Bitcoin Forum
May 27, 2024, 05:17:58 PM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
   Home   Help Search Login Register More  
Bitcoin Forum > Other > Beginners & Help > StrongCoin Security
Pages: [1]
« previous topic next topic »
  Print  
Author Topic: StrongCoin Security  (Read 758 times)
cuboidal (OP)
Newbie
*
Offline Offline

Activity: 10
Merit: 0


View Profile
December 11, 2011, 07:27:23 PM
 #1
I am very intrigued by StrongCoin.  Not having to keep the blockchain on my computer is very enticing, and StrongCoin looks like the only service that'll also tell you your private keys.  So, if it disappears tomorrow, I could still spend my BTC.

The one thing I'm still not quite sure on is: how does StrongCoin spend your BTC without your un-encrypted private key?  Are browsers actually capable of broadcasting transactions to the bitcoin network without any server involvement?
bitcoinbear
Hero Member
*****
Offline Offline

Activity: 518
Merit: 500


View Profile
December 11, 2011, 07:41:46 PM
 #2
If I understand correctly, the browser does the unencryption and then provides the data which the StrongCoin server sends to the network.
CryptoNote needs you! Join the elite merged mining forces right now here in Fantomcoin topic: https://bitcointalk.org/index.php?topic=598823.0
dvide
Newbie
*
Offline Offline

Activity: 59
Merit: 0



View Profile
December 11, 2011, 07:49:01 PM
 #3
Quote from: cuboidal on December 11, 2011, 07:27:23 PM
The one thing I'm still not quite sure on is: how does StrongCoin spend your BTC without your un-encrypted private key?  Are browsers actually capable of broadcasting transactions to the bitcoin network without any server involvement?
The transaction is signed with the private keys on the client side, using javascript in the user's web browser. The signed transaction message is then submitted to StrongCoin who will broadcast it to the Bitcoin network for you. It's important to realize that they can't derive the private key from this digitally signed message; they can only validate the signature against the message using the public keys. And a digitally signed message cannot be altered without invalidating the signature in the process, so StrongCoin can't just change the output addresses to their own, or do anything nefarious like that. If they attempted to do something like that, and then submitted it to the Bitcoin network, honest nodes will refuse to propagate it to others and honest miners will reject it because the signature won't be valid any more.

Hope that helps.
cuboidal (OP)
Newbie
*
Offline Offline

Activity: 10
Merit: 0


View Profile
December 12, 2011, 06:53:16 AM
 #4
Ah, I didn't think it through.  Of course the broadcast can't contain the private key; otherwise, everyone could still the rest of the amount in your wallet after the first transaction.  Thanks.  I made a strong coin account and imported the wallet into my local client.  This way, I have convenience when I'm at my computer (not to mention I don't have to pay the 1% fee), but I can still access my funds anywhere.  Still don't like downloading the blockchain, though (I pay ~4 USD per GB for internet access).  Maybe a thin client with import/export capabilities will come along soon...
Pages: [1]
  Print  
Bitcoin Forum > Other > Beginners & Help > StrongCoin Security
 « previous topic next topic »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!