Connect with us

Technical

Cornell IC3 Researchers Propose Solution to Bitcoin’s Multisig “Paralysis” Problem

Owning cryptocurrency comes with its own set of challenges. One of the biggest of those challenges is managing the private keys that enable you to spend funds. Lose your private keys, and your money is gone.

In a business environment, a common way to manage funds owned by multiple people is via what’s called a multisignature (multisig) address, a type of smart contract requiring two or more parties to sign off on a transaction to move the funds. 

This can be problematic, however. Let’s say you have a three-of-three multisig that requires you and two business partners to sign off on a transaction. If one person dies, disappears or becomes incapacitated, those assets become frozen — a risk some might feel uncomfortable with when dealing with tens of thousands of dollars or more.   

One way to ameliorate that risk might be to opt for a two-of-three multisig, where only two instead of all three individuals need to sign off on a transaction. But that’s not a complete solution either. Two players could conspire against the other one and run off with the money.

What now? If your funds are on the Ethereum blockchain, you could write a smart contract that would allow you to free the funds if one person in your trio disappeared.

However, Bitcoin with its limited scripting language makes things more difficult. “This seems like an unsolvable problem if you think about the traditional tools,” said Ari Juels, a professor at Cornell Tech and co-director of the Cornell Initiative for Cryptocurrencies and Contracts (IC3).

Paralysis Proofs

In a paper titled “Paralysis Proofs: How to Prevent Your Bitcoin from Vanishing,” researchers Fan Zhang, Phil Daian, Iddo Bentov and Ari Juels from the IC3 outline how to deal with what happens when a party is unable, or unwilling, to sign off on a multisig transaction in Bitcoin. The solution involves a combination of blockchain technology and trusted hardware — Intel SGX, in this case.   

Trusted hardware allows you to run code inside a protected enclave. Even a computer’s own operating system is unable to access data inside an enclave, so if your computer were to be hacked, the code in the enclave would remain secure.

IC3’s solution proposes replacing a trusted third party, such as a lawyer or a bank, who would put money in an escrow, with a trusted hardware solution that retains control of a master key to the funds.  

If one of the three people in the contract dies, the other two initiate a “paralysis proof.” That proof is based on a challenge sent to the missing third person. If the missing person responds to the challenge, the money stays put. If the missing person does not respond, the trusted hardware releases the funds to the remaining two players.  

Trusted hardware is only part of the solution, however. If the third person were to try and respond to the challenge request with an indication she is still alive, conceivably, the other players could intercept that message. To ensure that does not happen, the second half of IC3’s solution involves sending the message via the blockchain, which provides a tamper-proof and censorship-resistant medium.    

“By combining these two [methods], we can achieve the exact properties we’re after,” Juels explained to eBits.Co. “We can enable trusted hardware to determine whether or not somebody is alive, and there is no way to prevent a relevant message from getting transmitted if it is coming through the blockchain.”   

How It Works

Put simply, this is how to achieve a paralysis proof as outlined by the IC3 researchers:

  • Two players suspect a third is dead, so they post a challenge on the blockchain. The challenge consists of a tiny “dust” UTXO that the third person must spend within a certain period of time, say 24 hours, to prove she is alive.
  • The two players also get a “seize” transaction they may post to the blockchain later to collect the funds, if the third person does not respond to the challenge.
  • If the third person sends back a response by spending the UTXO, the game is over; the two others are not able to take control of the funds.  
  • Alternatively, if the third person does not return an “alive” signal by spending the UTXO before the time-out, then the two others can use the “seize” transaction to take control of the funds.  

This not the only use case for a paralysis-proof system. Juels thinks the solution would work well in any situation that called for a controlled access to private keys that could not otherwise be maintained on a blockchain. “It is actually a very general scheme you could use for lots of other purposes,” he said.   

For instance, a paralysis-proof system could be used as a dead man’s switch for control over the release (or decryption) of leaked information or a journalist’s raw materials. It could also be used in numerous ways to control daily spending limits from a common pool of money or as a conditioned expenditure based on an outside event (as reported by an oracle), like a student getting good grades or a salesperson meeting a sales quota.   

