Bitcoin Forum
December 06, 2016, 04:12:42 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Bitcoin transaction authorization and price stability...  (Read 928 times)
Sargasm
Member
**
Offline Offline

Activity: 112


View Profile
October 17, 2011, 04:07:13 AM
 #1

Been posting this around a bit.  I feel that transaction authority is a MAJOR flaw in BTC for its stability in the long run.  Basically, if heists keep happening and virii can rob you of all you possess, the currency lacks the level of faith that will attract a really schrewd following.  So... I suggest two factor transaction authorization.

Basically as a part of wallet generation, a client side key is generated with a corresponding encrypted hash assigned to the address.  So, wallet data wouldn't be enough to transact anything.  I know wallet encryption provides a level of security as does truecrypt, but having a keychain would liken the transaction process to safety deposit box rather than a wall safe at home.

The level of sophistication would bring thefts to almost nil and make keeping a wallet file somewhere a way less risky operation.

It could lead to the development of more credit card like interfacing because your wallet data would be fine stored by an intermediary and one would need then only a keychain to validate a transaction.  (hypothetically someone could make an RF keychain card with a fingerprint scanner so you could take your btc with you while you shop.

OR transactions could be partially transacted pending keychain verification allowing users to review their transactions and authorize only valid ones.

I believe this would go a long way to improve confidence in the currency which is vital to it becoming widely used.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481040762
Hero Member
*
Offline Offline

Posts: 1481040762

View Profile Personal Message (Offline)

Ignore
1481040762
Reply with quote  #2

1481040762
Report to moderator
1481040762
Hero Member
*
Offline Offline

Posts: 1481040762

View Profile Personal Message (Offline)

Ignore
1481040762
Reply with quote  #2

1481040762
Report to moderator
memvola
Hero Member
*****
Offline Offline

Activity: 896


View Profile
October 17, 2011, 04:32:02 AM
 #2

Basically as a part of wallet generation, a client side key is generated with a corresponding encrypted hash assigned to the address.  So, wallet data wouldn't be enough to transact anything.  I know wallet encryption provides a level of security as does truecrypt, but having a keychain would liken the transaction process to safety deposit box rather than a wall safe at home.

I don't get what you mean by this. Each address has a corresponding private key. Plus, encrypted wallets have an encrypted key. Do you mean each private key should have an extra password? Then again, we could use those extra keys instead of private keys and then we wouldn't need wallet files at all. Wink
Sargasm
Member
**
Offline Offline

Activity: 112


View Profile
October 17, 2011, 04:40:01 AM
 #3

Basically as a part of wallet generation, a client side key is generated with a corresponding encrypted hash assigned to the address.  So, wallet data wouldn't be enough to transact anything.  I know wallet encryption provides a level of security as does truecrypt, but having a keychain would liken the transaction process to safety deposit box rather than a wall safe at home.

I don't get what you mean by this. Each address has a corresponding private key. Plus, encrypted wallets have an encrypted key. Do you mean each private key should have an extra password? Then again, we could use those extra keys instead of private keys and then we wouldn't need wallet files at all. Wink


Basically create an encrypted hash/ keychain pair separate from the wallet/BTC balance.  The private key and wallet would still exist, but transactions would not be validated until you processed your key against whatever encryption algorithm thereby proving the owner of the wallet made the transaction.  You'd still want some protection of your wallet, but it would be fine if it were for instance held at a transaction intermediary (a BTC bank of sorts) then you could transact funds and you would use your key to validate the transaction.

That way any banks or holding houses wouldn't be holding the chance of losing everything, because in the worse scenario after being hacked, you'd just create a new wallet, transfer funds using your key and be right as rain.
Revalin
Hero Member
*****
Offline Offline

Activity: 728


165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g


View Profile
October 17, 2011, 06:04:19 AM
 #4

Basically this is what 0.4 does with wallet encryption - your public keys are always available, but to spend any coins you have to supply the password to retrieve your secret keys.

Your method would make it easier to take the secret keys offline and keep them on a USB drive.  But what additional security are you providing compared to putting the entire encrypted wallet on a USB drive and only use it (and decrypt it) when you want to spend?

      War is God's way of teaching Americans geography.  --Ambrose Bierce
Bitcoin is the Devil's way of teaching geeks economics.  --Revalin 165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g
memvola
Hero Member
*****
Offline Offline

Activity: 896


View Profile
October 17, 2011, 06:50:50 AM
 #5

The private key and wallet would still exist, but transactions would not be validated until you processed your key against whatever encryption algorithm thereby proving the owner of the wallet made the transaction.

As I said, addresses are already keypairs. If you need to supply a key to actualize a transaction, the private key corresponding to an address is that key. Multiple such keys don't increase security (although it could add new functionality, like escrow transactions). Either I still don't get what you mean, or you need to check this: https://en.bitcoin.it/wiki/Address (i.e. wallets don't have "owner"s).

Think of it this way, each address is itself a wallet in the sense you use. Bitcoin client creates a new address for you to receive the "change" from your transaction. You could modify the client to not create new addresses and use only one. Then you can keep your "single" private key offline, even in your memory, or a combination of that. But then, you do not have to use a wallet file at all. Wallet file is just a convenient store of your private keys, it doesn't even store your "balance".

That way any banks or holding houses wouldn't be holding the chance of losing everything, because in the worse scenario after being hacked, you'd just create a new wallet, transfer funds using your key and be right as rain.

If you won't transfer all required information to make a transaction on your behalf to the bank, there is no need to use a bank at all. That's actually the beauty of the protocol.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!