US20150262171A1 - Bitcoin private key splitting for cold storage - Google Patents

Abstract

A system and method for transaction bitcoin is described. Bitcoin can be sent to an email address. No miner's fee is paid by a host computer system. Hot wallet functionality is provided that transfers values of some Bitcoin addresses to a vault for purposes of security. A private key of a Bitcoin address of the vault is split and distributed to keep the vault secure. Instant exchange allows for merchants and customers to lock in a local currency price. A vault has multiple email addresses to authorize a transfer of bitcoin out of the vault. User can opt to have private keys stored in locations that are under their control. A tip button rewards content creators for their efforts. A bitcoin exchange allows for users to set prices that they are willing to sell or buy bitcoin and execute such trades.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS
• This patent application claims priority from U.S. Provisional Patent Application No. 61/954,434, filed on Mar. 17, 2014; U.S. Provisional Patent Application No. 61/990,017, filed on May 7, 2014; U.S. Provisional Patent Application No. 62/042,676, filed on Aug. 27, 2014; U.S. Provisional Patent Application No. 62/056,100, filed on Sep. 26, 2014; U.S. Provisional Patent Application No. 62/086,669, filed on Dec. 2, 2014 and U.S. Provisional Patent Application No. 62/099,992, filed on Jan. 5, 2015, each of which is incorporated herein by reference in its entirety.
BACKGROUND OF THE INVENTION
• 1). Field of the Invention
• This invention relates to a computer system and method for transacting bitcoin.
• 2). Discussion of Related Art
• The Bitcoin network is a peer-to-peer payment system having a plurality of nodes that are connected to one another. Bitcoin exchange computer systems allow for users to exchange local currency into or out of bitcoin. Users send payments by broadcasting digitally signed messages to the Bitcoin network. Users may, for example, send and receive payments using mobile applications on mobile devices, client software or a web browser.
• Transactions do not explicitly identify the payor and payee by name or wallet. Instead, a bitcoin transaction transfers ownership to a new address, referred to as a “Bitcoin address”. The Bitcoin address is derived from the public portion of one or more cryptographic key pairs. The private portion of a key pair is not disclosed to the public. To send bitcoin sent to an address, a user broadcasts a payment message that is digitally signed with the associated private key.
• Participants known as “miners” at miner computer systems verify and timestamp transactions into a shared public database called a “block chain”. The miners are rewarded with transaction fees and newly minted bitcoin for their effort. The miner computer systems are specialized computers that append blocks of transactions to the block chain. Solving a cryptographic puzzle required to append a block carries a reward plus fees included in transactions in the block.
• Host computer systems reside at various nodes and may host accounts or “wallets” that allow users to make and accept payments using bitcoin. The wallet stores the public key of the Bitcoin address and its associated private key.
• The transfer of bitcoin may be an onerous task if the entire public key of the Bitcoin address has to be copied and transmitted.
• When a transaction is made between two wallets at the same or different host computer systems, the transaction is broadcast to the Bitcoin network for block chain verification. Such a block chain verification may take a long time to complete. Miner fees are also associated with such a transfer and have to be paid by a host computer system requesting the transfer.
• It may be a security concern for users that their Bitcoin addresses may be stolen from their wallets. Existing systems do not provide a solution for maintaining security of Bitcoin addresses while still allowing the users to use Bitcoin addresses within their wallets for transacting with other users.
• A merchant computer system often has an online store and a website. A customer at a customer computer system may use a browser to access the online store via the website. Items are displayed for purchase in a local currency. Exchange rate between bitcoin and local currency changes over short periods of time. The price in local currency may thus change between the time that the local currency is displayed to the customer and the time that the customer decides to make the purchase. As a result, the customer or the merchant may incur a loss in local currency. The customer or merchant may then be reluctant to purchase using bitcoin.
• In order for a user to access their wallet, the user may log into their account through the website using a user name and password. If the user name and password become compromised then it may be possible for bitcoin to be stolen out of the wallet. Users may therefore be reluctant to store bitcoin in their wallets without any additional security features.
• Bitcoin transacting requires the use of a public key and a private key. The private key is used to sign an authorization and the public key is used to verify the signature. Some users may require control over their private keys in order to ensure to such users that bitcoin transacting will not take place without their express authorization.
• Content creators often put a lot of time and energy into their blog posts. These efforts are rarely rewarded because efficient technology does not exist for rewarding bloggers for their efforts.
SUMMARY OF THE INVENTION
• The invention provides a host computer system for transacting bitcoin including a processor, a network interface device connected to the processor, a computer readable medium connected to the processor, a data store on the computer readable medium and a set of instructions on the computer readable medium that are executable by the processor. The set of instructions includes a wallet establishment module, a login module, a hosted email module and a wallet management. The wallet establishment module establishes a first wallet in the data store, stores login details for the first wallet and storing a value representative of an amount of bitcoin held by the first wallet. The login module receives login credentials over the network interface device for the first wallet from a first user device, verifies whether the login credentials match the login details for the first wallet, and if the login credentials match the login details then logs the first user device into the first wallet. The hosted email module, if the first user device is logged into the wallet, permits transmission of an email by a user of the first user device to an email address of a second user device. The wallet management module, in response to the transmission of the email, records a transfer in the first wallet for an amount of bitcoin from the first wallet to a second wallet identified by the email address.
• The invention also provides a method of transacting bitcoin. A processor establishes a first wallet in a data store connected to the processor. The processor stores login details for the first wallet. The processor stores a value representative of an amount of bitcoin held by the first wallet. The processor receives login credentials for the first wallet from a first user device. The processor verifies whether the login credentials match the login details for the first wallet. The processor, if the login credentials match the login details then, logs the first user device into the first wallet. The processor, if the first user device is logged into the wallet, permits transmission of an email by a user to the first user device to an email address of a second user device and in response to the transmission of the email. The processor records a transfer in the first wallet for an amount of bitcoin from the first wallet to a second wallet identified by the email address.
• The invention further provides a non-transitory computer-readable medium having stored thereon a set of instructions that are executable by a processor to carry out a method of transacting bitcoin. The processor establishes a first wallet in a data store connected to the processor. The processor stores login details for the first wallet. The processor stores a value representative of an amount of bitcoin held by the first wallet. The processor receives login credentials for the first wallet from a first user device. The processor verifies whether the login credentials match the login details for the first wallet. The processor, if the login credentials match the login details then, logs the first user device into the first wallet. The processor, if the first user device is logged into the wallet, permits transmission of an email by a user to the first user device to an email address of a second user device and in response to the transmission of the email. The processor records a transfer in the first wallet for an amount of bitcoin from the first wallet to a second wallet identified by the email address.
• The invention further provides a first host computer system for transacting bitcoin including a processor at a first node of the Bitcoin network, a network interface device connected to the processor, a computer readable medium connected to the processor, a data store on the computer readable medium and a set of instructions on the computer readable medium that are executable by the processor. The set of instructions includes a wallet establishment module. The wallet establishment module establishes a first and second wallets in the data store and stores a value representative of an amount of bitcoin held by the first wallet. The wallet management module receives, over the network interface device, a first transfer instruction for an amount of bitcoin from the first wallet and an identifier of the second wallet, in response to the first transfer instruction, records a transfer in the first wallet for the amount of bitcoin in the first transfer instruction out of the first wallet and a transfer in the second wallet, identified by the identifier of the second wallet, for the amount of bitcoin in the first transfer instruction into the second wallet without paying a miner's fee for the first transfer. In order to execute a subsequent on-block chain transaction, the wallet management module receives, over the network interface device, a second transfer instruction for an amount of bitcoin from the first wallet and a bitcoin address associated with a second node of the Bitcoin network, and in response to the second transfer instruction, records a transfer in the first wallet for the amount of bitcoin in the second transfer instruction out of the first wallet, broadcasts a message to the Bitcoin network, including to the second node, to record a transfer associated with the bitcoin address associated with the second node, for the amount of bitcoin in the second transfer instruction, and pays a miner's fee for the second transfer.
• The invention further provides a method of transacting bitcoin including. A processor of a first host computer system at a first node of the Bitcoin network establishes first and second wallets in a data store connected to the processor. The processor stores a value representative of an amount of bitcoin held by the first wallet. The processor receives a first transfer instruction for an amount of bitcoin from the first wallet and an identifier of the second wallet. The processor, in response to the first transfer instruction, records a transfer in the first wallet for the amount of bitcoin in the first transfer instruction out of the first wallet and a transfer in the second wallet, identified by the identifier of the second wallet, for the amount of bitcoin in the first transfer instruction into the second wallet without paying a miner's fee for the first transfer. The processor receives a second transfer instruction for an amount of bitcoin from the first wallet and a bitcoin address associated with a second node of the bitcoin network. The processor, in response to the second transfer instruction records a transfer in the first wallet for the amount of bitcoin in the second transfer instruction out of the first wallet, broadcasts a message to the Bitcoin network, including to the second node, to record a transfer associated with the bitcoin address associated with the second node, for the amount of bitcoin in the second transfer instruction and pays a miner's fee for the second transfer.
• The invention further provides a non-transitory computer-readable medium having stored thereon a set of instructions that are executable by a processor of a first host computer system at a first node of the Bitcoin network to carry out a method of transacting bitcoin. The processor establishes first and second wallets in a data store connected to the processor. The processor stores a value representative of an amount of bitcoin held by the first wallet. The processor receives a first transfer instruction for an amount of bitcoin from the first wallet and an identifier of the second wallet. The processor, in response to the first transfer instruction, records a transfer in the first wallet for the amount of bitcoin in the first transfer instruction out of the first wallet and a transfer in the second wallet, identified by the identifier of the second wallet, for the amount of bitcoin in the first transfer instruction into the second wallet without paying a miner's fee for the first transfer. The processor receives a second transfer instruction for an amount of bitcoin from the first wallet and a bitcoin address associated with a second node of the bitcoin network. The processor, in response to the second transfer instruction records a transfer in the first wallet for the amount of bitcoin in the second transfer instruction out of the first wallet, broadcasts a message to the Bitcoin network, including to the second node, to record a transfer associated with the bitcoin address associated with the second node, for the amount of bitcoin in the second transfer instruction and pays a miner's fee for the second transfer.
• The invention also provides a host computer system for transacting bitcoin including a processor, a computer readable medium connected to the processor, a local storage on the computer readable medium and a set of instructions on the computer readable medium that are executable by the processor. The set of instructions includes a register, a Bitcoin address and an associated private key and value stored in the register, a local controller, a splitter, an offline distribution module, at least one restoration interface, and an assembler. The local controller transfers a private key for a Bitcoin address of a vault, to a local storage connected to a processor and transfers the value of the Bitcoin address in the register to the vault. The splitter splits the private key of the Bitcoin address of the vault into a plurality of codes. The offline distribution module distributes the codes to remote distributed storage locations, removes the private key of the Bitcoin address of the vault from the local storage, and removes the value for the Bitcoin address of the register from the Bitcoin address of the register. The restoration interface receives at least some of the codes into which the private key for Bitcoin address of the vault has been split. The assembler assembles the codes that have been received into the private key of the Bitcoin address of the vault. The local controller restores the private key of the Bitcoin address of the vault from the local storage, and restores the value for the Bitcoin address in the register from the vault.
• The invention further provides a method of transacting bitcoin. A processor transfers a private key of the Bitcoin address of a vault to a local storage connected to the processor. The processor splits the private key of the Bitcoin address of the vault into a plurality of codes. The processor distributes the codes to remote distributed storage locations. The processor transfers a value of a Bitcoin address in a register to the vault. The processor receives at least some of the codes into which the private key of the Bitcoin address of the vault has been split. The processor assembles the codes that have been received into the private key of the Bitcoin address of the vault. The processor restores the private key of the Bitcoin address of the vault to the vault. The processor restores the value of the Bitcoin address in the register from the vault.
• The invention also provides a non-transitory computer-readable medium having stored thereon a set of instructions that are executable by a processor to carry out a method of transacting bitcoin. A processor transfers a private key of the Bitcoin address of a vault to a local storage connected to the processor. The processor splits the private key of the Bitcoin address of the vault into a plurality of codes. The processor distributes the codes to remote distributed storage locations. The processor transfers a value of a Bitcoin address in a register to the vault. The processor receives at least some of the codes into which the private key of the Bitcoin address of the vault has been split. The processor assembles the codes that have been received into the private key of the Bitcoin address of the vault. The processor restores the private key of the Bitcoin address of the vault to the vault. The processor restores the value of the Bitcoin address in the register from the vault.
