Implementing Secret Sharing with an Encrypted Bitcoin Wallet

Geremia

sr. member

Activity: 507

Merit: 253

Quote from: laurentmt on September 15, 2014, 03:26:51 PM

Quote from: Geremia on September 15, 2014, 10:40:45 AM

Quote from: andytoshi on September 13, 2014, 03:50:38 PM

What are you trying to do?

Split up the encrypted wallet's private key with ssss and distribute it to several people. Basically, I want multiple people to have to consent to a BTC transaction before the wallet is unlocked. Capisci?

You may be interested by another multisig schema proposed by @oleganza and called Blind signatures.
Hope it helps.

interesting
thanks
I'll take a look.

laurentmt

sr. member

Activity: 384

Merit: 258

Quote from: andytoshi on September 15, 2014, 07:13:15 PM

Oleg's scheme is also inappropriate because it gives no ability to the blindsigner to check what he is signing. (And if you give him enough information to verify this, he'll have enough information to sign anything he wants, so again you fail to have a threshold consent scheme.)

Sure. Blinded content to be signed introduces a risk. Imho, Oleg's scheme can be useful if you know the signers and can communicate with them on a second channel (bitmessage, ...) in order to confirm your request for a signature and to "validate" (at least weakly) the content to be signed.

Another point : The scheme is asymmetric by design (coins owned by 1 user and secured by n signers). Don't know if it matches with OP's needs.

andytoshi

full member

Activity: 179

Merit: 151

-

Quote from: laurentmt on September 15, 2014, 03:26:51 PM

Quote from: Geremia on September 15, 2014, 10:40:45 AM

Quote from: andytoshi on September 13, 2014, 03:50:38 PM

What are you trying to do?

Split up the encrypted wallet's private key with ssss and distribute it to several people. Basically, I want multiple people to have to consent to a BTC transaction before the wallet is unlocked. Capisci?

You may be interested by another multisig schema proposed by @oleganza and called Blind signatures.
Hope it helps.

Oleg's scheme is also inappropriate because it gives no ability to the blindsigner to check what he is signing. (And if you give him enough information to verify this, he'll have enough information to sign anything he wants, so again you fail to have a threshold consent scheme.)

laurentmt

sr. member

Activity: 384

Merit: 258

Quote from: Geremia on September 15, 2014, 10:40:45 AM

Quote from: andytoshi on September 13, 2014, 03:50:38 PM

What are you trying to do?

Split up the encrypted wallet's private key with ssss and distribute it to several people. Basically, I want multiple people to have to consent to a BTC transaction before the wallet is unlocked. Capisci?

You may be interested by another multisig schema proposed by @oleganza and called Blind signatures.
Hope it helps.

andytoshi

full member

Activity: 179

Merit: 151

-

Then use multisignature transactions. SSSS is inappropriate because the secret dealer has access the entire key, and once all parties recreate the full key any one of them can do anything at all, they do not need to agree, just race each other.

Geremia

sr. member

Activity: 507

Merit: 253

Quote from: andytoshi on September 13, 2014, 03:50:38 PM

What are you trying to do?

Split up the encrypted wallet's private key with ssss and distribute it to several people. Basically, I want multiple people to have to consent to a BTC transaction before the wallet is unlocked. Capisci?

andytoshi

full member

Activity: 179

Merit: 151

-

What are you trying to do?

Geremia

sr. member

Activity: 507

Merit: 253

How would I implement Shamir's Secret Sharing Scheme with an encrypted Bitcoin wallet?

Topic: Implementing Secret Sharing with an Encrypted Bitcoin Wallet (Read 1730 times)