From: Natanael <natanael.l@gmail.com>
To: Matt Whitlock <bip@mattwhitlock.name>
Cc: bitcoin-development@lists.sourceforge.net
Subject: Re: [Bitcoin-development] Presenting a BIP for Shamir's Secret Sharing of Bitcoin private keys
Date: Sat, 29 Mar 2014 20:34:27 +0100 [thread overview]
Message-ID: <CAAt2M18bDAPHm_=+UjRe4x5wMRbd=xfLrhLtWbktceHxmn3_Zw@mail.gmail.com> (raw)
In-Reply-To: <CAAt2M18j7bGDsKouVw+e4j+FMiJ4vK6-sx+nrkwHyiKLqiH7Jg@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1847 bytes --]
Den 29 mar 2014 19:15 skrev "Matt Whitlock" <bip@mattwhitlock.name>:
>
> On Saturday, 29 March 2014, at 2:08 pm, Alan Reiner wrote:
> > Regardless of how SSSS does it, I believe that obfuscating that
> > information is bad news from a usability perspective. Undoubtedly,
> > users will make lots of backups of lots of wallets and think they
> > remember the M-parameter but don't. They will accidentally mix in some
> > 3-of-5 fragments with their 2-of-4 not realizing they are incompatible,
> > or not able to distinguish them. Or they'll distribute too many
> > thinking the threshold is higher and end up insecure, or possibly not
> > have enough fragments to restore their wallet thinking the M-value was
> > lower than it actually was.
> >
> > I just don't see the value in adding such complexity for the benefit of
> > obfuscating information an attacker might be able to figure out anyway
> > (most backups will be 2-of-N or 3-of-N) and can't act on anyway (because
> > he doesn't know where the other frags are and they are actually in
> > safe-deposit boxes)
>
> Okay, you've convinced me. However, it looks like the consensus here is
that my BIP is unneeded, so I'm not sure it would be worth the effort for
me to improve it with your suggestions.
I think it should be made an option (with the default being that the
threshold is given and verification is applied. There could certainly be a
few cases where the threshold is set high, you maybe don't have access to a
great enough variety of hiding spots or secure enough hiding spots, and you
want deter an attempt to find all the shares (with the idea being that the
risk of detection would be too high, in particular when you use tamper
evident seals). But for the majority it would be better to find a few
different safeboxes to put the shares in and rely on physical security.
[-- Attachment #2: Type: text/html, Size: 2176 bytes --]
next prev parent reply other threads:[~2014-03-29 19:34 UTC|newest]
Thread overview: 90+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CACsn0ckScTWG4YxNCscxvtdsmcUkxtR2Gi-rdBs2HCkirPz5rA@mail.gmail.com>
2014-03-29 15:44 ` [Bitcoin-development] Presenting a BIP for Shamir's Secret Sharing of Bitcoin private keys Matt Whitlock
2014-03-29 16:59 ` Alan Reiner
2014-03-29 17:19 ` Matt Whitlock
2014-03-29 17:52 ` Alan Reiner
2014-03-29 18:00 ` Matt Whitlock
2014-03-29 18:08 ` Alan Reiner
2014-03-29 18:10 ` Matt Whitlock
[not found] ` <CAAt2M18j7bGDsKouVw+e4j+FMiJ4vK6-sx+nrkwHyiKLqiH7Jg@mail.gmail.com>
2014-03-29 19:34 ` Natanael [this message]