• The invention further provides a host computer system for transacting bitcoin including a processor, a network interface device connected to the processor, a computer readable medium connected to the processor, a local storage on the computer readable medium and a set of instructions on the computer readable medium that are executable by the processor. The set of instructions includes a wallet, a plurality of Bitcoin addresses stored in the wallet, a first vault, and a local controller. The local controller is executable for selecting a first transfer set of the Bitcoin addresses for cold storage in the first vault, transferring at least a portion of each of the Bitcoin addresses of the first transfer set to a first vault while keeping the portions a first transaction set in the register, and restoring at least the portion of the Bitcoin addresses of the first transfer set from the first vault to the wallet and a wallet management module transacting using the Bitcoin addresses of the first transacting set without permitting transacting with the Bitcoin addresses of the first transfer set due to the portions thereof being restored to the first vault, and transacting using the Bitcoin addresses of the first transfer set due to the portions thereof being restored from the first vault to the wallet.
• The invention also provides a method of transacting bitcoin. A processor stores a plurality of Bitcoin addresses in a wallet. The processor selects a first transfer set of the Bitcoin addresses for cold storage in a first vault. The processor transfers at least a portion of each of the Bitcoin addresses of the first transfer set to the first vault while keeping the portions a first transaction set in the register. The processor transacts using the Bitcoin addresses of the first transacting set without permitting transacting with the Bitcoin addresses of the first transfer set due to the portions thereof being transferred to the first vault. The processor restores the portion of the Bitcoin addresses of the first transfer set from the first vault to the wallet. The processor transacts using the Bitcoin addresses of the first transfer set due to the portions thereof being restored from the first vault to the wallet.
• The invention further provides a non-transitory computer-readable medium having stored thereon a set of instructions that are executable by a processor to carry out a method of transacting. A processor stores a plurality of Bitcoin addresses in a wallet. The processor selects a first transfer set of the Bitcoin addresses for cold storage in a first vault. The processor transfers at least a portion of each of the Bitcoin addresses of the first transfer set to the first vault while keeping the portions a first transaction set in the register. The processor transacts using the Bitcoin addresses of the first transacting set without permitting transacting with the Bitcoin addresses of the first transfer set due to the portions thereof being transferred to the first vault. The processor restores the portion of the Bitcoin addresses of the first transfer set from the first vault to the wallet. The processor transacts using the Bitcoin addresses of the first transfer set due to the portions thereof being restored from the first vault to the wallet.
• The invention also provides a method of effecting payment including receiving, by a host computer system, a request for payment from a merchant computer system, including an amount in a currency, determining, by the host computer system, a first exchange rate, wherein the first exchange rate fluctuates and the first exchange rate is determined at a first moment in time, converting, by the host computer system, the amount in the currency to an amount in bitcoin using the first exchange rate at the first moment in time, receiving, by the host computer system, a send instruction from the customer computer system, wherein the send instruction is at a second moment in time later than the first moment in time and the exchange rate at the second moment in time is a second exchange rate that is different than the first exchange rate at the first moment in time, receiving, by the host computer system, payment in bitcoin from the customer in an amount that is based on the amount in bitcoin and transmitting, by the host computer system, in response to receiving the send instruction from the customer computer system, a payment instruction to pay currency to the merchant, wherein the currency paid to the merchant is for an amount that is at least in part based on the amount in the currency that is converted to bitcoin at the first moment in time even though the exchange rate is different at the second moment in time.
• The invention further provides a host computer system for effecting payment including a processor, a computer readable medium connected to the processor and a set of instructions on the computer readable medium that are executable by the processor. The set of instructions includes an application programmable interface (API) receiving a request for payment from a merchant computer system, including an amount in a currency, a currency converter determining a first exchange rate, wherein the first exchange rate fluctuates and the first exchange rate is determined at a first moment in time, and converting, by the host computer system, the amount in the currency to an amount in bitcoin using the first exchange rate at the first moment in time, transaction processor receiving a send instruction from the customer computer system, wherein the send instruction is at a second moment in time later than the first moment in time and the exchange rate at the second moment in time is a second exchange rate that is different than the first exchange rate at the first moment in time, and receiving a payment in bitcoin from the customer in an amount that is based on the amount in bitcoin and a bank transfer module transmitting in response to receiving the send instruction from the customer computer system, a payment instruction to pay currency to the merchant, wherein the currency paid to the merchant is for an amount that is at least in part based on the amount in the currency that is converted to bitcoin at the first moment in time even though the exchange rate is different at the second moment in time.
• The invention also provides a non-transitory computer-readable medium having stored thereon a set of instructions that are executable by a processor to carry out a method of transacting bitcoin including receiving, by a host computer system, a request for payment from a merchant computer system, including an amount in a currency, determining, by the host computer system, a first exchange rate, wherein the first exchange rate fluctuates and the first exchange rate is determined at a first moment in time, converting, by the host computer system, the amount in the currency to an amount in bitcoin using the first exchange rate at the first moment in time, receiving, by the host computer system, a send instruction from the customer computer system, wherein the send instruction is at a second moment in time later than the first moment in time and the exchange rate at the second moment in time is a second exchange rate that is different than the first exchange rate at the first moment in time, receiving, by the host computer system, payment in bitcoin from the customer in an amount that is based on the amount in bitcoin and transmitting, by the host computer system, in response to receiving the send instruction from the customer computer system, a payment instruction to pay currency to the merchant, wherein the currency paid to the merchant is for an amount that is at least in part based on the amount in the currency that is converted to bitcoin at the first moment in time even though the exchange rate is different at the second moment in time.
• The invention further provides a method of managing bitcoin, including establishing, by a host computer system, a vault and storing first and second electronic communication addresses in relation to the vault, storing, by the host computer system, bitcoin in the vault, receiving, by the host computer system, a request to transfer an amount of the bitcoin out of the vault, transmitting, by the host computer system, in response to the request, first and second messages over a network to the first and second addresses, detecting, by the host computer system, whether first and second authorization instructions are received due to one or more users reacting to the first and second messages sent to the first and second addresses and transferring, by the host computer system, the amount of bitcoin out of the vault only if both the first and second authorization instructions are detected.
• The invention also provides a non-transitory computer-readable medium having stored thereon a set of instructions which, when executed by a processor, executes a method including establishing, by a host computer system, a vault and storing first and second electronic communication addresses in relation to the vault, storing, by the host computer system, bitcoin in the vault, receiving, by the host computer system, a request to transfer an amount of the bitcoin out of the vault, transmitting, by the host computer system, in response to the request, first and second messages over a network to the first and second addresses, detecting, by the host computer system, whether first and second authorization instructions are received due to one or more users reacting to the first and second messages sent to the first and second addresses and transferring, by the host computer system, the amount of bitcoin out of the vault only if both the first and second authorization instructions are detected.
• The invention further provides a bitcoin management system, including a processor, a computer-readable medium connected to the processor and a set of instructions on the computer readable medium that are executable by the processor. The set of instructions includes a vault establishment wizard establishing a vault and storing first and second electronic communication addresses in relation to the vault, transaction processor storing bitcoin in the vault and a vault management module receiving a request to transfer an amount of the bitcoin out of the vault, transmitting, in response to the request, first and second messages over a network to the first and second addresses, detecting whether first and second authorization instructions are received due to one or more users reacting to the first and second messages sent to the first and second addresses, and instructing the transaction processor to transfer the amount of bitcoin out of the vault only if both the first and second authorization instructions are detected.
• The invention also provides a method of transacting bitcoin including storing, by a host computer system, a public key, receiving, by the host computer system, a request from a user computer system to transact using a bitcoin address, transmitting, by the host computer system, a verification script to the user computer system, the verification script including an authorization and a signature algorithm that is executable on the user computer system to sign the authorization with a private key to obtain a signed authorization that includes the signature and transmit the signed authorization to the host computer system, receiving, by the host computer system, the signed authorization including the signature from the user computer system, verifying, by the host computer system, the signature of the signed authorization received from the user computer system using a public key; and transacting, by the host computer system, with the bitcoin address, the transacting being permitted due to a successful verification of the signature but not upon an unsuccessful verification of the signature.
• The invention further provides a host computer system including a processor, a set of data and instructions on the computer-readable medium that are executable by the processor that are executable by the processor, a public key, a transaction processor receiving a request from a user computer system to transact using a bitcoin address, a verification script that is transmitted to the user computer system, the verification script including an authorization and a signature algorithm that is executable on the user computer system to sign the authorization with a private key to obtain a signed authorization that includes the signature and transmit the signed authorization to the host computer system, the host computer system receiving the signed authorization including the signature from the user computer system, and a verification module verifying the signature of the signed authorization received from the user computer system using a public key, the transaction processor transacting with the bitcoin address, the transacting being permitted due to a successful verification of the signature but not upon an unsuccessful verification of the signature.
• The invention also provides a host computer system including a processor, a network interface device connected to the processor, a computer readable medium connected to the processor and a set of instructions on the computer readable medium that are readable and executable by the processor. The set of instructions include an embedded code generator generating an embedded code for inclusion within a website of a partner computer system, the embedded code including a startup caller causing transmission of a startup call from the sender computer system to the host computer system, a startup call responder receiving the startup call from the sender computer system and transmitting, in response to the startup call, a tip button and a session script to the sender computer system, the session script being executable by the sender computer system to transmit a session call to the host computer system and a session responder transmitting, in response to the session call, at least one payment button and a payment script to the sender computer system, the payment button being selectable by the user of the sender computer system to execute the payment script, the payment script transmitting an instruction to a transaction processor to transfer funds from a sender account to a receiver account.
• The invention further provides a method of transferring funds including generating, by a host computer system, an embedded code for inclusion within a website of a partner computer system, the embedded code including a startup caller causing transmission of a startup call from the sender computer system to the host computer system, receiving, by the host computer system, the startup call from the sender computer system, transmitting, by the host computer system in response to the startup call, a tip button and a session script to the sender computer system, the session script being executable by the sender computer system to transmit a session call to the host computer system and transmitting, by the host computer system in response to the session call, at least one payment selection and a payment script to the sender computer system, the payment selection being selectable by the user of the sender computer system to execute the payment script, the payment script transmitting an instruction to a transaction processor to transfer funds from a sender account to a receiver account.
• The invention also provides a method of transacting bitcoin including executing, by a host computer system, a trading algorithm, including receiving sell offers for bitcoin from a sellers, receiving a buy offers for bitcoin from a buyers, creating respective matches wherein each match includes one of the buy offers and one of the sell offers, broadcasting each respective match over a multicast pipeline, receiving each respective match with a clearing module and clearing the respective match by updating an exchange database to reflect the respective match by transferring a representation of bitcoin from the seller to the buyer and transferring a representation of currency from the buyer to the seller.
• The invention further provides a system for transacting bitcoin including an order gateway receiving sell offers for bitcoin from a sellers and receiving a buy offers for bitcoin from a buyers, a matching engine creating respective matches wherein each match includes one of the buy offers and one of the sell offers, a multicast pipeline, the matching engine broadcasting each respective match over the multicast pipeline, an exchange database; and a clearing module receiving each respective and clearing the respective match by updating the exchange database to reflect the respective match by transferring a representation of bitcoin from the seller to the buyer and transferring a representation of currency from the buyer to the seller, thereby executing a trading algorithm.
BRIEF DESCRIPTION OF THE DRAWINGS
• The invention is further described by way of example with reference to the accompanying drawings, wherein:
• FIG. 1A is a block diagram of a network environment that includes the Bitcoin network and a number of systems forming part thereof or connected thereto;
• FIG. 1B is a block diagram of a first host computer system and a first and second user devices connected thereto;
• FIG. 2 is diagrammatic view of a first wallet that is held within a first host computer system inFIG. 1;
• FIG. 3 is a view similar toFIG. 2, further illustrating a second wallet that has been established within the first host computer system;
• FIG. 4 is a view of an email that is received by the second user device inFIG. 1;
• FIG. 5 is a view of a browser displaying a user interface with fields for creating login details for the second wallet;
• FIGS. 6 to 30 are views similar toFIG. 5 that step a user of the second user device through a wallet set up;
• FIGS. 31 to 33 are views of the browser wherein the user interface discloses various tools that can be used by the user;
• FIGS. 34 to 37 are views of the browser wherein the user interface is used by the user to purchase bitcoin from the first host computer system;
• FIG. 38 is an email that is received by the second user device to confirm the purchase of the bitcoin from the first host computer system;
• FIG. 39 is an email that is received by the second user device with a notification that bitcoin has been added to their wallet as part of a referral bonus system;
• FIG. 40 is a view of the browser wherein the user interface displays “Limits and Verifications” associated with the second wallet;
• FIG. 41 is a view similar toFIG. 3 displaying transfer of bitcoin from the second wallet to the first wallet;
