|
Title: Idea to step up wallet security. Post by: shivansps on August 05, 2011, 05:37:04 AM As the network grows, wallet.dat security is one of the biggest flaw in the bitcoin design, as it way too easy to steal.
I was thinking, i dont know if technically possible, about adding a "password" security intro bitcoin transantions. As far i understand how the networks works, the network doest know anything about wallets, it know about address only, from and to. So lets say, we allow the client to create a "secure" address for recieving coins, that means now the network has to allow to send a passcode along with the transation, them it uses the same method of verification, along with something else, the idea is, if a passcode was used in the past to send coins from that address but is not longer present or is incorrect, then the transaction is rejected by the network(and the coins back to the owner), if a passcode was incluided but older transactions from those address dint incluided them, accept it anyway, as that means those address arent secure. I think this will allow to create a "secure" address in the bitcoin client, so everything to have to do to secure the coins you already have is to resend all those coins intro a secure address you created, so it will never leave your wallet. And if someone steal your wallet, so what? he whouldt be able to send the coins that where stored in that address to anywhere, as it will be get rejected by the network, and that msg about a rejected transaction in the list will warm you about someone stealed your wallet. The main problem i see, that there whould be no way to recover the passcode. Title: Re: Idea to step up wallet security. Post by: Stephen Gornick on August 05, 2011, 09:35:27 AM I was thinking, i dont know if technically possible, about adding a "password" security intro bitcoin transantions. Wallet encryption will be possible with Bitcoin 0.4.xx. There is more here: - http://gavinthink.blogspot.com/2011/06/why-arent-bitcoin-wallets-encrypted.html Title: Re: Idea to step up wallet security. Post by: kjj on August 05, 2011, 02:30:18 PM Read this thread (https://bitcointalk.org/index.php?topic=19080.0;all).
Title: Re: Idea to step up wallet security. Post by: drgr33n on August 05, 2011, 03:01:53 PM Wallet encryption is available in linuxcoin 0.2b-final. There's the encrypt wallet option included with the bitcoin software and also a secure client option that sets up encrypted space and symlinks the wallet back to the client. grsecurity randomizes memory and stops unauthorized applications running. I've really gone to town on security on the latest version to try and bring some of the trust back into bitcoin. LinuxCoin 0.2b-final (http://www.linuxcoin.co.uk) I think is one of the securest ways to keep your wallet safe along with bitbills. (http://bitbills.com/). Not only that you don't have to trust a third party with your coins ;)
I've also tried to make it as easy as possible to setup linuxcoin onto flashed based media. Yesterday i released a patched version of unetbootin to compliment linuxcoin and now it can download the ISO, install to a USB thumb drive and setup persistence so changes are saved. All with a few clicks !! I've also tried to make everything to do with trading and storing bitcoins GUI friendly. If you only want to use your install for a secure wallet you shouldn't even need to open a console once ;) Title: Re: Idea to step up wallet security. Post by: CD-RW on August 05, 2011, 04:50:50 PM At some point the code/key needs to be loaded into the memory, so the virus/worm will just lurk until it's decrypted. Or it will work with some sort of keylogger.
I don't think these kind of security measures need to be tough about. This is all end-user work. |