1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
|
Delivery-date: Sat, 14 Jun 2025 18:35:45 -0700
Received: from mail-oa1-f64.google.com ([209.85.160.64])
by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
(Exim 4.94.2)
(envelope-from <bitcoindev+bncBCJNLJPWXAIBBZWGXDBAMGQE3TBNTPQ@googlegroups.com>)
id 1uQcHg-0004CQ-PR
for bitcoindev@gnusha.org; Sat, 14 Jun 2025 18:35:45 -0700
Received: by mail-oa1-f64.google.com with SMTP id 586e51a60fabf-2e9b1f85b2bsf2496158fac.0
for <bitcoindev@gnusha.org>; Sat, 14 Jun 2025 18:35:44 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1749951339; cv=pass;
d=google.com; s=arc-20240605;
b=GgHZQPT49+9bCcOws3Q1gPWzYwlDd+KMP04YVV92W+hw17w3H79Q34b5S/rbT5udqi
JRUAhptrdoRFURKVugq/b5ekEuOt5jtlEl3lMLuxf0ZqxVjJiWvQ2ucyTN9c99pfpfN/
LbqoRv+2ZOR55c/o2OLTFhKIzf/n+2E/7eprHm5RvhuYh/XHXBb+y2zY8qYRokxYZENM
AbPV5nGOLXxuGP7tb7luHnhir2JjYcZPoW0ot7UnylkJ4I5P5Zo1kfQqpdhsZ4MarYAh
EZttUin4OOF8soYjlOu76d6ItqvpI+DY4Xbs1BuFhUJJaKSkEuWrgTG9bUu6kTNE4Ses
zU7w==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:cc:to:subject:message-id:date:from
:in-reply-to:references:mime-version:sender:dkim-signature
:dkim-signature;
bh=aiHlSbfXDv3XLJHUALo32tU0X98x0AdZpEvAgCFBvS8=;
fh=CYvGWH220E1oAkoCVG536Tb4J2OJWaNGXzGC3qSsAt0=;
b=ehYI+C17PViIixGb7h4OwtWm0D5CkbeG0q+SmKv5hkm5zzoY65SGPZ4X7g9Fo9I6R/
suSYKrW8cq9SQbk4HJTpMxJxOaUop2Z3JHioVh5Kc7Bs2svmHUZfvZav5UTRLbw+ZR0k
1W/1RRfGwkVYnctM709qmr90wzvGc/Ig6FQBXJyUmM1BBBoaXmDOihCVIjmd4Lei0/ll
lsw+KLygnzMp2RQ93LSWPtA2IhHGLGrHNRk/LkD7DutNkmSGU7xW2XUJ7MqVLcc8D47o
6ohh/PJWqBEiKD9kcBAa/gBTf7yLLeKXLGak9kPZ4tVsW7canoXSEe5s5UqpRWun6ECE
C9Ew==;
darn=gnusha.org
ARC-Authentication-Results: i=2; gmr-mx.google.com;
dkim=pass header.i=@gmail.com header.s=20230601 header.b="lam/Dxpd";
spf=pass (google.com: domain of gmaxwell@gmail.com designates 2607:f8b0:4864:20::1033 as permitted sender) smtp.mailfrom=gmaxwell@gmail.com;
dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com;
dara=pass header.i=@googlegroups.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=googlegroups.com; s=20230601; t=1749951339; x=1750556139; darn=gnusha.org;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:x-original-authentication-results
:x-original-sender:cc:to:subject:message-id:date:from:in-reply-to
:references:mime-version:sender:from:to:cc:subject:date:message-id
:reply-to;
bh=aiHlSbfXDv3XLJHUALo32tU0X98x0AdZpEvAgCFBvS8=;
b=L1XsX+HJ2OkUc0zb4apTzCR2dAZ1IVjTsS/j295CaikGCVYuLSPJui+zcGTd59ykv9
DtQ3xC5MziEVO98StbO2cL1gtHIjKpYLSaTN+z7lZzJJOmKI58NdQg6WmN7SIUCL2ucz
SLGQI9fzfqEIlyIjv8leDnXL/LQnGgzrRs9M8w+lgdGLK2/wH2LK76BAiyXXiL6rQPBb
1OaI3TVnX+C30z8XNCgLN9He1vRlqcKHnC1dZerY8rCbshuowH4kBy2RkTDLadzpIXDi
ojanIEd0MN9aqI/UYkZRKP3ujqzvdx6ZYAluDQp0flPpExjdfFIfmY8P2iV2abQMOpi4
2luA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20230601; t=1749951339; x=1750556139; darn=gnusha.org;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:x-original-authentication-results
:x-original-sender:cc:to:subject:message-id:date:from:in-reply-to
:references:mime-version:from:to:cc:subject:date:message-id:reply-to;
bh=aiHlSbfXDv3XLJHUALo32tU0X98x0AdZpEvAgCFBvS8=;
b=MkRL5MZcp+7O6tC05hHCzOQSeQ/noBWwMQ0AEtoD2PVD0H1ph2tDQKiYuuaJTBE3+E
jQvRvxc36qCCvkOeQ24RLtqgiCmaCajqSbqUiPStFCN1RcOLiC+HeIH7tWpuBTGTPrAp
MJlBwl64elwGAIiaI7d1Ec8Mt+7Wr4KpG6eP0XA/rmAsMERFiYAiNf+TSqeIIsLPOA7z
BpuqIMJtMWkjNABocC0PtR8mmcKWR100JTEd1UyN1eIxj/3Ber54EyO4OQ3a70aabhOv
sPKhT5dAXWwDeJP5t2uMBuCaJ9SEeKaUEGZSxAu1NYLDU5DA1hIAPJ+nATX5t1yRBn4Z
VZQw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1749951339; x=1750556139;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:x-original-authentication-results
:x-original-sender:cc:to:subject:message-id:date:from:in-reply-to
:references:mime-version:x-beenthere:x-gm-message-state:sender:from
:to:cc:subject:date:message-id:reply-to;
bh=aiHlSbfXDv3XLJHUALo32tU0X98x0AdZpEvAgCFBvS8=;
b=ONv1RBNeaLz+mBsqYBcFarPTTFraXn67Z1poTXkGIVtOQoEIxbvfew7K9EDJcKDxse
5D8EIncgAn1PIYR1j0iG4KOgNi1nOUQowwLMfOG9nBkNBRKFf5VzYhyQkNR5ytZfB+xq
HoaLLAhUizu3CYd00Mtsg7P8F8Y1OGr2+79zNUxd6AF9d/8nSizA0UpaAplq1Nvqvd0i
FSAFjRQffidJXBmG+6JYY1B0Aec9Dth+Bt9V/PX7KvxBqR3XrWbH+4wXyxM/hqHJMlbm
5zYP1aVPVF7yVPqnlK3iDh+mxg65KRTfQCBNViVNqcBnDnZeLcmBI21kqoOyqVNPwKPx
ObpA==
Sender: bitcoindev@googlegroups.com
X-Forwarded-Encrypted: i=2; AJvYcCWZ6XxWGzhFz3HXWBP7b6pWomHnMOSvi/ipHGwAA7khyZBrQyF6l4Agq3vX4hIKvaUiL2ZlHepPEOvv@gnusha.org
X-Gm-Message-State: AOJu0Yyr4iDGPv8nx7lxubS7LR7LEUzWbkNzcY+iquWPKdMp7E7sPLlr
3I9m3gZdAeRfaJ/HWdqeaqdGGNViyy36bLMt3TB46sZMbm3ojJKnf9Gf
X-Google-Smtp-Source: AGHT+IGkEpIotGPZRMCn7UXC+4UDEoe90Q1XDvaP9x5AZ3Yr1CxRUFrsvMPI42lAQQxw+D11rBNgyA==
X-Received: by 2002:a05:6870:8196:b0:2b8:3c87:b491 with SMTP id 586e51a60fabf-2eaf08bcc6dmr3002269fac.26.1749951338560;
Sat, 14 Jun 2025 18:35:38 -0700 (PDT)
X-BeenThere: bitcoindev@googlegroups.com; h=AZMbMZch9bA2hbSpThmMLznB2y+23NB3z1j70Wbf9jK6c0bjdg==
Received: by 2002:a05:6871:c683:b0:2da:fbc:5e7 with SMTP id
586e51a60fabf-2eab6b62848ls1161219fac.0.-pod-prod-07-us; Sat, 14 Jun 2025
18:35:33 -0700 (PDT)
X-Forwarded-Encrypted: i=2; AJvYcCVo/Gxba80cBDT6KCrIC+Vin/F7VXuXU6y/X5Qhdb7zLE0BBhB0BCuWRtVXSrHneM3P17s4QeV/KGyX@googlegroups.com
X-Received: by 2002:a05:6808:23c2:b0:408:fbed:c39f with SMTP id 5614622812f47-40a7c17a027mr3418584b6e.26.1749951333855;
Sat, 14 Jun 2025 18:35:33 -0700 (PDT)
Received: by 2002:a05:6808:505e:b0:3fa:da36:efcd with SMTP id 5614622812f47-40a719c5e4bmsb6e;
Sat, 14 Jun 2025 17:01:47 -0700 (PDT)
X-Forwarded-Encrypted: i=2; AJvYcCXAQHkDppL/+lUxDk+uMj5qUqjSgeTKvQGgNj3IIJhNGgqwaaWRasDTI0ODnHQSm0OQzS4Y7HrDNDCr@googlegroups.com
X-Received: by 2002:a17:90a:c107:b0:311:fc8b:31b5 with SMTP id 98e67ed59e1d1-313f1ca1398mr7999614a91.14.1749945706403;
Sat, 14 Jun 2025 17:01:46 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1749945706; cv=none;
d=google.com; s=arc-20240605;
b=Y8t3/wtDygCIufFnc2BFMaQLg/NZajpvTI1iHqEXhpLhsyiP1sHcigHyb4b4jNQtAx
RME4b3scJHltG51+8fucpRXRNk+uNXhFRLZdixs4UZv5Fz6vwZ/WxcZf8tsWa3QFshmt
ubqoDzKKTWIKAuahHLIOgVfPn/OKeidPVGJtSwfGlCWAitB4F6q1IdwuEd3nX41N/0Nl
k0NqacNir+8gMK1T1umKkrh4UxLWqxJCeAiPVIBLMqiWBjAQufHcQQ3VSWB4qFtNUU7V
7tdLCgB/npdOQ15PA6N/IuDe8mkOUOwF1TDXF8JWXUqDTnSp73u9ORshLaiEfYytFPNR
f1aQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
h=cc:to:subject:message-id:date:from:in-reply-to:references
:mime-version:dkim-signature;
bh=6UdAZ/Y8WicOw7ZzGBFZfP8nGRBapRMa3jaGvCYgR64=;
fh=ip2rQc3aJB6j+9kRU1Ku1yIxzc+KnTi8hUTrWLyjU+0=;
b=A4DbKdhxN75kynVjNoAuiw0zTdRQA6naVMhFINqJwZiKkYaTR457KnvyzjnYw4FpW2
47wmMnowmg6UYW1sVEZ9evQa2hxS1PQ3UisY83biIN5K59ti+/ioTsy/5vukMcy9QTtI
s6ZmJZM8i4n2+jleMd4hRb+e5bx8BERiH1hD7Yqg95aeBnaGhC+gcJmE0jvel8RHrWsb
BP83SkXcX5tYOZfVaE0yDXM0/4kuGgQd1KrtI3/ypp7MZAkmb78o1Ytv/3n1lIpFKrlJ
kxDGrW+yHc0X9Y2eT1RFaC4BEvTFwq090AVdziiXr9OKC++eSAdY97RJ5a3Ln8VU1a62
s5qw==;
dara=google.com
ARC-Authentication-Results: i=1; gmr-mx.google.com;
dkim=pass header.i=@gmail.com header.s=20230601 header.b="lam/Dxpd";
spf=pass (google.com: domain of gmaxwell@gmail.com designates 2607:f8b0:4864:20::1033 as permitted sender) smtp.mailfrom=gmaxwell@gmail.com;
dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com;
dara=pass header.i=@googlegroups.com
Received: from mail-pj1-x1033.google.com (mail-pj1-x1033.google.com. [2607:f8b0:4864:20::1033])
by gmr-mx.google.com with ESMTPS id 98e67ed59e1d1-313a687539esi323622a91.1.2025.06.14.17.01.46