• FIGS. 42 and 43 are views of the browser when the user interface steps the user through the transfer of bitcoin from the second wallet to the first wallet;
• FIG. 44 is a view of the browser wherein the user interface displays Bitcoin addresses associated with transactions that have been completed;
• FIG. 45 is a view similar toFIG. 40 further showing the transfer of bitcoin from the second wallet to a third wallet that is connected to a second host computer system;
• FIG. 46 is a block diagram illustrating splitting of a private key of a vault and offline distribution;
• FIG. 47 is a block diagram illustrating removal of the private key of the vault;
• FIG. 48 is a block diagram illustrating offline or “cold” storage of values of Bitcoin addresses of a wallet in the vault;
• FIG. 49 is a block diagram illustrating isolation of the vault with its private key removed;
• FIG. 50 is a block diagram illustrating how the private key of the vault and the value of the Bitcoin addresses are restored;
• FIGS. 51ato51dare block diagrams that illustrate how values of certain Bitcoin addresses in a wallet are removed and others are maintained;
• FIG. 52 is a graph illustrating how the wallet is maintained within a range so that only a portion of the wallet is “hot” in the sense that a user of the wallet can use the “hot” portion for transacting with another user;
• FIG. 53 is a block diagram that shows how an intermediate hot wallet is used to collect value from multiple wallets before transfer to a vault;
• FIG. 54 is a block diagram of a network environment that includes a customer computer system and merchant computer system;
• FIG. 55 is a block diagram illustrating functioning for purposes of locking an exchange rate in when processing a transaction made by the customer computer system on the merchant computer system inFIG. 54;
• FIG. 56 is a flow chart illustrating the establishment of a personal vault;
• FIG. 57 is a flow chart illustrating how bitcoin is transferred into and out of the vault;
• FIG. 58 is a block diagram of the first host computer system illustrating components that are used for establishing the vault and transferring bitcoin into and out of the vault;
• FIG. 59 is an email that is transmitted to verify a secondary email address;
• FIG. 60 is a view of a browser wherein a user interface displays options for transferring bitcoin out of a vault;
• FIGS. 61 and 62 are emails that are transmitted to primary and secondary email addresses to approve a withdrawal;
• FIG. 63 is a view of the browser with the user interface displaying a transaction status window;
• FIG. 64 is a block diagram illustrating the establishment of a user-controlled vault;
• FIG. 65 is a block diagram illustrating the user of the user-controlled vault for authorizing a transaction;
• FIG. 66 is a block diagram of an address generator that is used by the user-controlled vault;
• FIG. 67 toFIG. 71 are a block diagrams illustrating the functioning of a tip button;
• FIG. 72 is a block diagram of a system for transacting bitcoin according to an embodiment of the invention;
• FIGS. 73ato73fillustrate the use of the system ofFIG. 72 for executing transfer-in, trading and withdrawal algorithms; and
• FIG. 74 is a block diagram of a machine in the form of a computer system forming part of the network environment.
DETAILED DESCRIPTION OF THE INVENTION
• FIG. 1A of the accompanying drawings illustrates anetwork environment10, including theBitcoin network12, a firsthost computer system14 within which the invention manifests itself, a secondhost computer system16, first andsecond user devices18 and20 connected over theInternet22 to the firsthost computer system14, a third user device24 connected to the secondhost computer system16, a bitcoinexchange computer system26 and aminer computer system28.
• TheBitcoin network12 includes ahost node30 and a plurality ofremote nodes32A to D that are connected to one another. The firsthost computer system14 is connected to thehost node30. The bitcoinexchange computer system26 is connected to theremote node32A. The secondhost computer system16 is connected to theremote node32B. Theminer computer system28 is connected to theremote node32D or could reside on the same computer system.
• The firsthost computer system14 is used primarily for transacting bitcoin and, as shown inFIG. 1B, includes awebsite34 having auser interface36, alogin module38, awallet establishment module40, a plurality ofwallets42, awallet management module44 and a hostedemail module46. Thelogin module38 is connected to thewebsite34 and the hostedemail module46 is connected to thelogin module38. Thewallet establishment module40 is connected to thewallets42. The hostedemail module46 is connected via thewallet management module44 to thewallets42. As illustrated in the drawing, thefirst user device18 is connected over theInternet22 and theuser interface36 to thelogin module38. As further illustrated in the drawing, the hostedemail module46 is connected over theInternet22 to thesecond user device20 and thesecond user device20 is connected over theInternet22 and theuser interface36 to thewallet establishment module40.
• As shown inFIG. 2, the firsthost computer system14 already has one wallet (Wallet A) stored among thewallets42 corresponding to thefirst user device18. The first wallet (Wallet A) includes an email address (email address A) and login details for the wallet. The first wallet (Wallet A) also includes a number of Bitcoin addresses (Bitcoin address 1; Bitcoin address 2) that have been created due to respective transfers or purchases (Transfer 1; Transfer 2). The first Bitcoin address (Bitcoin address 1) is created due to a purchase (Transfer 1) from a master wallet of the first host computer system14 (First Host) and is recorded for a value in an amount in bitcoin. The second Bitcoin address (Bitcoin address 2) is created due to a transfer (Transfer 2) from another location within theBitcoin network12 having a network address outside of the firsthost computer system14 and is recorded for a particular amount in bitcoin. The first wallet (Wallet A) was originally established by thewallet establishment module40 inFIG. 1B. The email address (email address A) and login details of the first wallet were also recorded by thewallet establishment module40. Thewallet establishment module40 andwallet management module44 were used to record the transfers and purchases (Transfer 1; Transfer 2), their Bitcoin addresses (Bitcoin address 1; Bitcoin address 2), their values and other details within the wallet.
• A user of thefirst user device18 inFIG. 1B may use a mobile application on thefirst user device18 to communicate over theInternet22 directly with thelogin module38 or may use a browser on thefirst user device18 to communicate via theInternet22 and thewebsite34 with thelogin module38. A browser application on thefirst user device18 transmits a user interface request over theInternet22 to thewebsite34. Thewebsite34 responds to the user interface request by transmitting theuser interface36 over theInternet22 to thefirst user device18. Theuser interface36 is then displayed on thefirst user device18. Theuser interface36 includes fields for entering login credentials, which are then transmitted from thefirst user device18 over theInternet22 to thelogin module38. Thelogin module38 verifies whether the login credentials match the login details for the wallet (Wallet A). If the login credentials match the login details, then thelogin module38 logs thefirst user device18 into the wallet (Wallet A) inFIG. 2. If the login credentials do not match the login details, then thefirst user device18 is not logged in to the wallet.
• If thefirst user device18 inFIG. 1B is logged in to the wallet, thelogin module38 also provides access for thefirst user device18 to the hostedemail module46 and transmission of an email by a user of thefirst user device18 to an email address of thesecond user device20. Theuser interface36 provides a field for entering the email address of thesecond user device20. Theuser interface36 also includes a field for entering an amount in bitcoin (or an amount in local currency that is converted to bitcoin using an exchange rate) that is being transferred from the wallet (Wallet A) corresponding to thefirst user device18 to a respective wallet among thewallets42 corresponding to thesecond user device20 that has not yet been established at this point in time. The user of thefirst user device18 then uses the hostedemail module46 to send an email at50 to thesecond user device20. The hostedemail module46 simultaneously at52 instructs thewallet establishment module40 to establish a wallet corresponding to the email address within thewallets42. The hostedemail module46 simultaneously instructs thewallet management module44 to record the amount of bitcoin that is being transferred from the wallet (Wallet A) within the wallet corresponding to the email address.
• FIG. 3 illustrates further activity within thewallets42 due to the email represented by a third transfer (Transfer 3). When the user of the first wallet (Wallet A) transmits the email, the system uses an existing Bitcoin address (Bitcoin address 2) to which the outgoing transfer is charged. Associated with the transfer (Transfer 3) are the email address to which the email has been transmitted, the amount in bitcoin, a miner's fee of zero bitcoin that is paid by the firsthost computer system14 to any miner computer system such as theminer computer system28 inFIG. 1A, and a host fee of zero bitcoin that are charged to the wallet (Wallet A) for the transfer. A second wallet (Wallet B) is established by thewallet establishment module40 and the email address (email address B) of thesecond user device20 is recorded as an identifier of the wallet (Wallet B). A Bitcoin address (Bitcoin address 3) is recorded within the second wallet (Wallet B) for the transfer (Transfer 3). Within the second wallet (Wallet B), the transfer (Transfer 3) has the Bitcoin address (Bitcoin address 3), the identifier of the wallet (Wallet A) from where the funds are transferred associated therewith, and the amount in bitcoin that has been transferred. The amount in bitcoin corresponding to the transfer (Transfer 3) of both wallets (Wallet A; Wallet B) is the same, consistent with double entry accounting principles. The second wallet (Wallet B) so far has no login details or any other user information and has not been accessed by a user of thesecond user device20 at this point in time.
• FIG. 4 illustrates the email when it is received at thesecond user device20 inFIG. 1B. The email is received and viewed within an email application on thesecond user device20. The email includes a link (“Click here to sign in and claim this amount”) that, when selected by the user of thesecond user device20, transmits a user interface request from the browser on thesecond user device20 over theInternet22 to thewebsite34. Thewebsite34 responds to the user interface request to transmit theuser interface36 over theInternet22 to thesecond user device20 for viewing within the browser.
• FIG. 5 illustrates theuser interface36 as displayed on thesecond user device20 inFIG. 1B. Theuser interface36 includes a plurality of fields for the user of thesecond user device20 to enter login details for the second wallet (Wallet B), including a password and a confirmation of the password. After the user has entered a password, the user can access their wallet by selecting the button “Access My Wallet”. Thewallet establishment module40 inFIG. 1B stores the login credentials in association with the second wallet (Wallet B). Thelogin module38 also logs thesecond user device20 into the second wallet (Wallet B). If the user is logged out, the user can be provided with a login page where the user can enter login credentials that are compared with the login details in the second wallet (Wallet B) and then log into the second wallet (Wallet B) following a favorable match between the login credentials and the login details.
• FIG. 6 shows a view that is displayed on thesecond user device20 inFIG. 1B. The user is already logged into the wallet, as shown in the top right. The user can accept or decline an agreement.FIG. 7 displays the first page that is displayed to the user following acceptance of the agreement. The page shows the current balance corresponding to the amount of bitcoin at the Bitcoin address (Bitcoin address 4) inFIG. 3. The user can select various tools down the left margin, including sending or requesting bitcoin, buying or selling bitcoin, account settings and various merchant tools.FIG. 8 illustrates a view that is displayed to the user if the user selects the “Buy/Sell” link inFIG. 7. The user is prompted to add a bank account.FIGS. 9 through 15 step the user through the entry of bank account details and verification of the bank account. The user can also select a credit card as a backup payment.FIGS. 16 to 19 step the user through the entry of a credit card number and a billing address, andFIGS. 20 and 21 step the user through a verification process to verify that the user is in control of the credit card account.FIGS. 22 and 23 request additional information from the user.FIG. 23 also allows the user to verify a phone at a phone number andFIGS. 24 through 27 step the user through a process for verifying their phone and phone number.FIGS. 28 through 30 illustrate a process for verifying an identity of the user of thesecond user device20. As illustrated inFIGS. 31 to 33, the top margin within the account settings allow for additional tools such as referrals (FIG. 31), viewing of Bitcoin addresses (FIG. 32), and integration with an application programmable interface (FIG. 33).
• FIG. 34 illustrates a process that is initiated by the user to purchase bitcoin from a wallet of the firsthost computer system14. In the present example, the user selects one (1) bitcoin (BTC) to purchase.FIGS. 35 and 36 step the user through the process of purchasing the bitcoin. Once the bitcoin is purchased, the user can select on “History” tab in the top margin to display a view as shown inFIG. 37 wherein the transaction is displayed and is marked as “PENDING”.
• FIG. 38 shows an email that is transmitted by the hostedemail module46 inFIG. 1B to thesecond user device20 to confirm the purchase of the bitcoin following selection of a “Confirm” button inFIG. 35. The email also has a link that, when selected by the user, opens the browser on thesecond user device20 and allows the user to login to their wallet and view the transaction.
• FIG. 39 shows an email that is transmitted by the hostedemail module46 inFIG. 1B to thesecond user device20 with a notification that bitcoin has been added to their wallet as part of a referral bonus system.
• FIG. 40 illustrates a view that is displayed when the user selects a “Limits and Verifications” tab in the top margin of the “Buy/Sell” page.
• When the user selects the “Send/Request” link in the left margin inFIG. 40, the user is provided an option to send bitcoin from their wallet (Wallet B) inFIG. 3 to another wallet (e.g. the first wallet (Wallet A)) inFIG. 3.
• FIG. 41 illustrates further transfers or purchases (Transfer 4;Transfer 5; Transfer 6). The fourth transfer (Transfer 4) represents the purchase of bitcoin from the first host computer system's14 master wallet.
• The fifth transfer (Transfer 5) represents the transfer of bitcoin from the second wallet (Wallet B) to the first wallet (Wallet A). The second wallet (Wallet B) now has login details stored therein. If thesecond user device20 inFIG. 1B has been logged out of the second wallet (Wallet B), then thesecond user device20 is first directed to thelogin module38 which receives login details for the second wallet (Wallet B) from thesecond user device20, verifies whether the login credentials for the second wallet (Wallet B) match the login details for the second wallet (Wallet B). If the login details match the login credentials, then thelogin module38 logs thesecond user device20 into the second wallet (Wallet B).
• Thelogin module38 then provides thesecond user device20 with access to the hostedemail module46. The user of thesecond user device20 then enters the email address (email address A) of the user of the first wallet (Wallet A) and an amount of bitcoin that the user of thesecond user device20 wishes to transfer from the second wallet (Wallet B) to the first wallet (Wallet A). The user of thesecond user device20 then uses the hostedemail module46 to send an email via theInternet22 to thefirst user device18. As soon as the email is sent, a transfer (Transfer 5) is recorded within the second wallet (Wallet B). Because one of the Bitcoin addresses (Bitcoin address 4) has funds associated therewith, it can be charged for the transfer (Transfer 4). Within the second wallet (Wallet B) the transfer (Transfer 4) has the email address (email address A) to which the email has been sent and the amount in bitcoin associated therewith.
• As indicated, the miner's fee that is paid by the firsthost computer system14 and the host fee that is charged for the transfer are zero bitcoin because the first wallet (Wallet A) is stored within thewallets42 of the firsthost computer system14. The user of thefirst user device18 receives the email indicating the transfer of bitcoin to their wallet (Wallet A). A Bitcoin address (Bitcoin address 5) is recorded within the first wallet (Wallet A) for the transfer (Transfer 5) together with the identifier of the second wallet (Wallet B) from which the transfer has been made and the amount in bitcoin. The amount in bitcoin corresponding to the transfer (Transfer 4) in the second wallet (Wallet B) is the same as the amount in bitcoin as in the first wallet (Wallet A).
• As illustrated by the next transfer (Transfer 6), the user of the second wallet (Wallet B) can opt to send bitcoin to a Bitcoin address of the first wallet (Wallet A). The transfer (Transfer 6) is the same as the preceding transfer (Transfer 5) in all other respects.
