Welcome to the Dash Forum!

Please sign up to discuss the most innovative cryptocurrency!

Bad backup practice !! I almost destroyed +1k Dash!

Discussion in 'General Discussion' started by yidakee, Mar 28, 2015.

  1. yidakee

    yidakee Well-known Member
    Foundation Member

    Joined:
    Apr 16, 2014
    Messages:
    1,812
    Likes Received:
    1,168
    Trophy Points:
    283
    I am bit embarrassed to admit this, but hey, here goes... :oops:

    So a friend invested 6k into Dash. Teaching him about cryptos, he’s really excited.

    First and foremost a proper backup! I am shocked that I almost potentially destroyed all his Dash, even after one year of multiple wallet.dat management. He wants to invest long term, and not have his wallet on the laptop.

    I was under the impression that Dash had a keypool of 1000 addresses. Everything I read about BTC or Dash suggests that you only need to backup AFTER you use up your 1k keypair. (100 in BTC)

    That is not true at all.

    It is only true if you do NOT use the wallet for anything. Here is what I did.

    - setup Dash, sync blockchain, generated 3 addresses in total.
    - Sent 0.1 to wallet address 0
    - Encrypted wallet, opened and sent back 0.1 to test if password is ok before sending big funds. Wallet is ok.
    - Sent 1260 Dash to the wallet address 0
    - Then sent 1 Dash to address 0 to have my friend practice sending
    - He send me back 1 Dash (without coin control)+
    - He broke the address 0 1260 vin, sending 1259 to a change address, not using my original 1 Dash

    Tested backup (thank god!!), only 1 Dash in there, made me look a bit stupid in front of him...

    So, I am a bit shocked (at myself of course) …

    So just so I don’t poop this, please tell me if this is right, as he wants to keep the wallet offline, but every month feed a little into it;

    - Using coin control I consolidate all inputs to address 0 again.
    - Create a new backup, just in case.
    - The backup will only have the 3 generated receive addresses
    - Backup wallet.dat is stored in a pen drive in a safe
    - In the future, my friend is free to create 50 receive addresses if he wants, and send funds to it. These receive addresses are part of the 1k keypool, so you do NOT need to backup again. So if his laptop explodes, the imported backup (with original 3 generated addresses only) will see the 50 newly generate addresses, correct?
    - He CANNOT touch the funds on the live wallet, or it will break the vin creating a a change address, thus destroying the backup in the safe.

    Is this correct?
     
    #1 yidakee, Mar 28, 2015
    Last edited by a moderator: Mar 28, 2015
  2. xxxsexygirls

    xxxsexygirls Member

    Joined:
    Nov 26, 2014
    Messages:
    44
    Likes Received:
    20
    Trophy Points:
    48
    I haven't really understood what happened but

    dumpprivkey <adress>
    Before sending any coin to a determined address

    then if needed (can be used in every wallet)
    importprivkey <adress>
     
    • Like Like x 1
  3. yidakee

    yidakee Well-known Member
    Foundation Member

    Joined:
    Apr 16, 2014
    Messages:
    1,812
    Likes Received:
    1,168
    Trophy Points:
    283
    No, an entire wallet.dat, or even a dumprivkey. If you use the wallet and accidentally break a vin, the backup is lost.

    If its a single keypair, that is obvious. I just had no clue that the change address in NOT part of the 1k keypool in the wallet.dat - I am actually a bit shocked that it isn't

    Paper wallet makes better sense, but I dont have time or the means right now to generate one (travelling with him until Sunday, then I go back home and so does he, different countries)

    Nothing happened, just a potential disaster.
     
    #3 yidakee, Mar 28, 2015
    Last edited by a moderator: Mar 28, 2015
  4. Lariondos

    Lariondos Well-known Member
    Foundation Member

    Joined:
    Apr 8, 2014
    Messages:
    89
    Likes Received:
    61
    Trophy Points:
    158
    Yes, it looks like the change address isn't taken from the already generated keypool, so you need a new backup. As an alternative, you can specify a change address by yourself (checkbox under coin control). Use one out of the keypool and your backup is still on par.
     
