Author [EN] [ZH] [ES] [PT] [IT] [DE] [FR] [NL] [TR] [SR] [AR] [RU] [EN] [ZH] [ES] [PT] [IT] [DE] [FR] [NL] [TR] [SR] [AR] [RU] [EN] [ZH] [ES] [PT] [IT] [DE] [FR] [NL] [TR] [SR] [AR] [RU] Topic: Violated by the mighty Balrog  (Read 274 times)

Offline robrigo

Violated by the mighty Balrog
« on: May 19, 2015, 02:00:33 PM »

Great read on CIN (Corruptor-injector networks) attacks. How can we mitigate these types of compromise on our hot wallet machines? If a cryptocurrency does threaten the status quo, we can assume damn well that they will be using these types of attacks to erode the trust in the system (maybe by keylogging and stealing funds for example).

Offline roadscape

Re: Violated by the mighty Balrog
« Reply #1 on: May 19, 2015, 03:18:09 PM »
Crypto gives all the power to the clients... as more users store funds on their own machines, the incentive to attack clients increases significantly.

Hardware wallets (or some form of air-gap?) will be crucial in the long run. But can we trust hardware? :)  |  witness: roadscape

Offline CLains

  • Hero Member
  • *****
  • Posts: 2572
    • View Profile
  • BTS: clains
Re: Violated by the mighty Balrog
« Reply #2 on: May 19, 2015, 04:32:02 PM »
The focus should be: Decentralize security..

Spatial decentralization

For instance, 2 out of 3 signatures required to unlock funds, e.g.

Signature #1 Your home PC
Signature #2 Your Laptop
Signature #3 Your Family/Friend

Temporal decentralization

For instance, transaction must be signed 3 times temporally apart, e.g.

First signing, at time zero
Second signing, at 48h>24h after time zero
Third signing, at 72h>48h after time zero

Then you can freeze your own transactions by double signing.


For instance, to move >X amount within a week, 2/3 signers are required to sign each day for three days.

Since signatures are public information, we can hook this up to email notifying users when movements occur.

Offline xeroc

  • Board Moderator
  • Hero Member
  • *****
  • Posts: 11865
    • View Profile
    • BitShares.Europe
  • BTS: xeroc
  • GitHub: xeroc
Re: Violated by the mighty Balrog
« Reply #4 on: May 20, 2015, 06:12:28 AM »
Good point.. do we have multisig for bitshares?
yes bitshares does already .. but before implementing anything yet you should better wait for the next release ..
Give BitShares a try! Use the provided by