• FIG. 42 shows a view that is displayed to the user of thesecond user device20 inFIG. 1B in order to make the transfer from their wallet (Wallet B) to the first wallet (Wallet A). The view includes a field for the user to enter the email address (email address A) and fields for entering either an amount in bitcoin (BTC) or an amount in a local currency (USD—United States Dollar). The exchange rate between bitcoin and the local currency is shown in the top left corner. The view also includes a button “Send Money” which, when selected by the user, initiates the transfer of bitcoin.
• FIG. 43 is a view that is displayed to the user indicating transactions that have been initiated or completed. The purchase of bitcoin discussed with reference toFIGS. 35 to 37 is shown as “PENDING”. A block chain verification notice has to be broadcast by theminer computer system28 and be received by the firsthost computer system14 inFIG. 1A before a determination is made to change the marker “PENDING” to “COMPLETE”. The other transactions representing transfers between the first and second wallets (Wallet A and Wallet B) inFIG. 41 are shown as completed because they do not need block chain verification outside of the firsthost computer system14. No block chain verification notice is thus required for these transactions to be marked “COMPLETE”.FIG. 44 shows a view that can be selected by the user by selecting a tab in the top margin wherein the user is shown the Bitcoin addresses associated with transactions that have been completed.
• FIG. 45 illustrates a further transaction (Transfer 7) wherein bitcoin is transferred from the second wallet (Wallet B) to a third wallet (Wallet C) held by the secondhost computer system16 inFIG. 1A. The user of thesecond user device20 enters a bitcoin address (Bitcoin address 6) that is located in the third wallet (Wallet C) and an amount of bitcoin to be transferred to the third wallet (Wallet C). A transfer (Transfer 7) is recorded within the second wallet (Wallet B). Associated with the transfer (Transfer 7) are the Bitcoin address (Bitcoin address 6), the amount in bitcoin that is being transferred and a miner's fee that is charged for the transfer and has to be paid by the firsthost computer system14 to theminer computer system28 inFIG. 1A. No fee is charged by the firsthost computer system14 for a transfer to another Bitcoin address.
• When the user of thesecond user device20 inFIG. 1A completes the purchase, a transfer instruction is created and is broadcast via thehost node30 to allremote nodes32A-D within theBitcoin network12. The transfer instruction thus traverses the first node and the secondremote node32B to reach the secondhost computer system16. The secondhost computer system16 and all other computer systems connected to theremote nodes32A-D record the transfer (Transfer 7) with respect to the Bitcoin addresses (Bitcoin address 4; Bitcoin address 6). The transfer (Transfer 7) has associated therewith the amount in bitcoin.
• The transfer instruction that results in the transfer (Transfer 5) thus results in no miner's fee being charged to and paid by the firsthost computer system14. No host fee is charged to the second wallet (Wallet B) because the transfer (Transfer 7) is made to another wallet (Wallet A) within thewallets42 of the firsthost computer system14. By contrast, the transfer instruction that results in the transfer (Transfer 7) representing the transfer to the Bitcoin address (Bitcoin address 6) in the third wallet (Wallet C) results in a miner's fee that is paid by the firsthost computer system14 to theminer computer system28. Theminer computer system28 is responsible for verifying transfers of bitcoin over theBitcoin network12. In the present scenario, theminer computer system28 verifies the transfer of bitcoin from the second wallet (Wallet B) to the third wallet (Wallet C).
• Another transfer may comprise that bitcoin is sent to one of the nodes,e.g. node32C. Thenode32C could be a fourth user device which is owned by the recipient of the bitcoin transfer having its own bitcoin address.
• FIG. 46 illustrates components that are used for cold storage of value of bitcoin, including alocal storage56, alocal controller58, avault64, asplitter66, one ormore encryption algorithms68 and70 and an offline distribution module72.
• Thevault64 has aBitcoin address80 with aprivate key79. Theprivate key79 is, for purposes of illustration, shown as a nine digit sequence of characters that are provided to thesplitter66. For purposes of illustration, thesplitter66 splits the nine digits of theprivate key79 into seven overlapping codes (Codes 1 to 7). Theencryption algorithm68 encrypts the first code (Code 1) into an encrypted code (Encrypted Code 1). In a similar manner, the second code (Code 2) is encrypted by an encryption algorithm (not shown) into an encrypted code (Encrypted Code 2). Each one of the seven codes is encrypted into a separate encrypted code. A separate key may be used for each one of seven codes. Alternatively, a separate encryption algorithm may be used for each one of the seven codes.
• Once all the codes have been encrypted, the offline distribution module72 transmits each one of the encrypted codes (EncryptedCode 1 to 7) to a separate location. The locations are remote locations that are geographically separated from one another. The offline distribution module72 may also be used to print one or more of the encrypted codes for paper delivery to respective remote locations.
• FIG. 47 illustrates functioning of the offline distribution module72 following distribution of the encrypted codes inFIG. 46. The offline distribution module72 removes theprivate keys79 of theBitcoin address80 of thevault64. The offline distribution module72 also removes theprivate key79 of theBitcoin address80 within thelocal storage56.
• As shown inFIG. 48, alocal register60 includes a plurality ofwallets42, one of which is shown. Thewallet42 has a plurality of Bitcoin addresses74,76 and78 associated therewith. EachBitcoin address74,76 and78 has a respective value and a respective private key. Thelocal controller58 transfers the entire value of the Bitcoin addresses76 and78 into thevault64. The value relating to theBitcoin address74 is not transferred into thevault64. Thelocal controller58 calculates the total value of the Bitcoin addresses76 and78 that have been transferred into thevault64 and records the total value in thelocal storage56 in association with theBitcoin address80.
• As shown inFIG. 49, following removal of the value of the Bitcoin addresses76 and78 within thewallet42, the value of the Bitcoin addresses76 and78 are only held within thevault64 and thelocal storage56. Theprivate key79 is only held in a split and encrypted form at the distributed locations where the offline distribution module72 inFIG. 46 has distributed them to. Unless access can be gained to theprivate key79 that has now been split and distributed, it is not possible to access the value of the Bitcoin addresses76 and78. It is now possible for a user to which thewallet42 is registered to use theBitcoin address74 for transacting with another user via thewallet management module44 inFIG. 1B. The Bitcoin addresses76 and78 are not usable by thewallet management module44 for purposes of transacting with another user at this time because their values, within thewallet42, have been removed.
• FIG. 50 shows how the private keys of thevault64 and the Bitcoin addresses76 and78 that were removed inFIG. 46 are restored. Components that are provided for restoration include a plurality ofrestoration interfaces82,84 and86, one ormore decryption algorithms88,90 and92 and anassembler94. The holder of the first encrypted code (Encrypted Code 1) is called upon to enter the encrypted code into therestoration interface82. Therestoration interface82 may for example be a web page with a field for entry of the first encrypted code. Alternatively, therestoration interface82 may be an application programmable interface (API) and the first encrypted code can be entered into the API with or without human involvement.
• In the given example, the second, third, fifth and sixth encrypted codes are not received at this time. The fourth and seventh encrypted codes are received through the restoration interfaces84 and86, similar to the first encrypted code.
• Thedecryption algorithm88 decrypts the first encrypted code (Encrypted Code 1) into the first code (Code 1). In the given example, thedecryption algorithms90 and92 decrypt the fourth and seventh encrypted codes (EncryptedCode 4 and Encrypted Code 7) into the fourth and seventh codes (Code 4 and Code 7) respectively. In the given example, three codes are the minimum number of codes that are required in order to reassemble theprivate key79. The minimum number of codes required for reassembly inFIG. 48 is thus less than the total number of codes into which theprivate key79 has been split inFIG. 46. Theassembler94 assembles theprivate key79 when the minimum number of codes has been received.
• Theprivate key79 of theBitcoin address80 in thelocal storage56 is used to access thevault64. Thelocal controller58 then restores theprivate key79 from the local storage into the vault for association with the Bitcoin address. The block chain will know whether theprivate key79 that has been restored is the sameprivate key79 that was previously associated with the Bitcoin address. Only upon confirmation from the block chain will it be possible to transfer the value from thevault64 to thelocal register60.
• Thelocal controller58 restores the respective value of the Bitcoin addresses76 and78 in thevault64 to the Bitcoin addresses76 and78 in thewallet42. Because the values have been restored to the Bitcoin addresses76 and78 in thewallet42 they are usable for transacting with other users.
• FIGS. 51ato51dillustrate the use of a “hot” wallet in combination with “cold storage”. As shown inFIG. 51a, thewallet42 has the Bitcoin addresses74,76,78 and afurther Bitcoin address98, each having a respective value associated therewith. Thelocal storage56 has first, second and third Bitcoin addresses80A to80C for first, second andthird vaults64A to64C, respectively. The Bitcoin addresses76 and78 form a first transfer set that is selected for cold storage. The Bitcoin addresses74 and98 form a first transacting set. The values of the Bitcoin addresses76 and78 of the first transfer set are transferred into thefirst vault64A, as represented by “Value” in thefirst vault64A.
• The private key of theBitcoin address80A of thefirst vault64A is then transferred into thelocal storage56 and is stored in association with thefirst Bitcoin address80A. As hereinbefore described with reference toFIG. 46, the private key of theBitcoin address80A in thelocal storage56 is then split and distributed. As hereinbefore described with reference toFIGS. 47 and 48, the private keys of theBitcoin address80 and the value of theBitcoin address76 and78 are then removed. It is then not possible for a user of thewallet42 to use theBitcoin address76 and78 for transacting with another user. The user can still transact with another user using the Bitcoin addresses74 and98 of the first transacting set because their values are still associated with them within thewallet42.
• FIG. 51bshows the Bitcoin addresses76 and78 within thewallet42 with their values removed and theBitcoin address80A within thelocal storage56 with its private key removed. The private key of theBitcoin address80B ofsecond vault64B is transferred into thelocal storage56 and associated with thesecond Bitcoin address80B within thelocal storage56. The private key of thesecond Bitcoin address80B in thelocal storage56 is split and distributed and then removed from thelocal storage56. TheBitcoin address98 is selected as part of a second transfer set of one or more Bitcoin addresses. The value of theBitcoin address98 is transferred from thewallet42 into thesecond vault64B, as represented by “Value” in thesecond vault64B. The value of theBitcoin address98 within thewallet42 is thus removed. The user of thewallet42 can now not use theBitcoin address98 for purposes of transacting with another user because the value of theBitcoin address98 has been removed from thewallet42. TheBitcoin address74 forms part of a second transacting set that may include one or more Bitcoin addresses that can be used for transacting with another user.
• FIG. 51cshows theBitcoin address98 having its value removed and thesecond Bitcoin address80B within thelocal storage56 having its private key removed. At this stage it may be desirable to restore the values of the Bitcoin addresses76 and78. The private key of thefirst Bitcoin address80A within thelocal storage56 is restored to thevault64 as hereinbefore described with reference toFIG. 50. The respective values of the Bitcoin addresses76 and78 are then restored from thevault64A to the Bitcoin addresses76 and78 in thewallet42. Because the values of the Bitcoin addresses76 and78 are restored within thewallet42, the Bitcoin addresses76 and78 of the first transfer set can, at least for the time being, be used together with the second transacting set for transacting with another user.
• The same Bitcoin addresses74,76,78 and98 that are shown inFIG. 51aare also shown inFIGS. 51band51c. It should be understood that the Bitcoin addresses may change between the figures. The system allows for the value that was previously associated with one Bitcoin address to be restored to another Bitcoin address if necessary.
• As shown inFIG. 51d, thefirst vault64A is discarded after the value therein is restored. Thefirst Bitcoin address80A within thelocal storage56 and thefirst vault64A will never be used again.
• TheBitcoin address78 is selected as a third transfer set. The private key of theBitcoin address80C of thethird vault64C is transferred into thelocal storage56 and stored in association with athird Bitcoin address80C. The value of theBitcoin address78 is transferred from thewallet42 to thethird vault64C. The user of thewallet42 can now not use theBitcoin address78 for transacting with another user. TheBitcoin address76 forms part of a third transacting set that could include one or more Bitcoin addresses. TheBitcoin address76 can be used by the user of thewallet42 for transacting with another user because the value of theBitcoin address76 is associated therewith within thewallet42. The second and third transacting sets can thus be used by the user for transacting with another user. The second and third transfer sets are unusable for transacting with another user because their private keys have been removed.
• FIG. 52 illustrates how the local controller58 (seeFIGS. 46 to 50) maintains transaction sets of awallet42 within atarget range101. Should all the Bitcoin addresses of thewallet42 have values associated therewith, thewallet42 is said to be 100% hot and 0% cold. If all the Bitcoin addresses in awallet42 have their values removed, thewallet42 is to be 0% hot and 100% cold. Thetarget range101 for the total bitcoin value within the wallet may for example be 5% to 10% hot. At102, the values of the first transacting set are transferred from thewallet42 as described with reference toFIG. 51a. At104, the user transacts with some of the Bitcoin addresses and the total value within thewallet42 of the Bitcoin addresses that are hot is reduced. At106, the values of the second transfer set are removed from thewallet42 as described with reference toFIG. 51b. At108, the values of the first transfer set are restored as described with reference toFIG. 51c. At110, the user transacts and gains further Bitcoin addresses for additional value within theirwallet42. At112, values of the third transfer set are transferred out of thewallet42 as described with reference toFIG. 51d. It can thus be seen that thelocal controller58 inFIGS. 46 to 50 adjusts the total value of bitcoin that is not within thetarget range101. Thelocal controller58 typically recalculates the hot/cold value ratio of each wallet on a daily basis and automatically adjusts the value to thetarget range101.
• FIG. 53 illustrates the use of an intermediatehot wallet114 that is used to collect bitcoin values from a plurality ofwallets42A to C. Thewallet42A is that same as thewallet42 as described above. Thewallet42B has bitcoin addresses120,122,124 and126 associated therewith. Thewallet42C has bitcoin addresses128,130,132 and134 associated therewith. Eachwallet42A, B or C is held within thetarget range101 inFIG. 50. The values of the bitcoin addresses76,78,120,122,128 and130 are identified for transfer to thevault64A and are first transferred or “swept” to the intermediatehot wallet114 from where they are transferred to thevault64A.
• FIG. 54 illustrates anetwork environment136 that, in addition to the firsthost computer system14, includes a customer computer system138 and amerchant computer system140 that are connected to one another over theInternet142. Themerchant computer system140 has anonline store144 and awebsite146. The customer computer system138 has abrowser148. A customer at the customer computer system138 can use thebrowser148 to access thewebsite136 over theInternet142. Thewebsite136 is then displayed on thebrowser148. Thewebsite136 allows for the customer to make purchase on theonline store144. The customer may, for example, purchase real goods, virtual goods or services from theonline store144.
• The firsthost computer system14 includes an application programmable interface (API)150, areference code generator152, atransaction processor154, acurrency converter156 and merchant, and customer andhost wallets158,160 and162. Thewallets158,160 and162 may be of the kind as hereinbefore described.
• As shown inFIG. 55, the customer is shown a shopping cart with several payment options, including “Pay with Credit Card” and “Pay with bitcoin.” Prior to being displayed the shopping cart, the customer has traveled through the shopping flow of themerchant computer system140, has selected one or more items to be purchased and has selected a shopping or checkout cart, which causes the display of the view shown inFIG. 55. When the user selects the button “Pay with bitcoin” themerchant computer system140, at166, transmits an API call to the firsthost computer system14. The API call includes a request for payment. The request for payment includes an amount in a currency, in the present example $14.00, an order name (usually a number), order descriptions (usually items in the checkout cart in a single line-item entry separated by commas), and a success uniform resource locater (URL) if desired (a page to which the customer is redirected at checkout if the order completes).
