Title: FutureBitcoin security projects Post by: Satnamakoto on November 25, 2021, 10:58:27 PM Greetings ... before begin I want to congratulate the great contributors of this wonderful technology. bitcoin is in one of the best moments, Title: Re: FutureBitcoin security projects Post by: pooya87 on November 26, 2021, 04:04:12 AM You would also need new OP codes and changes to bitcoin scripts so that they can fetch and verify output amounts and their total.
The idea also won't work because the attacker can simply send multiple 0.99999999BTC transactions out of that address even if you limit each transaction's total output value to 1BTC. Keep in mind that bitcoin blockchain is a not balance based database, it is an output based one. The change can also be sent to a different address (eg. P2WPKH) then spent all at once. You can't create any kind of limitation based on sum of multiple transactions because that would prevent regular use where user may need to make multiple payments themselves like the exchange's hot wallet handling thousands of 0.1BTC withdrawals. Title: Re: FutureBitcoin security projects Post by: larry_vw_1955 on November 26, 2021, 09:35:05 AM I have devised a possible security method that could keep hackers out making it even more difficult for them to steal our bitcoins. you better be careful saying things like that. plenty of people here will tell you that bitcoin is already secure enough. that you could walk around the earth for a billion years and never see the same bitcoin address's private key ever. ;D i think ultimately your idea is not going to gain any interest/traction simply due to the fact that people will just tell you to use a multisignature wallet setup. or better yet, see what you can do with taproot. Title: Re: FutureBitcoin security projects Post by: Satnamakoto on November 26, 2021, 03:20:15 PM You would also need new OP codes and changes to bitcoin scripts so that they can fetch and verify output amounts and their total. The idea also won't work because the attacker can simply send multiple 0.99999999BTC transactions out of that address even if you limit each transaction's total output value to 1BTC. Keep in mind that bitcoin blockchain is a not balance based database, it is an output based one. The change can also be sent to a different address (eg. P2WPKH) then spent all at once. You can't create any kind of limitation based on sum of multiple transactions because that would prevent regular use where user may need to make multiple payments themselves like the exchange's hot wallet handling thousands of 0.1BTC withdrawals. Thanks for answering, if the hacker wants to send more than 0.99BTC he would need the master private key regardless of the type of btc address he wants to send, exchanges should only reprogram his code so that the master private key acts when it is necessary, this is not a problem, the idea is to use the master private key to a lesser extent. Aside from technical problem which already mentioned by @pooya87, who's the target of this security method? I expect that, 1. Regular users don't bother with such complex setup. 2. People with serious security concern already setup their airgapped/cold wallet and don't bother switch to new protocol. 3. Exchange won't find it's useful since they regularly move big amount of Bitcoin (which means they always need "master privatekey" & "master passphrase"). regular users will have the same benefits, the limit of the amount could be reduced in the aforementioned "owner's btc book" at the time of announcing that the "subwallet address" belongs to that "master privatekey". that is, if a user owns 2 BTC, he could establish that the master private key is used if the amount to be sent is equal to or greater than "0.2 btc", therefore his risk of loss is reduced to the established limit, while his master privatekey It will remain hosted, on paper, encrypted or in a hardware wallet. Exchanges could increase this limit in the "owner's btc book" for example to "100 btc", if the requests for signatures with the master key is reduced, then the risk of hacking will be reduced. Security protocols must be constantly updated. If we have learned anything from technology, it is that sooner or later they become obsolete. BitGrail, KuCoin, MtGox, Coincheck to mention a few, they relied too much on their security protocols, when talking about money the saying "if it ain't broke, don't fix it" is not valid. I have devised a possible security method that could keep hackers out making it even more difficult for them to steal our bitcoins. you better be careful saying things like that. plenty of people here will tell you that bitcoin is already secure enough. that you could walk around the earth for a billion years and never see the same bitcoin address's private key ever. ;D i think ultimately your idea is not going to gain any interest/traction simply due to the fact that people will just tell you to use a multisignature wallet setup. or better yet, see what you can do with taproot. A difference from multiple signatures is that with this project you will be able to Hold without storing your "subwallet privatekey" nowhere, it will only store your "master private key" and even if it is violated, your funds will be safe because your "master passphrase" will be required to generate your" subwallet privatekey " Title: Re: FutureBitcoin security projects Post by: DaveF on November 27, 2021, 12:56:43 PM Or they could just use an inexpensive hardware wallet and have 2 wallets on their machine. One that is password protected and the other that needs the HW wallet. Or another form of cold storage and only move when needed.
