Exposed / Compromised (must sweep) / Used / Imported (?) flags on addresses #3314

issue gmaxwell opened this issue on November 25, 2013
  1. gmaxwell commented at 3:01 AM on November 25, 2013: contributor

    It was pointed out to me that some people have made the mistake of sending coins to addresses which generated by their wallet prior to encryption simply because they're at the top of their address list and they were engaging in the bad practice of reusing addresses.

    In GIT the receive interface does a much better job of discouraging reuse, but users still can— and when they do they receive no guidance about which of their prior addresses were exposed by being left unencrypted.

    Might it be reasonable to have a set of flags that can show up in the list signifying addresses which are "exposed" meaning that they date from a prior encryption key?

    Likewise, I know of at least one incident where a user randomly picked a key they'd imported from a third party as a key to receive funds and the funds were stolen, a flag indicating that the key was imported would have been helpful.

    Along these lines, if we ever get around to having a auto-sweeping feature, might it make sense to have a "this wallet is compromised" button that rekeys, forces a backup, and then marks all existing addresses as compromised which flags them for automatic sweeping?

  2. laanwj commented at 6:56 AM on November 25, 2013: member

    A "generation type" could be added in the key metadata that specifies whether it was generated without encryption, generated with encryption, or imported.

    This could be shown in the list of receiving addresses.

  3. mikehearn commented at 9:18 PM on January 1, 2014: contributor

    We have a key rotation feature in bitcoinj. It just records the rotation time in the wallet. Any funds sent to keys born before that time are automatically forwarded to the first non-rotating address ("swept"). You can't mark individual keys as rotating or not, it's a whole-wallet thing.

    However, encrypting the wallet doesn't automatically make previous keys rotate. Perhaps it should, but then it's not guaranteed that previous keys are actually compromised in any way, and rotation has a cost in fees.

  4. jonasschnelli commented at 9:03 PM on January 9, 2015: contributor

    Maybe also a good idea would be to allow the user to set a encryption password before a first key gets created. Could also be included in the Bitcoin-Q's first run wizard. I think https://hivewallet.com has such a start-wizard-like-thing.

    But a "exposed" flag in the GUI would be nice.

  5. luke-jr commented at 9:06 PM on January 9, 2015: member

    Once we switch to HD wallets, this doesn't make sense anymore since there's effectively one private key for the whole wallet.

  6. mikehearn commented at 9:47 PM on January 9, 2015: contributor

    The notion of exposure still has value even in an HD world. Consider the case where you have a wallet that doesn't have any password, perhaps because when you got started with bitcoin you only had a dollar or two's worth, then bitcoin got worth more, or you decided to get more into it. Later on you decide to set a password. But the old key is still sitting around on disk, old backup locations, etc. It's easier to just mark the old key hierarchy as "exposed" and create a new one, then move the funds, than religiously scrub everywhere the old key might have been.

  7. jonasschnelli commented at 10:30 AM on March 16, 2015: contributor

    I'm currently working on this. The question is where we should show the key-metadata (created unencrypted, created encrypted, imported, etc.). As far as i know we only have getaccountaddress on RPC side which shows addresses. We could add a boolean arg to getaccountaddress that would allow showing the addresses with metadata.

    Same question for the UI. Where would it best to add a "unencrypted warning sign"? Very rough designed it could look like this: bildschirmfoto 2015-03-16 um 11 28 53

  8. laanwj renamed this:
    Exposed / Compromised (must sweep) / Used / Impoted (?) flags on addresses
    Exposed / Compromised (must sweep) / Used / Imported (?) flags on addresses
    on Feb 9, 2016
  9. laanwj added the label Feature on Feb 9, 2016
  10. laanwj removed the label Refactoring on Feb 9, 2016
  11. laanwj removed the label Priority Medium on Apr 25, 2017
  12. Bushstar referenced this in commit c0a671e840 on Apr 8, 2020
  13. Bushstar referenced this in commit df73438708 on Apr 8, 2020
  14. pinheadmz commented at 8:44 PM on February 15, 2023: member

    I think this issue can be closed, 0.13.0 introduced HD wallets by default, and then recently descriptor wallets by default in 23.0.

  15. achow101 commented at 8:49 PM on February 15, 2023: member

    I think this issue can be closed, 0.13.0 introduced HD wallets by default, and then recently descriptor wallets by default in 23.0.

    I don't think HD wallets sufficiently resolves this issue. We can still import things, reuse addresses, have descriptors be compromised, etc. so having these annotations would still be useful.

  16. willcl-ark commented at 8:52 PM on February 15, 2023: contributor

    Do we still show addresses from the old SPKM(s) in the GUI after encrypting? My understanding was that they were no longer marked as active and so I assumed they would not show there (but I never tested it out).

  17. achow101 commented at 9:13 PM on February 15, 2023: member

    Do we still show addresses from the old SPKM(s) in the GUI after encrypting?

    Yes, the address book is a thing.

  18. pinheadmz referenced this in commit bb71f4830a on Apr 4, 2023
  19. pinheadmz referenced this in commit 7f799b59a0 on Apr 4, 2023
  20. pinheadmz referenced this in commit 4791d49371 on Apr 5, 2023
  21. pinheadmz referenced this in commit b535f4d125 on Apr 5, 2023
  22. pinheadmz referenced this in commit 8887d96066 on Apr 5, 2023
  23. pinheadmz referenced this in commit ffe60cfd33 on Apr 5, 2023
  24. pinheadmz referenced this in commit 8a46f8165e on Apr 8, 2023
  25. pinheadmz referenced this in commit eeaed3f187 on Apr 8, 2023
  26. pinheadmz referenced this in commit 79a140ce8f on Apr 12, 2023
  27. pinheadmz referenced this in commit 82de860ff0 on Apr 12, 2023
  28. pinheadmz referenced this in commit 4000ac5b74 on Apr 14, 2023
  29. pinheadmz referenced this in commit 48dc4232b0 on Apr 14, 2023
  30. pinheadmz referenced this in commit 979f8c2294 on May 1, 2023
  31. pinheadmz referenced this in commit fc6cc2aa07 on May 1, 2023
  32. pinheadmz assigned pinheadmz on Jun 2, 2023
  33. S3RK commented at 6:32 AM on September 26, 2023: contributor

    Copying my response from #27216

    It seems to me the proper solution which we should recommend to our users in such case is to get a new wallet, rather than rotating keys in existing wallet. So the idea is that the whole wallet is compromised, not just some keys in it. We don't have a good separation between UTXOs/addresses within a wallet. On the other hand we already support multiple wallets, which are completely isolated so there are no chances of leaking/mixing UTXOs and addresses.

Contributors
gmaxwelllaanwjmikehearnjonasschnelliluke-jrpinheadmzachow101willcl-arkS3RK
Labels
FeatureGUI
Linked (view graph)
#5916 add key generation type#17748 Adoption of BIP39/44/49/84, and classification of (extended) pub/priv keys, addresses, mnemonics, etc#27216 wallet: Add wallet method to detect if a key is "active"
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-13 15:16 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me