How does your system prevent against insider attacks? How do you know the money is stolen by someone who compromised server #4, and not stolen by the person who set up server #4? It is my understanding these days most attacks are inside jobs.
On 8/24/16, Peter Todd via bitcoin-dev <[email protected]> wrote: > On Thu, Aug 25, 2016 at 01:37:34AM +1000, Matthew Roberts wrote: >> Really nice idea. So its like a smart contract that incentivizes >> publication that a server has been hacked? I also really like how the >> funding has been handled -- with all the coins stored in the same address >> and then each server associated with a unique signature. That way, you >> don't have to split up all the coins among every server and reduce the >> incentive for an attacker yet you can still identify which server was >> hacked. >> >> It would be nice if after the attacker broke into the server that they >> were >> also incentivized to act on the information as soon as possible >> (revealing >> early on when the server was compromised.) I suppose you could split up >> the >> coins into different outputs that could optimally be redeemed by the >> owner >> at different points in the future -- so they're incentivzed to act lest > > Remember that it's _always_ possible for the owner to redeem the coins at > any > time, and there's no way to prevent that. > > The incentive for the intruder to collect the honeypot in a timely manner > is > simple: once they've broken in, the moment the honeypot owner learns about > the > compromise they have every reason to attempt to recover the funds, so the > intruder needs to act as fast as possible to maximize their chances of > being > rewarded. > > -- > https://petertodd.org 'peter'[:-1]@petertodd.org > _______________________________________________ bitcoin-dev mailing list [email protected] https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
