[cameldrv]

You shouldn't have a key that controls millions/billions of dollars on a cloud service. It should be on an airgapped laptop that was purchased anonymously, has never been connected to the Internet, and only runs software that has been vetted and loaded onto it via a CD-ROM or some other comparable method.

[WatchDog]

If their coin requires a web service to process each transaction, then an offline key isn't very useful.

You can criticize their design, but you can't have a dude burning a CD-ROM every time someone wants some coins.

[vlovich123]

Have you actually tried to run a business this way?

[jiggawatts]

I have, I've set up "truly offline" root certificate authorities and the like in the past.

Yes, it's a pain to operate, but if the alternative is "the bad guys get all of our money", then it can be worth it.

[vlovich123]

Sure, I never said anything against offline root cert authorities. But did you do it literally exactly how this guy was saying to do it with a laptop that you load via CD-ROM for a signing key that’s being used for active transactions?

It’s as if one of the things your root certificate authority signed got compromised. It doesn’t help that your root key is safe if attackers still managed to impersonate you before you revoked that cert.

> privileged private key to sign off on how much USR could be created. Unfortunately, the smart contract itself did not enforce any maximum limit on minting – it only checked that a valid signature existed.

The offline idea simply doesn’t work because this particular key has to be online

[cameldrv]

Yeah. Sorry to say, but if you’re going to run a crypto company, and it’s even moderately successful, people are going to try to steal the key. Either you are extremely paranoid, or you’re going to lose a bunch of money, for yourselves or your investors.

[mememememememo]

$24m was lost. Setting this up is say $10k in time and materials. Although I would use a rack server.

.

[allreduce]

No need to get fancy. A yubikey glued to a tungsten cube would have prevented this attack. Thats 50€ for the yubikey and 300€ for the tungsten cube.