Questions Re: SAFE Wallet, Bitcoin Fork, and Coin Supply



I’ve been spending a lot of time over the last few weeks reading about SAFE. I have three questions that I haven’t seen answers to.

  1. When the network is running, how will the wallet work for SAFE coins? Will there be such a thing as offline paper wallets for maximum security and no convenience like there is in bitcoin? I’m assuming not given the lack of a public ledger in SAFE. So in that case, what will be the different wallet options and the pros/cons? Are there any resources that explain this? I think this is important because one of the problems with bitcoin in my opinion is that it’s tough to find a wallet approach that is both secure and convenient in bitcoin.

  2. Is it possible maybe even likely that even if the cloud storage aspect of the SAFE network gains significant adoption over the next 5 years, the SAFE coins still don’t appreciate much in value during that time due to significant dilution in coins outstanding perfectly offsetting the increased demand? Is there a resource that explains how the supply of SAFE coins will grow and why this concern is not a legitimate concern?

  3. What would be the impact on MaidSafe coins if the bitcoin network forks into Segwit and Unlimited? Would a decision be made that only one chain is valid in order to prevent a doubling of the coin supply? Would there be any other potential problems if this happened before SAFE is up and running? This question seems important given bitcoin’s scaling problem and the difficulty in getting 95% consensus on anything.

Thanks for the info… in response to this and all the other posts on this forum.


Wallet will hold the addresses of the coins you own.

Coins are actual data objects in the network.

Since the coins are actual data objects the concept of “paper wallets” don’t really apply to safecoins

If a coin belongs to you then your wallet has the keys to operate (transfer coins)

So a “paper Wallet” would be a copy of the coin addresses and copy of the keys. There will be no way to show all the coins owned by an address like one can do with a blockchain explorer. The only way to attempt would be to query every coin address, but that would take too long to be feasible.

Wallets have not yet been defined. There are a couple of ideas proposed. Basically the wallet holds the addresses of the coins owned by you and allows you to transfer coins to another address

Coins are issued as rewards for serving up chunks requested.
Coins are destroyed when paying to store chunks.

The network dynamically determines the cost for storage and reward amounts. The algorithm will need to be tuned but should balance out over time. Total coins will increase early on, but issued coin will slow as the # of coins existing increases. Eventually the supply/destruction will balance out as people use it.

The reason is that coins are issued by trying to issue a particular coin address and if the coin at that address already exists then it cannot be issued. Some call this the “lottery” aspect of rewards. As coins are destroyed when paying for network resources it means more coins are available to be issued.

Increase of total coin over time should not see a price decrease as the coins are used to pay for storage so they have utility, unlike BTC. Yet BTC price increases over time even though its total issued coin increases.

The coins are physical data objects, so any fork of the coin really means a fork of the network and that means multiple networks and only the original network has the coins (data objects). This involves people storing there data on one or the other network, or duplicating their data. Crystal ball anyone?

The new network starts off with no coins, unlike other blockchain forks.

Basically it seems that only specialty forks will be able to exist along with the global public network. Having multiple global networks will have all the issues of isolated networks and special interconnects. This is one reason we have only ONE internet and other specialty networks (eg corporate networks)


“The coins are physical data objects, so any fork of the coin really means a fork of the network and that means multiple networks and only the original network has the coins (data objects). This involves people storing there data on one or the other network, or duplicating their data. Crystal ball anyone?”

I believe he meant that if Bitcoin forks the Property/Color coins presently that we buy/bought representing future SafeCoin, will become doubled. Once on Bitcoin Segwit/Core and another on Bitcoin Unlimited. Two bitcoin networks, two Omni Wallets with same coins possible. Which network will Safe follow to redeem real SafeCoin? ETH/ETC issue for contracts etc, could end up gumming up some of our expectations if no explicit guidance for such a situation. I guess easiest is go with the largest network by hash power?


Ah I see.

First question is what happens to omni protocol.

I have always been under the impression that the omni protocol will choose which fork they will continue using. The previous transactions will still be valid and showing on both blockchains. But only one blockchain will be used for future omni protocol transactions


AFAIK omni coins will not double, but just use one of the blockchains. If others what to fork omni and use the other then they can only sell their alt-omni assets to people willing to buy them.


Seems to be something that would work. Have not given deep thought to it, but just wonder if transaction malleability, replay attacks, and the like could cause risks in the move over to “real” Safecoin. Just my Spidey penetration testing senses feel like there is something to exploit.


One would expect that the move to real SAFEcoin will be done by sending your MAID coin to an address and the amount sent will result in that amount of safecoin to the ?wallet? address you specify.

So any attacks would be same as normal omni protocol simple sends.


I suspect that a flaw of that nature would have just a big an impact on Bitcoin as maidsafecoin. So far, the Bitcoin foundations have been strong enough though.


