Académique Documents
Professionnel Documents
Culture Documents
Is it possible?
Secure
Bitcoin services
using multisig wallets
niedziela, 29 wrzenia 13
DEMO!
niedziela, 29 wrzenia 13
f
I
A little
Who I am and why I am able to talk about this stuff.
background
niedziela, 29 wrzenia 13
about me
The basics
I come from Poland. Where the girls are beautiful and the alcohol will kill you. Programmer with passion, not out of necessity. Started with QBasic in late 90s. Saw the web when it
was just forming.
niedziela, 29 wrzenia 13
about me
Bitcoin era
Learned about Bitcoin in early 2011. The price was around $0.9. Thought it was genius. Immediately started working
on some ideas.
http://bc.x14.eu
niedziela, 29 wrzenia 13
about me
Take two
A Brilliant idea
!
!
If Bitcoin itself is decentralized, why do you need to trust one entity to handle both your fiat and Bitcoins. Also, this helped escape potential regulations. Peer to peer market People should handle money transfers between themselves. We should only hold they Bitcoins in escrow for dispute resolution.
niedziela, 29 wrzenia 13
about me
Bitmarket.eu is born
Launched in April 2011. 30,000 users registered. 2,000 - 3,000 BTC weekly. Ended up badly.
niedziela, 29 wrzenia 13
about me
Thirds time the charm
Another Brilliant idea
If Bitcoin itself is basically trustless, why you should trust operators of your exchange to hold your Bitcoins for you?
n
niedziela, 29 wrzenia 13
Theres gotta be a way... ... to store Bitcoins securely, with not lowering its utility at the same time.
Bitcoin security
Is... non-trivial.
III
niedziela, 29 wrzenia 13
securing Bitcoin
Is it needed?
* Source: https://bitcointalk.org/index.php?topic=83794.0
niedziela, 29 wrzenia 13
securing bitcoins
Challenges
#
Home storage
Thefts from personal computers by hackers using malicious software
"
hot wallets
Online services storing too much funds in hot wallets
L
site admins
Service administrators steal or lose coins.
niedziela, 29 wrzenia 13
securing bitcoins
Only two solutions?
on your computer or offline
Your computer can be hacked. Offline copies can become unreadable over time.
w
niedziela, 29 wrzenia 13
In online wallet service You have to trust website operator that he secured the coins and will not steal them himself.
III
Multisignature transactions
Used in practice, not only in theory
niedziela, 29 wrzenia 13
Normal Transaction
How does it work?
previous outputs used as inputs
broadcast transaction
This is the critical part. One private key to unlock your funds is a single point failure.
niedziela, 29 wrzenia 13
Multisig addresses
Part 1: Create multisig address
Get two or more Bitcoin addressees. Combine them using addmultisigaddress JSON-RPC command As a result, you will get a special Bitcoin address starting with 3. The resulting Bitcoin address is fully functional and can receive coins. You can create different combinations of M-of-N addresses. It means that you can
specify how many private keys are needed to spend the coins.
niedziela, 29 wrzenia 13
Multisig addresses
Possible applications
"
secure storage
Several private keys guarding one Bitcoin address, that can be stored independentally.
!
safe escrow
Buyer, seller and anescrow service create a multisig address used for eventual disputes.
#
Hybrid wallets
Online service operator holds one private key, you hold the other. Advantages of both.
niedziela, 29 wrzenia 13
Multisig addresses
If theyre so great, why doesnt anyone use them?
The client support is still lacking. While you can in most cases send coins to
of time.
amultisignature address, you cant create them, or watch them from the GUI.
To learn how they work and how to use them, you need to invest substantial amounts In order to create certain online services utilizing multisig addresses, aside from server
backend you also have to create a secure javascript utilizing encryption, Bitcoin address generation, transaction handling, and more. This is... non-trivial.
niedziela, 29 wrzenia 13
Multisig addresses
Part 2: Spending coins from multisig wallet
Create a transaction draft using createrawtransaction JSON-RPC command Sign the resulting transaction data with one of private keys, utilizing
signrawtransaction command
You need to provide it with correct details, which may include: public key and
redeem script (say what?)
Pass partially signed transaction data to other party, which repeats this process. Finally, you broadcast the transaction to the network (using sendrawtransaction
or another means)
niedziela, 29 wrzenia 13
DEMO!
niedziela, 29 wrzenia 13
Multisig addresses
The future of Bitcoin, available now
Developers
$ !
Make apps and services you create support multisignature transactions. You could be the first one!
Users Ask your service provider about the multisig support to encourage them to implement that!
niedziela, 29 wrzenia 13
Multisig addresses
Its already working
After the BitMarket.eu fiasco earlier this year I knew the only way to make a Enter Bitalo Online exchange and
Malware-proof 2-factor
authentication.
niedziela, 29 wrzenia 13
R Any
QUESTIONS?
No, I dont know wheres Waldo.
niedziela, 29 wrzenia 13
THANK
YOU
&
for listening
niedziela, 29 wrzenia 13