<div dir="ltr"><div><i>One of my biggest fears about using any wallet is the "whoops,
cosmic ray flipped a bit while producing receiving address; SFYL!"
possibility. For high value cold storage, I always generate my addresses
on two independent machines using two different pieces of software. Am I
nuts for doing that?<br><br></i></div><div>A randomly flipped bit would be extremely unlikely to yield a valid address, however, I still think it you are wise to use independent routes to confirm that your addresses match the keys. I do the same when I generating my cold storage key pairs. I think malicious address substitution is an under appreciated attack vector.<br><br></div><div>Regarding this thread in general, would it make sense for this proposal to include standards for multi-sig wallet interoperability? A whole spectrum of attacks would be made less likely - and easy for typical users to guard against - by using wallets on separate devices AND where the wallet software was written and provided by different parties.<br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Aug 22, 2016 at 9:50 AM, Moral Agent via bitcoin-dev <span dir="ltr"><<a href="mailto:bitcoin-dev@lists.linuxfoundation.org" target="_blank">bitcoin-dev@lists.linuxfoundation.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">It would be nice if the detached signer and the normal wallet could both verify the correctness of generated addresses before you cause coins to be sent there.<div><br></div><div>e.g. the hardware wallet could give its master public key to Bitcoin Core and you can thereafter generate your receiving addresses on Core, with the option to have the HW wallet validate them.</div><div><br></div><div>One of my biggest fears about using any wallet is the "whoops, cosmic ray flipped a bit while producing receiving address; SFYL!" possibility. For high value cold storage, I always generate my addresses on two independent machines using two different pieces of software. Am I nuts for doing that?</div><div class="gmail_extra"><br></div><div class="gmail_extra">With the above scheme, you are pretty well protected from losing money if your HW wallet is defective. You could still lose it if the HW wallet was evil of course, but that strikes me as much more likely to be discovered quickly.</div></div>
<br>______________________________<wbr>_________________<br>
bitcoin-dev mailing list<br>
<a href="mailto:bitcoin-dev@lists.linuxfoundation.org">bitcoin-dev@lists.<wbr>linuxfoundation.org</a><br>
<a href="https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev" rel="noreferrer" target="_blank">https://lists.linuxfoundation.<wbr>org/mailman/listinfo/bitcoin-<wbr>dev</a><br>
<br></blockquote></div><br></div>