Drak [ARCHIVE] on Nostr: 📅 Original date posted:2013-12-16 📝 Original message:Jim, It's great to see the ...
📅 Original date posted:2013-12-16
📝 Original message:Jim,
It's great to see the many ways wallet authors try to protect users from
easy to make mistakes, especially against losing funds.
But this issues isn't confined to custom transaction - some wallet
implementations have a fee field and almost all wallets allow the fee rate
to be configured in preferences. Sanity checking is sensible where a user
can override the calculated fee. Some wallets don't allow the fee to be
adjusted at all, but quite a few do.
Drak
On 16 December 2013 10:46, Jim <jim618 at fastmail.co.uk> wrote:
> Yes I saw that on reddit too.
>
> I think it applies mainly to custom transactions rather
> than where fees are calculated automatically.
>
> Another variant of not understanding change that loses
> people's bitcoins I have encountered is:
> 1) Import a private key of a brainwallet/ paper wallet.
> 2) Send a small amount of bitcoin from that key.
> 3) The user then secure deletes all copies of the wallet
> 'for security'. If they are not careful they can delete
> a change address with funds on it.
>
> In MultiBit I have tried to reduce this possibility by:
> 1) Hiding the ability to delete wallet (in the next version
> I am removing it entirely)
> 2) There is always a single key in a new wallet. When
> a user imports a key then that makes two. I always send
> the change to the second address, if it is available.
> (This is bad for privacy but at least lessens the chances
> that the funds become lost).
>
> If users are determined to use a brain wallet and
> secure delete every copy of the wallet after they use
> them you cannot stop them (it is their machine after all)
> But these two options help lessen the chance of bitcoin
> loss if they do.
>
> For the HD version of MultiBit we are removing the import
> of individual private keys entirely and only supporting HD
> addresses, primarily for safety reasons.
>
> Jim
>
> On Mon, Dec 16, 2013, at 10:13 AM, Drak wrote:
> > Not sure if this is the right place, but since a few wallet authors
> > congregate here I though it might be the best place.
> >
> > It seems every once in a while you see stories of people accidentally
> > paying huge fees. Today I read about a man who paid a 20.14BTC fee for a
> > 0.05 BTC transaction[1], oops. There was another recently where someone
> > paid a fee of about 200BTC which fortunately the pool operator refunded.
> >
> > It just occurs to me this kind of sad story could be averted if wallets
> > implemented a confirmation box if the fee amount seems crazy - for
> example,
> > if it's >10x what the default fee should be, or if it's greater than x%
> of
> > the sending amount. "the fee seems unusually high, are you really sure
> you
> > want to pay X in fees?"
> >
> > I realise the exact details of this might need to be fleshed out given we
> > want flexible fees, but it should be pretty simple to agree with what
> looks
> > like an unusually large fee according to the going rate.
> >
> > Drak
> >
> > [1]
> >
> http://www.reddit.com/r/Bitcoin/comments/1syu3h/i_lost_all_my_bitcoins_in_an_erroneous/
> >
> ------------------------------------------------------------------------------
> > Rapidly troubleshoot problems before they affect your business. Most IT
> > organizations don't have a clear picture of how application performance
> > affects their revenue. With AppDynamics, you get 100% visibility into
> your
> > Java,.NET, & PHP application. Start your 15-day FREE TRIAL of
> AppDynamics Pro!
> >
> http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk
> > _______________________________________________
> > Bitcoin-development mailing list
> > Bitcoin-development at lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
>
> --
> http://bitcoin-solutions.co.uk
>
>
> ------------------------------------------------------------------------------
> Rapidly troubleshoot problems before they affect your business. Most IT
> organizations don't have a clear picture of how application performance
> affects their revenue. With AppDynamics, you get 100% visibility into your
> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics
> Pro!
> http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20131216/a379b0a4/attachment.html>
📝 Original message:Jim,
It's great to see the many ways wallet authors try to protect users from
easy to make mistakes, especially against losing funds.
But this issues isn't confined to custom transaction - some wallet
implementations have a fee field and almost all wallets allow the fee rate
to be configured in preferences. Sanity checking is sensible where a user
can override the calculated fee. Some wallets don't allow the fee to be
adjusted at all, but quite a few do.
Drak
On 16 December 2013 10:46, Jim <jim618 at fastmail.co.uk> wrote:
> Yes I saw that on reddit too.
>
> I think it applies mainly to custom transactions rather
> than where fees are calculated automatically.
>
> Another variant of not understanding change that loses
> people's bitcoins I have encountered is:
> 1) Import a private key of a brainwallet/ paper wallet.
> 2) Send a small amount of bitcoin from that key.
> 3) The user then secure deletes all copies of the wallet
> 'for security'. If they are not careful they can delete
> a change address with funds on it.
>
> In MultiBit I have tried to reduce this possibility by:
> 1) Hiding the ability to delete wallet (in the next version
> I am removing it entirely)
> 2) There is always a single key in a new wallet. When
> a user imports a key then that makes two. I always send
> the change to the second address, if it is available.
> (This is bad for privacy but at least lessens the chances
> that the funds become lost).
>
> If users are determined to use a brain wallet and
> secure delete every copy of the wallet after they use
> them you cannot stop them (it is their machine after all)
> But these two options help lessen the chance of bitcoin
> loss if they do.
>
> For the HD version of MultiBit we are removing the import
> of individual private keys entirely and only supporting HD
> addresses, primarily for safety reasons.
>
> Jim
>
> On Mon, Dec 16, 2013, at 10:13 AM, Drak wrote:
> > Not sure if this is the right place, but since a few wallet authors
> > congregate here I though it might be the best place.
> >
> > It seems every once in a while you see stories of people accidentally
> > paying huge fees. Today I read about a man who paid a 20.14BTC fee for a
> > 0.05 BTC transaction[1], oops. There was another recently where someone
> > paid a fee of about 200BTC which fortunately the pool operator refunded.
> >
> > It just occurs to me this kind of sad story could be averted if wallets
> > implemented a confirmation box if the fee amount seems crazy - for
> example,
> > if it's >10x what the default fee should be, or if it's greater than x%
> of
> > the sending amount. "the fee seems unusually high, are you really sure
> you
> > want to pay X in fees?"
> >
> > I realise the exact details of this might need to be fleshed out given we
> > want flexible fees, but it should be pretty simple to agree with what
> looks
> > like an unusually large fee according to the going rate.
> >
> > Drak
> >
> > [1]
> >
> http://www.reddit.com/r/Bitcoin/comments/1syu3h/i_lost_all_my_bitcoins_in_an_erroneous/
> >
> ------------------------------------------------------------------------------
> > Rapidly troubleshoot problems before they affect your business. Most IT
> > organizations don't have a clear picture of how application performance
> > affects their revenue. With AppDynamics, you get 100% visibility into
> your
> > Java,.NET, & PHP application. Start your 15-day FREE TRIAL of
> AppDynamics Pro!
> >
> http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk
> > _______________________________________________
> > Bitcoin-development mailing list
> > Bitcoin-development at lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
>
> --
> http://bitcoin-solutions.co.uk
>
>
> ------------------------------------------------------------------------------
> Rapidly troubleshoot problems before they affect your business. Most IT
> organizations don't have a clear picture of how application performance
> affects their revenue. With AppDynamics, you get 100% visibility into your
> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics
> Pro!
> http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20131216/a379b0a4/attachment.html>