Green bitcoin wallet
This introduces undesirable delays when sending. Because GreenAddress 2of2 accounts only allow sending coins when they are signed by both you and us, the service can act as a kind of guarantee that your coins cannot be double spent, since the service will not sign another transaction for the same coins when one is already in-flight. Services that choose to rely on this can therefore trust that a transaction they receive from GreenAddress cannot be double spent, eliminating the need to wait for the transaction to confirm.
These are known as instant transactions and they can be sent by ticking the "instant" checkbox when sending coins from our wallet software.
Funds in your main GreenAddress account or a multisignature 2of2 subaccount require 2 signatures to be spent: In order to protect you from loss of access to your funds should GreenAddress become unavailable GreenAddress automatically creates pre-signed transactions which you can subsequently countersign to recover the funds to an address controlled solely by you.
These transactions are called nLockTime transactions because they can only be spent and confirmed by the network after a specific period of time. If the service becomes unavailable, you simply wait until the specified period 90 days by default , then sign and send the transaction using our open source recovery tool garecovery. Once the nLockTime period expires these nLockTime transactions would allow you to recover the funds in the 2of2 account without requiring GreenAddress's signature.
This also means that any limits placed on your spending in GreenAddress, such as 2FA requirements, cease to be enforceable by GreenAddress, and that these funds are no longer available for use in instant transactions because GreenAddress cannot guarantee that you have not tried to double spend them. At this point GreenAddress will prompt you to redeposit the coins by sending them to yourself. This creates a new nLocktime transaction for you, while re-protecting the coins by once again requiring a GreenAddress signature to spend them.
In this way you can take advantage of instant transactions from 2of2 accounts, while always being sure you can retrieve your funds if the service is off-line. The redeposit operation is a standard bitcoin transaction and as such is subject to the usual network transaction fees.
You can place your funds in a GreenAddress 2of3 account, in which case GreenAddress does not generate nLockTime transactions and therefore no redeposits are necessary. You can increase the nLockTime period on your account which will reduce the frequency of the redeposits.
The downside of this is that should you need to recover your funds for example, because you lose your two factor authentication you will have to wait for longer. We recommend that you redeposit your funds when reminded, however redepositing is optional and failure to redeposit will not necessarily lead to the loss of any funds.
The main consequences of not redepositing are:. The funds in the account will no longer be eligible for instant confirmations because GreenAddress can no longer guarantee that you have not tried to double spend them.
It becomes possible that anyone with access to both your mnemonic and the nLockTime. No, GreenAddress does not support this. GreenAddress will only sign standard bitcoin transactions. Yes, our https site supports Tor users. Our mainnet production site is at http: Unfortunately, many banks and payment services such as PayPal don't yet support Bitcoin directly.
For the time being, you can exchange your money using bank transfers and sometimes debit or credit cards via an intermediary like a Bitcoin exchange or a broker. There are also online services and communities where you can arrange to exchange cash for Bitcoin. This is an area of rapid change and innovation and so we do not list or specifically recommend any services in this space.
The best service for you depends on many factors. We suggest you locate local services using your favorite search engine and carefully review any potential options. You should see new transactions in your wallet within seconds of it being sent by the payer. If you can not see your transaction in a block explorer, it probably means it is still propagating or failed to do so for example, setting the fee too low can cause transactions to be dropped. We have sensible rate limits to prevent the service from denial of service attacks.
It is extremely unlikely that a user will encounter these limits under normal use. If you find that you are hitting a rate limit, please contact support with the details. If you have a requirement that exceeds the current limits, please feel free to contact us to discuss your needs further. Addresses change constantly for privacy and security reasons.
Re-using old addresses makes it easier for others to group transactions together and can be less secure. While GreenAddress does correctly process multiple payments to the same address, we recommend not re-using them. Addresses should be thought of as one-time receipt IDs rather than as unchanging identifiers such as traditional bank wire details. Please see the API documentation for more details. All previously generated addresses are available in the Receive tab under Advanced Options when using the Chrome or Cordova wallet clients.
Your private keys are not stored. They are derived on demand from your mnemonics as a seed to a BIP32 hierarchical wallet. Your mnemonics and private keys are never sent to the server.
The server receives the public key and chaincode for generated addresses only. When you create a PIN, a random bit AES password is created and used to encrypt your mnemonics and store them on your device in encrypted form. This password is sent to the server and destroyed on the client. If the server is given the correct PIN when logging in, it will return the password to the device in order to decrypt the mnemonics. If the server is given the wrong PIN three times, it will destroy the password at which point the user must use their mnemonics to log in.
