Author: bitcoingrant at gmx.com 2013-11-02 05:01:43
Published on: 2013-11-02T05:01:43+00:00
Passwords have been proven to be an inefficient method of authentication, with frequent reports of password breaches and stolen databases. This issue also extends to the Bitcoin space, as evidenced by the recent Bitcointalk forum breach. In light of this, a new authentication method called Message Signing has been introduced in celebration of the 5 year anniversary of the Bitcoin whitepaper. The authentication process involves the server providing a token for the client to sign, which is then sent back to the server along with the bitcoin address. The server validates the message and uses the alias (optional) and bitcoin address for identification.A proof of concept forum utilizing this authentication method can be found at forums.bitcoingrant.org. The forum stores only the signed message and bitcoin address provided by the user upon first visit, both of which are public information. There is no database; everything is simply an RSS feed, although a redis for the sessions has been included for usability at the cost of additional exposure to potential risks. All source code will be made available on Github in the near future, and feedback and suggestions are welcomed.
Updated on: 2023-06-07T18:55:27.944663+00:00