Closed GoogleCodeExporter closed 9 years ago
Wallet encryption is planned. However, for now we will only support your second
case, where payments are protected but read-only access not. If you want full
protection, I suggest to use Android filesystem encryption.
Original comment by andreas....@gmail.com
on 29 Mar 2013 at 9:03
Some update on this:
I plan to use bitcoinj wallet/key encryption. But before this can happen, we
need a new backup format that can take keys in its encrypted form. Reason: You
would not want to unlock your wallet because of a backup - especially since
backups currently also happen silently in the background.
Mike has expressed he would like to see some backup handling in bitcoinj, which
would also define a common format (most likely the wallet format itself, minus
some redundancy). However, so far nothing has happened on the bitcoinj side - I
assume patches are welcome.
Bitcoin Wallet needs some UI changes for unlocking the wallet, in order to
transact. I could hack this into the current send coins screen, but its already
too crowded. My plan is to add a "transaction confirm" dialog that shows your
transaction and asks for confirm with the PIN (or "swipe to pay" button if the
wallet is not encrypted).
Original comment by andreas....@gmail.com
on 17 Oct 2013 at 9:57
Encryption is obviously is going to be better but even just a 4 digit password
to open the bitcoin wallet app would be good.
Thanks for your hard work!
Original comment by onisu...@gmail.com
on 17 Oct 2013 at 10:25
>> even just a 4 digit password to open the bitcoin wallet app would be good
+1
Assuming this is modal (full screen), would not require layout changes to
existing screens. Would prevent casual access to wallet if I let someone
borrow my phone for example.
Original comment by jcr...@gmail.com
on 18 Oct 2013 at 9:53
+1
Without password protection of the wallet, it is not very clever to put more
than just some Dollars (in BTC) into this app.
Reminds me to write the PIN from a creditcard on its backside ;)
Original comment by francwal...@gmail.com
on 12 Jan 2014 at 9:04
Well Android does a pretty good job of protecting the wallet file. Basically an
attacker would need root to access it.
Original comment by andreas....@gmail.com
on 12 Jan 2014 at 9:14
Does this mean this issue won't be resolved or has minor priority?
You cannot mean the Android keyguard with "Android's job of protecting the
wallet file".
Original comment by francwal...@gmail.com
on 13 Jan 2014 at 8:20
I think that majority of topic commenters just want to be protected from
application UI access by unwanted people. Just another startup form with simple
pin will do the job.
Original comment by yrti...@gmail.com
on 13 Jan 2014 at 8:46
There was another issue (#66) which was closed, because of duplicate. It wasn't
a duplicate, because PIN-entry is a different thing to encryption of the
wallet-file (like done in all desktop clients).
My phone (and I guess many other pones from users, using bitcoin ;) is rooted,
so PIN is useless.
Does this mean, there won't be any encryption for the wallet (issue 66) in the
future?
Original comment by francwal...@gmail.com
on 13 Jan 2014 at 8:56
Password-encryption is planned.
Android's job of protecting the wallet file means an attacker can only access
it if he gains root. That's fundamentally different to a Desktop machine where
any app can read any other apps data.
Original comment by andreas....@gmail.com
on 13 Jan 2014 at 9:38
[deleted comment]
> Android's job of protecting the wallet file means an attacker can only access
it if he gains root.
An "Attacker" would be just somebody who found (or stole) the phone and knows a
bit of Bitcoin. He plays with the phone a bit, till he sees the
bitcoin-wallet-App. Now he discovers some 4 or 5 BTC and thinks 'Oh my god!
This is some thousand dollars!' Even when he previously thought to give back
the phone (not when stolen) he is now in really temptation to send with two or
three clicks these BTC to his BTC-address.
A password protection would exclude this scenario.
A Desktop-PC gets normally not stolen or lost. A laptop could, though, that's
why I have my wallet in an encrypted volume there (with TrueCrypt).
> Password-encryption is planned.
That is very good news, thank you!
Original comment by francwal...@gmail.com
on 13 Jan 2014 at 1:52
Yes, if you loose your phone, password protection would help. But as I said,
for that you can already use Android filesystem encryption. In not only
protects your Bitcoins, but all other sensitive data on your phone as well.
Original comment by andreas....@gmail.com
on 13 Jan 2014 at 3:14
99% of my data are not that important that I would need a filesystem encryption
with all its inconveniences.
Original comment by francwal...@gmail.com
on 13 Jan 2014 at 6:23
A spending PIN is implemented since version 4.
Original comment by andreas....@gmail.com
on 16 Nov 2014 at 6:47
Original issue reported on code.google.com by
yrti...@gmail.com
on 28 Mar 2013 at 10:15