[Bitcoin-development] Development priorities

phantomcircuit phantomcircuit at covertinferno.org
Thu Jun 16 18:24:01 UTC 2011


On 06/16/11 20:18, Luke-Jr wrote:
> On Thursday, June 16, 2011 1:59:56 PM Jeff Garzik wrote:
>>> 2) Wallet security.
>> Agreed, though security professionals (and luke-jr) are already
>> pointing out the wallet crypto mainly eliminates a bit of bad PR,
>> rather than being a major crime deterrent.
>>
>> zooko on IRC had a pretty good suggestion:  introduce a built-in
>> facility for air-gapped wallets (multiple wallets), so that loss of
>> your everyday transactional wallet does not mean loss of everything.
> Even if you do this, a cracker can still simply send your encrypted wallet to 
> himself, secure-delete your local one, kill your client, and demand you 
> publish your password if you want some portion of your coins back.
>
> I'm not sure there's *any* defense for an insecure PC. Maybe Bitcoin will end 
> up forcing people to reconsider their priorities when it comes to security...
Jeff's scratch off branch modified to use email (as unique salt) and
password would eliminate the need for a static wallet.dat for 99% of the
userbase.  This seems like a much better solution than encryption. 
(Although obviously it's still vulnerable to key loggers).




More information about the bitcoin-dev mailing list