Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of gmail.com
	designates 209.85.192.53 as permitted sender)
	client-ip=209.85.192.53; envelope-from=brian.erdelyi@gmail.com;
	helo=mail-qg0-f53.google.com; 
Content-Type: text/plain;
	charset=utf-8
Mime-Version: 1.0 (1.0)
From: Brian Erdelyi <brian.erdelyi@gmail.com>
In-Reply-To: <CALkkCJbk0czFj5mdMB6_0+Umw5V-fo-4tdBHgvg92zhyRZWiYQ@mail.gmail.com>
Date: Mon, 2 Feb 2015 14:07:52 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <F8BA8BFA-94F3-4AD5-9A04-82193AD8B886@gmail.com>
References: <27395C55-CF59-4E65-83CA-73F903272C5F@gmail.com>
	<54CE3816.6020505@bitwatch.co>
	<68C03646-02E7-43C6-9B73-E4697F3AA5FD@gmail.com>
	<CALkkCJbk0czFj5mdMB6_0+Umw5V-fo-4tdBHgvg92zhyRZWiYQ@mail.gmail.com>
To: =?utf-8?Q?Martin_Habov=C5=A1tiak?= <martin.habovstiak@gmail.com>
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Proposal to address Bitcoin malware
Precedence: list

Martin,

Yes, the second signing could be done by a mobile device that I owned and co=
ntrolled (I wasn't thinking that initially).  I was thinking that online ser=
vices are popular because of convenience and there should be a better way to=
 address security (privacy issues not withstanding).

I think these are practical approaches and just doing a sanity check.  Thank=
s for the vote of confidence.

Brian Erdelyi

Sent from my iPad

> On Feb 2, 2015, at 1:54 PM, Martin Habov=C5=A1tiak <martin.habovstiak@gmai=
l.com> wrote:
>=20
> Good idea. I think this could be even better:
>=20
> instead of using third party, send partially signed TX from computer
> to smartphone. In case, you are paranoid, make 3oo5 address made of
> two cold storage keys, one on desktop/laptop, one on smartphone, one
> using third party.
> If it isn't enough, add requirement of another four keys, so you have
> three desktops with different OS (Linux, Windows, Mac) and three
> mobile OS (Android, iOS, Windows Phone), third party and some keys in
> cold storage. Also, I forgot HW wallets, so at least Trezor and
> Ledger. I believe this scheme is unpenetrable by anyone, including
> NSA, FBI, CIA, NBU...
>=20
> Jokes aside, I think leaving out third party is important for privacy reas=
ons.
>=20
> Stay safe!
>=20
> 2015-02-02 18:40 GMT+01:00 Brian Erdelyi <brian.erdelyi@gmail.com>:
>> Another concept...
>>=20
>> It should be possible to use multisig wallets to protect against malware.=
  For example, a user could generate a wallet with 3 keys and require a tran=
saction that has been signed by 2 of those keys.  One key is placed in cold s=
torage and anther sent to a third-party.
>>=20
>> It is now possible to generate and sign transactions on the users compute=
r and send this signed transaction to the third-party for the second signatu=
re.  This now permits the use of out of band transaction verification techni=
ques before the third party signs the transaction and sends to the blockchai=
n.
>>=20
>> If the third-party is malicious or becomes compromised they would not hav=
e the ability to complete transactions as they only have one private key.  I=
f the third-party disappeared, the user could use the key in cold storage to=
 sign transactions and send funds to a new wallet.
>>=20
>> Thoughts?
>> -------------------------------------------------------------------------=
-----
>> Dive into the World of Parallel Programming. The Go Parallel Website,
>> sponsored by Intel and developed in partnership with Slashdot Media, is y=
our
>> hub for all things parallel software development, from weekly thought
>> leadership blogs to news, videos, case studies, tutorials and more. Take a=

>> look and join the conversation now. http://goparallel.sourceforge.net/
>> _______________________________________________
>> Bitcoin-development mailing list
>> Bitcoin-development@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development