    • Like Like x 1
  5. yidakee

    yidakee Well-known Member
    Foundation Member

    Joined:
    Apr 16, 2014
    Messages:
    1,812
    Likes Received:
    1,168
    Trophy Points:
    283
    So that means I can "force" a change address to be a receive address? Did I get that right?

    But then, when he closes and opens the wallet again, that will not stick, he'd have to manually do it every time right?
     
  6. Lariondos

    Lariondos Well-known Member
    Foundation Member

    Joined:
    Apr 8, 2014
    Messages:
    89
    Likes Received:
    61
    Trophy Points:
    158
    Yes, that's exactly how it is now.
     
  7. UdjinM6

    UdjinM6 Official Dash Dev
    Dash Core Team Moderator

    Joined:
    May 20, 2014
    Messages:
    3,637
    Likes Received:
    3,536
    Trophy Points:
    1,183
    When exactly backup was created? You should backup encrypted wallet because keypool is rewritten on encryption (all your previous keypairs from keypool are wiped out and replaced with new ones, but receiving addresses stay untouched of course).

    You should also see smth like this on encryption:
    That shouldn't be the case, see above.
     
    • Like Like x 2
  8. yidakee

    yidakee Well-known Member
    Foundation Member

    Joined:
    Apr 16, 2014
    Messages:
    1,812
    Likes Received:
    1,168
    Trophy Points:
    283
    Ok. thats not going to work for him. He's not techy at and will only confuse him. Shit, starting to regret this whole thing.

    Just to be triple sure then; The backup has 3 pre-generated receive addresses. In the future, if he generated 997 new addresses and then looses the hot wallet, the backup (with only 3 pre-generated addresses) will see the tx made to the other 997 ?
     
  9. yidakee

    yidakee Well-known Member
    Foundation Member

    Joined:
    Apr 16, 2014
    Messages:
    1,812
    Likes Received:
    1,168
    Trophy Points:
    283
    Oh crap! Yeah, the backup was made BEFORE encryption! If the keypool is rewritten, then I'm was making double poo-poo

    So then, if you generate X addresses (lets say 3 addresses) before encryption, then those will be save after encryption, only the remaining 997 will be replaced? Damn, now I see the security potential security breach.

    .
     
  10. UdjinM6

    UdjinM6 Official Dash Dev
    Dash Core Team Moderator

    Joined:
    May 20, 2014
    Messages:
    3,637
    Likes Received:
    3,536
    Trophy Points:
    1,183
    Exactly. So you should first encrypt wallet, backup it, then generate new address (it will be taken from new 1k keypool generated on encryption so encrypted wallet backup should be aware of it) and then send funds there (dump that private key just in case first). That way there should be no trace of unencrypted keys that could leak out.

    EDIT: And pleeease make tests on testnet :)
     
    • Like Like x 1
  11. Lukas_Jackson

    Lukas_Jackson Member

    Joined:
    Nov 9, 2014
    Messages:
    160
    Likes Received:
    70
    Trophy Points:
    88
    I never had a problem like you described.
    I made a few copys of my main wallet. I've been sending funds to an exchange since 2011 and the rest of my money always went to the newly generated change address. When I opened one of my backed up wallet in order to send again I did have my coins after that. I've been sending funds from an exchange to me (sometimes to the same address, stopped after R-value problem :what:) and I had my coins after sync.
     
  12. yidakee

    yidakee Well-known Member
    Foundation Member

    Joined:
    Apr 16, 2014
    Messages:
    1,812
    Likes Received:
    1,168
    Trophy Points:
    283
    Yeah, but I created addresses before encryption and backed it up, THEN encrypted, then sent funds to it. When I touched the vin, created a change address, and that did not show up in the unencrypted wallet backup. I only did this because its not my money and I was "scared" he might pop in a bad password and lock himself out of his own coins.

    So that means that AFTER encryption, change addresses are also in the keypool? Now you got me confused again...

    .
     
  13. Lukas_Jackson

    Lukas_Jackson Member

    Joined:
    Nov 9, 2014
    Messages:
    160
    Likes Received:
    70
    Trophy Points:
    88
    I didn't know that. Good that I always make backups after encryption
     
  14. Lariondos

    Lariondos Well-known Member
    Foundation Member

    Joined:
    Apr 8, 2014
    Messages:
    89
    Likes Received:
    61
    Trophy Points:
    158
    Wouldn't it be a good wallet feature to show a warning message every time a backup is needed? Or make configurable automatic backups in these cases?
     