• When the firsthost computer system14 receives the API call at166, thereference code generator152 generates a unique reference code for the specific order. The reference code is thus uniquely generated for each API call. The firsthost computer system14 then stores the reference code in its database. At168, the firsthost computer system14 responds to the API call received at166 to transmit the reference code to themerchant computer system140. Themerchant computer system140 then receives the reference code asreference code170. Themerchant computer system140 stores the reference code asreference code172 within itsaccounting system173 and associates thereference code172 with the particular order shown in the shopping cart. Themerchant computer system140 also creates aURL174. Thereference code170 is used as areference code176 within theURL174 when theURL174 is created.
• The firsthost computer system14 creates aURL180 that includes a reference code182. The reference code182 and thereference code176 are the same.
• Themerchant computer system140 at178 redirects the browser148 (FIG. 54) using theURL174. The browser is then redirected to theURL180 of the firsthost computer system14.
• TheURL180 may, for example, be the URL of a landing page, iFrame ormodal window184. The landing page, iFrame ormodal window184 presents checkout options to the customer, including to pay with the customer wallet160 if one exists, to pay with bitcoin using an external account, or to create a wallet at the firsthost computer system14 for purposes of completing the purchase. In a different embodiment, instead of being automatically redirected by themerchant computer system140 to thefirst computer system14, the customer may be redirected to a different page at themerchant computer system140, which will then contain a link for the customer to navigate to the landing page, iFrame ormodal window184.
• When thebrowser148 of the customer computer system138 downloads the landing page, iFrame ormodal window184, the firsthost computer system14 automatically generates abitcoin address186 specifically for the customer's order within themerchant wallet158.
• The firsthost computer system14 also creates a bitcoin price based on the price in local currency and displays the bitcoin price within the landing page/iFrame ormodal window184 within thebrowser148. The graph illustrates a fluctuating bitcoin to dollar exchange rate. In the present example, the exchange rate atminute 0 is used at190 to calculate the exchange rate. The local currency price in the present example is $14.00 which gives a bitcoin price of 0.02 BTC. The price of 0.02 BTC that is based on the exchange rate atminute 0 is maintained for a select period of time, in the present example 10 minutes, before it resets. The customer may not wish to immediately send the bitcoin, but may do so at any time before the price resets atminute 10 and the exchange rate remains locked in and the bitcoin price thus remains unchanged at 0.02 BTC during that time.
• An option is displayed to the customer to send the bitcoin together with the price in bitcoin atminute 0. When the customer selects the option to send the bitcoin, the customer computer system138 transmits a send instruction to the firsthost computer system14. The firsthost computer system14 receives and at192 detects the send instruction. The customer may for example request to send bitcoin from the customer wallet160 or via another path as hereinbefore described. The firsthost computer system14 responds to the send instruction to transmit an order status message that includes the reference code for the transaction to themerchant computer system140. Themerchant computer system140 receives the reference code asreference code194. Themerchant computer system140 then matches thereference code194 to thereference code172 within itsaccounting system173 and marks the transaction as complete.
• In the present example, the send instruction is processed atminute 6. The exchange rate has in the present example changed betweenminute 0 andminute 6. Should the bitcoin price of 0.02 BTC be converted to local currency at this time it would result in a different price in local currency than the original transaction. The difference between the original price atminute 0 andminute 6 represents either a loss or a gain for the firsthost computer system14. The loss and gain is used to calculate bitcoin replacement costs on a periodic basis.
• In the present example thefirst computer system14 responds to the send instruction received at192 to transmit 0.02 BTC to thebitcoin address186 associated with themerchant wallet158. When the bitcoin reaches thebitcoin address186, the firsthost computer system14, at196, immediately purchases the bitcoin from themerchant wallet158, resulting in a transfer of the bitcoin from themerchant wallet158 to thehost wallet162. The firsthost computer system14 purchases the bitcoin at the exchange rate locked in atminute 0.
• Periodically, for example daily, the firsthost computer system14 calculates the total amount of bitcoin sold by themerchant wallet158 that day at the locked in prices. The firsthost computer system14 has abank transfer module200 that, at202, transmits a payment instruction to a bank for the firsthost computer system14. The bank for the firsthost computer system14 communicates with a bank of themerchant computer system140. Such communication, at204, results in transfer of funds from ahost bank account206 to amerchant bank account208.
• In the present example, the customer uses their customer wallet160 to transfer funds in the form of bitcoin from the customer wallet160 to themerchant wallet158 and the funds are then transferred in the form of bitcoin from themerchant wallet158 to thehost wallet162. In another embodiment, themerchant wallet158 can be bypassed such that the customer transfers funds in the form of bitcoin from the customer wallet160 directly into thehost wallet162. In either embodiment the funds that are received by thehost wallet162 are used as a basis for calculating the amount of money in local currency that is transferred by thebank transfer module200, minus a fee that is held back by the firsthost computer system14 for purposes of processing the transaction.
• Referring again toFIG. 54, theAPI150 sends and receives API calls at166,168 and the order status message in response to thesend instruction192 inFIG. 55. Thecurrency converter156 is responsible for receiving and maintaining exchange rate for bitcoin to local currency and for calculating the bitcoin price based on the local currency price and the exchange rate at any particular moment in time. Thetransaction processor154 is responsible for transferring funds in the form of bitcoin or local currency from one wallet or bank account to another.
• In the embodiment above, the exchange rate is locked in when the customer accesses the landing page, iFrame ormodal window184 and is locked for ten minutes. In such an embodiment the merchants typically create a payment “button” or using the API, specifically the button API, of the first host computer system. Selection of the button by the customer results from the process described above wherein the customer is directed to the landing page, iFrame ormodal window184. Such a button does not need to look any different from the merchant's standard “submit order” button and the button API is linked into the standard “submit order” button of themerchant computer system140, which when clicked will direct the user directly to the landing page, iFrame ormodal window184. When the user hits the landing page the exchange rate is locked. The merchant “order” is thus not created—i.e., with locked in exchange rate—until the user clicks the payment button to land on our landing page.
• Another embodiment is used in white-label solutions. In these instances, the user is not directed away from the merchant domain to a landing page such as the landing page, frame ormodal window184 to complete payment. Instead, the checkout information that would have otherwise shown on the landing page is displayed inside the merchant's browser checkout tool. Such an embodiment may not allow “one-click” checkout for users who are already signed into their customer wallet160; a user can only pay by QR code scan and/or manual entry of a bitcoin address. In order for this information to be incorporated into the merchant's webpage, the merchant (1) creates a “button” when they post an item for sale to the website (the button includes the price in local currency, but not a bitcoin price and can be created at any time—e.g., weeks before a purchase); and (2) when the customer wishes to pay, e.g., by clicking on a “Place Order” button, themerchant computer system140 sends an API call to the firsthost computer system14 which responds by sending back a locked in exchange rate, which again is good for ten minutes. The merchant then displays the checkout information to the user—i.e., the proper bitcoin address and amount. This embodiment differs in that: (1) the “order” is created earlier in time, and the exchange rate follows on as a separate API call; and (2) the checkout information is hosted within the merchant's domain.
• FIG. 56 illustrates a method of managing bitcoin wherein a personal vault is created for a user. At220, the user already has an account that the user can log into using a website. The account has a first email (electronic communication) address. The first email address may be john.smith@gmail.com. The account also has a phone number associated therewith and one or more wallets as herein before described. The website provides the user with a link to create a vault. At222, the user is provided an option to create an individual vault or a group vault. In an individual vault the user will be required to respond to two emails in order to transfer bitcoin out of the vault. In a group vault multiple users are required to respond to emails in order for the user of the account represented at220 to transfer the bitcoin out of the vault.
• The user may, at224, select an individual vault. At226, an interface of the website is presented with a field for the user to enter a second email address. The second email address may for example be john.smith@hotmail.com. The user enters the second email address and selects a button to transmit the second email address from their device to the firsthost computer system14. When the firsthost computer system14 receives the second email address, the firsthost computer system14, at228, transmits a confirmation email with a confirmation link to the second email address. The purpose of the email that is transmitted at228 is to confirm the second email address. At230, the firsthost computer system14 waits for the confirmation. The firsthost computer system14 does not proceed to create a vault if the confirmation is not received. At232, the user selects the confirmation link, which causes transmission of the confirmation from the device of the user to the firsthost computer system14. When the firsthost computer system14 receives the confirmation, the firsthost computer system14 proceeds at232 to register a vault within the same account shown at220. The vault includes the first and second email addresses. The vault also includes the phone number of the account.
• At236, the firsthost computer system14 updates the interface of the website to provide a summary. The summary indicates that, in order to transfer bitcoin out of the vault, emails will be sent to the first and second email addresses, and the summary includes the phone number associated with the vault and that the bitcoin will not be transferred out of the vault for a period of 48 hours. The interface also includes a “Finish” button. When the user selects the “Finish” button, the browser used by the user, at238, lands in the vault. The vault looks like a wallet, but has a security feature that limits transfer of bitcoin out of the vault.
• The user may, at240, select a group vault. At242, the firsthost computer system14 provides the user with an option whether 2 out of 3 confirmations are required or 3 out of 5 confirmations are required. If the user selects that 2 out of 3 confirmations are required, then the user is required to enter two email addresses in addition to their own email address shown in the account at220. If the user selects that 3 out of 5 confirmations are required, then the user is required to enter four email addresses in addition to their email address shown in the account at220.
• At224, the interface of the website is updated to request the additional email addresses from the user. The interface typically includes fields for the user to enter the additional email addresses.
• At246, the firsthost computer system14 makes a determination whether all the additional email addresses are associated with other accounts within the firsthost computer system14. If all the additional email addresses are associated with other accounts, then the firsthost computer system14 proceeds at248 to update the account represented at220 with a vault that includes the first email address, the additional email addresses and the phone number associated therewith.
• If one or more of the additional email addresses are not associated with any accounts within the firsthost computer system14, then the firsthost computer system14, at250, transmits an email to the additional email address that is not associated with an account to create an account. A user receiving the email transmitted at250 can proceed at252 to create an account with the second email address associated with the account. Only after all the additional email addresses are associated with accounts does the firsthost computer system14, at248, proceed to register a vault.
• The firsthost computer system14 then at254 provides a summary through the interface of the website. The summary shows that in order to transfer bitcoin, emails will be sent to and confirmations will be required from the first email address and the minimum of the additional email addresses. The summary also includes the phone number associated with the vault and states the waiting period before the bitcoin is transferred. The website also includes a “Finish” button which, when selected by the user at238, lands the browser used by the user in the vault.
• FIG. 57 illustrates how bitcoin is transferred into and out of the vault. At260, the user first transfers bitcoin into the vault. The user may transfer the bitcoin from one of their wallets associated with their account into the vault or may transfer the bitcoin into the vault from an external source. The bitcoin is then stored within the vault.
• At262, the user requests a transfer out of the vault using the website. The user includes the amount of bitcoin to be transferred, the reason for the transfer and selects a wallet to which the bitcoin is to be transferred. The user also includes a two-factor code which the user may obtain through a mobile application or via SMS communication with the firsthost computer system14.
• At264, the firsthost computer system14 determines whether the two-factor code is correct. If the two-factor code is incorrect, then the firsthost computer system14, at266, makes no change to the website interface.
• If the determination is made at264 that the two-factor code is correct, then the firsthost computer system14 proceeds at268 to transmit all emails. In the case of an individual vault, emails are sent to the first and second email addresses represented in the account at234 inFIG. 56. In the case of a group vault, then emails are transmitted to the first email address and the additional email addresses represented in the account at248 inFIG. 56. At270, the firsthost computer system14 updates the transaction list within the website to represent that approval is being awaited.
• Each one of the emails has a respective link that can be selected by a recipient. At272, a user receiving one of the emails reacts to the email by clicking on the link. Selection of the link causes an authorization instruction to be transmitted from a device of the respective user to the firsthost computer system14. At274, the firsthost computer system14 detects the authorization instruction received in response to one of the emails that have been transmitted. Selection of the link on the email opens a browser on the recipient's device and displays a message that the authorization has been successfully approved.
• At276, the recipient of a second one of the emails reacts to the email by clicking the link on the second email to send an authorization instruction. At278, the firsthost computer system14 detects the authorization instruction transmitted at276 and displays a web page indicating that the authorization has been successfully approved.
• When all the predetermined approvals have been received, the firsthost computer system14 proceeds, at280, to update the transaction list to indicate that clearance is being awaited. At282, only if the minimum number of approvals are detected, the firsthost computer system14 starts a countdown timer and sends an email to the user of the account informing the user that the bitcoin will be transferred after 48 hours.Block284 represents the transmission of three email reminders to the user during the 48 hour waiting period. Each email includes the time remaining before the 48 hours will have elapsed and the amount of bitcoin that will be transferred out of the vault. Each email also includes a “Cancel” link. The user can select the “Cancel” link, which caused the transmission of a cancel instruction to the firsthost computer system14. The cancel instruction will cancel the transfer of the bitcoin and therefore the request that was transmitted at262.
