undefined | Better HN

0 pointsmaaku12y ago0 comments

> You cannot automate a cold-wallet scheme.

Yes, you can. You can have the hot wallet only deal with multi-signature outputs, and have these approved by separately locked down servers running behind TOR, for example, using out-of-band mechanisms for approving transactions.

0 comments

dragontamer12y ago

>You can have the hot wallet only deal with multi-signature outputs

Then you don't have a cold-wallet scheme. You have a hot wallet scheme.

TylerE12y ago

You can do anything if you allow massive handwaving. ("out-of-band mechanisms for approving transactions")

maakuOP12y ago

Do I have to spell it out? The machine could be under physical control of its operators, with rate limiting restrictions lifted only by manual intervention via a GUI interface, making the low bandwidth TOR connection the only link to the outside world (and a simple one at that). Or the the verification and signing steps done via TPM so as to prevent key theft. There are other possibilities too.

This isn't handwavery. It's basic security engineering.

TylerE12y ago

Yes, but the whole debate was how to it automatically. Once you have someone physically intervening, your solution fails to meet the problem criteria.

1 more reply

j / k navigate · click thread line to collapse

0 pointsmaaku12y ago0 comments

> You cannot automate a cold-wallet scheme.

0 comments

dragontamer12y ago

>You can have the hot wallet only deal with multi-signature outputs

Then you don't have a cold-wallet scheme. You have a hot wallet scheme.

TylerE12y ago

You can do anything if you allow massive handwaving. ("out-of-band mechanisms for approving transactions")

maakuOP12y ago

This isn't handwavery. It's basic security engineering.

TylerE12y ago

Yes, but the whole debate was how to it automatically. Once you have someone physically intervening, your solution fails to meet the problem criteria.

1 more reply

j / k navigate · click thread line to collapse