Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Development & Technical Discussion
Re: Bitcoin feature suggestion - Address Rule
by
cr1776
on 07/08/2014, 11:21:00 UTC
Quote from: btcKaboom on August 07, 2014, 05:22:40 AM
Quote from: cr1776 on August 06, 2014, 05:35:43 PM
Quote from: justusranvier on August 06, 2014, 02:26:50 PM
Quote from: btcKaboom on August 04, 2014, 07:39:04 AM
Since we can store the wallet balance in the chain
We don't and we can't, so the rest of your suggestion is invalid.

True. 

Likewise, if I understand what you are suggesting, I do not believe this adds anything in terms of security that could not be done at the application level vs the protocol level.  In either case (creating/changing your rules with your private key etc) vs bitcoin as it is now, if someone has your private key, you are screwed because they'll just change your rules and then transfer your coins.  A root cause of insecurity is protecting your private keys and adding these rules doesn't help with that. 


I must be missing something - explain to me how bitcoin stops people spending more than the balance of their address.

The rule key is required to remove a rule.
The rule key is more secure than a private key, because you dont need to use it all the time, and it only ever gets used once - to remove a rule.


1. You are missing something.  The nature of the protocol ensures no one can spend more than the balance that an address contains. If you could overdraw an address bitcoin would be worthless. (Using the concept of balances at addresses as shorthand.). If you are talking about something you didn't say, the total balances at any address for which you control the private keys, your client can enforce whatever rule you want, but the protocol does not.

2. By default Bitcoin Core doesn't reuse addresses and consequently private keys either.  Hence change addresses, new addresses for each transaction etc. Reusing addresses can cause security issues such as the android PRNG issue for reused addresses so it is already not recommended.  If that is the concern, a rule disallowing address reuse might be considered (I don't think it is a good idea either, it too could be enforced client side).

Anyway, if your computer is compromised you are screwed either way.  The difference in security between having a second layer at that point is de minimis.

As an aside, the odds of this being adopted by everyone are infitesimal when you can accomplish the same thing (or more) with good security on the client side. It is like adding email at the tcp/ip layer vs on top of it with SMTP.  You want the lower layers to be simple so they are easier to debug and here it is even more important since if you lose an email it can be resent, vs potentially billions of dollars at stake with bitcoin. 

You can always implement what you suggest and then see how many people will adopt it.