The Good, The Bad And The Ugly Of Bitcoin Security
It’s probably safe to assume that Bitcoin is here to stay. Yes, it’s a bit volatile and yes, other cryptocurrencies are a lot easier to mine and a lot cheaper to buy, but the ever-growing number of ways to spend bitcoins – plus the fact that it’s still around after being proclaimed dead numerous times over the past few years – is a testimony of the resilience of the world’s most popular, and polarizing, cryptocurrency.
Thing is though, this doesn’t mean that you should blindly jump into Bitcoin. Aside from the high price of entry, a string of events over the past year have shown that while the Bitcoin protocol itself may be secure, the wallets and services used to store and exchange Bitcoin may not.
Here’s a quick look into the security of the bitcoin protocol itself as well as some notable instances of large-scale bitcoin theft.
Recommended Reading: 10 Things You Need To Know About Bitcoins
Encryption And the Blockchain
Bitcoin is one of many cryptocurrencies available today. Cryptocurrencies are digital currencies that implement cryptography as a central part of the protocol, in order to establish pseudonymous (or anonymous) and decentralized currencies.
Bitcoin uses SHA-256 encryption for both its Proof-of-Work (PoW) system and transaction verification. The security of the bitcoin protocol lies in one of its fundamental characteristics, the transaction blockchain.
The blockchain is basically a chain of multiple "blocks" containing transaction history. The blockchain starts with the initial block, known as the genesis block. Transactions and solved hashes add new blocks after this genesis block, creating a blockchain.
The image below shows a visualisation of the blockchain, with the genesis block in green and the longest blockchain in black:
(Image Source: Wikipedia)
Within the bitcoin protocol, the blockchain that has seen the most work put into it is considered to be the best blockchain and the one that the entire protocol refers to when verifying transactions. Bitcoins are considered spent once a transaction has been verified.
It’s possible (despite belief in the contrary) to trick the blockchain and spend the same bitcoins twice, an action known as double spending.
There are a number of ways this can be done. If a merchant doesn’t wait for transaction confirmation, bitcoins can be double spent by attacker(s) quickly sending two conflicting transactions into the network. Another way is to pre-mine one transaction into a block and then spend the same coins, before releasing the block into the blockchain.
However the amount of computing power required to succeed at this renders it less productive than just to mine bitcoins legitimately.
Bitcoins are stored in wallets, but unlike, say, a PayPal account, these "wallets" don’t actually store the bitcoins themselves. Despite a number of different implementations and formats, generally wallets will contain a public key that is used to receive bitcoins (similar to a bank account number). It also contains a private key that is used to verify that you are indeed the owner of the bitcoins you’re trying to spend.
Storing Bitcoins Offline
Wallets are usually stored digitally, either locally or online, but there are more secure ways to store bitcoins. Your bitcoin "wallets" can be printed out and stored on paper. A paper wallet is a slip of paper with both your private and public keys printed on it.
There are also hardware wallets, which store key information in offline hardware. The advantage of hardware wallets is in the fact that the key data is stored in a protected area of a microcontroller and that they are immune to software and viruses that can steal wallets stored on normal computers.
The bitcoins stored in hardware wallets can also be used directly, unlike paper wallets, which need to be keyed in or imported to software. Pi-Wallet (pictured below) is one of the few currently available hardware wallets. You can even build your own Pi-Wallet.
As mentioned earlier, the bitcoin protocol itself may be secure enough, but this does not extend to all the sites and services that deal in bitcoin. Here’s a quick rundown of some of the more notable instances of security-related issues over the past year or two.
October 2013, online Bitcoin wallet service inputs.io was hacked twice. A total of 4,100 Bitcoins, worth about $1.2 million at the time were stolen via a social engineering attack, gaining access to inputs.io’s systems hosted on Linode, a cloud-hosting provider.
By compromising a series of email accounts, beginning with an email account that the inputs.io founder had set up six years prior to the attack, the hacker managed to gain access to the site’s account on Linode and reset the site’s account password.
Mt. Gox, which used to be one of the leading Bitcoin exchange services, has filed for bankruptcy protection, having lost a staggering amount of bitcoins: $468 million worth!
Mt. Gox’s demise began in early February when it, alongside other Bitcoin exchange sites such as BTC-e, froze Bitcoin withdrawals citing heavy Distributed Denial of Service (DoS) attacks aimed at taking advantage of bitcoin’s transaction malleability.
Simply put, transaction malleability means that it’s possible for valid transactions to be modified so that the transactions appear to not have gone through, when in reality it was succesful.
(Image Source: Businessweek)
However, transaction malleability is not a new issue. Neither is it one that is impossible to solve, as Bitcoin developer Greg Maxwell has pointed out.