Note that the server never sees your mnemonics at any point. If you can't remember the PIN you use to login to your wallet, you will need to use your mnemonics to log in instead. After entering the wrong PIN three times, the back end service will delete its copy of your wallet's random decryption key, at which point the PIN can no longer be used. Your wallet client will then ask you to login using your mnemonics and you can resume using the service as normal.
The service never knows your mnemonics or passphrase; We cannot help you recover them if they are lost. If you have a wallet with PIN entry enabled, you can use your PIN to log in to the wallet and then view the mnemonics from the settings menu.
You should then write them down and store them safely. In all other cases you will only be able to retrieve your mnemonics by brute force trying various combinations of valid words. This is similar to how a hacker might try to break into your wallet, and is not generally feasible. You should research third party services for wallet recovery, as GreenAddress does not offer assistance or support for wallet cracking for obvious reasons. You should always have at least two different two-factor options enabled.
As long as you keep these backups you can maintain access to your coins even if you lose access to one method for any reason. In cases where you have lost access to all of your two-factor methods, we have no way to return control of your coins to you. We take our users' security very seriously; we have never disabled two-factor authentication for any user once enabled, unless explicitly authorized to do so via another two-factor authentication method.
We follow the restrictions that you placed on your account without exception. If your coins are in a 2of2 account then you will need to recover your authentication - we cannot disable it in this or any other case. Alternately, if you had enabled nLocktime transactions then you can use them to recover your coins after the nLocktime expires 90 days by default. If you transferred your coins to a 2of3 account then you can move them without two-factor authentication since you have 2 of the 3 required signatures.
If not, then unless you can recover your authorization we cannot help you. As noted, 2of3 accounts can be used to avoid requiring authentication also. These future mitigations require careful design and development to ensure that they cannot be exploited by attackers. It may be some time before we can safely implement them. Our two-factor authentication system is a security measure that we include to ensure that even if a malicious party steals your mnemonics, they cannot access your wallet and steal your funds.
We do not do this, because if we did so, it would compromise all the security offered by 2FA in the first place. Any malicious party could steal your mnemonics, and then contact us asking us to reset the 2FA, and then they could access your funds. As such, we strongly urge users to set up at least 2 different 2FA methods.
SMS delivery is not perfect and sometimes there can be delays or failures. Some countries can be more affected than others depending on factors like the reliability of the underlying mobile infrastructure. You should always have at least two two-factor methods enabled to maintain access to your coins. Email delivery is not guaranteed and sometimes there can be delays or a failure in delivery. It is also possibly for anti-spam systems to mistakenly classify two-factor emails as spam or strip the attachments from them.
Please ensure you check your spam folders and give the email time to arrive. If you regularly have issues receiving email you may wish to adjust your spam settings, whitelist the sender in your client, or move to a more configurable provider. GreenAddress is designed to allow you to recover your coins if the service ceases to be available. GreenAddress does not currently charge fees for any of its services.
If we add a fee for any service in the future, this will be clearly communicated and opt-in. Enterprise clients and those seeking custom solutions are welcome to contact us to discuss arrangements for extra services and support. The fee you see in the sending transaction dialog is paid to Bitcoin miners to confirm your transaction i. Transactions fees change according to demand on the Bitcoin network. Miners may ignore or delay transactions with extremely low fees.
GreenAddress automatically calculates a fee that aims for your transaction to be mined quickly. The end result is that they have full control over your funds. Also, if the GreenAddress backend goes down, you won't be able to access your funds either I've been locked out of my account for several days in the past.
I want to stress that GreenAddress is a Malta-based company. If you're a US citizen, you're entrusting your funds to a private offshore company with no regulatory oversight from your home country. This might sound fine in the beginning until your funds are frozen. I go into more detail about my personal horror story below. The tool is open-sourced on GitHub and actively maintained.
The mnemonic can be used to generate Bitcoin addresses and that single phrase is really all you need to receive Bitcoin. It also gives you absolute control over your money.
You just need to safeguard the mnemonic. If you need a full-fledged wallet, I recommend using Electrum. The mnemonic mentioned above can also be imported into Electrum.
Electrum offers ease of use but suffers from none of the centralization issues that GreenAddress does. If you had put money into your GreenAddress wallet before the recent fork, you're shit out of luck on claiming your BCH because they officially don't support it.
However, there seems to be a third-party recovery tool for extracting Bitcoin Cash. It's relatively easy to get your wallet into a state where anyone can send money in but no money can ever leave the wallet. I'll show you how. If you have any ideas on how I can make it happen or want to just call me an idiot, don't be afraid to get in touch. Let's pretend you're a new user creating a new wallet. You land on the main webpage and click "Create New Wallet":.
This is just the standard signup flow so far. Now set up two-factor authentication using Google Authenticator.