public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Matthew Roberts <matthew@roberts.pm>
To: bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org>
Subject: [bitcoin-dev] BIP clearing house addresses
Date: Thu, 4 Aug 2016 04:16:20 +1000	[thread overview]
Message-ID: <CAAEDBiGMGWLeC81vkojGwEqQTT1HQaE=a3z114u6=FXXM2DRtQ@mail.gmail.com> (raw)

[-- Attachment #1: Type: text/plain, Size: 1745 bytes --]

In light of the recent hack: what does everyone think of the idea of
creating a new address type that has a reversal key and settlement layer
that can be used to revoke transactions?

You could specify so that transactions "sent" from these addresses must
receive N confirmations before they can't be revoked, after which the
transaction is "settled" and the coins become redeemable from their
destination output. A settlement phase would also mean that a transaction's
progress was publicly visible so transparent fraud prevention and auditing
would become possible by anyone.

The reason why I bring this up is existing OP codes and TX types don't seem
suitable for a secure clearing mechanism; Nlocktimed TXs won't work for
this since you can't know ahead of time when and where a withdrawal needs
to be made, plus there's still the potential for key mismanagement; Similar
problems with OP_CHECKLOCKTIMEVERIFY apply too – unless you keep a private
key around on the server which would defeat the purpose. The main use case
here, would be specifically to improve centralized exchange security by
making it impossible for a hot wallet to be raided all at once.

Thoughts?

Some existing background:

http://hackingdistributed.com/2016/08/03/how-bitfinex-heist-could-have-been-avoided/
-- Proposed the basic idea for a time-based clearing house but using
blockchains directly, this is a much better idea than my own.

roberts.pm/timechain -- My original paper written in 2015 which proposed a
similar idea for secure wallet design but implemented using time-locked
ECDSA keys. Obviously a blockchain would work better for this.

Other -- if the idea has already been brought up by other people, I
apologize.

[-- Attachment #2: Type: text/html, Size: 2292 bytes --]

             reply	other threads:[~2016-08-03 18:16 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-08-03 18:16 Matthew Roberts [this message]
2016-08-03 21:13 ` [bitcoin-dev] BIP clearing house addresses Troy Benjegerdes
2016-08-03 23:55 ` Tier Nolan
2016-08-04  2:07   ` Matthew Roberts
2016-08-04  3:27 ` Luke Dashjr
2016-08-04  3:49   ` Andrew Johnson
2016-08-04  4:53     ` Matthew Roberts
2016-08-04 12:43       ` Erik Aronesty
2016-08-06 10:39 ` s7r
2016-08-06 11:13   ` Tier Nolan
2016-08-07  5:35     ` Matthew Roberts
2016-08-07 22:59       ` Erik Aronesty
2016-08-08  0:48         ` Matthew Roberts
2016-08-08  9:56           ` Tier Nolan
2016-08-08 10:09           ` Erik Aronesty
2016-08-08 11:01             ` Tier Nolan

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAAEDBiGMGWLeC81vkojGwEqQTT1HQaE=a3z114u6=FXXM2DRtQ@mail.gmail.com' \
    --to=matthew@roberts.pm \
    --cc=bitcoin-dev@lists.linuxfoundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox