Lock app with PIN code

[GoogleCodeExporter]

It would be nice to be able to lock application with a pin code to add 
additional security to the wallet.
Another option, is to encrypt local wallet and ask for password/pin before 
performing sensitive operations, like this done in standard bitcoin client.

Original issue reported on code.google.com by yrti...@gmail.com on 28 Mar 2013 at 10:15

[GoogleCodeExporter]

Wallet encryption is planned. However, for now we will only support your second 
case, where payments are protected but read-only access not. If you want full 
protection, I suggest to use Android filesystem encryption.

Original comment by andreas....@gmail.com on 29 Mar 2013 at 9:03

• Changed state: Accepted
• Added labels: Type-Enhancement
• Removed labels: Type-Defect

[GoogleCodeExporter]

Some update on this:

I plan to use bitcoinj wallet/key encryption. But before this can happen, we 
need a new backup format that can take keys in its encrypted form. Reason: You 
would not want to unlock your wallet because of a backup - especially since 
backups currently also happen silently in the background.

Mike has expressed he would like to see some backup handling in bitcoinj, which 
would also define a common format (most likely the wallet format itself, minus 
some redundancy). However, so far nothing has happened on the bitcoinj side - I 
assume patches are welcome.

Bitcoin Wallet needs some UI changes for unlocking the wallet, in order to 
transact. I could hack this into the current send coins screen, but its already 
too crowded. My plan is to add a "transaction confirm" dialog that shows your 
transaction and asks for confirm with the PIN (or "swipe to pay" button if the 
wallet is not encrypted).

Original comment by andreas....@gmail.com on 17 Oct 2013 at 9:57

[GoogleCodeExporter]

Encryption is obviously is going to be better but even just a 4 digit password 
to open the bitcoin wallet app would be good.
Thanks for your hard work! 

Original comment by onisu...@gmail.com on 17 Oct 2013 at 10:25

[GoogleCodeExporter]

>> even just a 4 digit password to open the bitcoin wallet app would be good
+1
Assuming this is modal (full screen), would not require layout changes to 
existing screens.  Would prevent casual access to wallet if I let someone 
borrow my phone for example.

Original comment by jcr...@gmail.com on 18 Oct 2013 at 9:53

[GoogleCodeExporter]

+1
Without password protection of the wallet, it is not very clever to put more 
than just some Dollars (in BTC) into this app.
Reminds me to write the PIN from a creditcard on its backside ;) 

Original comment by francwal...@gmail.com on 12 Jan 2014 at 9:04

[GoogleCodeExporter]

Well Android does a pretty good job of protecting the wallet file. Basically an 
attacker would need root to access it.

Original comment by andreas....@gmail.com on 12 Jan 2014 at 9:14

[GoogleCodeExporter]

Does this mean this issue won't be resolved or has minor priority?

You cannot mean the Android keyguard with "Android's job of protecting the 
wallet file".

Original comment by francwal...@gmail.com on 13 Jan 2014 at 8:20

[GoogleCodeExporter]

I think that majority of topic commenters just want to be protected from 
application UI access by unwanted people. Just another startup form with simple 
pin will do the job.

Original comment by yrti...@gmail.com on 13 Jan 2014 at 8:46

[GoogleCodeExporter]

There was another issue (#66) which was closed, because of duplicate. It wasn't 
a duplicate, because PIN-entry is a different thing to encryption of the 
wallet-file (like done in all desktop clients).
My phone (and I guess many other pones from users, using bitcoin ;) is rooted, 
so PIN is useless.

Does this mean, there won't be any encryption for the wallet (issue 66) in the 
future?

Original comment by francwal...@gmail.com on 13 Jan 2014 at 8:56

[GoogleCodeExporter]

Password-encryption is planned.

Android's job of protecting the wallet file means an attacker can only access 
it if he gains root. That's fundamentally different to a Desktop machine where 
any app can read any other apps data.

Original comment by andreas....@gmail.com on 13 Jan 2014 at 9:38

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

> Android's job of protecting the wallet file means an attacker can only access 
it if he gains root.

An "Attacker" would be just somebody who found (or stole) the phone and knows a 
bit of Bitcoin. He plays with the phone a bit, till he sees the 
bitcoin-wallet-App. Now he discovers some 4 or 5 BTC and thinks 'Oh my god! 
This is some thousand dollars!' Even when he previously thought to give back 
the phone (not when stolen) he is now in really temptation to send with two or 
three clicks these BTC to his BTC-address.
A password protection would exclude this scenario.
A Desktop-PC gets normally not stolen or lost. A laptop could, though, that's 
why I have my wallet in an encrypted volume there (with TrueCrypt).

> Password-encryption is planned.

That is very good news, thank you!

Original comment by francwal...@gmail.com on 13 Jan 2014 at 1:52

[GoogleCodeExporter]

Yes, if you loose your phone, password protection would help. But as I said, 
for that you can already use Android filesystem encryption. In not only 
protects your Bitcoins, but all other sensitive data on your phone as well.

Original comment by andreas....@gmail.com on 13 Jan 2014 at 3:14

[GoogleCodeExporter]

99% of my data are not that important that I would need a filesystem encryption 
with all its inconveniences. 

Original comment by francwal...@gmail.com on 13 Jan 2014 at 6:23

[GoogleCodeExporter]

A spending PIN is implemented since version 4.

Original comment by andreas....@gmail.com on 16 Nov 2014 at 6:47

• Changed state: Fixed