Gavin Andresen shows you how to implement a two-factor protection of wallet files

Maria Santos
Author
Last updated on:
Fact Checker

The chief scientist for the Bitcoin Foundation and lead developer for the Bitcoin open source project, the almighty Gavin Andresen recently shared some juicy knowledge on GitHub.

The expert decided to help the Bitcoin users out there and suggested two-factor protection of wallet files. Check out below the original text published by Andresen.

Thumbnail sketch: Two-factor (Yubikey or Google Authenticator) protected wallets

Hardware:

Computer. Shared-secret authenticator (Yubikey/Google Authenticator/etc). Server (possibly shared with millions of other users).

Motivating use case setup:

User creates a split (2-of-2 multisig) wallet on the computer and server. Keys must be securely backed up to protect against lost. GUI to be determined, but there will be some type of “Use Authenticator” checkbox specified at setup.

User also arranges for the server to know the shared secret with the shared-secret authenticator.

Motivating use case, usage:

Coins are sent into the wallet via P2SH 2-of-2 address(es).

On spend, user is prompted for authenticator one-time-password (OTP). If it is correct, second signature is created and payment is made immediately, with no further interaction required(*). If incorrect, no payment made (server should inform user of the invalid payment attempt).

(*) server might offer to further validate high-value transactions via SMS or DNA sample submission or some other authentication method. And server might enforce rules to limit BTC sent per 24-hours or have other protections.

Attacks:

  1. Attacker steals computer / private keys, but does not have authenticator device and does not compromise server. Coins are safe.

  2. Attacker compromises my computer, installs malware (e.g. keylogger, or replaces client binary). Use of OTP authenticator limits loss of coins to whatever mitigation policy is in place on the server.

  3. Attacker compromises server. Coins are safe.

  4. Attacker compromises computer and server. Coins are lost, because both keys are compromised.

  5. Man-in-the-middle between computer and server. Coins are safe, attacker may DoS (prevent spending).

By the reactions we are watching, Bitcoin users are really digging this suggestion. What about you?

Disclaimer: Crypto is a high-risk asset class. This article is provided for informational purposes and does not constitute investment advice. You could lose all of your capital.
99Bitcoins may receive advertising commissions for visits to a suggested operator through our affiliate links, at no added cost to you. All our recommendations follow a thorough review process.
Maria Santos
Maria Santos

Maria is an experienced journalist currently living in the UK. She has been writing about Bitcoin and the altcoin universe since 2013. She is also a member of the Lifeboat Foundation's New Money Systems Board and a big cryptocurrency supporter. Read More

Free Bitcoin Crash Course

Learn everything you need to know about Bitcoin in just 7 days. Daily videos sent straight to your inbox.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service
We hate spam as much as you do. You can unsubscribe with one click.