In fact, other Bitcoin exchanges such as Bitstamp and BTC-E are still operational, having resolved the issues on their side and resumed processing transactions within days after initially freezing transactions. Most damning of all, though, is the aforementioned lost bitcoins and poor security and accounting in Mt Gox, as detailed in a leaked series of slides. There might have been more going on behind the scenes than just issues with transaction malleability.
Silk Road 2.0
In February this year, $2.7 million worth of bitcoins were stolen from Silk Road 2.0‘s escrow account. This heist occured at roughly the same time as the aforementioned DoS attacks on bitcoin exchanges such as Mt. Gox, and exploited the same transaction malleability in the bitcoin protocol.
However, unlike the bitcoin exchanges, which shut themselves down as a precautionary measure, Silk Road 2.0 did not shut itself down and was attacked during a re-launch phase when all bitcoins were stored in hot storage.
However, some users, such as those on Reddit’s DarkNetMarkets, believe that the hacking story was a cover-up – and that Silk Road 2.0 was a scam from the start.
The idea is that the new Dread Pirate Roberts set up the site expressly to steal users’ bitcoins, leveraging on the trust present in the Silk Road name. The illicit nature of the goods bought and sold on Silk Road 2.0 would help such an endeavour, since it would make victims think twice about seeking aid from law enforcement.
Over the course of 5 months (Sept 2013 – Jan 2014), criminals used a botnet known as Pony to infect a large number of computers, stealing up to $220,000 worth of bitcoins and other cryptocurrencies. Pony was the same botnet that was found to have stolen more than two million passwords and stored them on a server owned by the hackers.
Pony infected computers and stole bitcoin wallets stored locally on the infected machines., effectively showing the dangers of storing bitcoin wallets on Internet-connected devices.
This isn’t a security breach per se, but it is one of the bitcoin network’s most dangerous weaknesses. When an individual or a group of individuals owns more than 50% of the computing power within the bitcoin network, the network is opened up to the possibility of a 51% attack – the advantage in computing power can be used to fork the main transaction blockchain and commit fraud, including the double spending discussed earlier.
While this may seem far-fetched, the bitcoin network was nearly exposed to such an attack earlier this year. In January, panic spread when Ghash.io, a mining pool, began approaching that 50% limit. The situation was resolved without incident, due to miners leaving Ghash.io for smaller pools, as well as the pool’s own decision to stop accepting new miners.
While the reaction shows that the bitcoin network can self-regulate, having to rely on miners and pool owners doing the right thing is problematic, to say the least. The distribution of mining power has become less concentrated, but the possibility remains that a 51% attack can still happen.
(Image Source: Blockchain.info)
It’s hard to deny that there are indeed security issues with bitcoin. However, a recurring theme is the fact that these security breaches and issues have less to do with the protocol itself, and a lot more to do with the people and services handling and storing these bitcoins.
For instance, the inputs.io bitcoin heist and the Pony botnet took advantage of wallets stored online and on Internet-connected computers. Simply storing Bitcoins in an offline savings wallet, such as a paper or hardware wallet, should eliminate the risk of having bitcoin wallets stolen over the Internet. While some of the money lost in the Mt. Gox fiasco was indeed from offline wallets, there is conjecture that this was a direct result of how Mt. Gox implemented an automated system which pulled from offline wallets when needed.
The dangers of once-trusted sites and exchanges such as Mt. Gox and Silk Road 2.0 either being hacked or imploding and going offline are not so easily dismissed, though. The lack of a central authority that regulates bitcoin can be seen as a strength, but it’s also a weakness. For one, it may be a lot more difficult to hold individuals or companies accountable through legal channels.
More importantly, though, the unregulated bitcoin ecosystem means that there’s no way to ensure that services and exchanges comply to standards of trustworthiness and security. We trust banks because we know that they’re heavily regulated and can’t be established on a whim. This plainly hasn’t been the case with bitcoin exchanges.
Interestingly enough, the fallout from Mt. Gox may just be good for bitcoin. In a joint statement issued by 5 leading bitcoin exchanges, the need for appropriate and independently audited safety measures for custodians, alongside more transparency and accountability, is brought up.
It’s conceivable that such measures are exactly what bitcoin needs if it wants to survive recent events and reestablish its credibility and security. Ironically however, these forms of regulation and auditing may end up going against the original spirit of bitcoin. How this paradox will resolve itself, though, remains to be seen.
Author: Azzief Khaliq
Azzief is a writer for Hongkiat.com. He is also a musician, Android user and all around nerd. He loves his tea and spends far too much time thinking about video games.