for <bitcoindev@googlegroups.com>
(version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
Sat, 14 Jun 2025 17:01:46 -0700 (PDT)
Received-SPF: pass (google.com: domain of gmaxwell@gmail.com designates 2607:f8b0:4864:20::1033 as permitted sender) client-ip=2607:f8b0:4864:20::1033;
Received: by mail-pj1-x1033.google.com with SMTP id 98e67ed59e1d1-313910f392dso3057013a91.2
for <bitcoindev@googlegroups.com>; Sat, 14 Jun 2025 17:01:46 -0700 (PDT)
X-Forwarded-Encrypted: i=1; AJvYcCWYWVtUNtdzR2v4JznH24FnJAEMRTOf2V98/23XssKNeYW82u5dslh0BgyTgF4X/xuz2dmTSET2Y/vR@googlegroups.com
X-Gm-Gg: ASbGncsjh6QVTAw+L2QFlIWLDDHDRd8Od38yXJmxUFPwCGOso3ywSFWtrERv/siUW57
XDixS3/VMQ7eTfQc/XGRzAfBwK9YrkReNaoHzVhgvQcqAer/AMdCRJnWPvmA12pij9QepEYw1f+
qxKna6YJ4TFqIKbd0vsStnuxsXugN8dxZkt0lOIf7SzMY=
X-Received: by 2002:a17:90b:3903:b0:312:1c83:58e9 with SMTP id
98e67ed59e1d1-313f1c6f6a0mr6094907a91.5.1749945705856; Sat, 14 Jun 2025
17:01:45 -0700 (PDT)
MIME-Version: 1.0
References: <aEdoIvOgNNtT6L4s@mail.wpsoftware.net> <CAPfvXfL=7bQvhN5ZOJoS-hQ8TmUku=mNhxNop=ZhcyH+kqs9jw@mail.gmail.com>
<46349b6c-ccec-4378-8721-aecec22752e7@mattcorallo.com> <de023ffa-6f8b-44bc-8e4d-6012e2ba3ccen@googlegroups.com>
<8d158e3d-b3cc-44b6-b71b-ab2e733c047c@mattcorallo.com> <CAPfvXfLc5-=UVpcvYrC=VP7rLRroFviLTjPQfeqMQesjziL=CQ@mail.gmail.com>
<aEsvtpiLWoDsfZrN@mail.wpsoftware.net> <f8b37a59-0897-40df-a08e-7812c806a716@mattcorallo.com>
<CADL_X_fxwKLdst9tYQqabUsJgu47xhCbwpmyq97ZB-SLWQC9Xw@mail.gmail.com>
<psUO5AHTglJ3KiGM5tTd0sqrFDUexydKzfkOpjOHcWM97OdluX_hIplsXxl_9vzS1pPOqMek3rVBhlzWiPyuvFvz7VmG9FNXapkMG97a7xc=@protonmail.com>
<CADL_X_faQhCGS78y0Nggm_h=x_cEtshhbrZDDhQ=FEgbDXkc-Q@mail.gmail.com>
<CAAS2fgSo=pdRhj=MkRDObXm5GtKpP3R5T4yck_pwBpn3_72f5Q@mail.gmail.com>
<CADL_X_dTK0AtaWQGLzcNBug1=4x7CYn8ypvWAtHVzyGht47wuw@mail.gmail.com>
<CAAS2fgSmmDmEhi3y39MgQj+pKCbksMoVmV_SgQmqMOqfWY_QLg@mail.gmail.com> <CAExE9c8oWiy6GUaSMVf2Nxa+9a60e2Mw8fg_s8GT4TmfiPMKMQ@mail.gmail.com>
In-Reply-To: <CAExE9c8oWiy6GUaSMVf2Nxa+9a60e2Mw8fg_s8GT4TmfiPMKMQ@mail.gmail.com>
From: Greg Maxwell <gmaxwell@gmail.com>
Date: Sun, 15 Jun 2025 00:01:34 +0000
X-Gm-Features: AX0GCFtswJO2SZ-c5-49aWb36cBEyFKcDaiYbm5zm8KkbE1SOXnoyiLQpXZabqA
Message-ID: <CAAS2fgTj3o=BSUQhCJT4pk_YpSkfT6+w=Ymss3CntHst3y_DpQ@mail.gmail.com>
Subject: Re: [bitcoindev] CTV + CSFS: a letter
To: Sanket Kanjalkar <sanket1729@gmail.com>
Cc: Jameson Lopp <jameson.lopp@gmail.com>, Antoine Poinsot <darosior@protonmail.com>,
Matt Corallo <lf-lists@mattcorallo.com>, Andrew Poelstra <apoelstra@wpsoftware.net>,
Bitcoin Development Mailing List <bitcoindev@googlegroups.com>
Content-Type: multipart/alternative; boundary="0000000000002c8423063790fcdb"
X-Original-Sender: gmaxwell@gmail.com
X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass
header.i=@gmail.com header.s=20230601 header.b="lam/Dxpd"; spf=pass
(google.com: domain of gmaxwell@gmail.com designates 2607:f8b0:4864:20::1033
as permitted sender) smtp.mailfrom=gmaxwell@gmail.com; dmarc=pass
(p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com; dara=pass header.i=@googlegroups.com
Precedence: list
Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com
List-ID: <bitcoindev.googlegroups.com>
X-Google-Group-Id: 786775582512
List-Post: <https://groups.google.com/group/bitcoindev/post>, <mailto:bitcoindev@googlegroups.com>
List-Help: <https://groups.google.com/support/>, <mailto:bitcoindev+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/bitcoindev
List-Subscribe: <https://groups.google.com/group/bitcoindev/subscribe>, <mailto:bitcoindev+subscribe@googlegroups.com>
List-Unsubscribe: <mailto:googlegroups-manage+786775582512+unsubscribe@googlegroups.com>,
<https://groups.google.com/group/bitcoindev/subscribe>
X-Spam-Score: -0.5 (/)
--0000000000002c8423063790fcdb
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
On Sat, Jun 14, 2025 at 11:50=E2=80=AFPM Sanket Kanjalkar <sanket1729@gmail=
.com>
wrote:
> Do you mean arbitrary output address that is unknown at commitment time?
> Otherwise, I think the current CTV vault does allow abort/allowing from
> "stage area" to "hot area" or abort to "rescue area". While general purpo=
se
> recursive vaults will allow funds back into same "cold area", I think it =
is
> possible to also move funds back into same back under the same cold keys
> with a bounded recursion CTV provides.
>
Moving funds back to the initial key that the attacker already has
demonstrated the ability to release from doesn't seem useful to me. --
though that is a thing the presigned example I gave doesn't do.
> Finally, on the usefulness of vaults; based on my own observation of all
> the hacks (bitcoin and wider crypto), in most cases it is not the key tha=
t
> is stolen but rather the authorization process or UI/UX hacks or somethin=
g
> else up the signing stack is compromised. Having reactive security to
> "undo" feels valuable in this scenario.
