Author Topic: Is Anyone Still Holding Bitcoin?  (Read 18144 times)

0 Members and 1 Guest are viewing this topic.

Offline xeroc

  • Board Moderator
  • Hero Member
  • *****
  • Posts: 12922
  • ChainSquad GmbH
    • View Profile
    • ChainSquad GmbH
  • BitShares: xeroc
  • GitHub: xeroc
A hardware wallet is going to be... tricky. If you want to use the convenience of account names rather than opaque public keys, I think you would need the hardware wallet to validate the entire blockchain (or at least block headers the same way a lightweight client would).
True .. haven't thought about that... TITAN somehow makes it very difficult to generate sub-addresses from the account key .. for TITAN addresses you need the hardware device to publish and search for all available/derived addresses.. hmm ..
That's some kind of drawback that comes with the anonymity of TITAN ..

Offline testz

Google Authenticator is a 2FA option but if you lose your phone you'll never be able to log in again so it's not a very practical solution.

Using 2FA without backup 2FA security key it's a bad idea, I use WinAuth for this, and can always restore 2FA on new phone, or pass 2FA using code from WinAuth.

can you expand please?

When you enable 2FA, authentication service gives you QR code of private key, this key you can scan by phone and use it, but better to scan this key into WinAuth (https://code.google.com/p/winauth) or another program which can keep them securely and then scan from this program into phone(s).

Offline Method-X

  • Hero Member
  • *****
  • Posts: 1131
  • VIRAL
    • View Profile
    • Learn to code
  • BitShares: methodx
cold storgae is great but defeats the point of yield ofcourse..... then again if i take my dosh and burry in under the ground on an isalnd i wont get yield too.... in any case i think that 2FA is a great idea. Is there a way to put 2FA into the programm (ofcourse for those who want it)/ Id go further an implement an email request after 2FA like on btc-e right now
It's not gonna work with 2FA .. because the system needs to check the token against their "database" which forces the database to be available for the wallet and thus if you computer is hacked you will also loose the database with the 2fac tokens ..

Is there a system similar to 2FA based on blockchain tech? Or at least email notices would be great (again, if an owner wishes)

This is what you're looking for: https://github.com/bitid/bitid

Offline arhag

  • Hero Member
  • *****
  • Posts: 1214
    • View Profile
    • My posts on Steem
  • BitShares: arhag
  • GitHub: arhag
cold storgae is great but defeats the point of yield ofcourse..... then again if i take my dosh and burry in under the ground on an isalnd i wont get yield too.... in any case i think that 2FA is a great idea. Is there a way to put 2FA into the programm (ofcourse for those who want it)/ Id go further an implement an email request after 2FA like on btc-e right now
It's not gonna work with 2FA .. because the system needs to check the token against their "database" which forces the database to be available for the wallet and thus if you computer is hacked you will also loose the database with the 2fac tokens ..

Is there a system similar to 2FA based on blockchain tech? Or at least email notices would be great (again, if an owner wishes)

Sort of, the answer is multisig.

It's better to have a custom Trezor or hardware wallet. This way you can make transactions, vote for delegates, but not store your private keys on your computer.

A hardware wallet is going to be... tricky. If you want to use the convenience of account names rather than opaque public keys, I think you would need the hardware wallet to validate the entire blockchain (or at least block headers the same way a lightweight client would). Then there is the whole issue of whether you want your hardware wallet to sign market orders as well or if you keep a different PC-only child account to manage the funds used for trading. Finally, hardware wallets don't protect you from double-spends if your client is compromised (unless you basically make the hardware wallet into a full mobile computer that is locked down to only act like a BitShares client). I really question the value of a hardware wallet. I think multisig and a Linux Live CD with embedded client for cold storage accounts is enough security.

Offline serejandmyself

  • Sr. Member
  • ****
  • Posts: 358
    • View Profile
Google Authenticator is a 2FA option but if you lose your phone you'll never be able to log in again so it's not a very practical solution.

Using 2FA without backup 2FA security key it's a bad idea, I use WinAuth for this, and can always restore 2FA on new phone, or pass 2FA using code from WinAuth.

can you expand please?
btsx - bitsharesrussia

Offline testz

Google Authenticator is a 2FA option but if you lose your phone you'll never be able to log in again so it's not a very practical solution.

Using 2FA without backup 2FA security key it's a bad idea, I use WinAuth for this, and can always restore 2FA on new phone, or pass 2FA using code from WinAuth.

Offline Method-X

  • Hero Member
  • *****
  • Posts: 1131
  • VIRAL
    • View Profile
    • Learn to code
  • BitShares: methodx
Google Authenticator is a 2FA option but if you lose your phone you'll never be able to log in again so it's not a very practical solution.

Offline serejandmyself

  • Sr. Member
  • ****
  • Posts: 358
    • View Profile
cold storgae is great but defeats the point of yield ofcourse..... then again if i take my dosh and burry in under the ground on an isalnd i wont get yield too.... in any case i think that 2FA is a great idea. Is there a way to put 2FA into the programm (ofcourse for those who want it)/ Id go further an implement an email request after 2FA like on btc-e right now
It's not gonna work with 2FA .. because the system needs to check the token against their "database" which forces the database to be available for the wallet and thus if you computer is hacked you will also loose the database with the 2fac tokens ..

Is there a system similar to 2FA based on blockchain tech? Or at least email notices would be great (again, if an owner wishes)
btsx - bitsharesrussia

Offline xeroc

  • Board Moderator
  • Hero Member
  • *****
  • Posts: 12922
  • ChainSquad GmbH
    • View Profile
    • ChainSquad GmbH
  • BitShares: xeroc
  • GitHub: xeroc
cold storgae is great but defeats the point of yield ofcourse..... then again if i take my dosh and burry in under the ground on an isalnd i wont get yield too.... in any case i think that 2FA is a great idea. Is there a way to put 2FA into the programm (ofcourse for those who want it)/ Id go further an implement an email request after 2FA like on btc-e right now
It's not gonna work with 2FA .. because the system needs to check the token against their "database" which forces the database to be available for the wallet and thus if you computer is hacked you will also loose the database with the 2fac tokens ..

Offline serejandmyself

  • Sr. Member
  • ****
  • Posts: 358
    • View Profile
cold storgae is great but defeats the point of yield ofcourse..... then again if i take my dosh and burry in under the ground on an isalnd i wont get yield too.... in any case i think that 2FA is a great idea. Is there a way to put 2FA into the programm (ofcourse for those who want it)/ Id go further an implement an email request after 2FA like on btc-e right now
btsx - bitsharesrussia

Offline luckybit

  • Hero Member
  • *****
  • Posts: 2921
    • View Profile
  • BitShares: Luckybit
I was the victim of a rather large btc heist.  Once bitten twice shy.

I would love to throw some serious coin at btsx, but until cold storage or Bitshares answer to armory  comes along I just cant do it.

Too stressful holding the coins online.

If you have not been a victim of a crypto hack, then you just dont realize how easy and painful they are.

Judging by the other posts in this thread, paper wallets while not the sexiest thing in the world could be a real short/easy step to another doubling of market cap.

I would love to push the dev team in that direction.   Anyone else?

You and I share a lot of concerns. We need two factor authentication or something better than "enter your password" as well. I wouldn't store large amounts of BTSX on any machine which can easily be keylogged.

Basically with Bitshares X right now you're trusting that your computer is more secure than the centralized exchanges like Bter. In reality your computer is probably a lot less secure than the average centralized exchange and the only thing Bitshares X has going for it right now is that hackers don't know about it yet to target it.

The best option I think would be to take Trezor and build Bitshares specific firmware for it. If you would like to fund a project you should fund the development of a Bitshares specific Trezor firmware update. That is all that would be needed to secure the Bitshares wallet in my humble opinion.
I was the victim of a rather large btc heist.  Once bitten twice shy.

