Hi,
High-security protection against theft depends on multisig and timelocks, but more tools are possible. Last year I discussed one method where would-be attackers are discouraged by specially designed vault covenants [1] allowing re-vaulting transactions, where a watchtower can override a proposed delayed-spend transaction during a public observation delay period. Splitting coins into multiple timelocked UTXOs can give a user time to react to theft of a much smaller portion of the total amount.
If better and better cold storage designs can be shared openly, reviewed, and used easily, this can increase security for all bitcoin users. When the understanding among the general public includes "bitcoin is extremely valuable" then it becomes more urgent that the understanding in the general public also includes "bitcoin cold storage security is impenetrable".
Today I would like to announce the release of an open-source prototype for on-chain bitcoin vaults using pre-signed transactions and secure key deletion. I am hoping for feedback and discussion around these concepts. To be very clear, this is a prototype and not fit for production use.
https://github.com/kanzure/python-vaults
During the delay period, this design allows initiation of a recovery or clawback which triggers funds being moved to deeper cold storage.
Reviewers: Generally interested in your feedback about the concept. My hope is that the prototype and its source code helps answer some questions about how this might work. I would suggest to also pay close attention to the script templates for both outputs and witnesses.
Also included is an implementation of this same bitcoin vault using bip119 OP_CHECKTEMPLATEVERIFY.
I have also been working with Spencer Hommel, Jacob Swambo, and Bob McElrath on two related manuscripts, one addressing the topic of bitcoin covenants and the other addressing the topic of vaults based on pre-signed transactions. As part of that project, there is a separate vault implementation that is already available on Fidelity's github account [2]. A more bare bones implementation of python vaults can be found at [3]. Also, Kevin Loaec has an unrelated implementation using pre-signed transactions.
Thank you,
- Bryan
[1] https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-August/017231.html
[2] https://github.com/fmr-llc/Vault-mbed
[3] https://github.com/JSwambo/bitcoin-vault