Security protocols must be constantly updated. If we have learned anything from technology, it is that sooner or later they become obsolete. BitGrail, KuCoin, MtGox, Coincheck to mention a few, they relied too much on their security protocols, when talking about money the saying "if it ain't broke, don't fix it" is not valid. Would not have mattered for any of those BitGrail was 99% a inside job MtGox was a disaster from the start with no security at all. Coincheck did not loose BTC they lost an alt. KuCoin lost a bunch of different coins / tokens and while some was BTC it was from a hot wallet that an exchange needs to function. They need to have a large amount always available to be able to function. Needing human intervention with anything means that you don't need some fancy new setup for security or ANY new setup for security. If there had to be a human there to verify the BTC move then it would not have happened since they would have seen the issue. -Dave Title: Re: FutureBitcoin security projects Post by: Satnamakoto on November 27, 2021, 02:32:40 PM Or they could just use an inexpensive hardware wallet and have 2 wallets on their machine. One that is password protected and the other that needs the HW wallet. Or another form of cold storage and only move when needed. Security protocols must be constantly updated. If we have learned anything from technology, it is that sooner or later they become obsolete. BitGrail, KuCoin, MtGox, Coincheck to mention a few, they relied too much on their security protocols, when talking about money the saying "if it ain't broke, don't fix it" is not valid. Would not have mattered for any of those BitGrail was 99% a inside job MtGox was a disaster from the start with no security at all. Coincheck did not loose BTC they lost an alt. KuCoin lost a bunch of different coins / tokens and while some was BTC it was from a hot wallet that an exchange needs to function. They need to have a large amount always available to be able to function. Needing human intervention with anything means that you don't need some fancy new setup for security or ANY new setup for security. If there had to be a human there to verify the BTC move then it would not have happened since they would have seen the issue. -Dave the fact of their losses is the result of non-existent or obsolete security measures, that is the strong point of this project, limiting the risk of loss, currently anyone with access to a private key can empty the wallet completely, the same with multi-signatures always 2-3, 3-5 should be used. With this project, even if a subwallet has 10000BTC is hacked, your risk of losing will be the amount stipulated by you and not the total of the funds. Aside from technical problem which already mentioned by @pooya87, who's the target of this security method? I expect that, regular users will have the same benefits, the limit of the amount could be reduced in the aforementioned "owner's btc book" at the time of announcing that the "subwallet address" belongs to that "master privatekey". that is, if a user owns 2 BTC, he could establish that the master private key is used if the amount to be sent is equal to or greater than "0.2 btc", therefore his risk of loss is reduced to the established limit, while his master privatekey It will remain hosted, on paper, encrypted or in a hardware wallet.1. Regular users don't bother with such complex setup. 2. People with serious security concern already setup their airgapped/cold wallet and don't bother switch to new protocol. 3. Exchange won't find it's useful since they regularly move big amount of Bitcoin (which means they always need "master privatekey" & "master passphrase"). You missed my point, i'm not talking about benefit for regular user, but complexity which faced by regular user. For example, 1. Do they bother setup offline environment to create "master address"/"master privatekey"? 2. Can they remember "master passphrase", password to encrypt wallet file and different between "master"/"subwallet"? Exchanges could increase this limit in the "owner's btc book" for example to "100 btc", if the requests for signatures with the master key is reduced, then the risk of hacking will be reduced. That makes sense if it's possible to setup the limit without using "master privatekey". You missed my point, i'm not talking about benefit for regular user, but complexity which faced by regular user. For example, 1. Do they bother setup offline environment to create "master address"/"master privatekey"? was a bad formulation of what I wanted to say, the concept was edited, thanks to your comment. 2. Can they remember "master passphrase", password to encrypt wallet file and different between "master"/"subwallet"? "Master privatekey" will only be used to sign when required, create a subwallet, certify its ownership in the "owner's btc book" and set the output limit of the "subwallet address" (without requiring the signature of the "Master privatekey"). "subwallet address": the carrier of the funds. "master passphrase" is a unique personal key depending on the user where you want to store it, it will only be used if you lose or destroy your "subwallet privatekey". Destroying the "subwallet privatekey" is recommended for "HODL" (you can always recover in the future with the use of "Master privatekey" + "master passphrase", when you want to spend your funds). Destroying the "subwallet privatekey" is not recommended if you make recurring payments because it will increase the use of your "Master privatekey" and "master passphrase" to generate the "subwallet privatekey". Exchanges could increase this limit in the "owner's btc book" for example to "100 btc", if the requests for signatures with the master key is reduced, then the risk of hacking will be reduced. makes sense if it's possible to setup the limit without using "master privatekey".It is not possible, if this were allowed, to modify the limit of a "subwallet address" without the signature of the "master privatekey" your funds would be at risk in their entirety. Title: Re: FutureBitcoin security projects Post by: DaveF on November 27, 2021, 08:40:49 PM the fact