Author: Will 2015-02-03 12:04:21
Published on: 2015-02-03T12:04:21+00:00
The proposal suggests using 2/3 multisig with a desktop website and mobile device instead of a hardware device (trezor) and desktop website (mytrezor). However, to protect against MITM attacks, the two signatures must be input through different devices/bands. Companies have found ways around MITM attacks using SSL sniff and derivatives by embedding code in mobile apps that communicate with a third party company that authenticates the token and passes the authentication to the website through a different secure channel.The same principle applies here, where the second signature must be presented from a separate band. To bypass the need for a trusted third party in a multisig wallet scenario, any wallet service provider can use this model; all they must do is develop two independent applications that use 2/3 multisig to authorize transactions.The multisig scenario involves a user signing a 2 of 3 output with a first signature and sending the signed transaction to another ("third") party. The objective is for the third party to provide the second signature, thereby spending the output as intended by the user who is not necessarily the first signer. The send must be authenticated to the user so that the third party cannot sign anything it receives, rendering the second signature pointless.Using a hardware wallet breaks down once any aspect of the platform or network to which it connects must be trusted. If we want to fix the issue of too-long R or S values, we must at least have signatures with them as non-standard.Pieter Wuille suggested adding a one-line change to BIP66's DERSIG, which is a simpler alternative for Strict DER signatures. Gregory Maxwell agreed with Pieter's suggestion. Eric Voskuil discussed the issue of multiple signatures offering greater security than single signatures and how independence of control is the central issue in the analysis of a multiple factor system. He also discussed the importance of trying to find methods to help verify Bitcoin transactions before they are completed, without increasing user or system complexity without increasing integrity or privacy.An attachment regarding parallel programming was also included at the end of the email.
Updated on: 2023-06-09T16:26:52.461363+00:00