Burak, I don't remember if this has been mentioned previously in the 
conversation about Ark, but a disadvantage in the protocol as it is currently 
is that "Ark require users to come online and "refresh" their coins every few 
weeks, otherwise the ASP can sweep the funds." (putting that in quotes because 
although I copied this from a forum, it may have originally been said on this 

However, yesterday I have come up with a scheme to mitigate this disadvantage, 
in a way that works similar to LN watchtowers.

This watchtower program for Ark would be made that runs on an 
internet-connected server and inputs your wallet password and the date in the 
future to perform the refreshing. A child process can then be spawned that acts 
similar to a cronjob, and stores the wallet password with AES encryption in 

The key to this cipher is the time stored in ISO 8601 format as a byte string. 
It is promptly discarded from memory.

Every second, the watchtower child process will attempt to decrypt the cipher 
using the current ISO 8601 time looking like "YYYY-mm-ddTHH:MM:SSZ" as the key.

Naturally this will only succeed at the requisite time at which the wallet is 
to be unlocked by the watchtower child process - following which the coins 
inside the ASP are refreshed, and the watchtower child process is terminated 
and the encrypted wallet password destroyed.

Of course, memory scrubbing should be applied to the region that has the 
decrypted wallet password.
If at any point the user comes online by themselves, they can simply cancel the 
watchtower refreshing task, which will terminate the watchtower child process 
without opening your wallet and refreshing coins.

The key feature is that nobody will be able to decrypt the wallet password 
unless they know the exact time it is to be unlocked as an ISO 8601 string. It 
cannot be unlocked at any time in the future, just at that particular instant, 
as long as the key is discarded and the software randomly guesses the 
decryption by attempting each second the new time as the encryption key. Even 
if the watchtower is hacked after the task has been made, the hacker still 
won't be able to decrypt the wallet password unless they brute-force the 
encryption key by exhaustively trying all timestamps in the future.

Alternatively, instead of encrypting the wallet password, it can encrypt a 
signed transaction which is used by Ark to refresh the coins. In this case, the 
wallet password would still need to be collected, but only for the purpose of 
signing the transaction, after which the password is promptly erased from 

How this can be extended to repeatedly arming the watchtower program with 
refreshes remains to be seen, but using the wallet password as the encryption 
directly is one option albeit not a secure one A better and more secure option 
would be to take note of the UTXOs created by the coin refreshing transaction, 
use those as inputs to a second refreshing transaction that is created 
immediately after the first one, sign it, and similarly create a third, fourth, 
etc. as many as are desirable for the user. Then every 4 weeks, one of these 
transactions can be broadcasted, in the order that they were created obviously.

Looking forward to your feedback on this.
bitcoin-dev mailing list

Reply via email to