Author: Corey Haddad 2016-08-28 23:14:03
Published on: 2016-08-28T23:14:03+00:00
The fear of a "whoops, cosmic ray flipped a bit while producing receiving address; SFYL!" possibility is a concern for using any wallet. At times, people generate their addresses on two independent machines using different software pieces for high-value cold storage. Although the possibility of a randomly flipped bit yielding a valid address is extremely unlikely, it is wise to use independent routes to confirm that your addresses match the keys. The same applies when generating cold storage key pairs. Malicious address substitution is an underappreciated attack vector, and it would make sense if the proposal includes standards for multi-sig wallet interoperability. Using wallets on separate devices and software written by different parties could make a whole spectrum of attacks less likely and more straightforward for typical users to guard against. A proposed solution would be for the detached signer and the normal wallet to verify the correctness of generated addresses before sending coins there. This scheme offers protection from losing money if the hardware wallet is defective, but it's still possible to lose money if the hardware wallet is evil. Overall, the proposal could provide improved security measures for Bitcoin Core users.
Updated on: 2023-06-11T19:39:41.410154+00:00