logic. Unless you can review the source code yourself, there is ACTUALLY no way to trust a piece of software. Closed source wallets are the antithesis of what you want to trust.

1 hour ago, Xilobyte said:

You would have to have the exact same entrophy at the exact same millisecond with the exact same seed and the exact same "password" (if used) and then generate the exact same 33 char address using the exact same curve algo. So for the OP, there is nothing to fear. You will not accidentally create a duplicate address for some other dudes wallet (Now I add this) as long as you are using quality software.

 

This is simply not true. All that the "the exact same millisecond with the exact same seed and the exact same password" is, is all entropy. All of those things together, and more, are what create the entropy. You don't add them to entropy as a separate entity, they are how you get the entropy in the first place. If you want to know how this works, go read up about Cryptographically Secure Pseudorandom Number Generators. All you need to do is generate the same random number that someone else did. Random does not mean unique. It means random. If you have a very large keyspace, then the probability is high that it will be unique, but there is no guarantee of that fact. Not all generators use the same sources of entropy. Some don't take into account processor time or even any real randomness at all, only a seed of user input. If that seed is somehow the same as the entropy that was created for someone else using a CSPRNG, then you will get the same private key. Simple as that. The likelihood is low, but it is possible. 100%.

1 hour ago, Xilobyte said:

Using these github sheis and public downloads, could be a trap. Use the wallets created by the organization that have a victim in charge attached to it. Use software written by proper engineers and not some kid sitting around in a flower hat who figured out how to use an API to do generation, to manage your wallets.

 

Yes, they could be a trap. That's why you review the source code yourself or trust that someone else who knows what they're doing who read the source code and said it's safe said. Also, using APIs is a great way to make my codebase more trusted and easy to read for people who don't understand the entirety of how the cryptography works. As long as they can understand the same API calls that I used and how they interact, and they can trust the creator of the API (who is, by the way, in my generator, Ripple themselves, so it's them that you need to be trusting) instead of trusting me. They can even download their own copy of the API and plug it in if they want to instead of using the included version. SHA checksums are used to allow people to check they're really getting the same code I uploaded. Also, please stop the ad-hominems. It's really not necessary or appreciated.

1 hour ago, Xilobyte said:

To determine what is safe as a new person starting out in the wallet world, start by going directly to the Coin creator and see what software they are recommending. They are betting the success of their coin on those recommendations. If you find none, then using a github wallet or online generator is done at your extreme risk.

 

Going to the source is indeed a good place to start. However, it's not the only place to go. Many dev teams recommend third party software, like how Electrum is seen as one of the premiere and most secure bitcoin wallets, yet it's not made by a first party dev team. Indeed, in the case of Ripple, community generated efforts are most of what keeps user friendly wallet software in the hands of lay people who want to buy and use XRP because Ripple is mostly concerned with large bank clients. If you don't trust a piece of software, don't use it. But don't dismiss all open source software as untrustworthy for no reason. You can understand someone's code and know that it is safe, and when you have many eyes looking at a codebase and scrutinizing it, even if you don't understand it, you can be relatively sure there's no large conspiracy among those who do to keep you in the dark. 

 

Edited by gray
Link to comment
Share on other sites
gray

gray

Posted
Posted (edited)
4 hours ago, Xilobyte said:

So you are determining a security risk with "luck" and other guys on other forums

 
1

Yes. Because that is literally the only way to evaluate security risk. By using probabilities.

4 hours ago, Xilobyte said:

 

To make you feel all warm and fuzzy inside, yes mathematically in several universes it is "possible" to collide with an address and yes there is no guarantee that the order of that collision happens in the beginning of the attempt or at the end.

 
1

That was the entirety of my argument this entire time. And yet you continued to insist that it is impossible and that the technology would collapse if it could. I don't get it. It is more disingenuous to mislead newcomers by telling them that this tech is 100% secure and foolproof than to provide them with the most accurate information I can and let them decide for themselves if they want to trust it or not. You telling them it is impossible for a duplicate wallet to be generated on purpose even when you agree it is possible is irresponsible in my opinion.

It's ironic. You're telling people that they should blindly trust that something that is verifiably possible to happen, though very unlikely, is certainly not going to happen, while telling them that they shouldn't be trusting open source software. Which is it?

Look, you wanted someone with credence? Here's Satoshi himself saying that it's possible, but very, very unlikely. Just as I've said all along. https://bitcointalk.org/index.php?topic=62.msg443#msg443

In fact, I'll even correct myself. I originally said that the bitcoin keyspace is 58^33. This isn't actually correct, since the function with the smallest keyspace in the process of bitcoin address generation is actually a 160 bit hash, as mentioned by Satoshi himself in the link above and documented in more detail here: https://en.bitcoin.it/wiki/Technical_background_of_version_1_Bitcoin_addresses. This function is called RIPEMD160, which is used in basically the same way in the process of generating ripple accounts, as documented by Ripple here: https://ripple.com/build/accounts/#address-encoding. So, the total possible keyspace is actually 2^160, which is about 10 orders of magnitude smaller than the keyspace I originally proposed. So, collisions are actually more likely than my original estimate. That said, that change of 10 orders of magnitude doesn't really matter, because even at a keyspace of 2^160, the likelihood of a collision is so miniscule that it is very, very unlikely to ever actually occur. Still, it is possible.

Edited by gray
Link to comment
Share on other sites
Mercury

Mercury

Posted
  • Author
Posted

Changed the paper wallet. The one used originaly was abandoned by its creator and hosting was taken up by Bithomp. Bithomp has since released their own paper wallet generator and actively maintains the code.

Source code is here:

https://github.com/OctillionSA/ripple-paper-wallet

The wallet and code can also be accessed via Bothomp main page if you do not want to follow the links posted.

 

 

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept