Burak, I don't remember if this has been mentioned previously in the
conversation about Ark, but a disadvantage in the protocol as it is currently
is that "Ark require users to come online and "refresh" their coins every few
weeks, otherwise the ASP can sweep the funds." (putting that in quotes because
although I copied this from a forum, it may have originally been said on this
list.)
However, yesterday I have come up with a scheme to mitigate this disadvantage,
in a way that works similar to LN watchtowers.
This watchtower program for Ark would be made that runs on an
internet-connected server and inputs your wallet password and the date in the
future to perform the refreshing. A child process can then be spawned that acts
similar to a cronjob, and stores the wallet password with AES encryption in
memory.
The key to this cipher is the time stored in ISO 8601 format as a byte string.
It is promptly discarded from memory.
Every second, the watchtower child process will attempt to decrypt the cipher
using the current ISO 8601 time looking like "YYYY-mm-ddTHH:MM:SSZ" as the key.
Naturally this will only succeed at the requisite time at which the wallet is
to be unlocked by the watchtower child process - following which the coins
inside the ASP are refreshed, and the watchtower child process is terminated
and the encrypted wallet password destroyed.
Of course, memory scrubbing should be applied to the region that has the
decrypted wallet password.
If at any point the user comes online by themselves, they can simply cancel the
watchtower refreshing task, which will terminate the watchtower child process
without opening your wallet and refreshing coins.
The key feature is that nobody will be able to decrypt the wallet password
unless they know the exact time it is to be unlocked as an ISO 8601 string. It
cannot be unlocked at any time in the future, just at that particular instant,
as long as the key is discarded and the software randomly guesses the
decryption by attempting each second the new time as the encryption key. Even
if the watchtower is hacked after the task has been made, the hacker still
won't be able to decrypt the wallet password unless they brute-force the
encryption key by exhaustively trying all timestamps in the future.
Alternatively, instead of encrypting the wallet password, it can encrypt a
signed transaction which is used by Ark to refresh the coins. In this case, the
wallet password would still need to be collected, but only for the purpose of
signing the transaction, after which the password is promptly erased from
memory.
How this can be extended to repeatedly arming the watchtower program with
refreshes remains to be seen, but using the wallet password as the encryption
directly is one option albeit not a secure one A better and more secure option
would be to take note of the UTXOs created by the coin refreshing transaction,
use those as inputs to a second refreshing transaction that is created
immediately after the first one, sign it, and similarly create a third, fourth,
etc. as many as are desirable for the user. Then every 4 weeks, one of these
transactions can be broadcasted, in the order that they were created obviously.
Looking forward to your feedback on this.
-Ali
_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