Pretty easy in BTC IMO…hardware wallet.
I think you’re right about BTC fork. Omni protocol would work on both forks as far as I can tell, so they’d need to pick which fork holds the valid MaidSafeCoins. Actually, presuming BTC fork happens before SAFE network launch, I guess it wouldn’t even be MaidSafe making this decision as exchanges would need to decide in order to keep trading it. Bit of a mess.


I think there could still be people who would like to keep their private keys offline/on paper, you can have your wallet to take care of keeping track of the coins xornames and showing the balance without having the private keys to spend them, just like current watch-only wallet.


When you create the keys to have the “wallet” your account info has the keys stored. So there goes the off-line generation of keys.

Also you will need the private keys to be able to read the messages sent to you by the network telling you of the coins that have been sent to you. If this were not the case then anyone can read your private messages.


I’m imagining that you could have coins owned with a key which is none of the keys generated by the network for your account or by the wallet app, some key you generate offline. As long as I provide the sender with public id/wallet addr where to receive the notifications of the coins xornames they can be transferred to my key generated offline.
Moreover, your cold wallet could have the public id/wallet addr and the key pair for the coins, whenever you want to use the coins you import the public id/wallet addr and the app now can retrieve the list of coins, then you could import the private key in the app and be able to transfer the coins too.


So how would you be able to receive the network messages that tell you the coin addresses of the coins sent to you ??? You need to be able to decrypt them and can only do that with your private key on the network.

The sender may end up not sending you specific coin addresses. In fact the wallet may pick the coins to send in a d different order to what the sender thought.

How do you register with the network that you are in fact the owner of that address later on ???

AFAIK you cannot just insert a key pair, the group consensus may not be happy with that.


Well, you have to create the wallet with your account, that’s when you get the keys to decrypt the messages you will then receive, they are generated by the network/authenticator.
The wallet could have an specific entry which contains the PK you want your coins to be transferred to, this PK is the one generated offline, and you imported it in the wallet app to have it inserted there.
When you are to receive coins you provide the sender with the wallet addr, so the sender’s app can look up to find out which is the PK to transfer ownership of the coins to, whilst the notifications will still be sent to the wallet addr you provided.
You can even think of this wallet addr as the public profile addr we discussed before, where you expose different type of info for the sender.

When you transfer ownership you just provide the recipient’s PK, and you sign the request with your SK, so the PK can be generated anywhere, the group consensus won’t even care about it as long as the current owner signed the request.

At the moment you want to spend your coins, you import your SK into the wallet app, the wallet app can now request ownership transfer for any of the coins it knows of, since it now has the SK and the coins are owned by your PK.


Is it???

Ah so you have an offline key pair, but have absolutely no idea what coins it has. This is not the paper wallet that blockchains provide where one can see what coins it has with the public key

You need the private key to decode the messages that tell you what coins you have, but then your wallet is no longer a “paper” wallet.

I meant when you want to transfer the coins. The group consensus won’t see your account as the owner of that key pair. Coins are treated differently to normal MD signing.


Your paper wallet only is a keypair, with no way of knowing what coins it has until you turn it into a normal on-line wallet. Which is what I said above. And that assumes the group consensus accepts you as the owner of that key foreign key pair.

even if you pass the consensus hurdle

  • To know your coins the wallet has to be on-line
  • to never have the private key online is to never know or be sure of what SAFEcoins the paper wallet owns. Which is what I said in the first place

This is unlike the paper wallet for blockchains where you can know the coins with only the public key.

Thus “SAFE paper wallet is unlike the paper wallets of blockchains”


This is why I mentioned your cold wallet would have the key pair and the wallet addr.
What I imagine is that the wallet addr can be the xorname of where the list of coins are stored (notifications can be stored here or in a separate place/MD), so you have let’s say the MutableData addr (wallet addr), and the sk-pk pair for the coins listed in your paper wallet.
If we want to make a comparison with a blockchain cold wallet, then the PK of a blockchain cold wallet would be the wallet addr of the SAFEcoins cold wallet. So if you have the wallet addr, you can see the list of coins by just reading the MD, obviously depending if the entries are encrypted or not, the balance could be seen by only you or anyone.

I’m not really sure of this now, but I imagine I could import a SK/PK to sign a transfer of ownership, but I’m not sure as yet. If it isn’t/won’t be possible I think you are right that strictly speaking the wallet is not really a cold wallet as the SKs would need to always be generated online.

I think the list of coins is a totally different aspect of the key pair which owns the coins. If I’m right that the SK don’t need to be generated online, I can still know which are my coins by keeping track of them in my wallet, making sure the current owner of those coins is my PK generated offline, I shouldn’t need any SK for this.

