(context post by sirius)
I added to the FAQ the warning to back up after each transaction. Is it necessary btw to stop the client before making a backup? That’s a bit inconvenient. Automatic backups would be useful indeed.
News to me is that all your coins are at risk. I thought it was just clumps of coins (previously received transactions) involved in the transaction, not my aggregate balance. Yikes.
As a countermeasure, I’ve manually split my wallet up into five new wallets of distributed value. Now only one is at risk at any given time.
Quote from: Ground Loop on August 11, 2010, 05:31:24 PM
News to me is that all your coins are at risk. I thought it was just clumps of coins (previously received transactions) involved in the transaction, not my aggregate balance. Yikes.
You were right before. The reason all of his coins were lost is that he first transfered all 9000 to himself, merging them into a single TxIn. If he had skipped that step and gone straight to sending himself 1, he would have only lost the smallest payment that he had previously received that was over 1.
I think the client needs to communicate TxIns and TxOuts better to the user. I don’t know how to do that without being confusing, but there are real privacy, safety, and security implications in which coins the client chooses to transfer.
Quote from: lachesis on August 11, 2010, 05:57:20 PM
Quote from: Ground Loop on August 11, 2010, 05:31:24 PM
News to me is that all your coins are at risk. I thought it was just clumps of coins (previously received transactions) involved in the transaction, not my aggregate balance. Yikes.
You were right before. The reason all of his coins were lost is that he first transfered all 9000 to himself, merging them into a single TxIn. If he had skipped that step and gone straight to sending himself 1, he would have only lost the smallest payment that he had previously received that was over 1.
I think the client needs to communicate TxIns and TxOuts better to the user. I don’t know how to do that without being confusing, but there are real privacy, safety, and security implications in which coins the client chooses to transfer.
Wait, I’m confused again. I thought the essence of the surprise was that Bitcoin is programmed to “empty your wallet” for EACH transaction. According to the description I read, when you send coins from address A in your wallet to address B externally, the transaction is actually done by sending ALL the coins out from address A, and the ones that aren’t going to address B get sent to address C which is your own address - in other words, even if I’m only paying you a single bitcoin out of my 9000, I mail 1 bitcoin to you and 8999 to myself at a new address.
In other words (unless I’m confused), every transaction you make will result in your old, backed-up wallet addresses become emptied out.
Quote from: gridecon on August 11, 2010, 08:46:08 PM
Quote from: lachesis on August 11, 2010, 05:57:20 PM
Quote from: Ground Loop on August 11, 2010, 05:31:24 PM
News to me is that all your coins are at risk. I thought it was just clumps of coins (previously received transactions) involved in the transaction, not my aggregate balance. Yikes.
You were right before. The reason all of his coins were lost is that he first transfered all 9000 to himself, merging them into a single TxIn. If he had skipped that step and gone straight to sending himself 1, he would have only lost the smallest payment that he had previously received that was over 1.
I think the client needs to communicate TxIns and TxOuts better to the user. I don’t know how to do that without being confusing, but there are real privacy, safety, and security implications in which coins the client chooses to transfer.
Wait, I’m confused again. I thought the essence of the surprise was that Bitcoin is programmed to “empty your wallet” for EACH transaction. According to the description I read, when you send coins from address A in your wallet to address B externally, the transaction is actually done by sending ALL the coins out from address A, and the ones that aren’t going to address B get sent to address C which is your own address - in other words, even if I’m only paying you a single bitcoin out of my 9000, I mail 1 bitcoin to you and 8999 to myself at a new address.
In other words (unless I’m confused), every transaction you make will result in your old, backed-up wallet addresses become emptied out.
My understanding is that it finds an address or addresses that have at least the number of coins you want to send and sends the change to a new address.
So if he had addresses with 1000, 2000, 2500, and 3500. It would have selected one of them (the lowest one?) and sent 1 away and sent all but 1 back to a new address of his. In this case he would not lose them all, just the remainder of what was in that one address.
It appears he had only 1 address with coins in it. This is probably because he got them all from the market in one go. If that is not the case, then I don’t know why he would lose them all.
Ok, re-reading carefully and checking the referenced thread, I finally understand this in detail. It’s not that bitcoin “empties your wallet” at each transaction - it fully empties an address used to send coins. In this particular case, the user had previously sent themselves the 9000 coins in a lump, resulting in all those coins being held at a single address.
So far as I can tell, there is no way from the GUI client to actually get at the information of what coins in your balance are held at what addresses? Given that the addresses are what is “really important” that information might be of value.
Your ‘wallet’ is more like your own personal bank It contains many different accounts. (in Bitcoin these are called Addresses)
Each Address has a balance associated with it, how much money is in it. Your Wallet balance is the sum of all the balances of the Addresses in your wallet.
When you perform a transaction, it empties enough Addresses to make up the required output amount, but since it has to completely empty each Address there is often money left over in this case the ‘change’ is returned to you at a new Address.
In this case Stone Man did a transaction that sent all the money from 700+ addresses into a single address and therefore had a wallet containing only one Address that had any money in it.
That Address/Account was emptied as part of the 1BTC transaction and the 8999 change was returned to a new Address to which he lost the private key.
If he had not consolidated all his coins into one Address, he would have lost far fewer coins.
I think the moral of the story might be: “Don’t put all your eggs in one basket”
Quote from: gridecon on August 11, 2010, 09:08:59 PM
So far as I can tell, there is no way from the GUI client to actually get at the information of what coins in your balance are held at what addresses? Given that the addresses are what is “really important” that information might be of value.
No you can’t find out which addresses have which balances using the current GUI.
I think it is “very important” information.
I also think it is important to be able to chose which addresses are the source of transactions.
This is an example of why the wallet metaphor is bad.
Quote from: sirius-m on August 11, 2010, 02:01:53 AM
I added to the FAQ the warning to back up after each transaction. Is it necessary btw to stop the client before making a backup? That’s a bit inconvenient. Automatic backups would be useful indeed.
You can get away with backing up without stopping the client if you don’t do anything or receive a payment within a few seconds before the backup. (like 5 seconds)
Quote from: gridecon on August 11, 2010, 08:46:08 PM
Wait, I’m confused again. I thought the essence of the surprise was that Bitcoin is programmed to “empty your wallet” for EACH transaction.
No, it doesn’t usually empty your wallet with each transaction. It uses the smallest set of coins it can find to add up to near the amount. In this case, unfortunately, his wallet had a single 9000 BTC bill in it, and it had to break it to get 1 BTC and 8999 BTC change.