> Using a desktop website and mobile device for 2/3 multisig in lieu of a
> hardware device (trezor) and desktop website (mytrezor) works, but the key
> is that the device used to input the two signatures cannot be in the same
> band.  What you are protecting against are MITM attacks.  The issue is that
> if a single device or network is compromised by malware, or if a party is
> connecting to a counterparty through a channel with compromised security,
> inputing 2 signatures through the same device/band defeats the purpose of
> 2/3 multisig.

Maybe I'm not following the conversation very well, but if you have a small
hardware device that first displays a signed payment request (BIP70) and
then only will sign what is displayed, how can a MITM attacker do anything
other than deny service?  They'd have to get malware onto the signing
device, which is the vector that a simplified signing device is
specifically designed to mitigate.

TREZOR like devices with BIP70 support and third party cosigning services
are a solution I really like the sound of.  I suppose though that adding
BIP70 request signature validation and adding certificate revocation
support starts to balloon the scope of what is supposed to be a very simple
device though.

Regardless, I think a standard for passing partially signed transactions
around might make sense (maybe a future extension to BIP70), with attention
to both PC <-> small hardware devices and pushing stuff around on the
Internet.  It would be great if users had a choice of hardware signing
devices, local software and third-party cosigning services that would all
interoperate out of the box to enable easy multisig security, which in the
BTC world subsumes the goals of 2FA.

Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
Bitcoin-development mailing list

Reply via email to