Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Development & Technical Discussion
Topic OP
Reducing the need for cold storage through self-blacklisting
by
crazyhorse
on 30/11/2013, 21:03:41 UTC
I had an idea today, and I wanted some feedback on it.

Today, best practice for a business (or individual) holding significant amounts of bitcoin is cold storage. I.e. no private keys online. I'd like to know if anyone agrees that the scheme below might be an alternative that is more convenient without sacrificing any significant security.


First, the protocol/miners would need to be updated to support what I'm calling a self-blacklist. This isn't a trust-based blacklist where clients need a list of blacklisted coins from some trusted authorities. Instead, anyone with an address's private key could blacklist some or all of the coins held by that address. When blacklisting coins, you would set the amount of time it will take before the coins are unblacklisted, for example, 7 days. While the coins are blacklisted, no miner would accept any transaction involving those coins. At some later date, the address's private key can then be used to unblacklist the coins. However, there will be a delay (7 days in the example above) before the unblacklisting will take effect.

Just doing the above doesn't really provide any value other than delaying an attacker. However, each address would get a 2nd private key. This 2nd private key would be able to transfer and instantly unblacklist the coins. The 2nd private key would not be required for any transactions involving coins not blacklisted. The 2nd private key would always be kept in cold storage (or paper storage) unless there were a compromise.

Here is what I imagine might be a typical scenario:
  • I blacklist all the coins that today I would have kept in cold storage. The private key is available online. This allows me to programatically access this coins as I run my business.
  • I set my blacklist time to be 2 days because I watch my systems closely. I think I can respond to any attempt to unblacklist and steal my coins within that period of time. If I had to make a big payment, it would be delayed by 2 days, but it could still be done programatically. If I didn't watch this business very closely, I might set it to 30 or 60 days so I'd have a lot more time to investigate in the case of an attack.
  • I keep my 2nd private key in cold storage with all the precautions used today for cold storage (redundant, secure, etc.).
  • My server is compromised. The attacker steals everything in my "hot wallet," which isn't much. He then steals my private key for the blacklisted coins and unblacklists them. This starts my 2-day count down before the coins are actually unblacklisted.
  • I have previously set up an independent system to watch for when my coins are unblacklisted. I get an email alert.
  • I immediately re-blacklist the coins, probably with a longer blacklist time, such as 30-90 days or possibly indefinitely.
  • I investigate why the coins were unblacklisted.
  • Once I determine it was a hacker, I set up a new address and use my "2nd private key" (which I have taken out of cold storage) to instantly unblacklist all the coins, transfer all the coins to the new wallet, and reblacklist all the coins (again with a 2-day count down). These three things would all happen within a single transaction so there is no opportunity for the attacker to steal the coins between when I instantly unblacklist them and when they are moved to the new address.
  • I fix the security breach. Then my service is back up-and-running.


I'm not seeing any flaws in the plan? Please tell me where I am wrong.