Author: James Hartig 2014-03-05 22:17:54
Published on: 2014-03-05T22:17:54+00:00
In an email thread, Peter Todd advises against using single factor Bitcoin addresses and suggests using n-of-m multisig instead for added security. He recommends architecting the system in a way that requires authorization from both the online server(s) hosting the website and a second "hardened" server with a limited interface between it and the online server. However, James Hartig points out that this only adds a minor amount of security as someone who manages to hack into the "hot wallet" server can still initiate a non-multisig transaction and steal all the bitcoins in that wallet. The RPC API password is stored in plain-text in the config file, making it easy to access. There also doesn't seem to be a way to force all outgoing transactions to be multisig or to prevent someone from stealing all the money once they have access to the server. Other software like MySQL has access controls that limit the scope of any attack if someone manages to get into the server, which may be beyond the scope of bitcoind.
Updated on: 2023-06-08T04:03:16.912874+00:00