Enable backups to be used by other (non-bitcoinj) wallets

[nmarley]

Hive backup files can be decrypted (e.g. using openssl as per the README), but the resulting data is a google protocol buffer, instead of a more common text format which can be used/imported by various wallet clients.

The Litecoin Wallet is also based on bitcoin-wallet, but the decrypted wallet format contains one private key per line in WIF-format, followed by a timestamp. The backups are a lot more useful because the WIF keys can be imported into almost any modern Bitcoin (or in this case Litecoin) client.

[javgh]

Thanks for your feedback!

I don't know the exact history, but my guess would be, that the Litecoin wallet was forked when Bitcoin Wallet was still using the old backup format, which simply listed all private keys in the described way. The switch to the new backup format allows to store additional information about the wallet.

I don't think downgrading to the old format is really an improvement. Maybe this particular use case could be better addressed with either an additional backup/export functionality or some converter tool which understands the protocol buffer format and spits out WIF keys.

In any case, the upcoming switch to HD will change the whole backup approach anyway, so I'm afraid for the moment I will shelve this.

[nmarley]

But what additional information is needed? It's a key backup, right? I don't know why anything other than private keys would be needed.

I understand your concerns regarding HD wallets. But regarding loose keys (which can always be a possibility) currently the protobuf format doesn't allow for much interoperability between wallets, which is something I think all wallets should strive for.

[schildbach]

@nmarley What's the benefit of backup file compatibility between different apps? I think its hardly possible, most wallets need to implement some specific idea in order to differentiate from the other apps. For example Hive's integrated "App store" -- how would you expect that data to be restored on let's say bitcoind?

I also think it's a bad idea, because it encourages users moving private keys around which is inherently dangerous.

[nmarley]

I never said anything about "backup file compatibility between different apps". It is only backups of Bitcoin private keys that need to be in a standard, understood format for obvious reasons. What if a vulnerability is discovered in all bitcoinj wallets and I need to restore the key using a different app (non-bitcoinj based) so that I can sweep funds?

I don't want to send any BTC to a wallet (e.g. Hive) where I haven't first been able to back up (and verify that I can access) the private key. If I can't read the backup format, then I can't verify it.

Users moving private keys can be dangerous, but that doesn't mean it should be prevented. Users should have the option, even if it is "inherently dangerous" in the opinion of others. This seems to me like a form of lock-in.

Compatibility is the reason that protocols exist.

[schildbach]

In that specific case, I would suggest emptying out your wallet to non-vulnerable wallet. That's a standard Bitcoin transaction.

The tool you're looking for exists, it's called wallet-tool and comes with bitcoinj. It can read protobuf-formatted wallets. I'm not sure if it can print the private keys, but it would be easy to add that.

[fresheneesz]

@schildbach That doesn't solve the problem of a vulnerability being discovered in hive. It would be dangerous to use a compromised application to recover your bitcoins. Also, think about the future here. What if the backup is found in 50 years and hive is long gone? Backups should be in well documented formats that can be decoded without the use of the application.

[schildbach]

@fresheneesz This is the format, just in case: https://github.com/bitcoinj/bitcoinj/blob/master/core/src/wallet.proto

[fresheneesz]

@schildbach Yes yes, but it would be ideal to choose a backup standard that all popular wallets use. Wouldn't you agree there is merit to that idea?