  15. Lukas_Jackson

    Lukas_Jackson Member

    Joined:
    Nov 9, 2014
    Messages:
    160
    Likes Received:
    70
    Trophy Points:
    88
    Yes. I always make backups after encryption and it seems to work like that. The change addresses are in the pool.
     
  16. yidakee

    yidakee Well-known Member
    Foundation Member

    Joined:
    Apr 16, 2014
    Messages:
    1,812
    Likes Received:
    1,168
    Trophy Points:
    283
    Yeah, I think I got it. The address was created before encryption, but the vin touched after encryption, so the keypool changed for the remaining
     
  17. yidakee

    yidakee Well-known Member
    Foundation Member

    Joined:
    Apr 16, 2014
    Messages:
    1,812
    Likes Received:
    1,168
    Trophy Points:
    283
    Bingo!

    Pheeew, I feel relieved I wasn't being a ding-dong... but yeah, bad backup procedure no doubt!

    Sometimes trying to be a good samaritan can back-fire :confused:

    .
     
    #17 yidakee, Mar 28, 2015
    Last edited by a moderator: Mar 28, 2015
  18. Lukas_Jackson

    Lukas_Jackson Member

    Joined:
    Nov 9, 2014
    Messages:
    160
    Likes Received:
    70
    Trophy Points:
    88
    I would like to see your face and your friend when you saw 1 dash in a wallet :D
     
    • Like Like x 1
  19. Lariondos

    Lariondos Well-known Member
    Foundation Member

    Joined:
    Apr 8, 2014
    Messages:
    89
    Likes Received:
    61
    Trophy Points:
    158
    If a pro like you can get into trouble, more built-in security is needed for mass adoption.
     
  20. yidakee

    yidakee Well-known Member
    Foundation Member

    Joined:
    Apr 16, 2014
    Messages:
    1,812
    Likes Received:
    1,168
    Trophy Points:
    283
    QT is certainly not for mass adoption. Light HD/Bread wallets are the way, IMHO...
     
    • Like Like x 1
  21. Lariondos

    Lariondos Well-known Member
    Foundation Member

    Joined:
    Apr 8, 2014
    Messages:
    89
    Likes Received:
    61
    Trophy Points:
    158
    You are right, but for a lot of new users the QT wallet will be the first contact, I suppose.
     
  22. yidakee

    yidakee Well-known Member
    Foundation Member

    Joined:
    Apr 16, 2014
    Messages:
    1,812
    Likes Received:
    1,168
    Trophy Points:
    283
    You should've seen mine. Red as a light and almost puked in embarrassment :rolleyes: ... I never had to resort to a backup, so that sent cold shivers down my spine.

    .
     
  23. Sub-Ether

    Sub-Ether Well-known Member

    Joined:
    Mar 31, 2014
    Messages:
    1,516
    Likes Received:
    1,254
    Trophy Points:
    183
    Thanks for the warning, I always thought the 1000 keys would take care of everything although I almost got caught out once when mixing some coins as it happens then as well.
    It can be a risky act of altruism trying to turn friends and family into what you think is the next best thing regarding investment, how much we might think we know and understand it, stuff can and will go wrong, my opening line for getting anyone interested in cryptocurrencies is be prepared to lose every last penny invested as a worst possible scenerio! -- But on the other hand you might do very well from it, 2 extremes, lol.
     
  24. Bridgewater

    Bridgewater Well-known Member
    Foundation Member

    Joined:
    Dec 14, 2014
    Messages:
    183
    Likes Received:
    164
    Trophy Points:
    203
    Another reason to get deterministic wallets working...
     
    • Like Like x 1
  25. MangledBlue

    MangledBlue Well-known Member

    Joined:
    Jun 28, 2014
    Messages:
    1,246
    Likes Received:
    678
    Trophy Points:
    183
    This is pretty messed up


    Make copies of the wallet.dat file often and date them as such 20150328dashwallet.dat

    You'll never go wrong

    Once a month.... Good
    Once a week...... Great
    Once a day..... Heavy user
    After every transaction ...... Completely anal



    wow - I thought you knew better