[Bitcoin-development] Development priorities
phantomcircuit at covertinferno.org
Thu Jun 16 18:24:01 UTC 2011
On 06/16/11 20:18, Luke-Jr wrote:
> On Thursday, June 16, 2011 1:59:56 PM Jeff Garzik wrote:
>>> 2) Wallet security.
>> Agreed, though security professionals (and luke-jr) are already
>> pointing out the wallet crypto mainly eliminates a bit of bad PR,
>> rather than being a major crime deterrent.
>> zooko on IRC had a pretty good suggestion: introduce a built-in
>> facility for air-gapped wallets (multiple wallets), so that loss of
>> your everyday transactional wallet does not mean loss of everything.
> Even if you do this, a cracker can still simply send your encrypted wallet to
> himself, secure-delete your local one, kill your client, and demand you
> publish your password if you want some portion of your coins back.
> I'm not sure there's *any* defense for an insecure PC. Maybe Bitcoin will end
> up forcing people to reconsider their priorities when it comes to security...
Jeff's scratch off branch modified to use email (as unique salt) and
password would eliminate the need for a static wallet.dat for 99% of the
userbase. This seems like a much better solution than encryption.
(Although obviously it's still vulnerable to key loggers).
More information about the bitcoin-dev