Bitcoin Forum

Based on several discussion threads that have happened here and in #bitcoin-dev on IRC, (see http://bitcointalk.org/index.php?topic=2698.20 (http://bitcointalk.org/index.php?topic=2698.20) and http://bitcointalk.org/index.php?topic=2500.40 (http://bitcointalk.org/index.php?topic=2500.40)), I've been pondering the most secure possible bitcoin bank service.

The point of this service would strictly be safe deposit and withdrawal, not instant transfer between users or commerce. Thus users concerned about the security of their own wallet.dat, especially on Windows, would have a safer (I hope) place to store large quantities of bitcoins.

I initially envision it as stated below. I am not a security/banking expert and I welcome feedback!

1) A VERY simple web form asks for your withdrawal address. This is effectively your account ID.

2) You are also given a deposit address that is permanently linked internally to your withdrawal address. This is an internal account in the bank's bitcoin wallet.

3) You deposit funds using Bitcoin by sending to your deposit address.

4) You can check your balance by entering your withdrawal address.

5) To withdraw, you are given a simple web form asking for withdrawal address (a.k.a. account ID), and the amount. If the amount is less than or equal to the amount associated with that address, it is sent to your withdrawal address.

This gives, I think, only 3 forms to secure (account set-up, balance check, and withdrawal), keeps things relatively anonymous, and limits exposure to the outside world. Bitcoin itself is used as the method of transfer and storage. Now, on the back-end I would want to use a hardened linux of some kind, with everything possible (disk and RAM) encrypted, and use redundant off-site encrypted backups with JungleDisk/S3 or the like to keep everything safe in case of failure.

Would you want to use such a service? What assurances would you want? Would this work? Again, I am looking for feedback and especially criticism to hone this idea. Thanks in advance!

It would be great to backup your wallet to such a service. Or even have it distributed across many servers in different locations.

Using S3 (via JungleDisk or other mechanisms) distributes backups across geographically distributed servers. It would be best, I think to have another service in addition to S3 for the backups, just in case something goes sideways with Amazon.

You may find your answer with:
https://github.com/FellowTraveler/Open-Transactions

This hopes to be a clearinghouse for transactions/registrations/documents/etc.
There is talk about decentralizing banking features of OT or tying it to a future BitX application for the database.

I think the safest option is a bank that stores bitcoins on addresses that are part of an offline-wallet, transfers would have to be done manually, but IMHO you can't beat that.

I was thinking about that. What's the most secure way to do that? At some point the wallet has to be on a machine that's online, right? To get addresses?

This seems way too complex for what I'm thinking of.

Send a usb drive via registered mail?

For what?

No. Why would it need to ever get online  ?
Theoretically you don't even need the client, you can just create keypairs, hash the public key, boom, you have an ultra-secure address that never touched the internet.

Being able to withdraw knowing just the withdrawal address means that my "bank account" is still only as secure as my wallet. If somebody stole my wallet file, then they could go to this bank, withdraw all the money, and then spend it however they wanted. And if I'd lost my wallet file, then the coins are just as gone since I wouldn't be able to get them back. So if I'd need to keep my wallet secure anyway, I'm not sure what advantage this bank offers.

Oh wow, you are right, I totally missed this. So, it's pointless. Thanks!

I suppose it wouldn't be entirely pointless if some form of authentication was added, but it's much less pointful(?) than I originally thought.