BitShares Forum
Other => Random Discussion => Topic started by: robrigo on May 19, 2015, 02:00:33 pm
-
Great read on CIN (Corruptor-injector networks) attacks. How can we mitigate these types of compromise on our hot wallet machines? If a cryptocurrency does threaten the status quo, we can assume damn well that they will be using these types of attacks to erode the trust in the system (maybe by keylogging and stealing funds for example).
cryptostorm.org/balrog
-
Crypto gives all the power to the clients... as more users store funds on their own machines, the incentive to attack clients increases significantly.
Hardware wallets (or some form of air-gap?) will be crucial in the long run. But can we trust hardware? :)
-
The focus should be: Decentralize security..
Spatial decentralization
For instance, 2 out of 3 signatures required to unlock funds, e.g.
Signature #1 Your home PC
Signature #2 Your Laptop
Signature #3 Your Family/Friend
Temporal decentralization
For instance, transaction must be signed 3 times temporally apart, e.g.
First signing, at time zero
Second signing, at 48h>24h after time zero
Third signing, at 72h>48h after time zero
Then you can freeze your own transactions by double signing.
Mixing
For instance, to move >X amount within a week, 2/3 signers are required to sign each day for three days.
Since signatures are public information, we can hook this up to email notifying users when movements occur.
-
Good point.. do we have multisig for bitshares?
-
Good point.. do we have multisig for bitshares?
yes bitshares does already .. but before implementing anything yet you should better wait for the next release ..