X-Git-Url: https://git.novaco.in/?a=blobdiff_plain;f=doc%2FREADME;h=664a1747366ecf14b700e591184e11475c1429b9;hb=18b4eccddb7146522b18c5a6add113544a80df99;hp=a4df4c227ba08f231f1f1b7bdfa5add46094f650;hpb=b4b536d782320b37e30a6d3021d4325ebe8c85e0;p=novacoin.git diff --git a/doc/README b/doc/README index a4df4c2..664a174 100644 --- a/doc/README +++ b/doc/README @@ -1,6 +1,6 @@ -Bitcoin 0.3.24 BETA +Bitcoin 0.4.7 BETA -Copyright (c) 2009-2011 Bitcoin Developers +Copyright (c) 2009-2012 Bitcoin Developers Distributed under the MIT/X11 software license, see the accompanying file license.txt or http://www.opensource.org/licenses/mit-license.php. This product includes software developed by the OpenSSL Project for use in @@ -24,6 +24,93 @@ Unpack the files into a directory and run: bin/64/bitcoin (GUI, 64-bit) bin/64/bitcoind (headless, 64-bit) + +Wallet Encryption +----------------- +Bitcoin supports native wallet encryption so that people who steal your +wallet file don't automatically get access to all of your Bitcoins. +In order to enable this feature, chose "Encrypt Wallet" from the +Options menu. You will be prompted to enter a passphrase, which +will be used as the key to encrypt your wallet and will be needed +every time you wish to send Bitcoins. If you lose this passphrase, +you will lose access to spend all of the bitcoins in your wallet, +no one, not even the Bitcoin developers can recover your Bitcoins. +This means you are responsible for your own security, store your +passphrase in a secure location and do not forget it. + +Remember that the encryption built into bitcoin only encrypts the +actual keys which are required to send your bitcoins, not the full +wallet. This means that someone who steals your wallet file will +be able to see all the addresses which belong to you, as well as the +relevant transactions, you are only protected from someone spending +your coins. + +It is recommended that you backup your wallet file before you +encrypt your wallet. To do this, close the Bitcoin client and +copy the wallet.dat file from ~/.bitcoin/ on Linux, /Users/(user +name)/Application Support/Bitcoin/ on Mac OSX, and %APPDATA%/Bitcoin/ +on Windows (that is /Users/(user name)/AppData/Roaming/Bitcoin on +Windows Vista and 7 and /Documents and Settings/(user name)/Application +Data/Bitcoin on Windows XP). Once you have copied that file to a +safe location, reopen the Bitcoin client and Encrypt your wallet. +If everything goes fine, delete the backup and enjoy your encrypted +wallet. Note that once you encrypt your wallet, you will never be +able to go back to a version of the Bitcoin client older than 0.4. + +Keep in mind that you are always responsible for your own security. +All it takes is a slightly more advanced wallet-stealing trojan which +installs a keylogger to steal your wallet passphrase as you enter it +in addition to your wallet file and you have lost all your Bitcoins. +Wallet encryption cannot keep you safe if you do not practice +good security, such as running up-to-date antivirus software, only +entering your wallet passphrase in the Bitcoin client and using the +same passphrase only as your wallet passphrase. + + +Technical details of wallet encryption +-------------------------------------- +Wallet encryption uses AES-256-CBC to encrypt only the private keys +that are held in a wallet. The keys are encrypted with a master key +which is entirely random. This master key is then encrypted with +AES-256-CBC with a key derived from the passphrase using SHA512 and +OpenSSL's EVP_BytesToKey and a dynamic number of rounds determined by +the speed of the machine which does the initial encryption (and is +updated based on the speed of a computer which does a subsequent +passphrase change). Although the underlying code supports multiple +encrypted copies of the same master key (and thus multiple passphrases) +the client does not yet have a method to add additional passphrases. + +At runtime, the client loads the wallet as it normally would, however +the keystore stores the keys in encrypted form. When the passphrase +is required (to top up keypool or send coins) it will either be queried +by a GUI prompt, or must first be entered with the walletpassphrase +RPC command. This will change the wallet to "unlocked" state where the +unencrypted master key is stored in memory (in the case of GUI, only for +long enough to complete the requested operation, in RPC, for as long as +is specified by the second parameter to walletpassphrase). The wallet is +then locked (or can be manually locked using the walletlock RPC command) +and the unencrypted master key is removed from memory. + +Implementation details of wallet encryption +------------------------------------------- +When the wallet is locked, calls to sendtoaddress, sendfrom, sendmany, +and keypoolrefill will return Error -13: "Error: Please enter the wallet +passphrase with walletpassphrase first." + +When the wallet is unlocked, calls to walletpassphrase will fail. + +When a wallet is encrypted, the passphrase is required to top up the +keypool, thus, if the passphrase is rarely entered, it is possible that +keypool might run out. In this case, the default key will be used as the +target for payouts for mining, and calls to getnewaddress and getaccount +address will return an error. In order to prevent such cases, the keypool +is automatically refilled when walletpassphrase is called with a correct +passphrase and when topupkeypool is called (while the wallet is unlocked). +Note that the keypool continues to be topped up on various occasions when +a new key from pool is used and the wallet is unlocked (or unencrypted). + + + See the documentation at the bitcoin wiki: https://en.bitcoin.it/wiki/Main_Page