2014-04-04 2:38 ` Jeff Garzik
2014-03-29 18:16 ` Tamas Blummer
2014-03-29 18:41 ` Alan Reiner
2014-03-29 17:28 ` Roy Badami
2014-03-29 17:42 ` Matt Whitlock
2014-03-29 17:51 ` Roy Badami
2014-03-29 17:28 ` devrandom
[not found] ` <1396113933.8809.91.camel@mimiz>
2014-03-29 17:38 ` Matt Whitlock
2014-03-29 17:46 ` Gregory Maxwell
2014-03-29 19:49 ` Tamas Blummer
2014-03-29 17:48 ` devrandom
2014-03-29 17:51 ` Matt Whitlock
2014-03-29 17:56 ` devrandom
2014-04-03 12:41 Nikita Schmidt
2014-04-03 21:42 ` Matt Whitlock
2014-04-04 13:51 ` Nikita Schmidt
2014-04-04 14:14 ` Gregory Maxwell
2014-04-04 16:05 ` Matt Whitlock
2014-04-04 16:25 ` Gregory Maxwell
2014-04-04 16:36 ` Matt Whitlock
2014-04-04 17:08 ` Gregory Maxwell
2014-04-04 17:16 ` Matt Whitlock
2014-04-04 17:51 ` Gregory Maxwell
2014-04-04 18:53 ` Matt Whitlock
2014-04-04 16:03 ` Matt Whitlock
2014-04-08 0:33 ` Nikita Schmidt
2014-04-08 0:38 ` Gregory Maxwell
2014-04-08 1:46 ` Matt Whitlock
2014-04-08 2:07 ` Gregory Maxwell
2014-04-08 11:52 ` Matt Whitlock
2014-04-10 22:31 ` Nikita Schmidt
2014-04-22 8:06 ` Jan Møller
2014-04-22 8:11 ` Matt Whitlock
2014-04-22 8:27 ` Jan Møller
2014-04-22 8:29 ` Matt Whitlock
2014-04-22 8:39 ` Jan Møller
2014-04-22 8:43 ` Matt Whitlock
2014-04-22 8:51 ` Jan Møller
2014-04-22 9:13 ` Matt Whitlock
2014-04-22 11:50 ` Justin A
2014-04-22 8:35 ` Matt Whitlock
2014-04-22 8:39 ` Tamas Blummer
2014-04-22 8:40 ` Matt Whitlock
2014-04-22 8:43 ` Tamas Blummer
2014-04-22 8:47 ` Matt Whitlock
2014-04-22 8:50 ` Tamas Blummer
2014-04-22 15:32 ` Mark Friedenbach
2014-04-22 15:49 ` Tamas Blummer
2014-04-22 17:03 ` Mark Friedenbach
2014-04-22 17:07 ` Jan Møller
2014-04-22 18:29 ` Tamas Blummer
2014-04-22 18:46 ` Gregory Maxwell
2014-04-23 5:33 ` Tamas Blummer
2014-04-23 6:16 ` Gregory Maxwell
2014-05-05 19:36 ` Nikita Schmidt
2014-05-12 12:09 ` Jan Møller
2014-08-14 19:23 ` Nikita Schmidt
2014-04-22 13:37 ` Nikita Schmidt
2014-04-22 8:15 ` Gregory Maxwell
2014-04-22 8:49 ` Jan Møller
-- strict thread matches above, loose matches on Subject: below --
2014-03-29 8:05 Matt Whitlock
2014-03-29 8:34 ` Tamas Blummer
2014-03-29 8:44 ` Tamas Blummer
2014-03-29 8:51 ` Matt Whitlock
2014-03-29 8:54 ` Matt Whitlock
2014-03-29 16:54 ` Matt Whitlock
2014-03-29 17:37 ` Tamas Blummer
2014-03-29 9:08 ` Chris Beams
2014-03-29 9:31 ` Matt Whitlock
2014-03-29 11:16 ` Matt Whitlock
2014-03-29 11:54 ` Chris Beams
2014-03-29 13:27 ` Jeff Garzik
2014-03-29 13:36 ` Mike Hearn
2014-03-29 13:38 ` Tamas Blummer
2014-03-29 14:10 ` Matt Whitlock
2014-03-29 14:19 ` Jeff Garzik
2014-03-29 14:55 ` Matt Whitlock
2014-03-29 15:04 ` Mike Hearn
2014-03-29 14:28 ` Watson Ladd
2014-03-29 14:36 ` Gregory Maxwell
2014-03-29 15:01 ` Matt Whitlock
2014-03-29 9:21 ` Chris Beams
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAAt2M18bDAPHm_=+UjRe4x5wMRbd=xfLrhLtWbktceHxmn3_Zw@mail.gmail.com' \
--to=natanael.l@gmail.com \
--cc=bip@mattwhitlock.name \
--cc=bitcoin-development@lists.sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox