Topic: Cannabis Road hacked despite using 3 levels of multi sig, 200 BTC hacked - page 3. (Read 2881 times)
August 26, 2014, 07:31:27 AM
That hacker should be hired by some big company like google or microsoft (after some years in jail of course).
August 26, 2014, 07:29:28 AM
So how does this happen then? Was their server where the main hot wallet was storing bitcoins not multisig for protection or how does that work? Things that make you go hmmm.
http://www.coindesk.com/black-market-cannabis-road-hacked-loses-100000-bitcoin/
Multisig employed
The success of the attack is particularly notable given that Cannabis Road had moved to integrate safeguards aimed at better protecting user funds through multi-signature technology, an evolution of the traditional wallet offering that introduces an arbitrator to the transaction process.
In a May interview with DeepDotWeb, Crypto indicated that Cannabis Road was using a hybrid version of multisig, however, in part to make the technology easier for its customers to use.
At the time, he indicated that Cannabis Road had added three levels of multisig in response to a rise in attacks against illicit websites, explaining:
“All three levels start off the same, asking for public keys of the buyer, vendor and market to create the shared (multisignature) address. The buyer sends funds to the shared address. Once the buyer is happy, the buyer agrees to finalize the order, this is where the three levels are offered.”
Two more advanced levels were added on top of this service, both of which put restrictions on the situations in which users would be asked to send their private keys.
http://www.coindesk.com/black-market-cannabis-road-hacked-loses-100000-bitcoin/
Quote
Multisig employed
The success of the attack is particularly notable given that Cannabis Road had moved to integrate safeguards aimed at better protecting user funds through multi-signature technology, an evolution of the traditional wallet offering that introduces an arbitrator to the transaction process.
In a May interview with DeepDotWeb, Crypto indicated that Cannabis Road was using a hybrid version of multisig, however, in part to make the technology easier for its customers to use.
At the time, he indicated that Cannabis Road had added three levels of multisig in response to a rise in attacks against illicit websites, explaining:
“All three levels start off the same, asking for public keys of the buyer, vendor and market to create the shared (multisignature) address. The buyer sends funds to the shared address. Once the buyer is happy, the buyer agrees to finalize the order, this is where the three levels are offered.”
Two more advanced levels were added on top of this service, both of which put restrictions on the situations in which users would be asked to send their private keys.
Jump to: