Cryptsy, Shapeshift, Gatecoin, Bitfinex.
What do all these exchanges have in common? More than 130,000 BTC ($73,818,875 at todayâs prices) has collectively been stolen from them in 2016. Hacks and heists at bitcoin exchanges happen so often that itâs becoming less surprising when a new one takes place.
However, just because the routine has dulled the impact doesnât mean it isnât being felt. When a heist does happen, investors still face significant losses, negative news continues to drive away consumers and new pressures emerge for entrepreneurs looking to launch new products.
Jerry Brito, executive director of Coin Center, told CoinDesk that these sorts of events make his organizationâs job harder. The non-profit cryptocurrency research and advocacy group, he said, is forced to explain the differences between a compromised intermediary and the security of the core network.
Brito explained:
âMajor hacks put pressure on consumer protection regulators who havenât yet acted on digital currencies to do so, and that pressure can make them less receptive to arguments for a light touch approach.â
And with headlines suggesting that bitcoin itself is hacked, it can continue to be difficult for entrepreneurs and advocates to educate regulators.
Because of the immutable nature of bitcoin transactions, though, and the public nature of the blockchain, bitcoin continues to be an appealing target for hackers, scammers and criminals. Bitcoinâs blockchain makes it easy to track how much bitcoin is stored on any single exchange and almost impossible for these funds to be confiscated once they change hands.
Although thatâs not to say there hasnât been research conducted into how these issues could be resolved.
To help minimize the impact of these hacks, researchers Malte Möser, Ittay Eyal and Emin Gün Sirer have come up with a proposal called the âBitcoin Vaultâ that they believe would make bitcoin heists more difficult.
Sirer told CoinDesk:
âOnce criminals get the idea that they might not get away with thefts, we might see a reduction in bitcoin-targeting hacking attempts.â
The proposalâs primary function is to give its users the ability to pull their bitcoin back in the event of a hack.
The way it works is actually straightforward: a user sets up a new address for storing bitcoin, which has been nicknamed âthe vaultâ. This is an address like any other address, except for one difference: users cannot spend the bitcoins stored there quickly.
What a user gains by limiting the speed at which they can move these bitcoins is like a second key, which the team has called the ârecovery keyâ. In case of a hack, the owner of the vault can essentially undo the transaction, reverting the bitcoins in question back to the owner.
When a user a decides they want to spend their bitcoin, they initiate a transfer. They then have to wait a predefined amount of time â set by the user at vault creation â for the bitcoin to become spendable.
Itâs during this period that recovery key can be used.
Assume that a hacker gains access to the wallet and initiates the transfer of bitcoin. Theyâll have to wait for the predefined time â which is different for each person â before they actually have access to the bitcoin.
So long as the victim uses their recovery key during that time, the hacker loses out on the bitcoin. And every time the hacker tries to initiate the transfer again, the user can use their recovery key, thus making it improbable that the hacker would gain access to the bitcoin.
The ability to reverse transactions, though, has bothered many of the technologyâs enthusiasts, because bitcoin was specifically built not to allow transaction reversals.
The team behind the vault proposal has no issue with this. With their solution, while the bitcoins are in vaults, they cannot be spent. This prevents a user from buying something with a vaulted bitcoin, receiving the item and then reversing the transactions.
This will force users to first un-vault their bitcoin (waiting a specific amount of time), transfer the funds to a âhot walletâ and then buy the goods.
But while this may sound like an easy way to prevent exchange thefts, the negative media articles and all the baggage that comes with these events mean implementing the proposal is not so simple.
Because bitcoin was built specifically without transaction reversals, its core software would need to be updated to accommodate the feature. Specifically, there would need to be an addition to the code called CheckOutputVerify.
In a blog post earlier this year, Eyal explained that while a soft fork could implement the change, maximum security would only be attainable through a hard fork. A soft fork, he said, wouldnât be enough, as other means of coercion could be employed by those seeking to conduct illicit actions.
He wrote:
âThe hacker that got Aliceâs private key can bribe a miner to accept a high-fee vault-spending transaction that does not respect the covenant. The miner is motivated to accept the transaction, and then all other miners accept it, too.â
However, even if Bitcoin Core wanted to implement a hard fork for this purpose (a move that remains a sensitive subject in the community), there are simply not enough resources to do it.
Sirer said that he had exchanged a few messages with Greg Maxwell, one of the leading core developers, after issuing the proposal. The reality was that the team was swamped. While accepting the answer as reasonable, he argued that it was time for the Core team to start prioritizing security.
Sirer said:
âItâs true that scalability is bitcoinâs Achillesâ heel, but Achilles had two heels, and so does bitcoin â scalability and security.â
The team is currently working on a pull request that they expect to submit in a few weeks. However, that is only the first step.
Not all are convinced that enacting this change to bitcoinâs code actually creates a safer environment as Sirer and team believe.
Eric Lombrozo, a Bitcoin Core developer and CEO of blockchain security company Ciphrex, said that the technical implementation would not be difficult. Utilizing a soft fork, the new codes could be easily added to bitcoinâs scripting language, he explained.
But, while he said the vault idea was interesting from an academic perspective, he argued that the change makes it far more complicated for a user to manage their bitcoin.
Lombrozo explained that a user goes from protecting their private keys to protecting a vault key and a recovery key. Further, they have to then constantly monitor the network to be aware of a hack and have counter-responses in place for when a heist occurs.
The main function of Bitcoin Core, Lombrozo said, is the validation and relay of transactions and blocks. The focus is on ensuring that the network and protocol as a whole are secure and not how to secure bitcoin at the application level.
Lombrozo said:
âThe best tools for securing your bitcoins are dedicated signing programs that run on dedicated hardware.â
The result is that both sides have hit an impasse in discussions.
Sirer is confident that, had Bitfinex been in a position to use vaults, it could have saved the exchange from losing millions in customersâ bitcoins. But, Lombrozo said that the Bitfinex heist could have also been easily avoided if they had the correct policy and procedure in place.
He explained that if these policies are built improperly, there can be loopholes or burdens that result in the account operators ignoring them.
He said:
âThe weakest link in the chain is not the computers nor the crypto, but the people themselves.â
The same could now be said of those with the power to implement the proposal.
Currently, hacking a centralized exchange is an easy way for a talented hacker to walk away with hundreds, thousands, or in the case of Bitfinex, over 100,000 bitcoins. By implementing a vault for each of its users, Sirer and his team believe such events would be less likely to occur.
Yet, with Bitcoin Core focused on relaying transactions and blocks, the security of bitcoin firms will now rest with their creators and users, who will have to learn proper procedures, create better policies and improve personnel training.
Broken clock image via Shutterstock
