Frequently Asked Questions
The primary method of requesting support is our support email address email@example.com.
If you have found a bug or wish to request a feature in our software, you can also report it as an issue against the appropriate GitHub repository.
If you need to send confidential data and wish to encrypt your message you can encrypt to our PGP key with fingerprint "04BE BF2E 35A2 AF2F FDF1 FA5D E7F0 54AA 2E76 E792".
You can also post questions on our subreddit. In some cases fellow GreenAddress users may be able to respond to your query before we are able to.
Support is offered on a best-effort basis. We prioritize addressing security problems and bugs in the software providing the service.
If your question is answered in this FAQ, and in particular, if it pertains to lost credentials, it may be some time before we respond to you.
Unfortunately we receive a large volume of spurious email and we cannot always respond instantly. We are working to improve our email response time and will update this FAQ whenever the support policy or support solution is changed. If you have specific support requirements please contact us to discuss your needs.
For a simple high level comparison with similar services please see here.
We aim to provide a convenient-to-access wallet that emphasizes security and privacy:
- Easy access from anywhere
- All access controlled by a single user mnemonic phrase
- A simple interface with up to date fiat price conversion
- Fast PIN login
- Watch-only logins for quick balance and transaction checking
- Instant transaction support
- Easy key sweeping to import coins
- Sub-accounts for 2of2 and 2of3 signature transactions
- Multiple two-factor authentication options
- GreenAddress signature required to move coins
- Transaction limits and restrictions
- Hardware wallet support
- Recovery ("nLocktime") transactions
- 2of3 accounts for user controlled backup keys
- User secrets are never transmitted to our servers
- User secrets are never stored unencrypted on your device
- Minimal information is stored by the service
- Optional PGP encryption for user emails
2of2 and 2of3 refer to the number of signatures required to move coins in a transaction.
Your main GreenAddress account is a 2of2 account. This means that two signatures are required to validate any transaction: one from you, and one from us. We sign your transaction only if it complies with the limits you have enabled, and only when you provide two-factor authentication. This means that a potential coin thief has to first access your wallet and then also hack into your two-factor authentication in order to try to steal your coins.
A 2of3 account requires two out of three signatures, where the third signature is from a backup key known only to you. This gives you the security benefits of a 2of2 account, while still allowing you to move your coins in the event that the GreenAddress service is unavailable.
You can read more about 2of3 recovery here. Please see below for details of recovery transactions which allow you to move coins from 2of2 accounts.
When you send an ordinary Bitcoin transaction, the recipient of the coins must take care that the transaction is confirmed (mined into a block on the blockchain) so that they cannot be defrauded. An attempt to defraud is usually made by "double spending" coins - after sending a transaction to someone, the inputs are then re-spent in a new transaction that pays someone else.
To avoid this risk, it is usually recommended to wait for at least six blocks after the transaction is mined. This introduces undesirable delays when sending.
Because GreenAddress 2of2 accounts only allow sending coins when they are signed by both you and us, the service can act as a kind of guarantee that your coins cannot be double spent, since the service will not sign another transaction for the same coins when one is already in-flight. Services that choose to rely on this can therefore trust that a transaction they receive from GreenAddress cannot be double spent, eliminating the need to wait for the transaction to confirm.
These are known as instant transactions and they can be sent by ticking the "instant" checkbox when sending coins from our wallet software.
Funds in your main GreenAddress account (or a multisignature 2of2 subaccount) require 2 signatures to be spent: one from you and one from GreenAddress. In order to protect you from loss of access to your funds should GreenAddress become unavailable GreenAddress automatically creates pre-signed transactions which you can subsequently countersign to recover the funds to an address controlled solely by you. These transactions are called nLockTime transactions because they can only be spent and confirmed by the network after a specific period of time.
Once the nLockTime period expires these nLockTime transactions would allow you to recover the funds in the 2of2 account without requiring GreenAddress's signature. This also means that any limits placed on your spending in GreenAddress, such as 2FA requirements, cease to be enforceable by GreenAddress, and that these funds are no longer available for use in instant transactions because GreenAddress cannot guarantee that you have not tried to double spend them.
At this point GreenAddress will prompt you to redeposit the coins by sending them to yourself. This creates a new nLocktime transaction for you, while re-protecting the coins by once again requiring a GreenAddress signature to spend them. In this way you can take advantage of instant transactions from 2of2 accounts, while always being sure you can retrieve your funds if the service is off-line.
The redeposit operation is a standard bitcoin transaction and as such is subject to the usual network transaction fees.
You can place your funds in a GreenAddress 2of3 account, in which case GreenAddress does not generate nLockTime transactions and therefore no redeposits are necessary.
You can increase the nLockTime period on your account which will reduce the frequency of the redeposits. The downside of this is that should you need to recover your funds (for example, because you lose your two factor authentication) you will have to wait for longer.