I would love to throw some serious coin at btsx, but until cold storage or Bitshares answer to armory  comes along I just cant do it.

Too stressful holding the coins online.

If you have not been a victim of a crypto hack, then you just dont realize how easy and painful they are.

Judging by the other posts in this thread, paper wallets while not the sexiest thing in the world could be a real short/easy step to another doubling of market cap.

I would love to push the dev team in that direction.   Anyone else?
Yes, me. Cold storage is a very important feature.

Cold storage is nice but not the answer. It's better to have a custom Trezor or hardware wallet. This way you can make transactions, vote for delegates, but not store your private keys on your computer.

The insecurity comes from the fact that your private keys are on your computer and whenever you enter your password it can be jacked. We need more developer time invested in hardware Bitshares wallets because if we are going to keep a bank vault then that is the only way it can work securely, the average PC isn't anywhere near secure enough.


« Last Edit: September 13, 2014, 08:05:35 am by luckybit »
https://metaexchange.info | Bitcoin<->Altcoin exchange | Instant | Safe | Low spreads

Offline BldSwtTrs

  • Sr. Member
  • ****
  • Posts: 220
    • View Profile
I was the victim of a rather large btc heist.  Once bitten twice shy.

I would love to throw some serious coin at btsx, but until cold storage or Bitshares answer to armory  comes along I just cant do it.

Too stressful holding the coins online.

If you have not been a victim of a crypto hack, then you just dont realize how easy and painful they are.

Judging by the other posts in this thread, paper wallets while not the sexiest thing in the world could be a real short/easy step to another doubling of market cap.

I would love to push the dev team in that direction.   Anyone else?
Yes, me. Cold storage is a very important feature.

Offline bitmarket

  • Sr. Member
  • ****
  • Posts: 369
    • View Profile
    • BitShares TV
I was the victim of a rather large btc heist.  Once bitten twice shy.

I would love to throw some serious coin at btsx, but until cold storage or Bitshares answer to armory  comes along I just cant do it.

Too stressful holding the coins online.

If you have not been a victim of a crypto hack, then you just dont realize how easy and painful they are.

Judging by the other posts in this thread, paper wallets while not the sexiest thing in the world could be a real short/easy step to another doubling of market cap.

I would love to push the dev team in that direction.   Anyone else?


Host of BitShares.TV and Author of BitShares 101

merockstar

  • Guest
Something similar to bitaddress for creating paper wallets (any bitAsset... imagine having a mix of BTSX/bitUSD/bitGLD in the safe) would be a great short-term solution.

I have many of the same concerns as CLains and in fact have had password trouble already. Very, very stressful.

As BTSX appreciates in value these concerns will become more and more pressing.

Dev team definitely is going to need a few clones.


Yes, valid points. Assets in cold storage would have to be rotated periodically.

A watch-only set up would not really work because a transaction needs to be made.

This is going to need to be addressed before serious money starts to move in.

A permanent hot wallet is not going to cut it for any substantial amount of wealth.

Hate to see it go third party/centralized/fee based. ie. SecureCo charging fees slightly less than inactivity.

completely agree.

+5%

would it be possible to implement some kind of system of cold storage where people check in that they're still active, and pay the transaction fee from a different account?

Offline oldman

  • Hero Member
  • *****
  • Posts: 556
    • View Profile
Would love to take 80-90% of my holdings offline for next two or three years.
not recommended due to:
- missed yield (1 year max)
- inactivity fee of 5% every year after 365 days

Yes, valid points. Assets in cold storage would have to be rotated periodically.

A watch-only set up would not really work because a transaction needs to be made.

This is going to need to be addressed before serious money starts to move in.

A permanent hot wallet is not going to cut it for any substantial amount of wealth.

Hate to see it go third party/centralized/fee based. ie. SecureCo charging fees slightly less than inactivity.