bitcoinhodler / glacier-psbt Goto Github PK
View Code? Open in Web Editor NEWDevelopment of PSBT for Glacier bitcoin storage
License: MIT License
Development of PSBT for Glacier bitcoin storage
License: MIT License
The way I'm doing the wallet import on the online node is based on my question on StackExchange, but it turns out that is unsupported and likely to change in the next major release of Bitcoin Core. See bitcoin#15932 for details.
So, wait for v0.18 release, then redo how the import works.
Bitcoin Core 13932 adds three new RPCs that might be interesting. See Bitcoin Optech issue 34 for lots of interesting things.
I am trying to get a sense as to why this proposal would degrade the security of the current version of the protocol and if there are ways to fix it.
IMHO introducing PSBT's would be of great benefit and would actually increase the overall security of the protocol.
For the sake of discussion, let A be the full node computer and B a glacier quarantined laptop.
The current concern is that if Glacier gets compromised then an attacker could potentially coordinate his actions on A and B to inject the keys on B and extract them when we access the transaction at A.
As far as I can see this could be mitigated by having (in the ideal scenario) a quarantined laptop C that runs a live Ubuntu with bitcoin core as its only installation.
Then, the transaction signed at B is transferred to C and we use bitcoin-cli to check its validity.
Am I missing something here?
Could we see in the current guideline what the exact output to process 3 is? Specifically the data (transaction?) that will later be used to feed on the quarantined laptop.
I guess I could figure it out from the input passed process 4, but I'd like to have a clear visual representation of what data gets later passed to the guaranteed HW. It would help break down the flow of data passed around and think how this needs to be addressed securely.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.