Bitcoin Forum

A huge security problem with Bitcoin wallets is they don't protect your funds if keylogging malware exists on your computer.

I recently launched a "cosigning as a service" company, TrustedCoin, to mitigate this threat.  The way it works is:

• User creates 2 different keys (on 2 different devices, if you want to be extra careful).
• TrustedCoin creates a 2-of-3 multisig P2SH address, where the user owns 2 of the 3 keys.
• When anyone tries to spend coins from this address, TrustedCoin will email and SMS the user with details of the transaction, and give the user time (say, 24 hours) to cancel before signing and broadcasting it.

So if your computer gets infected with malware, the worst it can do is spam you with spending attempts.  If this should happen -- or if TrustedCoin were to disappear -- the user can combine both keys and instantly transfer funds to a new address.

Is there anyone interested in integrating our cosiging APIs into MultiBit?  We also offer a 70% rev share on all transaction fees (0.0005 BTC per transaction) to the wallet developer.

API Documentation: https://api.trustedcoin.com/#/docs (https://api.trustedcoin.com/#/docs)

Reference web wallet implementation: https://api.trustedcoin.com/wallet (https://api.trustedcoin.com/wallet)

Reddit commentary of this product: http://www.reddit.com/r/Bitcoin/comments/1zhief/id_like_to_present_a_bitcoin_wallet_thats_safe_to/ (http://www.reddit.com/r/Bitcoin/comments/1zhief/id_like_to_present_a_bitcoin_wallet_thats_safe_to/)

Thanks,

Josh

That's great. The best place to integrate this would be bitcoinj, IMHO, then wallet authors just need to wire it up to their GUIs.

I think co-signing services as you describe will be very useful.

There are other teams working on similar proposals so a unifying standard would be the way to go.