Author: Peter Todd 2013-07-27 23:49:18
Published on: 2013-07-27T23:49:18+00:00
Gavin Andresen proposed a new design for a wallet that uses two-factor authentication via one-time-passwords with a third-party service to counter-sign 2-of-2 protected wallets. However, involving a third-party can lead to privacy and availability risks. An alternate design utilizes one-time-passwords and removes the requirement for a third-party along with other advantages and disadvantages. The user has a wallet with separate balances for savings and day-to-day spending. Transactions from day-to-day balance do not require authorization, but spending the savings balance does need one-time-passwords. When the day-to-day balance becomes low, the user can authorize the movement of discrete multiples of some amount from savings to spending using one one-time-password per multiple being moved. Savings use P2SH outputs matching HASH160 EQUALVERIFY CHECKSIG spent with pubkey/seckey generated deterministically using a counter-based one-time-password scheme. Nonces are generated deterministically using RFC2289. The security level is the number of bits for the nonce; 64 bits are sufficient. It's interesting to note how in some cases it may be preferable that the authorization is simply authorization to spend without any other involvement. Here the party acting as an oracle not only doesn't need to know where funds are going, but can even authorize the spend in advance without two-way communication - possibly even prior to the funds being received in the first place. Funding the wallet requires the involvement of all parties required to authorize an outgoing payment. In addition, the protection only works if funds sent to the wallet are split up into the discrete authorization amounts the user wishes. There hasn't been much thought put into these systems as there has been on payment protocols between a customer and a merchant, but the basic idea is to have more than one device participate in the generation of payment request signed somehow. For fund splitting, the request can be that the funds are paid to multiple txouts in one go. More research is needed to develop such systems.
Updated on: 2023-06-07T14:41:13.106203+00:00