Bitcoin Forum
December 09, 2016, 06:19:27 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: A (new?) security concept for bitcoin  (Read 695 times)
tschaboo
Jr. Member
*
Offline Offline

Activity: 42


View Profile
June 27, 2011, 02:10:31 AM
 #1

Hello all,

I guess I'm not the first one outlining the following ideas. But I couldn't find exactly what I mean, so feel free to link me to existing threads or tell me why this was not implemented.

In all those "help me, a trojan/hacker stole my coins"-threads people suggest storing the savings wallet on an offline computer and connect it "just" if they need to send coins. It should be very easy to avoid going online for sending coins: just create the transaction on the offline computer, export the transaction to a file, import it on your online computer and send it out.

Most of the code for im- and export already exists [1], there just needs to be a user-friendly way of doing it.

I suggest adding the following features to bitcoin to enable a safe offline workflow:
a.) A function to export bitcoin addresses to a file and a function to import those addresses as "sending" addresses. (Optional - for convenience and to avoid typos)
b.) A function to export and import the keychain. (Optional, you can also copy the files manually for now).
c.) An option to create a transaction and save it to a file. (Necessary)
d.) A config file option like "offline=1". If set, the client would not try to connect to peers; creating a transaction would automatically open a "safe file" dialog, etc.

The suggested workflow:
i.) Setup a computer which will never be online with a fully encrypted operating system.
ii.) Create a new wallet.
iii.) Name a few addresses and export them to a file.
iv.) Import the addresses to the address book of the online computer.
v.) Send coins to these addresses whenever you like.
vi.) if you want to check your balance on the offline computer copy the blockchain to it.
vii.) if you need to send coins from the offline computer, create a transaction, save it to file and copy.

So, your private keys will never ever have to touch a computer which is online. IMHO this would be a big win for security. Of course you will have encrypted backups of your wallet.dat on USB sticks or CDRs or even printed out. If [2] ever gets implemented you have an almost perfectly secure and convenient system that let's you sleep well. The only attack vector I can think of is if someone breaks into your home while your offline computer is running. Or if you use an infected USB-stick to copy data and have autorun enabled (which Windows 7 doesn't do anymore by default, i think). There are countermeasures against all these attacks that can be collected on the wiki...

Please comment!

(I hope this will be implemented before I have accumulated 10 bitcoins  Wink )


[1] https://github.com/bitcoin/bitcoin/pull/220
[2] https://github.com/bitcoin/bitcoin/issues/286

1AZNkFqcm2AK6wrMauNoVT4ZJGrYMrv2Yo
1481264367
Hero Member
*
Offline Offline

Posts: 1481264367

View Profile Personal Message (Offline)

Ignore
1481264367
Reply with quote  #2

1481264367
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
kjj
Legendary
*
Offline Offline

Activity: 1302



View Profile
June 27, 2011, 04:21:39 AM
 #2

Read this thread.

p2pcoin: a USB/CD/PXE p2pool miner - 1N8ZXx2cuMzqBYSK72X4DAy1UdDbZQNPLf - todo
I routinely ignore posters with paid advertising in their sigs.  You should too.
tschaboo
Jr. Member
*
Offline Offline

Activity: 42


View Profile
June 27, 2011, 09:07:03 AM
 #3


Thank you. I'm now half way through it ...

1AZNkFqcm2AK6wrMauNoVT4ZJGrYMrv2Yo
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!