Author: Brian Erdelyi 2015-02-02 18:07:52
Published on: 2015-02-02T18:07:52+00:00
A concept has been proposed that multisig wallets could be used to protect against malware. By generating a wallet with three keys and requiring a transaction to be signed by two of those keys, users can ensure that the third party cannot complete transactions as they only have one private key. If the third-party becomes compromised, the user can use the key in cold storage to sign transactions and send funds to a new wallet. It is possible to generate and sign transactions on the user's computer and send this signed transaction to the third-party for the second signature, allowing the use of out of band transaction verification techniques before the third party signs the transaction and sends it to the blockchain. Online services are popular because of convenience but there should be a better way to address security concerns. One suggestion is to send partially signed transactions from a computer to a smartphone instead of using a third-party. The writer suggests making a 3oo5 address made of two cold storage keys, one on desktop/laptop, one on smartphone, one using a third-party. Adding another four keys, three desktops with different OS (Linux, Windows, Mac), three mobile OS (Android, iOS, Windows Phone), third party and some keys in cold storage would further increase security. Leaving out the third-party is important for privacy reasons.
Updated on: 2023-06-09T16:10:31.719371+00:00