We recommend that you redeposit your funds when reminded, however redepositing is optional and failure to redeposit will not necessarily lead to the loss of any funds. The main consequences of not redepositing are:
The funds in the account will no longer be eligible for instant confirmations because GreenAddress can no longer guarantee that you have not tried to double spend them.
It becomes possible that anyone with access to both your mnemonic and the nLockTime.zip file sent to you by GreenAddress could steal the funds, bypassing any two factor authentication measures.
No, GreenAddress does not support this. GreenAddress will only sign standard bitcoin transactions.
Yes, our https site supports Tor users. Our mainnet production site is at http://s7a4rvc6425y72d2.onion, and testnet is at http://gu5ke7a2aguwfqhz.onion.
The GreenBits wallet for Android has direct support for Tor to be used with Orbot via SOCKS5 (or any SOCKS5 proxy that understands Tor).
Sending and Receiving Coins
Unfortunately, many banks and payment services such as PayPal don't yet support Bitcoin directly. For the time being, you can exchange your money using bank transfers (and sometimes debit or credit cards) via an intermediary like a Bitcoin exchange or a broker.
There are also online services and communities where you can arrange to exchange cash for Bitcoin. This is an area of rapid change and innovation and so we do not list or specifically recommend any services in this space. The best service for you depends on many factors. We suggest you locate local services using your favorite search engine and carefully review any potential options.
You should see new transactions in your wallet within seconds of it being sent by the payer. If you do not, and you can see the transaction in an online block explorer and/or it has confirmations, please contact support with the transaction ID and/or address you used if available.
If you can not see your transaction in a block explorer, it probably means it is still propagating or failed to do so (for example, setting the fee too low can cause transactions to be dropped).
We have sensible rate limits to prevent the service from denial of service attacks. It is extremely unlikely that a user will encounter these limits under normal use. If you find that you are hitting a rate limit, please contact support with the details.
If you have a requirement that exceeds the current limits, please feel free to contact us to discuss your needs further.
Addresses change constantly for privacy and security reasons. Re-using old addresses makes it easier for others to group transactions together and can be less secure. While GreenAddress does correctly process multiple payments to the same address, we recommend not re-using them.
Addresses should be thought of as one-time receipt IDs rather than as unchanging identifiers such as traditional bank wire details.
Note that our API exposes a GreenAddress receiving ID which can be used to fetch new addresses to pay to. Please see the API documentation for more details.
All previously generated addresses are available in the Receive tab under Advanced Options when using the Chrome or Cordova wallet clients.
Feel free to use one of the buttons below on your website:
Your private keys are not stored. They are derived on demand from your mnemonics as a seed to a BIP32 hierarchical wallet.
Your mnemonics are encrypted and stored locally only when PIN login is enabled (See below).
Your mnemonics and private keys are never sent to the server. The server receives the public key and chaincode for generated addresses only.
When you create a PIN, a random 256 bit AES password is created and used to encrypt your mnemonics and store them on your device in encrypted form. This password is sent to the server and destroyed on the client.
If the server is given the correct PIN when logging in, it will return the password to the device in order to decrypt the mnemonics. If the server is given the wrong PIN three times, it will destroy the password at which point the user must use their mnemonics to log in. Note that the server never sees your mnemonics at any point.
We suggest using a long PIN for better security.
If you can't remember the PIN you use to login to your wallet, you will need to use your mnemonics to log in instead. After entering the wrong PIN three times, the back end service will delete its copy of your wallet's random decryption key, at which point the PIN can no longer be used.
Your wallet client will then ask you to login using your mnemonics and you can resume using the service as normal.
The service never knows your mnemonics or passphrase; We cannot help you recover them if they are lost.
If you have a wallet with PIN entry enabled, you can use your PIN to log in to the wallet and then view the mnemonics from the settings menu. You should then write them down and store them safely.
In all other cases you will only be able to retrieve your mnemonics by brute force trying various combinations of valid words. This is similar to how a hacker might try to break into your wallet, and is not generally feasible.
If you have some information about the mnemonic/mnemonic passphrase available (for example, if you have most of the words, or you know that your passphrase will only contain certain characters or is a certain length), then you may be able to use this to recover your wallet, although it is still extremely unlikely. You should research third party services for wallet recovery, as GreenAddress does not offer assistance or support for wallet cracking for obvious reasons.
You should always have at least two different two-factor options enabled. Additionally, for OTP/Authenticator you should back up the initial seed number and/or QR code displayed. As long as you keep these backups you can maintain access to your coins even if you lose access to one method for any reason.
In cases where you have lost access to all of your two-factor methods, we have no way to return control of your coins to you. We take our users' security very seriously; we have never disabled two-factor authentication for any user once enabled, unless explicitly authorized to do so via another two-factor authentication method. We follow the restrictions that you placed on your account without exception.
If your coins are in a 2of2 account then you will need to recover your authentication - we cannot disable it in this or any other case. Alternately, if you had enabled nLocktime transactions then you can use them to recover your coins after the nLocktime expires (90 days by default).
If you transferred your coins to a 2of3 account then you can move them without two-factor authentication since you have 2 of the 3 required signatures. If not, then unless you can recover your authorization we cannot help you.