of their losses is the result of non-existent or obsolete security measures, that is the strong point of this project, limiting the risk of loss, currently anyone with access to a private key can empty the wallet completely, the same with multi-signatures always 2-3, 3-5 should be used. With this project, even if a subwallet has 10000BTC is hacked, your risk of losing will be the amount stipulated by you and not the total of the funds. An exchange needs a hot wallet that can send enough to keep them running without human intervention. No 2nd password or anything like that. Just Dave requested funds, here they are. They should always keep most of their funds in a cold wallet that is multi-sig and / or hardware based to fill up the hot wallet. Either one needs human intervention. You are just doing it a different way. -Dave Title: Re: FutureBitcoin security projects Post by: Satnamakoto on November 28, 2021, 12:33:10 AM the fact of their losses is the result of non-existent or obsolete security measures, that is the strong point of this project, limiting the risk of loss, currently anyone with access to a private key can empty the wallet completely, the same with multi-signatures always 2-3, 3-5 should be used. With this project, even if a subwallet has 10000BTC is hacked, your risk of losing will be the amount stipulated by you and not the total of the funds. An exchange needs a hot wallet that can send enough to keep them running without human intervention. No 2nd password or anything like that. Just Dave requested funds, here they are. They should always keep most of their funds in a cold wallet that is multi-sig and / or hardware based to fill up the hot wallet. Either one needs human intervention. You are just doing it a different way. -Dave Why do you assume that this proposal cannot be automated without human intervention? Title: Re: FutureBitcoin security projects Post by: DaveF on November 28, 2021, 01:04:27 AM the fact of their losses is the result of non-existent or obsolete security measures, that is the strong point of this project, limiting the risk of loss, currently anyone with access to a private key can empty the wallet completely, the same with multi-signatures always 2-3, 3-5 should be used. With this project, even if a subwallet has 10000BTC is hacked, your risk of losing will be the amount stipulated by you and not the total of the funds. An exchange needs a hot wallet that can send enough to keep them running without human intervention. No 2nd password or anything like that. Just Dave requested funds, here they are. They should always keep most of their funds in a cold wallet that is multi-sig and / or hardware based to fill up the hot wallet. Either one needs human intervention. You are just doing it a different way. -Dave Why do you assume that this proposal cannot be automated without human intervention? Because if there is any automation of opening the wallet with the possibility of moving all the funds then it's vulnerable. That is the entire point of cold storage / hardware wallets. Someone has to physically do something. It's not 100% online and vulnerable. Even if it's click a button, you would like to assume the person moving the funds would at least check what is happening. If you can do it without that, then what's the point. -Dave Title: Re: FutureBitcoin security projects Post by: larry_vw_1955 on November 28, 2021, 03:00:19 AM How does it work: 1. Creating "subwallet address": The new btc addresses would be created from the "master address" with the following theoretical formula "master private key" + "master passphrase" (this is your unique key) = "new btc address" which for reference we will call "subwallets address" . why does there have to be a deterministic relationship between the master private key and what you later refer to as the subwallet private key? Quote 2. A transaction signed by the "master privatekey" + "subwallet privatekey" will be sent to the blockchain announcing that the created bitcoin address "subwallet address" is your property, this operation cannot be replaced and will be permanently saved in it. that we will call "owner's btc book" what's the incentive for people running full nodes to want to store the "owner's btc book"? it's not making them any money but it will be costing them storage space and overhead. plus, there's no limit to the size it could grow and it never gets smaller. Quote -for transactions greater than "1 btc" it is necessary to sign with the "master privatekey" + "subwallet privatekey", this will be compared with the owner's btc book. -for transactions smaller than "1 btc" that we will call "subtransaction", only the signature of the "privatekey subwallet" is necessary (as it currently works). Another problem with this idea is the arbitrary choice of "1btc". What's 1 btc worth? The blockchain doesn't know. It could be worth alot but it might not be worth much. That depends on its relationship to the US Dollar for example, something the blockchain doesn't know anything about. As if that issue weren't enough, there's the other issue that even if you have some way of adjusting "1btc", the value of "1btc" might have different meaning to different bitcoin users. So while 0.1 btc might be alot for me, it might mean very little to someone else. Your one size fits all valuation doesn't make much sense in that regard and is not useful as a security procedure for that reason also. Title: Re: FutureBitcoin security projects Post by: NotATether on December 09, 2021, 09:27:50 AM Aside from technical problem which already mentioned by @pooya87, who's the target of this security method? I expect that, Don't forget to add: Most people will unfortunately continue to put greed over logic and get scammed by sites and videos they see. There's no technological solution to that.1. Regular users don't bother with such complex setup. 2. People with serious security concern already setup their airgapped/cold wallet and don't bother switch to new protocol. 3. Exchange won't find it's useful since they regularly move big amount of Bitcoin (which means they always need "master privatekey" & "master passphrase"). |