• Forum has been upgraded, all links, images, etc are as they were. Please see Official Announcements for more information

Cold storage spending....

If you are doing an external step, it should be a hardware wallet setup like I described. Using the same logic, Grandma is not going to want to perform the extra work of scanning pieces of paper, either. Frankly speaking, if you trust your Android software (rooted or not, custom rom or stock), phone drivers, closed-source hardware blobs and firmware that much, you might as well just store the private keys right on the device.

Good security is never easy. It is hard and SHOULD be increasingly harder and more difficult to use, as the value that you want to protect grows. It is easy to shove a few hundred or thousand bills under your mattress, but you would not trust it with millions or billions worth (even if it fit in the mattress). You would need to set up a vault, hire security, and it would be a hassle when you went to visit the vault and spend.

I mention this because you originally brought up cold storage spending, so I think you should remember this fundamental point. We call it "cold storage" simply for the fact that it is a larger amount than you'd freely store in a more convenient location, and it is supposed to be a little more difficult to spend it. A little difficulty for the owner usually equates to orders of magnitude more difficulty for the thief.
 
If you are doing an external step, it should be a hardware wallet setup like I described. Using the same logic, Grandma is not going to want to perform the extra work of scanning pieces of paper, either. Frankly speaking, if you trust your Android software (rooted or not, custom rom or stock), phone drivers, closed-source hardware blobs and firmware that much, you might as well just store the private keys right on the device.

Agree to disagree... Storing your private key on a networked device that crosses networks everywhere you travel, is "orders of magnitude" less secure than scanning a paper kept in your pocket and then trashing the protected memory space each time authentication is completed... The funny thing about your comment is we "trust our android software" every time we make a SSL connection (man-in-the-middle attacks?)... :smile: Let me guess, you work for one of those "wallet" companies and don't like the idea of an Anti-Wallet App... :wink:

I mention this because you originally brought up cold storage spending, so I think you should remember this fundamental point. We call it "cold storage" simply for the fact that it is a larger amount than you'd freely store in a more convenient location, and it is supposed to be a little more difficult to spend it. A little difficulty for the owner usually equates to orders of magnitude more difficulty for the thief.

What if the guy that coined the term "cold storage" was wrong? :rolleyes: App security should never accept the status quo.... Nor do I... I might be new to this group, but your not the only one who knows security shit... I still see value in building an AWPM.... Anyone else? :grin:
 
Nope, I don't work for anyone. I am no security expert, nor am I a software engineer or coder. I am simply cautious when it comes to money, and thus have done some prior research on this topic, and have also experimented with some of the current solutions available (albeit for bitcoin, not dash).

I appreciate your enthusiasm and I'm not saying your idea does not have any merit. There is certainly value in not permanently storing a private key on the device, as it offers better protection than local storage (encrypted or not) in case your physical device is stolen. We are probably just considering different attack vectors and have different ideas on security standards. I agree that security should not always accept the status quo, but language however, should try to. So no, the guy who coined the term cold storage was not wrong if his definition is the generally accepted one.

As soon as you "touch" those private keys to a device that has been online, and will go online again, there exists a possibility for attack that just would not exist if you had not done that. It does not matter what you do with the protected memory or secure software implementation. The KISS principle really applies here. The moment you do import that private key onto the online device--however temporary and secure--that private key is no longer "cold storage," so that is all I wanted to clarify.

Just to let you know though, our development team is currently working on protocol-level 2-factor authorization for spends, which will truly be a shot in the arm for everyone's security, regardless of any extra protection measures taken.
 
This is an extra level of security in the physical world that can't easily be got at from online attacks, coupled with an encrypted password, forms a type of 2 factor authorization does it not, you are introducing an extra of protection based on the physical world.
Am reminded what the NSA said about mailing someone, which is, basically the safest way to send a message is to put it in a paper envelope and post it.
 
I appreciate your enthusiasm and I'm not saying your idea does not have any merit. There is certainly value in not permanently storing a private key on the device, as it offers better protection than local storage (encrypted or not) in case your physical device is stolen. We are probably just considering different attack vectors and have different ideas on security standards. I agree that security should not always accept the status quo, but language however, should try to. So no, the guy who coined the term cold storage was not wrong if his definition is the generally accepted one.

We agree to agree.... Kind of... :wink: Because language and meaning does change in the tech world quite fast... "Names of many computer terms, especially computer applications, often relate to the function they perform, e.g., a compiler is an application that compiles (programming language source code into the computer's machine language). However there are other terms with less obvious origins, which are of etymological interest." Check out these just for fun... http://en.wikipedia.org/wiki/List_of_computer_term_etymologies :grin:

As soon as you "touch" those private keys to a device that has been online, and will go online again, there exists a possibility for attack that just would not exist if you had not done that. It does not matter what you do with the protected memory or secure software implementation. The KISS principle really applies here. The moment you do import that private key onto the online device--however temporary and secure--that private key is no longer "cold storage," so that is all I wanted to clarify.