“Basically, you can a rich set of conditions around the expenditure of money using the fact that a trusted hardware kind of acts like a trusted third party,” said Juels.

Advertisement
Comments

Technical

The Trump Administration Plans to Privatize the ISS

Many of my regular readers will know that I am a huge fan of outer space. I am inspired by it and believe it is ultimately the destiny of humans to be an interplanetary species. We’ve already been to the Moon, but most of our manned missions have been to the International Space Station and back for a while now. Recent documents have suggested that the Trump administration is considering making the International Space Station (ISS) a private entity.

The International Space Station was not meant to be a private endeavor

An internal NASA document acquired by The Washington Post suggests that the Trump administration hopes to end public funding of the ISS after 2024. However, the document goes further, explaining that the intention is not to let the ISS deorbit (read: re-enter Earth’s atmosphere in a spectacular fireball) like other space stations (such as SkyLab) have in the past. Instead, the laboratory in low Earth orbit may become privately held after the United States stops public funding.

I take a few issues with this:

We have sunk truly massive amounts of money – over $100 billion in US tax dollars – into the International Space Station. This does not even account for the contributions made by the other nations that share the burden of the ISS’ operation and maintenance. It is not dilapidated and has potentially decades of future service ahead of it beyond 2024, and no company will pay $100 billion for it. A net loss for the US government is a net loss for every taxpayer.

As mentioned in passing above, this plan does not seem to appreciate the other nations that also maintain, contribute to, and occupy the International Space Station. Currently, three nations have astronauts (or cosmonauts) on board. It is far from a solely US held entity.

Another problem I have is that if the ISS were turned over to solely private entities, the science done there would become for profit, not for the common good. Furthermore, it could potentially become proprietary. While I am in favor of eBits and the market itself, some things are better left public and for the good of humanity as a whole.

I would not mind privatization if it meant we were creating a better and more modern station. I realize it is older and could use an update, but the current plan has no solid roadmap regarding what the public will get next. It seems like this plan sinks already sunken costs and then adds insult to injury by not providing any indication as to what the future holds.

The United States and the world deserve to have part of their science and research done without profits in mind.

Continue Reading

Technical

The Electrum Personal Server Will Give Users the Full Node Security They Need

The Electrum Personal Server promises a resource-efficient, secure and private way to use bitcoin with hardware and software wallets, connected to full nodes. Developed by open-source programmer Christian Belcher, best known for his contributions to JoinMarket, the Electrum Personal Server directly addresses vulnerabilities with the popular Electrum Bitcoin wallet, while sparing users the significant resource usage of an Electrum server.

According to Belcher, connecting Electrum with the Electrum Personal Server is the most resource-efficient, secure and private way to use a hardware or software wallet connected to a full node. It is important for all users to connect their wallets to full nodes for the Bitcoin network to maintain long-term security, he maintains.

“If bitcoin is digital gold, then a full node wallet is your own personal goldsmith who checks for you that received payments are genuine,” explained Belcher in correspondence with eBits.Co.

Full Nodes vs. Thin Clients Refresher

In the Bitcoin blockchain, full nodes are programs that validate transactions and blocks on the network. Full nodes assist the network by accepting transactions and blocks from other full nodes, validating them and sharing them with other full nodes. Essentially, full nodes are the referees of the Bitcoin blockchain –– they check to see that chains are following the rules of the network and ignore chains who break them. As an example, Belcher noted that “[transactions] printing infinite money would be rejected by [full nodes] as if they never existed.” In this way, Bitcoin can ensure that no more than 21 million coins are ever minted.

While full nodes are the most secure, they are are also more resource-intensive. A full node takes up around 156 GB of disk space (a number which is growing by more than 50 GB per year), can take days to sync when used for the first time, requires significant amount of bandwidth each month, and takes up CPU power validating all transactions and blocks on the network.

Thin clients (also known as lightweight clients), however, do not download the entire Bitcoin blockchain. Instead, they only download a copy of all the headers for the blocks in the blockchain. Thin clients are able to achieve increased efficiency and speed by receiving notifications when a transaction affects their wallet specifically. But this does mean that thin clients must tell a third party which addresses belong to them, which is bad for privacy. Additionally, thin clients trade full validation and security for efficiency, placing their trust in full nodes to verify that rules are being followed on the Bitcoin blockchain.

Electrum

Since 2011, the Electrum wallet –– a light client –– has been among the community favorites. It features a pleasant user interface, hardware wallet connectivity, “forgiving” seed recovery phrases, cold storage solutions, decentralized servers to prevent downtimes, and multi-sig permissions. However, similar to other thin clients, the Electrum wallet’s lightweight connection with the Bitcoin blockchain comes at the cost of privacy, validity and scalability.

By default, the Electrum wallet sends all its bitcoin addresses to an Electrum server, which sends back a user’s history and balance. According to Belcher, “This means that the Electrum server knows all the user’s bitcoin addresses and could spy on them, essentially seeing everything a user does.” Users should note that anytime their bitcoin addresses are stored on a thin-client server, their transactions can be monitored.

Like other thin clients, if Electrum servers do not properly verify the rules of the Bitcoin blockchain, wallets can be deceived. For example, a compromised Electrum server could lead the Electrum wallet to accept a fake transaction for USD $1000 worth of bitcoin that would not have been validated by a full node.

Electrum servers also store records of every address ever used on the Bitcoin network, which, as user-base increases, poses a hindrance to scalability.

In the Electrum ecosystem, the only way for a user to avoid these vulnerabilities inherent to the Electrum thin client is to run their own Electrum server and connect it to their wallet. This fix is more resource-intensive than running a Bitcoin full node; it requires the unpruned Bitcoin blockchain, the full transaction index and extra address index. Electrum Servers are also more RAM and CPU intensive than full nodes, and are not made to be turned on and off efficiently.

Electrum Personal Server Solution

The Electrum Personal Server provides bitcoin users with increased efficiency, security and privacy. In this implementation of the Electrum server protocol, users seeking a full node connection can interact with all traditional Electrum wallet features while running a Bitcoin full node, instead of downloading an Electrum server.

Efficiency

From an efficiency perspective, connecting an Electrum wallet to a full node allows users to take advantage of resource-saving Bitcoin Core features such as pruning, disabled txindex and blocksonly. These features are not available to an Electrum server.

Users also benefit from the traditional Electrum wallet user experience/user interface and functionality such as hardware wallet integration, offline signing, recovery phrases and multi-signature wallets.

Security and Privacy

Because users are connected to a full node, they aren’t prone to any of the aforementioned privacy and security threats posed to thin clients.

There is a caveat –– users lose the popular “instant-on” feature of the Electrum wallet when using a full node such as the Electrum Personal Server. The full node must synchronize first, before displaying a wallet’s bitcoin balance. Depending on connection speeds and time since last connectivity, this process could take a few minutes or hours.

For users seeking to connect their wallet to an Electrum Personal Server, the process is fairly straightforward. According to Belcher’s blog post, users must:

  1. Download the alpha version;
  2. Configure the Electrum Personal server with their master public key. Those addresses are then imported into Bitcoin Core as watch-only;
  3. Rescan the wallet if it contains historical transactions. There is no need to rescan, however, if a new, empty wallet is created.

Why Should the Average Bitcoin User Care?

Belcher outlined that since the inception of the Bitcoin network, the basic security model has relied on most of the economy using full node wallets, not thin clients that are vulnerable to manipulation. This way, legitimate Bitcoin transactions are always accurately verified, nefarious transactions are always rejected, and the hard limit of 21 million bitcoins (which are really just bits and bytes) is enforced.

Belcher believes that “bitcoin is dead in the long term” if most of the Bitcoin economy does not use full node wallets.

He hopes that the Electrum Personal Server can serve as a framework for other lightweight Bitcoin wallets to connect to full nodes run by users, rather than (centralized) servers. For instance, a Samourai Wallet or Breadwallet can utilize a script similar to the Electrum Personal Server to connect to a full node.

Continue Reading

Technical

Samsung to Introduce a Foldable OLED Smartphone This Year

A lot of changes are coming to the world of technology. More specifically, the way in which we interact with devices will see some interesting changes which may or may not become the new norm. In the case of Samsung, the company has announced it will introduce foldable OLED smartphones later this year. This is a project which has been rumored for quite some time now, but it will be the first time such products have been commercialized.

Foldable OLED Smartphones are Coming

Over the past few years, there have been various rumors regarding the development ofeBits. Although this is still a very niche product, it seems that manufacturers and consumers alike see some merit in it. Having a smartphone screen which can fold back on its own is one thing, but having an entire smartphone capable of doing the same is something else entirely.

More specifically, the goal is to put all of the electronics contained in a smartphone into a foldable OLED screen. It is still unclear how eBits– or anyone else – will be able to perform such a feat. After all, we are already dealing with the thinnest generation of smartphones in human history, and bringing their size down even further and allowing everything to bend would be a whole new development. Another approach would be to place all of the hardware in a dock to which the foldable screen itself would connect.

Considering that Samsung held some closed-door meetings at CES 2018, it is logical to assume the manufacturer has a working product in place already. The new product is said to be known as the Samsung Galaxy X. Since no specific details were shared after these meetings took place, it remains to be seen how things will evolve. There is a lot of speculation taking place, which is only to be expected.

One rumor currently making the rounds involves the Galaxy X being a hybrid smartphone and tablet. The display itself could fold out or fold in, depending on which of the two modes one wants to use. Again, nothing is official at the present time. Samsung only confirmed that its new product would launch at some point in 2018, but declined to issue any further specifics. Rest assured there will be plenty of interest in the upcoming foldable OLED smartphone.

All of this further indicates that we will see some major changes in the world of gadgets moving forward. Foldable displays are just one of the logical evolutionary steps in this industry. Whether or not consumers will find these new products all that appealing has yet to be determined. That will mainly hinge on how much money Samsung chooses to charge for its foldable OLED smartphone. As is usually the case with new technology, the price will probably be on the high end of the spectrum.

Continue Reading
Advertisement

Lastest News

Blockchain24 hours ago

NASA, ESA Considering Innovative Applications of Blockchain Technology

NASA and other space agencies, such as the European Space Agency (ESA), are considering potential applications of blockchain technology to...

Startups1 day ago

SegWit is Coming to Coinbase and Bitfinex’s Bitcoin Exchanges

Today, two of the world’s largest cryptocurrency investment platforms, Coinbase and Bitfinex, both announced that they were adopting support for...

Startups1 day ago

Kavita Gupta on Lubin, Buterin and Entrepreneurship in the Blockchain Space

When ConsenSys, a Brooklyn, New York–based firm that builds decentralized applications and blockchain ecosystem tools on Ethereum, launched a $50...

ICO1 day ago

ICO list – Top 5 ICOs to invest in February

While the general conversation around ICOs in 2018 is about the rising number of calls for regulations against, the number...

ICO1 day ago

Vitalik Buterin proposes ICO 2.0

According to ethereum’s creator, Vitalik Buterin, investors deserve more control over ICOs.  Vitalik is one of pioneer’s of the crypto...

Regulation2 days ago

Wyoming House Unanimously Approves Two Pro-Blockchain Bills

In a watershed moment for United States blockchain and cryptocurrency law, Wyoming’s House of Representatives unanimously voted “aye” to pass...

Regulation2 days ago

Korean Regulator Tips Cryptocurrency Prospects Back Toward “Normalization”

On February 20, 2018, investors saw signs of yet another directional shift in South Korea’s regulatory stance on cryptocurrencies. According...

Regulation2 days ago

Government of Spain Considers Blockchain-Friendly Regulations

The government of Spain is preparing blockchain-friendly legislation including possible tax breaks to attract companies in the emerging blockchain technology...

Mining2 days ago

HashChain Technology Acquires Blockchain Company NODE40

HashChain Technology Inc. (HashChain) has acquired the blockchain technology company NODE40 for $8 million USD and 3,144,134 common shares of...

Blockchain2 days ago

FUSION wants to bring cryptocurrencies together

The cryptocurrency market is enormous. With a total market cap of more than $476 billion and thousands of currencies, there’s...



Trending