Bitcoin Forum
November 18, 2024, 01:54:58 PM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: « 1 [2]  All
  Print  
Author Topic: Feedback on P2SH web wallets  (Read 3818 times)
mbelshe (OP)
Newbie
*
Offline Offline

Activity: 36
Merit: 0



View Profile WWW
November 08, 2013, 03:32:50 PM
 #21

Fair points.  Note that all wallets have this exact problem too :-)

Which is another way to say that p2sh web wallets have the same problem as anything else Smiley (barring offline ones).

Wait - that is definitely not true. :-)

Granted, you did identify that for one type attack, P2SH doesn't fully protect you.   But you're leaving off the far more common cases where P2SH doesn't have the same problems as standard addresses:

For active attacks, like you described, you're right, P2SH has the same vulnerability as standard addresses.  But as I mentioned, the second machine in the 2-signature process can audit, enforce spending limits, introduce delays, do additional confirmations, etc.  Although this is not a panacea, its something you can't do with standard addresses.

For idle attacks, which is what we mostly read about these days, P2SH is much stronger than standard addresses.  With standard addresses, hacking a single key system and stealing a single key gives you full access to the entire address, and you can steal the money at any time.  With a multi-signature address, you get nothing from doing this.

Mike
Pages: « 1 [2]  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!