Why Nostr? What is Njump?
2023-06-07 15:29:31
in reply to

Adam Weiss [ARCHIVE] on Nostr: šŸ“… Original date posted:2015-02-03 šŸ“ Original message:> > > Using a desktop ...

šŸ“… Original date posted:2015-02-03
šŸ“ Original message:>
>
> Using a desktop website and mobile device for 2/3 multisig in lieu of a
> hardware device (trezor) and desktop website (mytrezor) works, but the key
> is that the device used to input the two signatures cannot be in the same
> band. What you are protecting against are MITM attacks. The issue is that
> if a single device or network is compromised by malware, or if a party is
> connecting to a counterparty through a channel with compromised security,
> inputing 2 signatures through the same device/band defeats the purpose of
> 2/3 multisig.
>

Maybe I'm not following the conversation very well, but if you have a small
hardware device that first displays a signed payment request (BIP70) and
then only will sign what is displayed, how can a MITM attacker do anything
other than deny service? They'd have to get malware onto the signing
device, which is the vector that a simplified signing device is
specifically designed to mitigate.

TREZOR like devices with BIP70 support and third party cosigning services
are a solution I really like the sound of. I suppose though that adding
BIP70 request signature validation and adding certificate revocation
support starts to balloon the scope of what is supposed to be a very simple
device though.

Regardless, I think a standard for passing partially signed transactions
around might make sense (maybe a future extension to BIP70), with attention
to both PC <-> small hardware devices and pushing stuff around on the
Internet. It would be great if users had a choice of hardware signing
devices, local software and third-party cosigning services that would all
interoperate out of the box to enable easy multisig security, which in the
BTC world subsumes the goals of 2FA.

--adam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150203/41e376c5/attachment.html>;
Author Public Key
npub1vxevd7hlyz7atxxa6w72vnuf75pxdemsgyjl0cej2dph7df24eqsh0yyl6