Published on: 2019-10-04T10:02:59+00:00
Saulo Fonseca has proposed the creation of a new layer of protection called key stretching for cryptocurrency wallets. However, the user cannot prove if they are using this technique or petertodd's timelock encryption, which gives attackers little incentive to stop physically attacking until they have access to spendable UTXOs. To achieve the same effect, it has been suggested to use on-chain timelocks, delete-the-bits with a rangeproof and zero-knowledge proof, or a similar idea proposed by adam3us. You can find more information about adam3us's proposal at https://bitcointalk.org/index.php?topic=311000.0.Another proposal for wallet protection is ChainWallet, which involves creating a chain of hashes over the private key to generate a new wallet. The length of the chain can be easily memorized as an exponent, such as 2^40 or 10^12, and creating a long chain (billions or trillions of hashes) will take a significant amount of time. This prevents coins from being moved in an unplanned way, such as during a kidnapping. The most popular hash algorithm for this method is SHA-256, but other algorithms can also be used. The goal is to add "time" as part of the puzzle, rather than solely relying on entropy.ChainWallet is compared to BrainWallets with an added chain. BrainWallets have a bad reputation due to the possibility of brute-force attacks, but if a ChainWallet takes one second to generate, the speed of an attack is reduced to one guess per second, making a brute force attack practically impossible. Although ChainWallets are not immune to misuse, a wallet implementation could address this issue by enforcing a minimum chain length and blocking commonly used words as passwords. The major advantage of ChainWallet is its ability to prevent theft. Even if someone tries to force the user to give their private key, it would take an extremely long time to generate the wallet, making it practically impossible to access the coins.ChainWallet can be used as an alternative to BIP39, where instead of memorizing 24 words, a password and two numbers (base and exponent) define the length of the chain. This is easier to remember, eliminating the need to write it down. It is important to note that ChainWallet is not applicable in every case and should be considered as an additional option alongside other methods available in the crypto environment, such as multisig and smart contracts.A proof of concept for ChainWallet in C++ can be found on GitHub, and discussions about it can be found on various Reddit threads. The community has been testing the concept for some time and is currently running a challenge to solve it. When a user wants to transfer their coins to another location, they should re-generate their wallet in a planned manner using the same original private key and length of the chain.
Updated on: 2023-08-02T01:27:40.599570+00:00