public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Peter Vessenes <peter@coinlab.com>
To: "Jorge Timón" <jtimonmv@gmail.com>
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Key retirement and key compromise
Date: Mon, 25 Feb 2013 11:44:02 -0800	[thread overview]
Message-ID: <CAMGNxUusTxVBbp7L0v5fC9d2ERQaMMBzX5-T70risVF3jd1tVg@mail.gmail.com> (raw)
In-Reply-To: <CABOyFfpy7WEYKKhdoFbEHriCYoHt8hr_5BO992yb_GRV35TmmA@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 1123 bytes --]

We've been toying with the idea of a 'dead' button, one that issues a bunch
of pre-generated txs sending stuff out to a previously secured 'backup' set
of addresses (we don't think in terms of wallets, just keypairs).

In this scenario, you have a long-term storage address (or set of them),
and if you need to hit the panic button, previously signed transactions
send value over to your emergency storage.

If you've mucked around sending / receiving with your long-term storage,
you'd only catch some BTC, not necessarily all, but what's nice is the
panic transaction leaking has lower security requirements than your private
keys -- worst case it's out, and you've got to deal with stuff in emergency
storage, as opposed to losing all your coins.

You could pair this with a server that checks if 'safe' addresses have
'unauthorized' transactions showing up on the blockchain, and you'd have a
reasonable automated security layer. Maybe. :)

I'm interested in thoughts on this approach as well.

Jorge -- I respectfully disagree with you, there are a number of enterprise
scenarios where your method is not appropriate.

[-- Attachment #2: Type: text/html, Size: 1649 bytes --]

  reply	other threads:[~2013-02-25 20:14 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-02-22 23:08 [Bitcoin-development] Key retirement and key compromise Roy Badami
2013-02-25  9:41 `  Jorge Timón
2013-02-25 19:44   ` Peter Vessenes [this message]
     [not found] ` <20130225172353.GA7782@malakian.dd-wrt>
2013-03-25 20:49   ` Roy Badami
2013-03-25 21:10     ` Gregory Maxwell
2013-03-25 21:35       ` Roy Badami

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAMGNxUusTxVBbp7L0v5fC9d2ERQaMMBzX5-T70risVF3jd1tVg@mail.gmail.com \
    --to=peter@coinlab.com \
    --cc=bitcoin-development@lists.sourceforge.net \
    --cc=jtimonmv@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox