:: Re: [unSYSTEM] DarkWallet Whitepape…
Top Page
Delete this message
Reply to this message
Author: jaume
Date:  
To: System undo crew
Subject: Re: [unSYSTEM] DarkWallet Whitepaper (Specs, details, features & inside dirt)

>>If your OS is compromised, then you're already fucked.
>
> There's a nuance here, right. In my opinion, however much I hate banks, I
> think over the last few years they have got this right. 2FA is a solution
> to the OS compromise issue, BUT it doesn't work if the second factor is on
> the same machine,


2FA for non-trivial quantities seems nice. I like the idea of using
two-out-of-three signatures. Does it make sense to keep one private key in
the laptop, one in the mobile phone and one in a safe? The user creates
and signs the transaction using the laptop, then this information is
transmitted using one or more QR-codes to the mobile phone. The mobile
phone adds a second signature and broadcasts the transaction with the two
signatures.

Now the attacker has to compromise two devices to get access to the funds ...

Cheers!
Jaume