Post on 08-May-2015
description
Designing Secure Bitcoin Wallets with
Multi-Signature Transactions
Johann Barbie
mail@johba.dewww.37coins.com
The Speaker
IBM, 5 years● Consultant,
Security & Scaling
- Johann Barbie Engineer
Tree Planet, 1 year ● Team Leader,
Web Development
37 Coins, Since 2013● Co-Founder
Agenda
BITCOIN
1 2 3 4 5the
Inventionthe
Currencyon
Androidthe
Technologyon
SMS
Byzantine General Problem
● Byzantium very rich!● greedy neighbours● Neighbours wish to invade
Byzantium● non strong enough by itself● Generals can send
unlimited messengers● Generals can not trust any
other general● How to agree on an attack
strategy?
G1G2
G3
G4G5
G6
● 2008 published paper○ based on torrent protocol○ based on pub key encryption○ use proof of work to
create network consensus● 2009 published open source software
○ birth of blockchain● 2010 last post in december
Bitcoin is not organization or company Bitcoin is a protocol based on mathematical rules
Satoshi Nakamoto
Blockchain
private key
public key
Transaction
Wallet
sign with private key
Icons by Olivier Guin from The Noun Project
In 1993, the cartoon below appeared with the caption,
"On the Internet, no one knows you're a dog,"
and was widely circulated.
An Invention like the Internet
Trust and Access
World Financial System
BitcoinVS
Access to Banking
1.7 Bn
7 Bn
Icons by Olivier Guin from The Noun Project
Free Currency
Free Currency
Free Currency
● Fee depends on size in kb● No government controls
Bitcoin is the money of the people
Only people?
"On the blockchain, no one knows you're a fridge"by @jonwaller
Price Development 2013
Bitcoin on Android
taken from Andreas Schildbach’s https://play.google.com/store/apps/details?id=de.schildbach.wallet
In App Payment
In-App Payments?
● Purchase of app content● Purchase of app features● Donations
Alternative to Google Play, Flattr, PayPal, ...
taken from Andreas Schildbach’s http://schildbach.de/talks/bitcoin-inapp-payments/
Sending the Request
class de.schildbach.wallet.integration.android.BitcoinIntegration
/*
* Request specific amount of Bitcoins from user,
* without feedback from the app.
*/
static void request(Context context, String address, long amount);
/*
* Request specific amount of Bitcoins from user,
* with feedback from the app.
*/
static void requestForResult(Activity activity, int requestCode, String address, long amount);
taken from Andreas Schildbach’s http://schildbach.de/talks/bitcoin-inapp-payments/
Behind the Scenes
Intent sent to Bitcoin app action = android.intent.action.VIEW data = bitcoin:1PZmMahjbfsTy6DsaRyfStzoWTPppWwDnZ?amount=0.1
URL formatted to BIP21 standard (BIP = Bitcoin Improvement Proposal)
Result returned to calling app resultCode = OK|CANCELED extras[transaction_hash] = c8a9e036ecbbe75c...
taken from Andreas Schildbach’s http://schildbach.de/talks/bitcoin-inapp-payments/
Get the Code
● git clone https://code.google.com/p/bitcoin-wallet/
● Cd to integration-android subproject.
● mvn clean install
● or just copy & paste the BitcoinIntegration class to your project.
Also have a look at sample-integration-android demo app.taken from Andreas Schildbach’s http://schildbach.de/talks/bitcoin-inapp-payments/
ePOSEscrowCustomer Rewards
Android, ScalableCustomer Service IntegrationExchange API IntegrationMulti-factor AuthentificationMulti-signature Transactions
Internet Cellular Network
Gateway Merchant
37Coins - Gateway and ePOS
Multi-Signature Transaction
pay to address:
Icons by Olivier Guin from The Noun Project
1 unique key
1 key to unlock
pay to script:
m unique key
n key to unlock
System Overview
Q&A
Thank you!Contact:
@johbamail@johba.de
https://www.37coins.comhttps://bitfinger.org