Author: Peter Todd 2013-12-19 13:17:06
Published on: 2013-12-19T13:17:06+00:00
The DarkWallet Hackathon brought together experts to discuss the principles of decentralized Bitcoin usage, with a focus on privacy, education, and security. The aim was to protect Bitcoin users from state-level attacks that could compromise their anonymity. To achieve this, several measures were recommended including avoiding address re-use, implementing CoinJoin, using TOR, and allowing users to set fees.Wallet software should be designed to balance privacy protection with usability for more effective adoption by users. This means blurring the distinctions between full UTXO set nodes, SPV nodes, and partial UTXO set nodes. Additionally, relaying data requires consideration of the risk of DoS attacks, which can be mitigated by Bloom filters or prefix filters. Wallets should also allow for transaction replacement and payment protocol use to avoid syncing their state with blockchain data. Finally, users should be given options to specify how much extra they are willing to pay for extra privacy where there is a trade-off between fees and privacy.Given the high liquidity of Bitcoin and its likelihood of being targeted by hackers, good source-code integrity must be maintained using a revision control system such as git, which is recommended, and PGP signed on a regular basis. Binary integrity must also be ensured through deterministic build systems when possible. Developers should make use of PGP and participate in the web-of-trust, advertise their PGP fingerprint widely, and sign as much communication as practical.Multi-factor spend authorization or multisig wallets are important, and wallet software should support some form of multi-factor protection for wallet funds. Payment protocol BIP70 is needed to protect against spending without user knowledge, but there is no assurance about where those funds went. Wallet software should support paying funds to P2SH addresses and support BIP70.
Updated on: 2023-06-07T22:37:41.813233+00:00