Author: Billy Tetrud 2022-04-24 23:03:52
Published on: 2022-04-24T23:03:52+00:00
The conversation between Matt and Russell revolves around the limitations of a CTV-based vault, which is designed to improve the management of hot and cold wallets. Matt argues that the theft of a hot wallet key is a security limitation of the system, as it may not be immediately apparent that the key has been stolen. In contrast, the theft of a single key in a multisig wallet would not result in any theft. The discussion then turns to the MES vault scheme, which applies to a different scenario where hot funds are inside the vault and the hot key unvaults the funds and sends them to customer addresses after a delay. The MES vault lies somewhere between better and different when compared to the CTV vault. Russell asks about building a secured vault that commits to the destination address, and Matt suggests that passed-through state allows doing this. However, since CTV predefines all the transactions that can happen under its control, passed state cannot help solve this problem for CTV. Furthermore, op_cat may enable this with CTV, but there are no elegant ways of building secure vaults by using CTV plus something else. Overall, the conversation highlights the practical and security limitations of the CTV-based vault system and explores alternative approaches to address these issues.
Updated on: 2023-06-15T19:37:25.224685+00:00