wallet security

+1 vote
Hi,

i'm just curious about the security of multichain, let say i managed to obtain the wallet.dat file from other user, then i replace it on my wallet.dat file, so does this mean i so called hijacked the account of the user?
asked Mar 16, 2017 by anonymous

1 Answer

0 votes

Yes, the private keys in the wallet allow you to sign transactions on behalf of the corresponding addresses.

If you're concerned about this problem, you can do one of these things:

  1. Hold the private keys externally, in whichever secure manner you wish – see: http://www.multichain.com/developers/external-key-management/
  2. Use the walletlock and walletpassphrase APIs to encrypt the wallet file on disk, and decrypt it for a period of time using a password provided over the API. We haven't yet documented this on the MultiChain website but you can see the Bitcoin Core documentation here: https://bitcoin.org/en/developer-reference#bitcoin-core-apis
answered Mar 16, 2017 by MultiChain
...