I CAN'T SPEND THE BACKUPPED MONEY

[ginko297]

I backupped the keys and save them on physical support as SD, but after a reinstallation of the wallet (mobile android), i clipboard the jpeg keys and the wallet just read it.
The wallet doesn't allow to spend/send the money, just read only.
What to do?
Thank you.

[janmoller]

I am uncertain exactly what you mean.
Have you exported your private key to SD card as a JPG file?
In that case you can print the JPG file to paper. The paper should then contain 2 QR codes.
One QR code is your bitcoin address, and if you import it to a freshly installed wallet you will get a read-only address.
The other QR code is your private key, and if you import it you will get an address + a private key, and you will be able to send and receive coins.

Please elaborate.

[ginko297]

yes I did what you mean. After many attempts, I get the chance to send the money to another address, and it has done it. It's strange, because after many efforts it allowed me to transfer the sum to another address, but it never showed the white key symbol in the key management window (of the sender/original address), even scanning the proper QR code.
I think in the key management window, should be implemented the cold storage, I meant the chance to insert a private key other than just scanning the QR code of an address. Or at least should be clear why after a private key inserted in cold storage, the relative address stored in the key management window doesn't update it.

[wilbown]

I also ran into this usage problem trying to teach people how to use the
cold storage. I like the idea of the cold storage being the default
selected address until it is removed. But you would have to add in a way to
remove it?
On Nov 20, 2013 12:42 PM, "ginko297" notifications@github.com wrote:

yes I did what you mean. After many attempts, I get the chance to send the
money to another address, and it has done it. It's strange, because after
many efforts it allowed me to transfer the sum to another address, but it
never showed the white key symbol in the key management window (of the
sender/original address), even scanning the proper QR code.
I think in the key management window, should be implemented the cold
storage, I meant the chance to insert a private key other than just
scanning the QR code of an address. Or at least should be clear why after a
private key inserted in cold storage, the relative address stored in the
key management window doesn't update it.

—
Reply to this email directly or view it on GitHubhttps://github.com//issues/14#issuecomment-28922485
.

[ginko297]

in my opinion, a file stored in a physical memory when loaded into a wallet should be effective/active at 100% aftrr insertion of the private key. The reason of this thread i started, is that in their wallet I've notice that the backup file (a common jpeg in which you can see also the generated private key that guarantee the ownership) is loaded, recognized but the private key is not imported nor it is the chance to add it with a command button.
I also think the kind, the strenght and the lenght of a private key should be matters of the owner, not of the wallet, because of safety reason. The programmer of the wallet could easily have the algorithm to decrypt every address with relative private key and steal all the btc.

[johnzweng]

ginko297, I think I do not understand what you mean. Do you know how bitcoin key/address pairs are generated? The stength and length of a private is defined by the Bitcoin specification. Neither the user, nor a wallet can change this. See the Wiki Page on private keys.

I am also not sure if I understand what you mean with "recognized but the private key is not imported nor it is the chance to add it with a command button". Could you describe more detailled and clearly what steps you did, what happened and what you excpected to happen, because I am completly lost in your description.

And how should the developer of this program be able to decrypt every address? Bitcoin addresses are computed from the private key using Elliptic curve cryptography (ECC). (see also Technical background of Bitcoin addresses). ECC is a mathematical approach to implement assymetric cryptographic operations based on curve calculations which are easy to do in one direction but (practically) impossible to do in the other direction (here is some high-level explanation how the ECC operations in principle work). So you can easily calculate an address from a private key but not otherwise. But this is nothing special of this wallet. This is how Bitcoin addresses work.

[janmoller]

Thanks for chipping in Johannes.
ginko297, I think that there is a language barrier here, but I'll do my best to explain how the wallet works.
With the cold storage spending feature you basically do this:

1. Load a private key into memory by scanning a private key (or taking it from the clipboard)
2. Spend from the private key
3. Delete it from memory

The wallet also creates one private key / bitcoin address pair when it is born. This private key is totally random and unrelated to the keys you would use with cold storage spending (unless you are an expert in Bitcoin)

When you make a backup of the private key in version 0.8.5 you can either show it as a QR code and take a picture with a camera, OR export it to SD card as a JPG image. The JPG image contains tqo QR codes. One QR code contains the bitcoin address, which allows you to see the balance of your private key, but not spend from it. The other QR code is your private key. The private key allows you to spend bitcoins, and from the private key you can generate the bitcoin address. Hope this clears up a few things.

