During the run-up to the ether sale we will be releasing a series of blog posts regarding our development plans and intended organizational structure. Today we describe some of the background details of the ether sale module.  The sale module will be displayed on our website at https://www.ethereum.org for the duration of the sale.

What is it?

The ether sale is an HTML/JavaScript web application that enables people and organizations to pre-purchase ether tokens with bitcoin. Ether may be purchased by parties interested in using it in their development of distributed applications on the Ethereum platform or simply to pay for the use of applications on the platform once the genesis block is released.  The application runs mostly inside the browser, including pseudo random number generation (PRNG) and encryption/decryption of user secrets.

Additionally, we will be making available a standalone pure Python application that can be used from a command line interface to purchase ether in lieu of using the website store.

Website workflow:

  1. After agreeing to the store’s Terms and Conditions, the buyer enters the desired amount of ether to purchase, their email address, a password to use for encryption, and generates a “random” seed forming the basis for their transaction-specific bitcoin & Ethereum addresses.
  2. The user buyer sends payment in bitcoin to the generated address which is displayed on the store page and also provided in a downloadable encrypted wallet file. When the browser, which is monitoring the bitcoin blockchain, sees enough funds have been sent to this generated address, the browser creates a new transaction forwarding the bitcoin to the genesis sale address. This transaction is signed by the buyer’s browser and submitted to the bitcoin network. No transaction data is stored on the any servers because the Bitcoin blockchain serves as the purchase database.
  3. After the transaction has been successfully submitted, the user buyer is again prompted to download a backup copy of their encrypted wallet in addition to being emailed another backup file.  The buyer should be aware that keeping the wallet as an email attachment in an email account for any period of time represents a vulnerability.  The email attachment should be downloaded to a safe computer at the earliest opportunity and the email should be expunged from the email system.

(What follows is technical information, the GUI we have developed abstracts all of this is in a very user-friendly manner)

Wallet encryption process: 

  1. Randomgen a SEED.
  2. BKPKEY = sha3(SEED + “\x02″)[:16]
  3. KEY = pbkdf2(PW)
  4. ENCSEED = encrypt(KEY, SEED)
  5. WALLET = [ ENCSEED, BKPKEY ] (plus non-sensitive data like ethereum and bitcoin address)

The BTC and ETH privkeys and addresses are derived from the SEED.

Seed recovery process: 

  1. WALLET + PW recovery:  (normal)
  2. KEY = pbkdf2(PW)
  3. SEED = decrypt(KEY, ENCSEED)

Overview of website steps for making an ether purchase:

  1. Buyer clicks “Buy Ether” and agrees to the Terms & Conditions
  2. Buyer enters initial purchase information
    1. Buyer enters the amount of ether they’d like to purchase
    2. Buyer enters email address as the destination for wallet backup file
    3. Buyer enters passphrase, which serves as an encryption seed. A very strong passphrase is highly recommended
  3. Buyer generates entropy by moving their mouse or tapping their screen. A “seed” is constructed based on this generated entropy as well as other random system inputs. When the desired entropy length is achieved the wallet is generated using the seed.  The wallet contains:
    1. an individual BTC address to send the funds to
    2. an individual ETH address
    3. an encrypted seed
    4. a backup encrypted seed
  4. The browser sale app checks the newly created BTC address to see if funds arrive. Before sending any funds, the buyer has an opportunity to download the wallet. If a problem occurs between transactions, any funds send to the buyer’s personal deposit address will be accessible with the passphrase. If the unspent balance of the BTC address > 0.01 BTC, the browser sale app generates a signed transaction from the newly created BTC address with 2 specific outputs:
    1. an output of the total unspent balance minus miners fee to the main sale BTC address–this btc address is where all the funds go, it’s a fixed, known BTC address.
    2. an output of 10000 satoshi to a BTC address generated from the (string) ETH address–this bitcoin address is for confirming ethereum addresses and is unique for every transaction.
  5. The browser sale app prompts the purchaser to download their wallet again & and also sends the buyer an email containing a backup for the ether wallet.  The same caution as stated above applies.  Do not leave the wallet as an email attachment in an email system.  Download as soon as possible and ensure that the email is expunged.
  6. The browser sale app will display the number of bitcoin transaction confirmations

So that’s it! Although there’s a lot of technical things happening in the background, the GUI we have developed will make the process a click by click operation.