Bitcoin Forum
June 25, 2024, 02:59:55 PM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: [1]
1  Bitcoin / Development & Technical Discussion / Re: ECDSA 2 of 2 signing on: March 30, 2014, 02:27:53 PM
Quote from: Mike Hearn on March 30, 2014, 12:13:16 PM
I'm implementing HD wallets in bitcoinj at the moment (on a branch). A threshold HD wallet would be a very nice primitive indeed.

Cool. To clarify, our construction is threshold deterministic (Section 3.3), but not hierarchical. Maybe threshold HD is possible, but when we thought about it the math got complex and we didn't see a way to make it work in the time we had.
2  Bitcoin / Development & Technical Discussion / Re: ECDSA 2 of 2 signing on: March 30, 2014, 02:09:26 AM
I'm part of a research group at Princeton who've been independently working on just this problem.  https://freedom-to-tinker.com/blog/stevenag/new-research-better-wallet-security-for-bitcoin/

We released our research yesterday, and Mike Hearn pointed us to this thread. Great to see that others have been thinking along these lines as well!

We implemented the technique in the Egypt paper as a bitcoinj fork. We're plan to release our code soon.

In addition, we show how to make a threshold deterministic wallet, which is a major improvement in practicality.

The two major use cases we've been thinking about are a business splitting control of a wallet between employees, and two-factor security for personal wallets (as an alternative to Gavin's proposal of a multi-signature two-factor wallet.)

BTW, it's actually straightforward to avoid having a separate "dealer" even with the full-fledged threshold signature protocol.
Pages: [1]
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!