Author: Eric Voskuil 2015-02-03 00:41:20
Published on: 2015-02-03T00:41:20+00:00
The context discusses the use of multisig wallets to protect against malware. The scenario envisions a user signing a 2 of 3 output with a first signature while assuming that the user platform is compromised by malware. The objective is for the third party to provide the second signature, but the send must be authenticated to the user to prevent the second signature from being pointless. The two secrets are not independent if the first platform is compromised, so the third party must send the transaction to an independent platform for verification by the user and obtain consent before adding the second signature. The central assumptions are that the attack against the second platform is not coordinated with that of the first, nor is the third party in collusion with the first platform. The entire security model is destroyed without independence, and there is no protection whatsoever against malware. In a hardware wallet scenario, the device itself is not compromised. However, it is not inconceivable that its keys could be extracted through probing or other direct attack against the hardware. Keeping both the first and second platforms in close proximity constitutes collusion from a physical security standpoint. This is probably sufficient justification for not implementing such a model, especially given the cost and complexity of stealing and cracking a well-designed device.
Updated on: 2023-06-09T16:09:15.478898+00:00