Author

Topic: If Multibits servers were compromised (Read 1517 times)

hero member
Activity: 882
Merit: 1006
February 06, 2015, 12:39:30 PM
#4
The Multibit client does not rely on any third party servers, it communicates with the normal Bitcoin network.

Multibit do use servers that let people download the client. If these were compromised then anyone who downloads the client while the servers are compromised could be infected with bitcoin-stealing malware and/or the client be backdoored. This can be prevented by checking the download is signed by the Multibit developers PGP key before you install it.

Servers? Electrum relies on special servers. Multibit works with regular bitcoin nodes[1]. If those were all compromised we would have a general problem.

Electrum receives it's transaction data from special nodes (which anyone can run), this is for privacy purposes as with SPV the node you get your transaction data from knows what your Bitcoin addresses are, so it's a good idea to only use a node that you trust instead of randomly choosing them each time you make a tx. Electrum still connects to 8 normal Bitcoin nodes to get block headers to make sure that the electrum server you use isn't leaving any transactions out, so it's difficult for the node to do anything malicious.
hero member
Activity: 658
Merit: 500
January 19, 2015, 09:36:30 AM
#3
If MultiBit server (I don't think there's more than one) is compromised, then it would be dangerous to download the client, but people with the client already installed would have no issue using it.
copper member
Activity: 1498
Merit: 1528
No I dont escrow anymore.
January 19, 2015, 04:22:13 AM
#2
Is this possible? If this did happen what would the attacker have hold of? I don't they would have your private keys because you sign the locally but I may be wrong please let me know if I am. If the servers got compromised no one would be able to send transactions right?

this is the one problem I have with multibit you have to rely on them.

Servers? Electrum relies on special servers. Multibit works with regular bitcoin nodes[1]. If those were all compromised we would have a general problem.


[1] https://en.bitcoin.it/wiki/Scalability#Simplified_payment_verification
newbie
Activity: 5
Merit: 0
January 18, 2015, 06:32:18 PM
#1
Is this possible? If this did happen what would the attacker have hold of? I don't they would have your private keys because you sign the locally but I may be wrong please let me know if I am. If the servers got compromised no one would be able to send transactions right?

this is the one problem I have with multibit you have to rely on them.
Jump to: