Bitcoin users around the world can relax: reports indicating thousands of private keys were released into the public domain have been dismissed.
A site called directory.io caused a brief panic yesterday when it supposedly listed every bitcoin private key alongside its corresponding public address. Headlines around the web proclaimed bitcoin doom, with some speculation that bitcoinâs minor drop in value was a direct result. It was, however, quickly revealed to be a false alarm, and then, a joke.
Reddit user fiveturns, claiming to be behind the site, said:
âIâm the owner of directory.io. This isnât an attempt at a scam. The first entry isnât âfakeâ. It is a private key with the value of zero. The next private key is one, after that comes two etc.â
âAll of these keys (apart from zero) are valid. It is simply a joke. Remember when youâve been told that it is almost impossible to generate a key-pair identical to somebody elseâs? This is a visual representation of that improbability. Look how many pages there are!â he added.
The siteâs lengthy header should have been a giveaway: as fiveturns wrote, the site features a list of computer-generated private key addresses that correspond to nothing in particular. Thus, there is no chance of your address being in there.
[post-quote]
Directory.io is actually a worthwhile demonstration of how strong the Bitcoin protocol is, and the (incomprehensibly massive to non-mathematicians) numbers protecting it too. In all those pages, there isnât a key that matches any existing bitcoin key.
A better guide on your chances of finding someone elseâs private key can be found here.
Generating the directory.io list âcould be done with a 50 line script,â according to one expert. While they are genuine bitcoin private keys, they are all empty. This was quickly discovered once users attempted to import the keys to their own wallets.
Essentially, every time you create a new bitcoin address youâre doing what directory.io did, on a much smaller scale.
While bitcoin addresses, or âpublic keysâ allow users to send money to one another more smoothly than email, itâs your âprivate keyâ that determines how much bitcoin you have, and whether you have the right to spend it.
Private keys are (hopefully) guarded securely by wallet software or printed on âpaper walletsâ, as anyone who discovers that key can access all the bitcoins stored at its corresponding address.
Having your real private key published on the internet would indeed be catastrophic, especially if youâre holding a large amount of bitcoin there.
Losing your private key (either by deleting it or throwing it somewhere you canât retrieve it)Â means the bitcoins linked to that address are gone too â both to you and the world.
Itâs important to remember that, despite exchange heists, wallet shutdowns and individual hacking crises, the Bitcoin protocol has remained rock-solid since going live in 2009 and (as of December 2013) has never been successfully compromised.
The bitcoin wiki says it all:
âIt is safe to say that the currency itself has never been âhackedâ. However, several major websites using the currency have been hacked, often resulting in high profile bitcoin heists. These heists are misreported in some media as hacks on bitcoin itself. An analogy: Just because someone stole US dollars from a supermarket till, doesnât mean that the US dollar as a currency has been âhackedâ.â
Directory.ioâs creator even managed to earn some bitcoin for the work, and posted:
âI did not create this to crash the price of bitcoin, and it didnât. People keep calling this fake or not real. Most people know how to generate every single bitcoin key-pair in existence. This doesnât make it insecure. Itâs secure because doing so is impossible. This is what people need to understand.â
He added that his donation link was there âfor people that found it funny â some people did :)â.
Security Image Via Shutterstock
