Sharing single wallet by using secret account names

[GCInc.]

Is it possible to use single bitcoind to securely allow remote access to multiple people's wallets? From initial look this could be done through a proxy site and cryptographically sufficient account names. Or can the account name be found by a third party easily?

If that is feasible, what is the magnitude of accounts a single <5yrs old dedicated server can handle seamlessly? Hundreds, thousands, or hundreds of thousands of accounts?

ADDENDUM: Talking mostly about single address per account.

[1714068728]

1714068728

[1714068728]

1714068728

[1714068728]

1714068728

[Akka]

I think you should look into Armory.

https://bitcoinarmory.com/

[GCInc.]

I think you should look into Armory.

I thought Armoury is a client? We need RPC accessible bitcoin daemon.

[Akka]

I think you should look into Armory.

I thought Armoury is a client? We need RPC accessible bitcoin daemon.

Well, never mind then.

But this should of course be possible. I imagine most online Wallets need a function similar to this.

I also don't imagine Blockchain runs one Bitcoind per Online Wallet  .

[DannyHamilton]

You need to create an interface between your clients and the bitcoind.  It will be insuficient to allow multiple users to directly access the same bitcoind.  Accounts do not secure funds.  They are just labels associated with transactions. bitcoind is happy to allow an "account" to become negative by sending out bitcoins that were received at a different "account".

[GCInc.]

bitcoind is happy to allow an "account" to become negative by sending out bitcoins that were received at a different "account".

Then, what does this mean at https://en.bitcoin.it/wiki/Accounts_explained:

using 'sendfrom' to send from the default account with a zero balance
will fail with message "Account has insufficient funds".

The web interface is what I am talking about. Having bitcoind handle accounts would make things simpler (by using the secret account name as the access key).

[jordan.dev]

I ran into this issue building a multi-user broker/dealer web-ui.

The bitcoind software is unfortunately pretty "bear-bones" when it comes to account/user-fund aggregation.

Your on the right track though (IMO): 1...1 Account/Address like you mentioned. Or 1...n Account/Address as specified by the client.

That being said, for security purposes, the issue becomes: "Well if someone is into my bidcoind client via an interface / system hack they can drain all the clients accounts / addresses right?"

I know security wasn't the top of your question - but since someone mentioned Armory, unfortunately, with bitcoind- as I'm aware of it, you have to build your own set of routines and procedures for managing the actual coins, well still "accepting" them on an address by address basis, and storing the "assigned" value elsewhere, since your not using a "cold-storage" one-way client like Armory.

Does that make sense?

[GCInc.]

Your on the right track though (IMO): 1...1 Account/Address like you mentioned. Or 1...n Account/Address as specified by the client.

Ok great, so I take it my supposition is correct and the account names can not be found (without actual security breach) from any public or private record other than what me and my bitcoind have given out?

you have to build your own set of routines and procedures for managing the actual coins, well still "accepting" them on an address by address basis, and storing the "assigned" value elsewhere, since your not using a "cold-storage" one-way client like Armory.

That's what I call proper conclusions! Yes, management of any larger amount of coins forth and back a cold storage would be required, thus requiring more extensive accounting configurations on our software instead of just the bitcoind. (don't tell anyone, I was going to omit that initially ). Not sure then if the bitcoin accounts offer much benefit in that case after the day is over.

[jordan.dev]

Ok great, so I take it my supposition is correct and the account names can not be found (without actual security breach) from any public or private record other than what me and my bitcoind have given out?

I'd think about it this way:

You have rooms in a hotel. Make sure the key-card works for the user's room, and that room only during their stay. The key-cards are interchangeable and easy to duplicate, but relatively secure as they're assigned to a specific room.

Could someone in theory "discover" their neighbors key-card code and use it to access their room? Probably yes. Though it would take a brute force guess or some other form of error (ie. they steal that persons code, and duplicate it while it's active: this would be analogous to someone breaking your web-app or interface or whatever and stealing the associated account information).

That's where the house safe comes in, last resort - the valuables (coins) are sealed in cold storage, and all they get is account numbers / public-addresses / balances (synchronized with the bitcoind client that links you into the bitcoin network) but once inside that info is worthless for much more than information sake without the private keys which are stored offline -

I think there is certainly a market for this type of product when someone builds it (I know proprietary shops have built it and maintained it...but they're not giving it away...)