Author: Mike Hearn 2011-08-26 11:42:29
Published on: 2011-08-26T11:42:29+00:00
The author believes that multi-signature transactions are the fastest way to secure Bitcoin wallets. However, they argue that payers do not need to concern themselves with the details of how their wallets are protected. The author suggests that a user's software can notice inbound payments to a regular Bitcoin address and immediately respends them to multi-signed outputs. This approach simplifies key management as it does not require integration with shopping cart software. The author also predicts that eventually, we will move away from senders attaching transaction fees and instead receivers will respend the fee-less transaction adding whatever fee they believe is appropriate. Therefore, it doesn't make sense for buyers to have to attach more fees just because the merchant is using complex wallet policies. The author suggests whitelisting the basic CHECKMULTISIG form to make fancier addresses be embeddable inside QR codes if people feel it's necessary. Once malware can't simply email wallets to attackers or steal keys when the user decrypts due to a second factor, the next easiest attack is for malware to rewrite addresses on-screen as it sees fit, forwarding small payments so the user doesn't notice then stealing a big one. To solve this problem, Bitcoin addresses need to contain an endpoint that the second factor can use to verify ownership of the key.
Updated on: 2023-05-26T20:27:01.625773+00:00