Author: Dustin Dettmer 2019-08-07 21:19:05
Published on: 2019-08-07T21:19:05+00:00
Bryan Bishop via bitcoin-dev mailing list explains the biggest problem with vault scheme is that an attacker can steal the hot wallet private key and wait for the vault's owner to make a delayed-spend transaction to initiate a withdrawal from the vault. To mitigate this, Bryan suggests choosing a stipend or withdrawal amount per withdrawal period like x% of the funds. The reason why a loss limiter is the way to go is because there's currently no way to force an attacker to reveal his key on the blockchain while also forcing the attacker to use a timelock before the key can spend the coins. There are various covenant proposals at this point (CHECKSIGFROMSTACK, SECURETHEBAG, CHECKOUTPUTVERIFY, ....). Also, there was other previous work that Bryan was only informed about today after posting his proposal. He shared some links to related work: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2018-February/015793.html, https://blog.oleganza.com/post/163955782228/how-segwit-makes-security-better, https://www.youtube.com/watch?v=diNxp3ZTquo, https://bitcointalk.org/index.php?topic=5111656.
Updated on: 2023-06-13T20:52:17.461089+00:00