is my presale wallet secure?

dooglus

I received my presale wallet via email. The private key is encrypted using my password, but I don't remember encrypting it.

So who did encrypt it? Is it possible they have a copy of my private key? Does that mean I should move my ICO coins to a new address?

I've not seen this recommended anywhere, so I'm guessing there's no need. But I can't see why my fear isn't warranted. Is it a matter of trust?

AndreKolb

https://ethereumwallet.com

dooglus

I don't think that answers my question.

Jabulon

You did create a password at the time you made your presale purchase. You might want to look at the original announcement, here: https://blog.ethereum.org/2014/07/22/launching-the-ether-sale/ , where if you read down a bit you will find the following statement: "If you purchase ether, DO NOT lose your wallet file or your password or you will never be able to access your ether. Additionally, make sure you download your wallet in the first place." Creating a password was a mandatory step in the process of making the purchase, and very likely (one would hope) you recorded that password at that time. Try to retrace your steps.

Edit: if I misunderstood and you do have possession of your password, then you're all good. The wallet json file you received via email is your encrypted private key, encrypted with, you guessed it, your password. If your password was compromised, your coins would already be long gone.

dooglus

No, I have my password that I created.

What I am saying is that I didn't encrypt my private key. The private key was emailed to me already encrypted.

So that makes me think that whoever *did* encrypt it also knows the unencrypted version of it, and could spend my coins if they wanted to.

What I am looking for is an explanation of why that shouldn't be a concern. What (if anything) stops whoever encrypted my private key for me before emailing it to me from spending my coins?

Jabulon

Ah, I see. Well, that would be a totally unacceptable situation, wouldn't it! That is, if 'someone' on the other end created your private key and then encrypted it for you, using the password you kindly sent them in plaintext, over the internet. In fact, it would be preposterous in crypto, not to mention the most gratuitously insecure approach imaginable and one that would completely discredit the crowdfund and the entity behind it. Fortunately (if I am correct) neither your password, nor the raw priv key generated from it ever left your browser. There are still potential security issues, just as there are with creating, say, a bitcoin wallet on blokchain.info. If your machine is compromised by keylogging malware, to take one example. Or if you truly have a 'bad actor' on the other end and the entire system is corrupt.

All that said, a touch of paranoia is a good thing in crypto, and for peace of mind you might do well to send the coins to another address you control, just as a matter of policy. Yet even there, unless you personally review all the code and compile the client yourself, you are in a sense ultimately 'trusting' that your software (eth, geth, or whatever) is clean. Final note, you might find it interesting to read up on asymetric key cryptography, and client-side encryption. Oh, and, full disclosure, I cannot claim to have peered under the hood of the crowdfund and the way it was coded. I was however prepared to assume that they are not idiots.

dooglus

Looking under the multiple layers of sarcasm I think what you're saying is "it is probably secure but I don't know".

Thanks for your input, but I was hoping for something a little more clear cut.

I'm surprised nobody seems to have any definitive information about how the presale wallets were created. In my experience with crypto so far it is unfortunately far safer (and more accurate) to assume they are idiots or crooks (or both) than that they are not.

Jabulon

Sorry about the sarcasm. It wasn't directed at you but, if anything, at the irony of the overall situation. We speak of the 'trustless' or 'trust-minimized' system crypto offers. But in practice we (investors especially) do a lot of trusting. Your question is in fact an astute one that everyone should have been asking in some form, before putting their money in. Without verifying exactly how the key encryption was handled, the whole thing is just a black box. Put your btc in, get 'something' out.

So the reality is that even after much due diligence, we still make decisions based on incomplete information. Like poker players. My 'not idiot' premise is based on the fact that it was technically possible to generate priv keys without any critical info being shared with the other end. And that this would be the obvious technical choice, since there were many capable eyes watching. There was a strong incentive on the part of Ethereum to play fair, for the credibility of the crowdfund, the reputation of its creators, and the future of the project in general.

Edit: the typical mechanism would work like this: Your keypair (public address and encrypted priv key) would be generated on your end from your password, in your browser. This keypair would go back to their server and your public address would be funded. Neither your password nor your raw priv key would leave the browser.

garr

It is always best practice to, instantly upon receipt of a private key from a third party, move those coins to an address that you and only you have ever seen. I say move the coins ASAP