Tomayto / Tomahto... When I think of the term "cold storage"... I think no battery, low cost, no network persistence , no device persistence, no cloud storage private keys and direct interaction with the blockchain.... Doesn't get more KISS than that, in my book... :grin:


Just to let you know though, our development team is currently working on protocol-level 2-factor authorization for spends, which will truly be a shot in the arm for everyone's security, regardless of any extra protection measures taken.

Good to know... I like 2-factor... :cool:

The AWPM is probably a clean fork anyway... As I was looking @ some of the code last night... Not needing backups, donate / tips, address books and some other stuff...

Oh... One thing... The README here for sweeping wallets (bottom)... States that it uses this REST call https://api.biteasy.com/blockchain/v1/unspent-outputs at biteasy.com... V1 is obsolete according to biteasy.com here.... They also have an issue w/ there SSL cert shown below.... Yikes!:

Screenshot from 2015-05-26 07:43:11.png


Cheers!
 
This is an extra level of security in the physical world that can't easily be got at from online attacks, coupled with an encrypted password, forms a type of 2 factor authorization does it not, you are introducing an extra of protection based on the physical world.
Am reminded what the NSA said about mailing someone, which is, basically the safest way to send a message is to put it in a paper envelope and post it.

AGREE, AGREE, AGREE! :grin:
 
AGREE, AGREE, AGREE! :grin:

Could the paper wallet private key have some kind of finger over part of the key as another layer of security, something like you have to cover up say 2 parts of the key perhaps from the back of a transparent wallet print, the wallet could be marked on the back with numbers almost like a physical pin, when you cover them up. parts of the scan will come in dark, affecting the key in a way that makes it work?
 
Could the paper wallet private key have some kind of finger over part of the key as another layer of security, something like you have to cover up say 2 parts of the key perhaps from the back of a transparent wallet print, the wallet could be marked on the back with numbers almost like a physical pin, when you cover them up. parts of the scan will come in dark, affecting the key in a way that makes it work?

Ah... Like a puzzle mug.... I like it! :grin: "Each mug is slightly different, using one of several different hole patterns." to drink from it... ref: http://www.muddymountainpottery.com/puzzle_mugs

Only problem is now everyone has to have a 3D printer or a trusted 3D printer store or something else?

What if we just re-lock the phone before the spend..... Nope... That won't do it...
What if we scan a finger print and tie it to the app or transaction.... Nope... That won't do it...
Register the app to a finger print, transaction from trusted apps... yuck... I don't want to do it...

It has to be part of the QR that gets scanned... Or... As much as I like the puzzle mug idea.... You only transfer what you are willing to loose to the pocket coin from other "Paper Wallets"

Picture coming up... Please hold.... :smile:
 
Anti-Wallet Payment Method (AWPM) Coin Reload (1).png
So here is how you would use a "Vault Private Key" to secure what you didn't want to carry around in your pocket....

When I say "Paper Wallet"... I don't mean printed QR codes in a firebox, under bed, etc.... I use personal cryptography tools like these : http://lifehacker.com/five-best-file-encryption-tools-5677725 to stash hardened files on USB devices, the cloud, where-ever... So "paper" isn't really paper... Unless you want it to be of course... :smile:

Vault = "Paper Wallet" -- Physical or Virtual
Pocket Coin = "Paper Wallet" -- Phyiscal

Still liking the puzzle mug idea... Maybe you could fold the QR into some kind of origami to make it scan-able... But then someone could just follow the last fold by using the creases... :grin:

More thoughts?
 
Last edited by a moderator:
Didn't know about the puzzle mugs, a fun party piece, I might order one now:cool:

I was trying to think of ways to protect a lost wallet private key, although if it was also password encrypted , it would not matter so much if the wallet(paper or chip) was lost. I like the idea of a 2 tier wallet system, the pocket change might get lost but the main vault storage would need a different attack approach.
 
Didn't know about the puzzle mugs, a fun party piece, I might order one now:cool:

"The earliest example in England is the Exeter puzzle jug, a fine example of medieval pottery in Britain, dating from about 1300 and made in Saintonge, Western France.[3]"

Ya... They are super cool... It's like being authenticated to drink... Wrong passwd and the joke is on you... Literally....:grin: I have always wanted one too... Just never ordered one... Some day!

I was trying to think of ways to protect a lost wallet private key, although if it was also password encrypted , it would not matter so much if the wallet(paper or chip) was lost. I like the idea of a 2 tier wallet system, the pocket change might get lost but the main vault storage would need a different attack approach.

Agree...... The vault private key attack approach would / could be different for everyone... No rules here... The QR could be anywhere literally... Printed and stuck under a couch, in a library book or tated your body. :rolleyes:

This is kinda crazy, but I have been thinking about it for a while... So here goes... When you first try (so I've heard) to patent something you get all your details down on paper, then mail it to yourself (snail mail)... When it returns in your mailbox the stamp is voided on a specific date, proving the date of your original idea. You keep it sealed, until you have to prove it's your idea, to someone in a court of law.....

