how do i programmatically find out whether this phone has a wallet with at least a certain arbitrary amount of bitcoin in it?


the use case is: i have a bitcoin-aware app A, which would then like to trigger a bitcoin payment request to be executed by an on-phone bitcoin wallet via the BIB20/bitcoin: URL mechanism. Rather than generating the payment request directly and immediately for an arbitrary amount of bitcoin, is there a way to in effect ask the bitcoin wallet if it has at least N bitcoins in it first?

thanks, John from Kimbrough Software

Kimbrough Software

Posted 2017-01-04T15:40:53.643

Reputation: 21

1Although it might not be your intent, you are essentially asking how to write malware. How much money someone has in their wallet is not the business of another app, so I don't believe there are any wallets that expose this. This is like a department store looking through your wallet or purse when you walk in the door. It's an invasion, and not a reputable thing to be doing. – Jestin – 2017-01-04T16:42:50.653

i fundamentally disagree with this. you wrongly assume i haven't first asked for permission for this information. i'm happy to register an app with first asks for this permission. requesting to pay N bitcoins and watching it fail is akin to knowing that fact, and that can be done via BIP20 but messily – Kimbrough Software – 2017-01-04T19:42:04.267

Be that as it may, but I am still unaware of any wallet apps that allow other apps to query this information. Likely, this is for security reasons. It shouldn't be the responsibility of your application to check if the user can afford a purchase prior to attempting to bill the user. – Jestin – 2017-01-04T19:52:10.830

it ought to be a basic feature of wallet functionality that permissioned users know various permissioned facts about it . – Kimbrough Software – 2017-01-04T20:46:42.233

to my mind this new paradigm in the digital manipulation of money which bitcoin represents ought to include the ability to replace what used to be done by humans with algorithms, properly permissioned, operating on wallets. For example, HD wallets in particular can express corporate structure. Saying something like "it shouldn't be the responsibility of your application" to know these facts about the place where an entity stores all its keys is overly restrictive. I'd like to be in a position to know ad hoc if a department in my company was running a surplus or deficit. – Kimbrough Software – 2017-01-04T23:20:56.783

U may find this irrelevant but given the initial analogy I want to add that if u call a bank and ask if a person has enuff funds to cover a check the person has written out to you, the bank will tell u yes or no. When I ran a business, I would do this to prevent depositing a check that resulted in me being charged fees for insufficient funds if the person's check bounced. Seems like there would be something similar with bitcoins, especially since I normally do not know the persons with whom I'm exchanging coins. – Suzanne Moody – 2017-08-04T01:18:14.330



It is not possible, by design. Like Jestin said, the wallet's balance is not the business of other apps.


Posted 2017-01-04T15:40:53.643

Reputation: 529

On the android wallet which you maintain (ty btw !) I can see that my wallet file is encrypted. However, my wallet does not ask me for a password in order to compute my transaction history and balance (only the 'Safety > Restore wallet' ever asks me for a password). So the wallet is a user process which is able to compute my balance. In principle, why couldn't another user process achieve the same thing by replicating the same code and reading the same files? – Sven Williamson – 2017-01-05T18:55:33.447

Damn, my wallet is also able to spend coins without having set any 'spending PIN'. So here is user process which has access to my private keys without asking me for a password.... I am very confused now :( – Sven Williamson – 2017-01-05T19:02:40.503

Ok feeling better now from Nick ODell comment below, I am guessing that when restoring a wallet, the code gets the private keys from the wallet file, and stores them in some form into a file which belongs to the wallet application (and which cannot be read by another user process) – Sven Williamson – 2017-01-05T20:02:24.133

On Android, apps are isolated against each other. So a different app is not able to access the wallet file even if it is not encrypted. – Andreas – 2017-01-09T09:46:34.780


This is definitely possible. If your application is running as root, it can access the wallet files of Bitcoin wallets, which usually have fixed filenames and file headers. The downside of this approach is if there's a vulnerability in your software, someone can steal Bitcoins from your customers and install malware.

How else could this be done? A Bitcoin wallet could implement an API so that applications on the same phone can query the Bitcoin balance. There is definitely an argument for making this possible. I wouldn't compare it to rifling through a purse when entering a department store - it's most similar to how DigitalOcean charges me a cent and cancels the charge to test that my credit card is valid, before it rents servers to me.

As Andreas Schildbach says, this is intentionally not implemented. (Note that Schildbach is the maintainer of this Android wallet, and one of the contributors to BitcoinJ, which many Android wallets use behind the scenes.) Why wouldn't you want this feature? One reason is that many applications are supported by advertising/data collection. If this API were made available, many applications with no reason to have this information would ask for it. You can imagine that those companies would sell datasets that include email addresses and Bitcoin balances - the primary effect of this feature would be to add another vector to phish Bitcoin users.

Nick ODell

Posted 2017-01-04T15:40:53.643

Reputation: 27 521

thanks Nick; a thoughtful answer. The wallet metaphor works when considering personal finance but of course wobbles when you consider corporate contexts. I think the argument in favour of not having the API will in time be defeated by the upsides to having this API in wallets. We will be permissioning algorithms to engage in spending patterns on our behalf, as corporates and as individuals, pretty soon. The argument that many current apps rape your phone contents does not invalidate good uses which other apps have for getting access to your contacts. – Kimbrough Software – 2017-01-05T03:17:05.840

@KimbroughSoftware My intuition is that most people aren't looking for a wallet for their corporation - they're looking for a wallet for themselves. If they do want something for their corporation, they're better served by a wallet like BitGo, not an Android wallet. I mean, what if the guy holding the funds runs off with them? What if he drops his phone in a puddle, and destroys millions of dollars of assets? And, of course, if you want someone to be able to audit the contents of a HD wallet w/o being able to spend it, you can give them the xpub. – Nick ODell – 2017-01-05T03:37:48.737

agreed but the inevitable existence of this API is independent of android I think. and the metaphor of 'wallet' will morph once we realise that a single piece of software like a wallet can't internally contain all of the currency algorithm creativity which will likely emerge in the coming years. the wallet is currently a key guardian with manual user signoff at meaningful human-transaction boundaries. When we agree that our manual wallet 'pays' for something we're agreeing to an algorithm to find N suitable UXTOs. This idea generalises to a richer guardian API in the end, I believe. – Kimbrough Software – 2017-01-05T10:20:06.647

@NickODell I don't understand why the app would need to run as root. My wallet.dat file (say) on bitcoin core is owned by the user, what am I missing? – Sven Williamson – 2017-01-05T17:37:37.727

@SvenWilliamson Android segments files by application, so that one application can't peek at the files of another. Being root lets you ignore those protections. – Nick ODell – 2017-01-05T19:49:55.667