Comment by alwa
18 hours ago
Why should it go online at all? $1.5 billion buys a lot of plane tickets to the same physical place, and how frequently do they need to be accessing the whole lump, anyway?
For that matter, I know signatures are long and human-unfriendly, but isn’t it on the order of a couple hundred bytes? Surely $1.5 billion buys transcribing the putative signature request into an isolated machine in a known state, validating/interpreting/displaying the request’s meaning on that offline machine, performing your signing there offline, copying down the result, and carrying the attestation to your secret conclave lair to combine with the others’ or whatever?
What you should do is sign the transaction on an offline computer (which is booted from a linux OS on a flash drive with only the essential software), simulate the transaction to verify it does what you expect, and then save the signed transaction to a flash drive. Then you can submit your transaction on a connected computer with confidence that you didn't sign your tokens away to someone else.