Well what if you mailed your vault Private Key to a PO Box that you and only you have the key too?

Lets do the check:
Off device -- Yes
Off network -- Yes
Off cloud -- Yes
Power required -- No
Simple -- Yes
Off-site -- Yes
Safe from fire / water damage -- Better than at home... I think...
Only physical access -- Yes
Cheap -- Yes
Better than safety deposit box -- Depends which is a more trusted source for access :wink:
Overkill -- Maybe?

Anyway... I think the AWPM is good and we should move forward w/ a pilot... I'm not going it alone, because if the community doesn't support the idea or code for the long-haul... We are just wasting our time... Also, this wouldn't be a "fork" of the current wallet, but a new project with cherry picked classes from the existing wallet for QR, protocol and transactions... It's just too different to kludge it together...

Like this if you think we should proceed....

Cheers!
 
This just in... Proof we all should be careful when developing...

http://insidebitcoins.com/news/user...rievable-from-secondhand-android-phones/32742

Only sure way is never keep it in the phone like you are trying to do, or at the very least give people the option and then when they forget to remove the wallet properly, you can at least say, well why didn't you have AWPM eh ?!

Hash engineering was accepting around 3 btc to do new android wallets at one point but seem to remember him saying he wasn't taking on any new projects apart from what hes working on (which does include our coin)
I certainly would vote on the this as a possible bounty for someone to code it as an extra function for the mobiles wallets, I think its an out of the box but simple idea that might be useful, after all people are always losing their phones but not so many lose their wallets do they :cool:
 
Only sure way is never keep it in the phone like you are trying to do, or at the very least give people the option and then when they forget to remove the wallet properly, you can at least say, well why didn't you have AWPM eh ?!

Bamm... You nailed it! :grin:

Hash engineering was accepting around 3 btc to do new android wallets at one point but seem to remember him saying he wasn't taking on any new projects apart from what hes working on (which does include our coin) I certainly would vote on the this as a possible bounty for someone to code it as an extra function for the mobiles wallets, I think its an out of the box but simple idea that might be useful, after all people are always losing their phones but not so many lose their wallets do they :cool:

Totally agree... I consider myself proficient at Java and could probably knock out a pilot command line version (I don't do UIs) of the AWPM in a week or so... But I don't have the github setup, testnet Dash basics down... I have developed w/ IBM RAD and IntelliJ before... I would lean toward IntelliJ for this project because it's free and I like it more... :smile:

I just want to make sure, more than you and I feel it's worth pursuing before going for it... Lets say once this post gets 5 likes we move forward w/ the pilot... Who can support my development effort w/ github and Dash testnet requests? Then we can just take donations or whatever....... Or maybe Hash engineering is interested in something new and exciting... Like AWPM for 3BTC? :wink:

Thoughts? Anyone else listening...
 
I just want to make sure, more than you and I feel it's worth pursuing before going for it... Lets say once this post gets 5 likes we move forward w/ the pilot... Who can support my development effort w/ github and Dash testnet requests? Then we can just take donations or whatever....... Or maybe Hash engineering is interested in something new and exciting... Like AWPM for 3BTC? :wink:

Thoughts? Anyone else listening...

Ok... I'm still looking for community support... I have github ready here: https://github.com/joezippy/awpm-core/wiki and the IDE locked and loaded... Does anyone care about this project? :rolleyes:

Cheers...
 
You could be before your time, hang in there, there are many code updates going on, not everyone can move as quick!

Ok...... But that's why they call me zippy... :wink: I'm here to hit it hard! Revolution, not evolution (for the right cause) :cool:

Because your an "Active Member" in this group... I'm going to stand back and let you lead the AWPM effort when the time is right.... I got your back w/ the design, not to worry and I'll write some code for fun..... When you tell me it's worth doing... Hope to drink out of the same puzzle mug someday.... Peace out.... :grin:
 
Ok...... But that's why they call me zippy... :wink: I'm here to hit it hard! Revolution, not evolution (for the right cause) :cool:

Because your an "Active Member" in this group... I'm going to stand back and let you lead the AWPM effort when the time is right.... I got your back w/ the design, not to worry and I'll write some code for fun..... When you tell me it's worth doing... Hope to drink out of the same puzzle mug someday.... Peace out.... :grin:

Actively inactive more like :grin:.
Stick around, there is still much testing of the core items to come, its been a gas so far..
 
Ok...... But that's why they call me zippy... :wink: I'm here to hit it hard! Revolution, not evolution (for the right cause) :cool:

Because your an "Active Member" in this group... I'm going to stand back and let you lead the AWPM effort when the time is right.... I got your back w/ the design, not to worry and I'll write some code for fun..... When you tell me it's worth doing... Hope to drink out of the same puzzle mug someday.... Peace out.... :grin:
Keep up the good work, chief, your ideas are always welcome! I'm checking in on your progress from time to time in between Twitter shifts...:tongue:​
 
Back
Top