Gifting bitcoins without losing sleep over security

Gifting bitcoins without losing sleep over security

So, your remote working developer did a great job on the website and you want to gift him something on his birthday. Amazon gift cards —…

Jun 29, 2017 • 2 min read

So, your remote working developer did a great job on the website and you want to gift him something on his birthday. Amazon gift cards — Nah — too clichéd. That gets you thinking, how about emailing him bitcoins so that later he can thank you when the price rises by 50% ! Bitcoin security however is a bit difficult, you don’t want your private keys flying around a server to find out it was hacked by Mr. Robot!

We present an easy and secure way to send bitcoin via email. You can try out the service using the link below

BTCMail

Send Bitcoin Via Email - Blockonomicswww.blockonomics.co

This service is suitable for gifting/sending BTC to anyone who doesn’t already have a bitcoin address

Here we give an overview of the service and how it differs from existing such services.

Risks of Centralization

Existing service store bitcoins (along with the private keys) on their server. The recipient gets a redeem code that he can use to claim his bitcoins. This works very much like amazon/apple gift cards. Here are some problems with this approach:

  • The server can be hacked. Hacks on server storing bitcoins is a not a rarity and almost a third of bitcoin exchanges have been hacked(Source)
  • Server can have downtime in which case bitcoins cannot be redeemed
  • Service owners can turn rogue after collecting enough bitcoins
Centralized services are risky

Distributed trust to the rescue

Our service uses a distributed trust model based on Split key generation

Recipient has the complete private key, while Sender/Blockonomics only have a part of the key

Basically, the sender and blockonomics have only part of the private key but can generate the public bitcoin address. Recipient has both parts of the private key and can claim the bitcoins.

Here is how the process works:

  • Sender generates private_key1 on his browser and shares link having private_key1 with receiver. Should be done preferable via a secure/encrypted channel. private_key1 is in the anchor part of the url and is never sent to the server.
  • Blockonomics generates private_key2 on its server and mails it to the receiver as the redeem code.
  • Sender sends public_key1 to blockonomics server which combines public_key1 and public_key2 to generate the final bitcoin address. Sender can then send bitcoins to this address.
  • Receiver combines private_key1 with private_key2 on his browser to claim the bitcoins

In fact, the recipient can redeem bitcoin even when blockonomics server is down by mathematically combining the private keys ! More technicals/faq can be found here.

We also have a open source python client https://github.com/shivaenigma/btcmail. This can be used if you don’t want to trust the browser/javascript or want to send bitcoins to a bunch of people programmatically. Feel free to let us know your feedback

— Cheers to Bitcoin + Email


This is a companion discussion topic for the original entry at https://insights.blockonomics.co/gifting-bitcoins-without-losing-sleep-over-security-1f6eb72a5f0b/