So in summary, what I’m trying to say is that it could perhaps be possible to have:

#1- the list of coins you own in a MD (your ‘wallet’)
#2- receive transfer notifications in a separate MD (you know this could be even your email)
#3- have the PK-SK pair generated offline and you import the SK to sign a transfer only when you want to (this last part is what I’m not sure 100%).

Your wallet app or SAFEcoin explorer only needs your ‘wallet’ addr (item #1) to show the balance.


I’m sensing some aggravation in your responses. The extra question marks and abrasive tone in you remarks is unlike you. Why this behavior? @bochaco just seems to be brainstorming.




And the point is that there is NO list to look at

To have a list you need the private key on-line to read the messages sent to the public key address and compile a list in your online wallet.

I often use the extra to highlight points/questions that are key to the whole discussion. I will have to take into consideration your points and how it looks to others



I think this is 100% implementation dependant and/or user’s choice.
I can implement a wallet app which expects transfer notifications by email (just for the sake of emphasising this aspect is irrelevant to the whole discussion).
When a new email arrives with the list of coins that have been transferred, the wallet app checks each of the coins to make sure the current owner is your PK, and append the coins addrs to the list of coins.
The list of coins could be just a public non-encrypted MutableData, with permissions for everyone to only read its entries, and only my wallet app has permissions to insert/update/remove entries. After my wallet app verifies the coins are mine now, and appended the coins’ addrs to the list in the MD, I can log off. Then, if I have the address of the MD I can read it with any SAFE webapp, like a SAFE coins explorer webapp.
To transfer coins, the wallet app can read the list of coins form the public MD, make the transfer, and remove the coins from the MD. Again anyone will be able to read the MD and see that the balance was reduced now.


But again you have no network notification of coins sent to your public address without the private key on-line.

You cannot force or guarantee that the other person will use a wallet APP that emails you the coin addresses of the coins sent to you.

Also to email you the addresses would partly defeat the purpose of a “paper” wallet in a SAFE environment, in that you have a on-line record of the actual coin address. A lot of people have expressed dislike of any public record of their wallet…

The whole point was that a SAFE-paper-wallet is NOT the same as a blockchain paper-wallet You cannot force all of the users on the network to use a wallet APP that advertises the fact it sent coins to an address. (MD that is readable by the public) People have expressed that they don’t want advertised their coin transfers and by your App placing in public record the coins received then others can examine those coins for the previous owner. So if you are an interesting product seller then others can see who your customers are very easily. If no public record then others have to scan every 4 billion safecoins to see who your customers are

I agree that there are ways to implement a blockchain style of paper-wallet, but it is not just keeping a key-pair on paper like a blockchain paper-wallet is. SAFE works differently to a blockchain and to simulate blockchain paper-wallet requires the other users to use your or similar wallet that emails and advertises your receipts.

The whole point was that a SAFE-paper-wallet is NOT the same or similar as a blockchain paper-wallet

Although you present an interesting wallet APP idea for those who want a pseudo “paper-wallet”


In the original Paper there was the possibility of minted safecoin with open transaction without a designated recipient. I don’t know if this possibility will remain or even if is possible with MD.

The transaction model, described in Section 5, enables safecoin ownership to be transferred. However, it will be possible, after the SAFE Network is launched, to mint safecoin in a more physical and anonymous way.
Minting safecoin can be achieved by the network enabling the registration of a special transaction with the transaction managers, that facilitates transfer of the ownship of the coin to any user that acknowledges the transaction. The minting process efectively removes the requirement for the transaction validation step from the Transaction Manager. When Alice wants to mint safecoin, she sends a special request to Transaction Managers to create an open transaction without a designated recipient. The Transaction Managers, once they have confirmed by consensus that Alice is the current owner, will then generate the transaction. Once Alice receives the transaction name from the network, she can store it on an external storage device, such as a usb drive, together with a special validation signature which has been used as a salt when generating the previous sent request1 .This salt is used to prevent Transaction Managers themselves trying to acknowledge the transaction to steal the coin.
When Bob receives the minted safecoin and decides he would like to spend them, he reads the transaction name and the validation signature from the storage device and then sends an acknowledgement to the network. Once the Transaction Managers receive the acknowledgement, the pre-generated transaction will be updated, thus completing the transfer of ownership of that coin(s) from Alice to Bob.
The benefit of using safecoin in this way is a reduction in the complexity of the transaction by removing the acknowledgement procedure, making minted safecoin similar to a cash note. It also means that Alice, in this case, no longer needs to worry about keeping her private key safe as the transaction has been pre generated. Minted safecoin is also more anonymous, eliminating the need to store safecoins only in a digital wallet that can be compromised should an adversory obtain access to a users SAFE Network credentials. However, there is risk that after the transfer transaction has been registered, if the owner loses the external storage device containing the safecoin(s), anyone will be able to claim owner- ship. However, this is no greater than the risk anyone undertakes when withdrawing cash from a bank, convenience comes at the price of security.