>
Is there an example of a hack that has been defeated by one? It would be
interesting to see the exact workflow.
If the scheme is just released into a 'hot area' and the hot area keys have
the power to send the coins anywhere, presumably the attacker will attack
the hot area keys and wait for funds to be moved there and instantly sweep
once they're there. If the hot area keys are presumed secure, then they
can be multisig on the release from 'cold'.
--=20
You received this message because you are subscribed to the Google Groups "=
Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an e=
mail to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/=
CAAS2fgTj3o%3DBSUQhCJT4pk_YpSkfT6%2Bw%3DYmss3CntHst3y_DpQ%40mail.gmail.com.
--0000000000002c8423063790fcdb
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div dir=3D"ltr">On Sat, Jun 14, 2025 at 11:50=E2=80=AFPM =
Sanket Kanjalkar <<a href=3D"mailto:sanket1729@gmail.com">sanket1729@gma=
il.com</a>> wrote:<br></div><div class=3D"gmail_quote gmail_quote_contai=
ner"><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;bo=
rder-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir=3D"ltr"><di=
v class=3D"gmail_quote"><div>Do you mean arbitrary output address that is u=
nknown at commitment time? Otherwise, I think the current CTV vault does al=
low abort/allowing from "stage area" to "hot area" or a=
bort to "rescue area". While general purpose recursive vaults wil=
l allow funds back into same "cold area", I think it is possible =
to also move funds back into same back under the same cold keys with a boun=
ded recursion CTV provides.<br></div></div></div></blockquote><div><br></di=
v><div>Moving funds back to the initial key that the attacker already has d=
emonstrated the ability to release from doesn't seem useful to me.=C2=
=A0 -- though that is a thing=C2=A0the presigned example I gave doesn't=
do.</div><div><br></div><blockquote class=3D"gmail_quote" style=3D"margin:=
0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">=
<div dir=3D"ltr"><div class=3D"gmail_quote"><div><br>Finally, on the useful=
ness of vaults; based on my own observation of all the hacks (bitcoin and w=
ider crypto), in most cases it is not the key that is stolen but rather the=
authorization process or UI/UX hacks or something else up the signing stac=
k is compromised. Having reactive security to "undo" feels valuab=
le in this scenario.=C2=A0</div></div></div></blockquote><div><br></div><di=
v>Is there an example of a hack that has been defeated by one?=C2=A0 It wou=
ld be interesting to see the exact workflow.</div><div><br></div><div>If th=
e scheme is just released into a 'hot area' and the hot area keys h=
ave the power to send the coins anywhere, presumably the attacker will atta=
ck the hot area keys and wait for funds to be moved there and instantly=C2=
=A0sweep once they're there.=C2=A0 If the hot area keys are presumed se=
cure, then they can be multisig on the release from 'cold'.</div><d=
iv><br></div><div><br></div><div><br></div><div><br></div><div><br></div><d=
iv><br></div><div><br></div></div></div>
<p></p>
-- <br />
You received this message because you are subscribed to the Google Groups &=
quot;Bitcoin Development Mailing List" group.<br />
To unsubscribe from this group and stop receiving emails from it, send an e=
mail to <a href=3D"mailto:bitcoindev+unsubscribe@googlegroups.com">bitcoind=
ev+unsubscribe@googlegroups.com</a>.<br />
To view this discussion visit <a href=3D"https://groups.google.com/d/msgid/=
bitcoindev/CAAS2fgTj3o%3DBSUQhCJT4pk_YpSkfT6%2Bw%3DYmss3CntHst3y_DpQ%40mail=
.gmail.com?utm_medium=3Demail&utm_source=3Dfooter">https://groups.google.co=
m/d/msgid/bitcoindev/CAAS2fgTj3o%3DBSUQhCJT4pk_YpSkfT6%2Bw%3DYmss3CntHst3y_=
DpQ%40mail.gmail.com</a>.<br />
--0000000000002c8423063790fcdb--
|