You can enable expert mode in settings and do a lot of expert stuff with bitcoin, but I would advise against that until you master the basics. Bitcoin is really complex, and since you are dealing with real money there is a real danger here.

We have made a different build of the wallet which only works on what is called testnet. On testnet you use worthless test-coins that you can get for free, and you can try out different things without risking loosing real value.
Here it is: https://play.google.com/store/apps/details?id=com.mycelium.testnetwallet

You can get free testnet coins here: http://testnet.mojocoin.com/
They will not work on the real bitcoin network.

[johnzweng]

I also think ginko297 mixed up importing of backed up private keys vs. using cold storage spending wizard (without importing the keys)?

[ginko297]

well, surely some language barriers there are, as I'm not english language native..but I understand the most and try to express myself in a decent way.
Firstly, i use real money but just a 0,04 BTC..a 20€ to test the BTC world and its many different wallets, then no worries.
I am not an expert, but the mycelium wallet I have tested it all the past days, then I also know the expert mode function, cancel the keys, etc. My doubts are not about BTC complexity, but some "incongruence" I have notice in the wallet.
What i have done:

1. I received my 0,04 BTC on my mycelium mobile. Naturally the BTC are usable and shown in "key management" with the symbol of a white key.
2. I backupped the key on my SD mobile, and also on a cloud storage.
3. I deleted the address from "key management" window.
4. I uninstalled the mycelium wallet from my mobile.
5. I reinstalled the mycelium wallet, naturally it showed a random address with 0 in balance.
6. Importing the jpeg backup from the "key management window", the money couldn't be spend. The mycelium wallet recognized just the address, indeed it enabled just the "receive" button.
   What I would mean, was that there's no way to add the private key with a command in the "key management" window (directly optional, not using/passing through the cold storage function)
7. When I used the "cold storage" button and tried to import the saved key: I did that printing the jpeg of the key on my pc, and using my mobile webcam to scan the QR codes (both address and private key).
8. The mycelium showed me the right address and amount, of course..but when I go to "key management" window, there was not the symbol of white key (and sometime I can't spend/send).
9. By the way, finally I was able to send the amount and I sent it to another generated address, which appeared in "key management" window with a white key.

Another question about anonimity and track: when a generated address has been used to receive and send BTC, and the user emptied it and deleted it from mycelium "key management" window, is it really totally erased? I meant, its transaction history is in some way trackable or really lost forever/impossible to track?

Thanks all.

[janmoller]

Thanks for the elaborate description.
I now understand what went wrong. In step 6 you imported the bitcoin address of your backup. when you import the bitcoin address you get a read-only address. On the backup there is another QR code for the private key. If you import that one instead of the bitcoin address you get an address that you can spend directly from.

Once you have deleted the key/address from the Key Management view it is gone from the wallet. Your transaction still exists in the blockchain along with all other transactions that ever occurred in Bitcoin, but that is it.

That said, a residue might be found in the flash storage of the android device on a hardware level, which could be recovered doing advanced analysis, but it is not possible recovering it using normal software.

When using Cold Storage the keys are never stored in flash storage, and only kept in memory.

With your permission I will close this issue.

[apetersson]

if you did a backup to a jpeg, you should have seen two distinct qr codes. one private and one public. for me, it looks like you imported just the public one. do you still have the second qr code?

[janmoller]

if you did a backup to a jpeg, you should have seen two distinct qr codes. one private and one public. for me, it looks like you imported just the public one. do you still have the second qr code?

Yes. He sent it using cold storage to a new address in his new Mycelium install.

[ginko297]

janmoller: if I've well understood, you are saying that importing from the "key management" window directly the QR code of a private key instead of the QR code of its relative address, the mycelium wallet recognizes immediately both the address and the ownership and then make funds contained immediately ready to spend. Then avoiding to use the "cold storage" function. Am I right? If yes, I will test it and of course feel free to close this thread; if not, plz explain me better in which steps I have to insert the address and the private key, who's the first who's the second, if in "registration window" or "cold storage", etc.
Thank you

apetersson: jan already answered you.

[janmoller]

Cold Storage is meant for when you have a private key offline (for security reasons) on paper that you wish to spend from.
Key import is for restoring a backup. If you import an address you cannot spend from it. If you import a private key there is no need to import the address also. The address can always be calculated from the private key and this is what the wallet does.