Bitcoin Forum

Bitcoin => Project Development => Topic started by: jseims on January 09, 2014, 12:50:25 AM



Title: Service to enhance Bitcoin security through multisig P2SH and spending policies
Post by: jseims on January 09, 2014, 12:50:25 AM
My friend and I recently launched a service

https://api.trustedcoin.com/#/ (https://api.trustedcoin.com/#/)

and we're looking for feedback on how it could be made more useful.

Quick example of how it works, if you call:

Code:
curl --header 'Content-Type: application/json' --data-binary 
        '{"primary_key": "0345fb7c9a8eb70e9c83d5695cf6d93c5453ed83456badf166ebb77bf8b923e74f",
          "policy": {
                       "type": "latency", "delay_in_seconds": 86400, "contacts": [
                                 {"email" : "joe.random@example.com"},
                                 {"sms" : "+14923922934"}]}}' https://api.trustedcoin.com/1/cosigner

We will give you a multisignature P2SH address with the following properties:

  • You have one of the private keys, we have another, so any theft would have to compromise both our servers to succeed.
  • When you ask us to sign a transaction from this address, we will alert "joe.random@example.com" as well as "+14923922934" and allow 24 hours to cancel the transaction.

Our goal is to make it easier to build secure Bitcoin applications by allowing people to express policy logic around how their bitcoins can be spent.

Please let us know your thoughts!

Thanks,

Josh


Title: Re: Service to enhance Bitcoin security through multisig P2SH and spending policies
Post by: fbueller on January 22, 2014, 02:16:06 PM
I like the idea of this. You're going to run into trouble because many of the clients don't support signing transactions like this. BitcoinD/QT works, but I've been unsuccessful getting electrum to work without all keys in the wallet..

I think someone needs to code a simple client (and definitely a phone app) that accepts a raw transaction, the 3 public keys, and a private key to sign with.


Title: Re: Service to enhance Bitcoin security through multisig P2SH and spending policies
Post by: jaime on June 16, 2014, 11:32:57 AM
I think someone needs to code a simple client (and definitely a phone app) that accepts a raw transaction, the 3 public keys, and a private key to sign with.

Do you know if there's something like this already?


Title: Re: Service to enhance Bitcoin security through multisig P2SH and spending policies
Post by: fbueller on June 16, 2014, 11:04:36 PM
Actually yes, some scripts of mine will do it, though yoy may need to modify it into what you want. I'll write something to prompt for everything; I think the prompt_multisig one has the raw tx/json hard coded and prompts for keys and redeemscript.. https://github.com/Bit-Wasp/bitcoin-lib-php/tree/master/examples

There is one to sign txs given an electrum seed!