• At286, the firsthost computer system14 detects an end of the time period. The firsthost computer system14 then transfers the amount of bitcoin out of the vault and in to the destination selected at262. The firsthost computer system14 also updates the transaction list on the website to indicate that the transaction has been cleared.
• FIG. 58 illustrates components of the firsthost computer system14 that are used for carrying out the method shown inFIGS. 56 and 57, including anaccount290 of a user, awebsite292, avault establishment wizard294, avault management module296 and thetransaction processor154 hereinbefore described. Thevault establishment wizard294 is programmed to execute the establishment of the vault as described with reference toFIG. 56. Thevault management module296 is programmed to manage the vault as described with reference toFIG. 57. A user accesses thewebsite292 and downloads an interface so as to interact via thewebsite292 with thevault establishment wizard294 and thevault management module296. Thevault management module296 provides instructions to thetransaction processor154 to transfer the bitcoin out of the vault.
• FIG. 59 shows the email that is transmitted at228 inFIG. 56.FIG. 60 shows an interface of thewebsite292 inFIG. 58 when the user requests a transfer out of a vault at262 inFIG. 57.FIGS. 61 and 62 show the emails that are transmitted at268 inFIG. 57.FIG. 63 shows the interface of the website after the minimum number of approvals are received and the countdown clock has been started at282 inFIG. 57.
• Email addresses are used in the exemplary embodiment for electronic communication via email. Another embodiment may make use of other electronic communication addresses such as text messages to phone numbers or messages through social networks. Such messages may include authorization links as described or authorization may be obtained otherwise such as sending a reply message and including “Y” or “Yes” in the reply message. A secondary electronic communication address may be an individual address or a group address.
• FIG. 64 illustrates the establishment of a user-controlled vault. At302, a user at thefirst user device18 transmits a request for a user-controlled vault to the firsthost computer system14. At304, the firsthost computer system14 responds to the request to initiate key generation.
• At306, the firsthost computer system14 generates a seed for a master key. At308, the firsthost computer system14 uses the seed generated at306 to generate a master key. The master key includes a public key for the master key and a private key for the master key. At310, the firsthost computer system14 stores the public key for the master key and, at312, stores the private key for the master key. The combination of the keys stored at310 and312 form a master key set314.
• Ageneration script316 initially resides on the firsthost computer system14. At318, the firsthost computer system14 transmits thegeneration script316 to thefirst user device18. Thefirst user device18 receives thegeneration script316, which is executable on thefirst user device18.
• At320, thegeneration script316 generates a seed for a shared key. Thegeneration script316 includes a key generation algorithm. At321, the key generation algorithm uses the seed generated at320 to generate a shared key. The shared key includes a public key and a private key.
• The private key for the shared key is shown at322. Thegeneration script316 also includes an interface with a field for a user to enter a password via a keyboard. At324, the user enters the password into the interface. Thegeneration script316 also includes an encryption algorithm. At326, the encryption algorithm generates an encrypted seed from the private key shown at322 and the password entered at324.
• At328 and330, the key generation algorithm and encryption algorithm respectively send the public key of the shared key and the encrypted seed to the firsthost computer system14. At332, the firsthost computer system14 stores the public key for the shared key and, at334, stores the encrypted seed for the shared key. The public key stored at332 and theencrypted seed334 can be viewed as a sharedkey set336. Additionally, the private key shown at322 forms part of the sharedkey set336. The private key shown at322 is however never transmitted from thefirst user device18 to the firsthost computer system14.
• At338, thegeneration script316 further generates a seed for a user key. At340, the key generation algorithm uses the seed generated at338 to generate a user key. The user key includes a public key for the user key and a private key for the user key. At342, the key generation algorithm transmits only the public key for the user key to the firsthost computer system14. At344, the firsthost computer system14 stores the public key for the user key.
• At346, thegeneration script316 displays the private key for the user key to the user. The user can then store the private key manually on thefirst user device18 or write it down for later use. Thefirst user device18 never transmits the private key displayed at346 to the firsthost computer system14. The combination of the public key for the user key stored at344 and the private key for the user key displayed at346 form a user key set348.
• FIG. 65 illustrates how the user-controlled vault is used by the user. At360, the user of thefirst user device18 creates and transmits a request to transact using bitcoin of the user-controlled vault. At362, the request reaches thetransaction processor154 hereinbefore described. At364, the firsthost computer system14 creates an authorization for the transaction.
• The master key set312, sharedkey set336 and user key set334 are replicated fromFIG. 64 and the same reference numerals apply. It should however be understood that these keys are stored or displayed inFIG. 64 and that the stored and displayed keys are not stored but only retrieved and used inFIG. 65.
• At366, the firsthost computer system14 signs theauthorization364 with the private key for the master key. Such signature then allows for an authorization to transact at368. As shown in370, two out of three authorizations are required in order to transact and the authorization provided at368 may form one of the two authorizations.
• A verification script372 initially resides on the firsthost computer system14. At373, the firsthost computer system14 initiates key collection by transmitting the verification script372 to thefirst user device18. The verification script372 is executable on thefirst user device18. Both thegeneration script316 inFIG. 64 and the verification script372 inFIG. 65 may be in the form of JavaScript™ that is executable by a browser on thefirst user device18.
• The encrypted seed stored at334 on the firsthost computer system14 is transmitted together with the verification script372 and is received at374 by thefirst user device18. The verification script372 further includes an interface with a field for entering a password. At376, the user enters the same password that the user entered at324 inFIG. 64 into the field provided in the interface using a keyboard. The verification script372 further includes a decryption algorithm. At378, the decryption algorithm uses the encrypted seed and the password to decrypt the encrypted seed and obtain the private key. The encryption at326 inFIG. 64 and decryption at378 inFIG. 65 may follow the BIP38 protocol which is commonly understood by those skilled in the art of bitcoin encryption.
• Theauthorization364 is transmitted together with the verification script372 to thefirst user device18. The verification script372 further has a signature algorithm. At380, the signature algorithm signs the authorization with the private key. The signature algorithm then transmits the signed authorization (together with the signature) to the firsthost computer system14.
• The firsthost computer system14 has a verification module. As will be commonly understood as those skilled in the art, a verification module is an algorithm that verifies a signature that was created with a private key using a public key. At382, the verification module verifies the signature using the same public key stored at332 for the shared key in the sharedkey set336 that also includes the encrypted seed stored at334. At384, the verification module determines whether the signature is correct. If the signature is not correct, then thefirst computer system14 returns to374 where the encrypted key is received and the user enters a password. If, at384, a determination is made that the signature is correct, then the firsthost computer system14 proceeds to386 to provide an authorization due to the signature being correct. The authorization at386 may be one of the authorizations required at370 in order to authorize the transaction.
• The verification script372 further includes an interface for entering the private key of the user key that was previously displayed at346 to the user. At390, the user enters the private key into the field provided therefor. At392, a signature algorithm forming part of the verification script372 signs the authorization with the private key that has been entered by the user. The signature algorithm then transmits the signed authorization (together with the signature) to the firsthost computer system14. At394, a verification module verifies the signature using the public key that was stored at344. At396, the verification module determines whether the signature is correct. If the signature is incorrect, then the firsthost computer system14 instructs the verification script372 to return to390 where the user is again asked for the private key for the user key. If the signature is correct, then the firsthost computer system14 proceeds to398 to provide an authorization for the transaction due to the signature being correct. The authorization provided at398 may be one of the authorizations required at370.
• What should be noted this time is that the password entered at376 is never transmitted to the firsthost computer system14. Similarly, the private key entered at390 is never transmitted to the firsthost computer system14. The user's control over the password and private key effectively disallows the transaction from being processed outside of the user's control.
• After two out of the three authorizations have been received at370, the firsthost computer system14 proceeds at400 to authorize the transaction with thetransaction processor154.
• FIG. 66 illustrates anaddress generator402 that is used to generate addresses such as the bitcoin address that are used for the transaction requested at360 inFIG. 65. Amaster key seed404, sharedkey seed406 and user key seed408 are generated. Themaster key seed404 is used to generate a masterpublic key410 and a masterprivate key412. The sharedkey seed406 is used to generate a sharedpublic key414 and a sharedprivate key416. The user key seed408 is used to generate a user public key418 and user private key420.
• Each one of thekeys410 to420 may be used to generate child keys M/0, M/1 . . . . The shared keys at each level may then be combined to generate an address. For example, the M/0 keys of the masterpublic key410, sharedpublic key414 and user public key418 may be used to generate an address (Address 0). The M/0 level may for example be the public keys stored at310,332 and334 inFIG. 64. The address (Address 0) may for example be the bitcoin address for the transaction. Similarly, the M/1 level keys of the masterpublic key410, sharedpublic key414 and user public key418 may be used to generate another address (Address 1). The further addresses may be generated to create further bitcoin addresses of for other purposes.
• FIG. 67 of the accompanying drawings illustrates the firsthost computer system14, apartner computer system422 and areceiver computer system424. Thereceiver computer system424 includes areceiver browser426. Thepartner computer system422 has a website, in the present example a blog with ablog post428 that has ablog post URL430. At432, a user of thereceiver computer system424 uses thereceiver browser426 to create theblog post428.
• The firsthost computer system14 has a wallet in the form ofreceiver account434, an embedded code generator and abutton ID generator438. At440, the user of thereceiver computer system424 creates thereceiver account434. Thereceiver account434 haslogin details442 and a receiver account identifier (ID)444. At446, the user of thereceiver computer system424 logs into thereceiver account434 and enters theblog post URL430 through the user interface36 (FIG. 1B). Theblog post URL430 is then stored in association with theparticular receiver account434 with the wallet management module44 (FIG. 1B). At448, the firsthost computer system14 provides theblog post URL430 to the embedded code generator andbutton ID generator438. The embeddedcode generator438 then generates an embeddedcode450 and, at452, transmits the embeddedcode450 to thereceiver browser426. The embeddedcode450 includes theblog post URL430,receiver account ID444 and astartup caller454.
• Theblog post428 on thepartner computer system422 has a frame for pasting the embeddedcode450 due to prior agreement between operators of the firsthost computer system14 and thepartner computer system422. At456, the user of thereceiver computer system424 copies the embeddedcode450 received at452 and pastes the embeddedcode450 into the frame of theblog post428. The embeddedcode450 is then embedded and forms part of the HyperText Markup Language (HTML) of theblog post428.
• Ablog post428 is used herein to describe the invention by way of example. It should however be understood that the invention may have broader application. A URL of a page may for example have a video, song or news article. Such a page will typically have a frame for pasting the embeddedcode450. Alternatively, media content such as a video may not have a separate frame for pasting the embedded code. Instead, another manner of activating payment features of the invention may be provided, such as a separate URL link, voice activation, detection of human gestures of a user, etc.
• The button ID generator (see438) generates a unique button ID. At458, the button ID generator stores the button ID asbutton ID460 within a data store of the firsthost computer system14. At462, thebutton ID generator438 stores thebutton ID460 in association with the particularreceiver account ID444 and particularblog post URL430. Multiple receiver accounts may exist within the firsthost computer system14. In addition, a receiver account may have multiple blog post URL's associated therewith. Each pair of a respective receiver account ID and respective blog post URL have a unique button ID.
• FIG. 68 shows the firsthost computer system14, thepartner computer system422 and asender computer system464. Thesender computer system464 has a sender browser (not shown). At466, the sender browser downloads theblog post428 from thepartner computer system422. Thestartup caller454 is a script, e.g. JavaScript®, that automatically executes on thesender computer system464. At470, thestartup caller454 retrieves allsender cookies472 on thesender computer system464. Thestartup caller454, at474, transmits a startup call to the firsthost computer system14. The startup call includes thecookies472, theblog post URL430 and thereceiver account ID444.
• The firsthost computer system14 includes astartup call responder476 that receives thestartup call474. Thestartup call responder476, at478, uses theblog post URL430 andreceiver account ID444 received in thestartup call474 to identify theparticular button ID460.
• Thebutton ID460 in storage may havebits480 representing all payments made in association with thebutton ID460. At482, thestartup call responder476 retrieves thebits480 associated with thebutton ID460 from the data store.
• At483, thestartup call responder476 transmits a startup call response to thesender computer system464. The startup call response transmitted at483 is in response to the startup call received at474. The startup call response includes abutton484, thebits480, asession script486 and thebutton ID460. Adisplay490 of thesender computer system464 displays theblog post428. The embeddedcode450 has added thebutton484 and thebits480 to theblog post428. Thebutton484 is a two-dimensional button that is selectable by a user of thesender computer system464. Thesession script486 is associated with thebutton484 so as to be executable when the user selects thebutton484.
• The embeddedcode450, at491, stores thebutton ID460 within thesender cookies472. Thebutton ID460 stored within thesender cookies472 can now be used to identify thebutton ID460 within the firsthost computer system14.
• InFIG. 69, the user has selected thebutton484 which, at492, initiates thesession script486. Thesession script486, at494, retrieves thesender cookies472 and, at496, makes a session call to the firsthost computer system14. The session call496 includes thecookies472.
• The firsthost computer system14 includes asession responder498 that receives thesession call496. At500, thesession responder498 checks all data for thebutton ID460 that has been received in thesession call496. The data associated with thebutton ID460 may include abitcoin address502, although no bitcoin address may be included within thecookies472 of thesession call496. At504, thesession responder498 determines whether a bitcoin address was received in thecookies472 of thesession call496. If no bitcoin address was received, the firsthost computer system14 executes abitcoin address generator506. Thebitcoin address generator506 then generates a bitcoin address and, at508, stores the bitcoin address in association with thebutton ID460. The newly saved bitcoin address is represented asbitcoin address510. At512, thesession responder498 transmits thebitcoin address510 that has been generated by thebitcoin address generator506 to thesender computer system464. At514, thesession script486 stores thebitcoin address510 in association with thebutton ID460 within thesender cookies472. Upon a browser refresh, the process started at466 inFIG. 68 is restarted and all cookies are stored from earlier browser sessions are collected and transmitted by thestartup caller454.
