Author Topic: AGS potential security issue  (Read 13098 times)

0 Members and 1 Guest are viewing this topic.

Offline toast

  • Hero Member
  • *****
  • Posts: 4001
    • View Profile
  • BitShares: nikolai
Inspired by logxing's proposal, i come up with an idea which may completely solve this potential security issue.  if we could use the signature which sign on the specified text(e.g the donation address) with private key, to claim the corresponding shares in different DACs,then we would not worry about private key stolen,as we do NOT need to expose our private key and use different signature to claim the shares in different DAC. e.g signature to claim the XTS shares =sign(“XTS”+Pts/BTC donation address, PrivateKey), signature to claim the DNS shares =sign(“DNS”+Pts/BTC donation address, PrivateKey)

Awesome! I strongly prefer this method. This should be a standard tool in the toolkit. I would imagine we already have a tool that generates the genesis block.

One problem I see with this method however, is that it generates a signature, not a public address. i.e. only holders of AGS could generate the public address for each DAC.

Unless the DAC itself has a method of claiming by signature, but that may complicate the protocol.

Does the Bitshares framework support the same transaction OP_ codes as Bitcoin?

>  only holders of AGS could generate the public address for each DAC.

Not true - you put the public keys in the genesis block like you do now, but to claim them you check the SIG(pubkey, "BTSX") instead of just SIG(pubkey).

We don't use OP_, we hard-code all needed transaction types for each DAC
Do not use this post as information for making any important decisions. The only agreements I ever make are informal and non-binding. Take the same precautions as when dealing with a compromised account, scammer, sockpuppet, etc.

Offline bitmeat

  • Hero Member
  • *****
  • Posts: 1116
    • View Profile
Inspired by logxing's proposal, i come up with an idea which may completely solve this potential security issue.  if we could use the signature which sign on the specified text(e.g the donation address) with private key, to claim the corresponding shares in different DACs,then we would not worry about private key stolen,as we do NOT need to expose our private key and use different signature to claim the shares in different DAC. e.g signature to claim the XTS shares =sign(“XTS”+Pts/BTC donation address, PrivateKey), signature to claim the DNS shares =sign(“DNS”+Pts/BTC donation address, PrivateKey)

Awesome! I strongly prefer this method. This should be a standard tool in the toolkit. I would imagine we already have a tool that generates the genesis block.

One problem I see with this method however, is that it generates a signature, not a public address. i.e. only holders of AGS could generate the public address for each DAC.

Unless the DAC itself has a method of claiming by signature, but that may complicate the protocol.

Does the Bitshares framework support the same transaction OP_ codes as Bitcoin?

Offline crazybit

We disscused sth similar in the "Mirrorchain" thread .. you should take a look
Thx,i would take a look

Offline xeroc

  • Board Moderator
  • Hero Member
  • *****
  • Posts: 12922
  • ChainSquad GmbH
    • View Profile
    • ChainSquad GmbH
  • BitShares: xeroc
  • GitHub: xeroc
We disscused sth similar in the "Mirrorchain" thread .. you should take a look

Offline toast

  • Hero Member
  • *****
  • Posts: 4001
    • View Profile
  • BitShares: nikolai
Inspired by logxing's proposal, i come up with an idea which may completely solve this potential security issue.  if we could use the signature which sign on the specified text(e.g the donation address) with private key, to claim the corresponding shares in different DACs,then we would not worry about private key stolen,as we do NOT need to expose our private key and use different signature to claim the shares in different DAC. e.g signature to claim the XTS shares =sign(“XTS”+Pts/BTC donation address, PrivateKey), signature to claim the DNS shares =sign(“DNS”+Pts/BTC donation address, PrivateKey)

Yep, we can have a dedicated tool just for this
Do not use this post as information for making any important decisions. The only agreements I ever make are informal and non-binding. Take the same precautions as when dealing with a compromised account, scammer, sockpuppet, etc.

Offline crazybit

Inspired by logxing's proposal, i come up with an idea which may completely solve this potential security issue.  if we could use the signature which sign on the specified text(e.g the donation address) with private key, to claim the corresponding shares in different DACs,then we would not worry about private key stolen,as we do NOT need to expose our private key and use different signature to claim the shares in different DAC. e.g signature to claim the XTS shares =sign(“XTS”+Pts/BTC donation address, PrivateKey), signature to claim the DNS shares =sign(“DNS”+Pts/BTC donation address, PrivateKey)
« Last Edit: May 31, 2014, 05:11:44 am by CrazyBit »

Offline toast

  • Hero Member
  • *****
  • Posts: 4001
    • View Profile
  • BitShares: nikolai
Do not use this post as information for making any important decisions. The only agreements I ever make are informal and non-binding. Take the same precautions as when dealing with a compromised account, scammer, sockpuppet, etc.

Offline Overthetop

个人微博账号: Overthetop_万里晴空
“块链创新与创业”交流群: 330378613

Offline bitmeat

  • Hero Member
  • *****
  • Posts: 1116
    • View Profile
The more times a private key is used to sign, the easier it is to hack the address. That's why Satoshi in his original paper recommends creating a new change address every time a transaction is signed. Real security is achieved if you ONLY sign things ONCE per private key.

Offline crazybit

I think he means a malicious client stealing private keys. Of course this is a great reason to make AGS liquid.

You can always sign transactions offline and refuse to use a client that doesn't allow you to construct unsigned transactions.
Yes,you got my point of the security issue part,but i am not talking about liquid AGS,just concern for the AGS Security issue.
« Last Edit: May 26, 2014, 05:12:12 pm by CrazyBit »

Offline crazybit

I don't think you expose your private keys to anyone else in the network. You just verify on your local machine to the network that you own the address that is granted shares...
you have to admit that it is possible your private key might be exposed if it is imported to the customized or malicious DAC client with the purpose to steal your private key.we cannot review every DAC client source code(i think mainly the third party DAC) and build client by ourselves to make sure the client will not steal our private key.
« Last Edit: May 26, 2014, 11:36:23 pm by CrazyBit »

Offline toast

  • Hero Member
  • *****
  • Posts: 4001
    • View Profile
  • BitShares: nikolai
I think he means a malicious client stealing private keys. Of course this is a great reason to make AGS liquid.

You can always sign transactions offline and refuse to use a client that doesn't allow you to construct unsigned transactions.
Do not use this post as information for making any important decisions. The only agreements I ever make are informal and non-binding. Take the same precautions as when dealing with a compromised account, scammer, sockpuppet, etc.

Offline santaclause102

  • Hero Member
  • *****
  • Posts: 2486
    • View Profile
I don't think you expose your private keys to anyone else in the network. You just verify on your local machine to the network that you own the address that is granted shares...

Offline crazybit

One thing sure is that more and more DAC will come out in future,but there is a potential security issue that the more times we import the AGS private key to claim the corresponding shares in the DAC,the more risk the private key might be exposed,under the current social contract without AGS Liquid,we even cannot transfer the AGS shares to other address if the private key exposed,is there any consideration or plan to improve the AGS security,please discuss.
« Last Edit: May 26, 2014, 11:40:24 pm by CrazyBit »