+ no more comments on this thread.
+ If anyone asks, I will reply.
+ If anyone annoys me, I will reply.
Thanks again for your input. It's good to have someone trying to find problems. This is fundamental to science.
Now presently, even Dan the dev admits that technically it would be possible (even if unlikely) to lose coins during a transaction. I think you did a good job of explaining why (though I may have misunderstood).
Are you now thinking that "multi sig" will solve this potential problem?
Current user of Xnode client sends coins to a address issued by Xnode.
Actually user sends coins to real payee. But Xnode client changes it to the address issued by Xnode.
This means Xnode has private key for the address.
Have you check tx out of Xnode user ?
Receiver is Xnode address.
One of worried, I had posted. People steal coins.
Here is brief explanation of multisig.
http://bitcoin.stackexchange.com/questions/3718/what-are-multi-signature-transactionsA multi-signature address is an address that is associated with more than one ECDSA private key.
The simplest type is an m-of-n address - it is associated with n private keys, and sending bitcoins
from this address requires signatures from at least m keys. A multi-signature transaction is one that sends funds from a multi-signature address.
The primary use case is to greatly increase the difficulty of stealing the coins.
With a 2-of-2 address, you can keep the two keys on separate machines, and then theft will require compromising both,
which is very difficult - especially if the machines are as different as possible
(e.g., one pc and one dedicated device, or two hosted machines with a different host and OS).