• At516, thesession responder498 determines whether thesender computer system464 is signed into a sender account. The determination is made based on whether a signed-in cookie is found among the cookies transmitted in thesession call496. If no signed-in cookie is found, then thesession responder498 proceeds to518. At518, thesession responder498 sends a sign-inpanel520, a sign-inscript522, alisten code524, a thirdparty payment script526, and apull code528 to thesender computer system464. Thesession script486 creates an overlay window that includes the sign-inpanel520 with a sign-inbutton530 having the sign-inscript522 associated therewith. The user can select the sign-inbutton530 which, at532, initiates the sign-inscript522. The sign-inscript522 creates and opens a further window (not shown) that allows the sender of thesender computer system464 to enterlogin details534 of asender account536. At540, the sign-inscript522 signs thesender computer system464 into thesender account536 using the login details534. The sign-inscript522, at548, stores a signed-incookie549 within thesender cookies472. The sign-inpanel520 further includes two payment selections, including a thirdparty wallet button544, and a Quick Response (QR)code546. The thirdparty payment script526 is stored in association with the thirdparty wallet button544. Thelisten code524 and pullcode528 are stored in an executable manner within thesender computer system464. Thesession script486 retrieves thebitcoin address510 from thesender cookies472 and displays thebitcoin address510 within the sign-inpanel520.
• As shown inFIG. 70, if the determination at516 is made that thesender computer system464 is signed-in to thesender account436, or after thesender computer system464 signs-in at540 inFIG. 69, thesession responder498 proceeds to550. At550, thesession responder498 transmits a signed-inpanel552, thelisten code524, the thirdparty payment script526, thepull code528 and a hostaccount payment script554 to thesender computer system464. The signed-inpanel552 is the same as the sign-inpanel520 with the exception that it includes ahost account button556 instead of the sign-inbutton530. The thirdparty payment script526 is stored in association with the thirdparty wallet button544. The hostaccount payment script554 is stored in association withhost account button556.
• Selection by the user of thehost account button556 initiates at560 the hostaccount payment script554. The hostaccount payment script554 transmits an instruction to thetransaction processor154 of the selection. At561, thetransaction processor154 makes a payment out of thesender account536 to thereceiver account434 as hereinbefore described without going through the bitcoin network or the block chain.
• At564, thetransaction processor154 updates thebits480 by adding the bits of the present transaction to thebits480 already stored within the data store. Thebits480 within the data store thus represent an ongoing tally of all payments made in association with thebutton ID460. The bitcoin addresses502 and510 represent bitcoin addresses that are generated for differentsender computer systems464 using thesame button ID460.
• After the hostaccount payment script554 transmits the instruction to thetransaction processor15, the hostaccount payment script554 initiates thepull code528. Thepull code528, at574, pulls the new bit count from thebits480 in the storage of the firsthost computer system14. At566, thepull code528 updates thebits480 in theblog post428 based on the bits that have been pulled by thepull code528 inFIG. 70.
• As shown inFIG. 71, the user selects the thirdparty wallet button544 which, at560, causes execution of the thirdparty payment script526. The thirdparty payment script526 then transmits a transaction (of bitcoin to the bitcoin address510) to a thirdparty transaction processor562. The thirdparty transaction processor562 is hosted by a host computer system other than the firsthost computer system14. At564, the thirdparty transaction processor562 broadcasts the transaction to thebitcoin network12 and it is picked up by the blockchain.
• The firsthost computer system14 further includes ablock chain checker567 and abit updater568. Theblock chain checker567, at570, periodically checks the block chain. For purposes of this discussion, theblock chain checker567 checks the block chain to determine whether there are any new transactions for the bitcoin addresses502 and510 stored in association with thebutton ID460. If theblock chain checker567 finds any further transactions, theblock chain checker567 notifies thebit updater568. At572, thebit updater568 updates thebits480 that are associated with therespective bitcoin address502 or510. Thebits480 are updated by adding bits for any new transactions that have been picked up by theblock chain checker567.
• At574, thebit updater568 transmits a push update notification to thesender computer system464. Thelisten code524 receives the push update notification. Websocket technology may for example be used for the push update notification in order to open an interactive communication link. Thelisten code524 is continuously active and therefore continuously listens for push update notifications. When thelisten code524 receives the push update notification, thelisten code524 initiates thepull code528. Thepull code528, at574, pulls the new bit count from thebits480 in storage. At566, thepull code528 updates thebits480 in theblog post428 based on the bits that have been pulled by thepull code528 inFIG. 70.
• TheQR code546 may be scanned by an app on a mobile phone. Thebitcoin address510 is encoded in theQR code546. The app can decode theQR code546 to extract thebitcoin address510 and transmit a transaction (of bitcoin to the bitcoin address510) to a third party transaction processor such as the thirdparty transaction processor562.
• Thebutton484 shown inFIG. 69 can be used as a Tip button. A user of thesender computer system464 can use thebutton484 to make a small discrete payment to the user of thereceiver computer system424. Such a payment may, for example, be as a reward for the content of theblog post428.
• FIG. 72 shows asystem600 for transacting bitcoin. AnInternet interface602 allows for user computers (user computers A to C) to connect to thesystem600 over the Internet.Order gateways604 are connected to theInternet interface602 to receive buy and sell offers via theInternet interface602 from the user computers A to C. Amatching engine606 is connected to theorder gateways604. Thematching engine606 can receive the buy and sell offers from theorder gateways604.
• Afeed generator608 is connected to theInternet interface602. Thematching engine606 provides an output to amulticast pipeline610. Thefeed generator608 is connected to themulticast pipeline610. Thefeed generator608 receives the buy and sell offers from themulticast pipeline610 and displays any buy and sell offers via theInternet interface602 to the user computers A to C. Users can thus view any buy and sell offers already in the system before making their own buy and sell offers.
• Thematching engine606 can match buy and sell offers and broadcast the matches to themulticast pipeline610. Thefeed generator608 displays the matches via theInternet interface602 to the user computers A to C.
• Anexchange database612 includes records of bitcoin and currency held by users A to C corresponding to the user computers A to C. Aclearing module614 is connected to themulticast pipeline610 and receives matches from themulticast pipeline610. Anexchange616 is connected to theclearing module614. Theexchange616 is also connected to theInternet interface602. Users at the user computers A to C can provide instructions via theInternet interface602 to theexchange616 to transfer bitcoin or currency. Theexchange616 has a number of functions, including calculating total amounts of bitcoin and currency as represented in theexchange database612, cross checking bitcoin and currency totals between theexchange database612 and an exchange user618, transferring bitcoin and currency between wallets A to C that correspond respectively to the users A to C in theexchange database612, updating bitcoin and currency amounts of the users A to C in theexchange database612, and may receive and execute instructions from theclearing module614 to transfer bitcoin and currency between the users A to C in theexchange database612.
• The exchange is connected to aledger620. Theledger620 hold records of wallets A to C and further functions to cross-check balances between theexchange database612 and exchange user618.
• FIG. 73ashows the beginning of a transfer-in algorithm that is executed by thesystem600. A user at user computer A has $10 of currency in theexchange database612. For purposes of discussion, no other users have any bitcoin or currency. Theexchange616 calculates the total amount of currency and bitcoin within theexchange database612 and records the total amount as $10 and 0 bitcoin. The exchange user618 has $10, representing a previous transfer from wallet A to the exchange user618.
• At1a, a user at user computer B requests a transfer via theInternet interface602. The transfer may for example be to transfer $20 from wallet B to the exchange user618. At1b, theInternet interface602 provides the transfer request to theexchange616. At2a, theexchange616 sends a cross-check request to theledger620 and at2btheledger620 cross checks the totals in theexchange database612 and the exchange user618 before proceeding with a transfer. In the present example, theexchange database612 has $10 and 0 bitcoin and the exchange user618 has $10 and 0 bitcoin. The totals therefore match. If either the currency or bitcoin totals do not match, theexchange616 does not make any further transfers and provides an alert to an operator. The operator will then remedy any mismatches and then reactivate theexchange616. Because the totals match, theexchange616 proceeds with the transfer.
• As shown inFIG. 73b, theexchange616, at3, transfers $20 from wallet B to the exchange user618. The exchange user618 calculates the total amount held by the exchange user618 as $30, representing the $10 that was there before the transfer plus another $20 because of the transfer.
• At4a, theexchange616 records $20 for user B in theexchange database612. At4b, theexchange616 updates the totals and records a total amount of $30, representing the $10 held by user A and the $20 that has been added for user B.
• FIG. 73cillustrates the totals in theexchange database612 and the exchange user618 after a further transfer wherein a user at the user computer C has requested a transfer of 5 bitcoin from wallet C to the exchange user618. The exchange user618 now holds 5 bitcoin and $30. User C, within theexchange database612, now holds 5 bitcoin. The totals held with theexchange database612 are $30 and 5 bitcoin. For purposes of discussion, this ends the transfer-in algorithm that was started inFIG. 73a.
• FIG. 73dshows a trading algorithm that is carried out after the transfer-in algorithm ifFIGS. 73ato73c. At5a, a user (buyer) at user computer A submits a buy offer of 2 bitcoin at $5 each ($10 total). As noted previously, all offers are transmitted via theInternet interface602, one of theorder gateways604, thematching engine606 and themulticast pipeline610 to thefeed generator608 which displays the offers on theInternet interface602. A user at user computer C can thus see the buy offer submitted by the user at user computer A. At5b, the user (seller) at user computer C submits a sell offer for 2 bitcoin at $5 each to theInternet interface602. At5c, the buy and sell offers are submitted by theInternet interface602 to one of theorder gateways604. At5d, theorder gateway604 provides the buy and sell offers sequentially to thematching engine606.
• As mentioned, the user at user computer C can see the buy offer of the user at user computer A before submitting the sell offer. In another example, the user at user computer C can first submit the sell offer and the sell offer can be seen by the user at user computer A. The buy and sell offers will typically be received by thematching engine606 at different times.
• Multiple users may submit one or more buy and sell offers. Thematching engine606 attempts to match the buy and sell offers to one another. At6, thematching engine606 has matched the buy and sell offers received from users at the user computers A and C.
• Thematching engine606 then provides a broadcast of the match over themulticast pipeline610 discussed with reference toFIG. 72. At7a, thefeed generator608 receives a multicast that includes the match. At7b, theclearing module614 receives the same multicast that includes the match. At8, thefeed generator608 provides a feed to theInternet interface602 that includes the match. As previously mentioned, thefeed generator608 also provides a feed of buy and sell offers to theInternet interface602.
• At9a, theclearing module614 updates user A within theexchange database612 by adding 2 bitcoin and subtracting $10 from user A. At9b, theclearing module614 updates user C by subtracting 2 bitcoin from and adding $10 to user C. Theclearing module614 makes the updates directly to theexchange database612.
• There is no need for recalculating the totals within theexchange database612 at this stage. The same amount of currency or bitcoin that has been subtracted from one user has been added to another user. Theexchange database612 thus still indicates totals of $30 and 5 bitcoin.
• FIG. 73eshows a withdrawal algorithm that can be carried out after the trading algorithm inFIG. 73d. At10a, a user at user computer C requests a withdrawal of, for example, $10. The request is received via theInternet interface602 and is passed on to theexchange616 at10b.
• At11a, theexchange616 sends a cross-check request to theledger620 and at11btheledger620 cross checks the totals before proceeding. In the present example, the amount of bitcoin in the exchange user618 and the total amount of bitcoin represented in theexchange database612 are the same and the total currency amount in the exchange user618 and in theexchange database612 are the same. Should either of these two comparisons result in a mismatch, theexchange616 will not make any withdrawal and create an alarm for an operator.
• As shown inFIG. 73f, at12, theexchange616 transfers $10 from the exchange user618 to the wallet C. The exchange user618 now has $20, representing the $30 inFIG. 73eminus the $10 that has been transferred out. At13a, theexchange616 adds a representation for user C in theexchange database612 showing a withdrawal of $10. At13b, theexchange616 updates the totals. Because user C has made a withdrawal of $10, the total currency amount within theexchange database612 amounts to $20. The amount of bitcoin is still the same. The total amounts in the exchange user618 and in theexchange database612 are thus the same.
• Other users may submit similar withdrawal requests. For example, a user at user computer A may request a withdrawal of 1 bitcoin. Theexchange616 then cross checks the total amounts, makes a transfer of 1 bitcoin from the exchange user618 to wallet A and updates theexchange database612 by deducting 1 bitcoin from user A and updates the total amount of bitcoin to 4 bitcoin.
• FIG. 74 shows a diagrammatic representation of a machine in the exemplary form of acomputer system900 within which a set of instructions, for causing the machine to perform any one or more of the methodologies discussed herein, may be executed. In alternative embodiments, the machine operates as a standalone device or may be connected (e.g., networked) to other machines. In a network deployment, the machine may operate in the capacity of a server or a client machine in a server-client network environment, or as a peer machine in a peer-to-peer (or distributed) network environment. The machine may be a personal computer (PC), a tablet PC, a set-top box (STB), a Personal Digital Assistant (PDA), a cellular telephone, a web appliance, a network router, switch or bridge, or any machine capable of executing a set of instructions (sequential or otherwise) that specify actions to be taken by that machine. Further, while only a single machine is illustrated, the term “machine” shall also be taken to include any collection of machines that individually or jointly execute a set (or multiple sets) of instructions to perform any one or more of the methodologies discussed herein.
• Theexemplary computer system900 includes a processor930 (e.g., a central processing unit (CPU), a graphics processing unit (GPU), or both), a main memory932 (e.g., read-only memory (ROM), flash memory, dynamic random access memory (DRAM) such as synchronous DRAM (SDRAM) or Rambus DRAM (RDRAM), etc.), and a static memory934 (e.g., flash memory, static random access memory (SRAM, etc.), which communicate with each other via abus936.
• Thecomputer system900 may further include a video display938 (e.g., a liquid crystal displays (LCD) or a cathode ray tube (CRT)). Thecomputer system900 also includes an alpha-numeric input device940 (e.g., a keyboard), a cursor control device942 (e.g., a mouse), adisk drive unit944, a signal generation device946 (e.g., a speaker), and anetwork interface device948.
• Thedisk drive unit944 includes a machine-readable medium950 on which is stored one or more sets of instructions952 (e.g., software) embodying any one or more of the methodologies or functions described herein. The software may also reside, completely or at least partially, within themain memory932 and/or within theprocessor930 during execution thereof by thecomputer system900, thememory932 and theprocessor930 also constituting machine readable media. The software may further be transmitted or received over anetwork954 via thenetwork interface device948.
• While certain exemplary embodiments have been described and shown in the accompanying drawings, it is to be understood that such embodiments are merely illustrative and not restrictive of the current invention, and that this invention is not restricted to the specific constructions and arrangements shown and described since modifications may occur to those ordinarily skilled in the art.

