Lets face it, storing bitcoins safely is still a pain for the average Joe and this still presents a hurdle for mainstream adoption. Until UI/UX improves to a level that all but eliminates this hurdle we will still contend with this issue, if it ever will. The average person just wants to log in with a username and password and see money with very little or no risk of it being gone (in the event that it is gone, there is some insurance). Custodial wallets have the risk of the providers just disappearing, seized or getting hacked. Non-custodial wallets means the owner has to think up ways to store the mnemonic seed; paper, metal, stone, encrypted file, brain?? Stress!!
I have a solution; still vague in my mind as I do not currently have the time or technical ability to pull this off. A second layer network built on top of bitcoin, lets call it Hunter. This will basically be a backup for seeds where seeds will be encrypted using a user's password and maybe another easily derived number and the cipher will be divided up and stored on other nodes on the network. The nodes to be stored on will be derived pseudo-randomly from the password (and the number) therefore each node will either not have a user's encrypted seed or will just have a very small part of the encrypted seed stored. The pseudo-random algorithm will give a different set of nodes if the number of nodes in the network changes from the time the user stored the encrypted seed.
Now if the user loses or forgets the seed, the user can get it back by scouring the network, of course, by paying other nodes a small amount of bitcoin to retrieve the portion of the encrypted seed (hunting). The trick here is to ensure that the pseudo-random sequence makes it more probable for a user who knows the password to contact far less nodes than an attacker who is engaging in a system wide hunt (brute forcing) thus paying far less bitcoin to nodes to retrieve the seed than the attacker.
Problems
- Password re-use
- Nodes can lie they don't have the data requested even though they do ensuring you come back and pay more
- Nodes can provide false data ensuring you come back and pay more
- An attacker can infect all nodes on the network wiping out data on all nodes
- A well financially resourced entity can buy out all the nodes
There are other problems but I cannot remember them now. I assume employing RAID and smart contracts will minimize or solve some of these problems.
Also if someone will be kind enough to drop a formula to calculate the security of your backup on this network based on the number of nodes in it.
No comments:
Post a Comment