We remind users during two-factor setup to make backups of things like OTP/Authenticator and to enable multiple two-factor options to prevent this situation from happening. As noted, 2of3 accounts can be used to avoid requiring authentication also.
We understand this is upsetting, and we are actively working on potential solutions to overcome this problem in the future, such as CLTV/CSV and opt-in methods of resetting two-factor authentication with safeguards.
These future mitigations require careful design and development to ensure that they cannot be exploited by attackers. It may be some time before we can safely implement them.
Future developments in two-factor processing will be notified in our applications and this FAQ.
Our two-factor authentication system is a security measure that we include to ensure that even if a malicious party steals your mnemonics, they cannot access your wallet and steal your funds.
We sometimes get users asking us to reset their 2FA because they’ve lost their 2FA.
We do not do this, because if we did so, it would compromise all the security offered by 2FA in the first place. Any malicious party could steal your mnemonics, and then contact us asking us to reset the 2FA, and then they could access your funds.
As such, we strongly urge users to set up at least 2 different 2FA methods. As long as you can access at least one, you’ll be safe in the case that you lost track of another method.
SMS delivery is not perfect and sometimes there can be delays or failures. Some countries can be more affected than others depending on factors like the reliability of the underlying mobile infrastructure. For this and other reasons (such as security weaknesses of SMS and recovery necessities) we advise you to enable a better mechanism such as email with GPG or OTP/Authenticator. You should always have at least two two-factor methods enabled to maintain access to your coins.
Email delivery is not guaranteed and sometimes there can be delays or a failure in delivery. It is also possibly for anti-spam systems to mistakenly classify two-factor emails as spam or strip the attachments from them. Please ensure you check your spam folders and give the email time to arrive. If you regularly have issues receiving email you may wish to adjust your spam settings, whitelist the sender in your client, or move to a more configurable provider.
GreenAddress is designed to allow you to recover your coins if the service ceases to be available. Make sure you keep your mnemonics and nLocktime/recovery transaction emails so that you can independently recover your coins. Please see the section "What are "nLocktime"/recovery transactions?" above for more details.
The SHA256SUM.asc file contains a digital signature from GreenAddress of the binary files hashes. Using the PGP software you should verify that the packages you have downloaded have been correctly signed by us. Our fingerprint is "04BE BF2E 35A2 AF2F FDF1 FA5D E7F0 54AA 2E76 E792"
GreenAddress does not currently charge fees for any of its services. If we add a fee for any service in the future, this will be clearly communicated and opt-in.
Enterprise clients and those seeking custom solutions are welcome to contact us to discuss arrangements for extra services and support.
The fee you see in the sending transaction dialog is paid to Bitcoin miners to confirm your transaction (i.e. add it to the Bitcoin blockchain). Transactions fees change according to demand on the Bitcoin network.
Miners may ignore or delay transactions with extremely low fees. GreenAddress automatically calculates a fee that aims for your transaction to be mined quickly. We do not aim for the absolute fastest possible confirmation time since doing so may be very expensive. Most of our wallet clients allow you to change the fee. This can be useful if you want to ensure a transaction confirms even more quickly (by increasing the default fee), or to lower the fee if you do not care how long the transaction takes to confirm.
Unless you are experienced in using Bitcoin, we suggest you use the default fee calculated for you by the wallet.
This is variable and depends on Bitcoin network conditions.
All GreenAddress wallets provide a confirmation dialog with fee information and a payment is generally denied if the amount is below what the network will accept.
When you send a transaction a fee is included as a reward to the miner that mines the transaction into a block (see above). If the fee is set too low the transaction can become stuck because the incentive is not sufficient for a miner to mine it. In this case it is possible to replace the transaction with one with a higher fee. This is called "bump fee" in the client, and is also known as "replace-by-fee" or "RBF".
See also Opt-in RBF.
The production web wallet service can be used from any modern web browser.
Our iOS application is available from the iTunes Store.
All of our applications are open source and you can contribute to their development on GitHub.
Yes, you can see our API documentation at our GitHub pages and our open source applications here. If you are building a service that will use GreenAddress, we suggest you get in touch to discuss your requirements and ensure your use of the service will be secure.
Yes. You can try our testnet version at test.greenaddress.it.
A testnet faucet to receive coins for testing is available at tpfaucet.appspot.com. Please remember to send any testnet coins back to the faucet when you are done testing.
We also have a bleeding edge regtest environment and faucet available at regtestwss.greenaddress.it. This environment is updated regularly and may be restarted without notice.
We value your feedback and suggestions. Please feel free to raise issues on GitHub or email us at firstname.lastname@example.org.
We have a long list of planned features and languages that we wish to support. You can check the existing issues on GitHub for details.
If you would like to help with translation please see here.
Cookies are unique identifiers that we use to enable our services to recognize your device and provide features such as remembering your language preference and security for some common web issues. We ask you to accept the use of our cookie in accordance with EU law.