Claims (17)

1-36. (canceled)

37. A host computer system for transacting bitcoin comprising:

a processor;

a computer readable medium connected to the processor;

a local storage on the computer readable medium; and

a set of instruction on the computer readable medium that are executable by the processor, including:

a register;

a Bitcoin address and an associated private key and value stored in the register;

a local controller transferring a private key for a Bitcoin address of a vault, to a local storage connected to a processor and transferring the value of the Bitcoin address in the register to the vault;

a splitter that splits the private key of the Bitcoin address of the vault into a plurality of codes;

an offline distribution module distributing the codes to remote distributed storage locations, removing the private key of the Bitcoin address of the vault from the local storage, and removing the private key for the Bitcoin address of the register from the Bitcoin address of the register;

at least one restoration interface receiving at least some of the codes into which the private key for Bitcoin address of the vault has been split; and

an assembler that assembles the codes that have been received into the private key of the Bitcoin address of the vault, the local controller restoring the private key of the Bitcoin address of the vault from the local storage, and restoring the value for the Bitcoin address in the register from the vault.

38. The host computer system37, wherein the value is transferred from the register to the vault after the codes have been distributed.

39. The host computer system37, further comprising:

a wallet establishment module establishing a plurality of wallets in the local storage, the local controller storing at least one Bitcoin address for a value in association with each wallet, the local controller selecting at least a subset of the Bitcoin addresses in all the wallets, and storing the values of the subset of Bitcoin addresses to the vault.

40. The host computer system37, further comprising:

an encryption algorithm encrypting each code before being distributed; and

a decryption algorithm decrypting the code after receiving the code.

41. The host computer system37, wherein the number of codes that are distributed is more than the number of codes that are received before assembling the private key of the Bitcoin address.

42. The host computer system41, wherein a minimum number of codes is required before the private key of the Bitcoin address can be assembled.

43. The host computer system37, wherein the Bitcoin address for the register is a first Bitcoin address for the register, the codes are first codes, and the vault is a first vault, wherein the local controller transfers a private key for a second Bitcoin address of a second vault to the local storage connected to the processor, transfers the value of the second Bitcoin address in the register to the second vault, splits the private key for the Bitcoin address of the second vault into a plurality of second codes, the offline distribution module distributing the second codes to remote distributed storage locations, and the local controller removing the private key of the Bitcoin address of the second vault from the local storage, removing the private key for the second Bitcoin address of the register from the Bitcoin address of the register, the restoration interface receives at least some of the second codes into which the private key for Bitcoin address of the second vault has been split, the assembler assembles the second codes that have been received into the private key of the Bitcoin address of the second vault, and the local controller restores the private key of the second vault from the local storage, and restores the value for the second Bitcoin address in the register from the second vault.

44. A method of transacting bitcoin comprising:

transferring, by the processor, a private key of the Bitcoin address of a vault to a local storage connected to the processor;

splitting, by the processor, the private key of the Bitcoin address of the vault into a plurality of codes;

distributing the codes to remote distributed storage locations;

transferring, by the processor, a value of a Bitcoin address in a register to the vault;

receiving, by the processor, at least some of the codes into which the private key of the Bitcoin address of the vault has been split;

assembling, by the processor, the codes that have been received into the private key of the Bitcoin address of the vault;

restoring, by the processor, the private key of the Bitcoin address of the vault to the vault; and

restoring, by the processor, the value of the Bitcoin address in the register from the vault.

45. The method ofclaim 44, wherein the value is transferred from the register to the vault after the codes have been distributed.

46. The method ofclaim 44, further comprising:

establishing, by the processor, a plurality of wallets in the local register;

storing, by the processor, at least one Bitcoin address for a value in association with each wallet;

selecting, by the processor, at least a subset of the Bitcoin addresses in all the wallets; and

storing, by the processor, the values of the subset of Bitcoin addresses in the vault.

47. The method ofclaim 44, further comprising:

encrypting, by the processor, each code before being distributed; and

decrypting, by the processor, the code after receiving the code.

48. The method ofclaim 44, wherein the number of codes that are distributed is more than the number of codes that are received before assembling the private key.

49. The method ofclaim 48, wherein a minimum number of codes is required before the private key of the Bitcoin address can be assembled.

50. The method ofclaim 44, wherein the Bitcoin address for the register is a first Bitcoin address for the register, the codes are first codes, and the vault is a first vault, further comprising:

transferring, by the processor, a private key of the Bitcoin address of a second vault to a local storage connected to the processor;

splitting, by the processor, the private key of the Bitcoin address of the second vault into a plurality of second codes;

distributing the second codes to remote distributed storage locations;

transferring, by the processor, a value of a second Bitcoin address in the register to the vault;

receiving, by the processor, at least some of the second codes into which the private key for Bitcoin address of the second vault has been split;

assembling, by the processor, the second codes that have been received into the private key for Bitcoin address of the second vault;

restoring, by the processor, the private key of the second vault to the vault; and

restoring, by the processor, the value of the second Bitcoin address in the register from the second vault.

51. A non-transitory computer-readable medium having stored thereon a set of instructions that are executable by a processor to carry out a method of transacting bitcoin comprising:

transferring, by the processor, a private key of a Bitcoin address of a vault to a local storage connected to the processor;

splitting, by the processor, the private key of the Bitcoin address of the vault into a plurality of codes;

distributing the codes to remote distributed storage locations;

transferring, by the processor, a value of a Bitcoin address in a register to the vault;

receiving, by the processor, at least some of the codes into which the private key of the Bitcoin address of the vault has been split;

assembling, by the processor, the codes that have been received into the private key of the Bitcoin address of the vault;

restoring, by the processor, the private key of the Bitcoin address of the vault to the vault; and

restoring, by the processor, the value of the Bitcoin address in the register from the vault.

52-141. (canceled)

Images