This will not profound solution to cryptocurrency theft. As security level goes higher the hackers also upgrade their hacking techniques. The solution is just to be careful and security conscious
Being careful and aware of security concerns doesn't seem to help exchanges much
As they are continually being hacked with coins stolen. So we need something which would stop hackers at the protocol level itself, something which they can't possibly beat (then no improved hacking techniques will be able to help them). I think an option of locking addresses at this level with a whitelist of addresses attached would help a lot in this department. Can anyone ask Bitcoin developers to think about implementing this option?
again. no protocol changes are needed.
the issue is that exchanges use "hotwallets". meaning they store private keys on the very same server as the exchange front-end. thus if a hacker can get to the server he can get to the keys.
easy solution is that exchanges stop using hotwallets
next instead of usernames and passwords. users can register a public key on the exchange. and then to login AND to withdraw they simply sign a message the exchange requests to prove identity.
EG: 'sign a message using 13xamP734ddr355 with the message:
deisiksayzletzmein110219
user signs the message using their key and pastes it to the server
this public signature sits on a database on the server front end. and separately a remote server just sniffs the database and sees the withdraw request and see's that the signature matches the users registered public key and then its the remote(secret) system that then processes actual withdrawals. thus no passwords, no private keys are ever saved on the exchange server
that way a hacker cant just grab a private key, because there are none. and cannot log in, because they dont have access to sign a message to prove ID.
i find it absolutely astonishing that in a bitcoin world people are not using the benefits of signatures as proof of ID
