Andreas M. Antonopoulos
10 years ago
parent
66348c322d
commit
5ec6b5a94a
@ -1,3 +1,46 @@
|
||||
[[ch10]]
|
||||
== Bitcoin Security
|
||||
|
||||
Bitcoin allows anyone to be their own bank. If that sounds to you like a scenario for chaos, you're probably right. Even banks are barely able to keep accounts secure.
|
||||
Securing bitcoin is challenging because bitcoin is not an abstract reference to value, like a balance in a bank account. Bitcoin is very much like digital cash or gold. You've probably heard the expression "Possession is nine tenths of the law". Well, in bitcoin, possession is ten tenths of the law. Possession of the keys to unlock the bitcoin, is entirely equivalent to possession of a chunk of precious metal. You can lose it, misplace it, have it stolen or accidentally send the wrong amount to someone. In every one of those cases, the end-user would have as much recourse as if they dropped cash on the sidewalk.
|
||||
|
||||
However, bitcoin has capabilities that cash, gold and bank accounts do not. A bitcoin wallet, containing your keys, can be backed up like any file. It can be stored in multiple copies, even printed on paper for hard-copy backup. You can't "backup" cash, gold or bank accounts. Bitcoin is different enough from anything that has come before that we need to think about bitcoin security in a novel way too.
|
||||
|
||||
=== Physical vs. Digital Security
|
||||
|
||||
Humans have used physical security controls for thousands of years. By comparison, our experience with digital security is less than fifty years old.
|
||||
|
||||
|
||||
=== Hot vs. Cold storage
|
||||
|
||||
Bitcoin keys are nothing more than long numbers. This means that they can be stored in a physical form, such as printed on paper or etched on a metal coin. Securing the keys then becomes as simple as physically securing the printed copy of the bitcoin keys. A set of bitcoin keys that is printed on paper is called a "paper wallet" and there are many free tools that can be used to create them. I personally keep the vast majority of my bitcoins (99% or more) stored on paper wallets and locked in a safe.
|
||||
|
||||
=== Balancing Risk (loss vs. theft)
|
||||
|
||||
While most users are, rightly, concerned about theft, there is an even bigger risk of loss. Data files get lost all the time, but if they contain bitcoin the loss is much more painful. In the effort to secure their bitcoin wallets, users must be very careful not to go too far and end up losing the bitcoins instead. In the summer of 2010, a well known bitcoin awareness and education project lost almost 7,000 bitcoins. In an effort to prevent theft, the owners had implemented a complex series of encrypted backups. In the end they accidentally lost the encryption keys, making the backups worthless and losing a fortune. Like hiding money by burying it in the desert, if you do it too well you might not be able to find your money again.
|
||||
|
||||
=== Diversifying Risk
|
||||
|
||||
Would you carry your entire net-worth in cash in your wallet? Most people would consider that reckless, yet bitcoin users often keep all their bitcoin in a single wallet. Instead, users should spread the risk among multiple and diverse bitcoin wallets. The prudent user will keep only a small fraction, perhaps less than 5%, of their bitcoins in an online or mobile wallet as "pocket change". The rest should be split between a few different storage mechanisms, such as a desktop wallet and offline-storage as described below
|
||||
|
||||
=== Multi-Factor Authentication
|
||||
|
||||
Many first-time bitcoin users will use a web-based wallet or online service as their bitcoin bank. Unfortunately this has led to a rash of thefts from bitcoin users, almost all due to compromised desktop computers. Hackers will install trojans and key-loggers looking for access to well-known bitcoin sites. As soon as a user logs on, their own computer will compromise the account and surreptitiously transfer all their money to another bitcoin address. Once stolen, there is no recovery, as bitcoin transactions are not reversible. The most effective defense against this attack is a two-factor authentication scheme such as sending an SMS code, or using a smartphone application to generate one-time codes (See Google Authenticator)
|
||||
|
||||
=== Hardware Wallets
|
||||
|
||||
In the longer term, bitcoin security is increasingly implemented with hardware tamper-proof wallets. Unlike a smartphone or desktop computer, a purpose-built bitcoin hardware wallet has only one purpose and function - holding bitcoins securely. Without general purpose software to compromise and with limited interfaces, hardware wallets can deliver an almost foolproof level of security to non-expert users. I expect to see hardware wallets becoming the predominant method of bitcoin storage, or eventually embedded in smartphones as a secure hardware module. For an example of such a hardware wallet, see the Trezor.
|
||||
|
||||
=== Multi-sig and Governance
|
||||
|
||||
=== Survivability
|
||||
|
||||
|
||||
=== Conclusion
|
||||
|
||||
Bitcoin is a completely new, unprecedented and complex technology. Over time we will develop better security tools and practices that are easier to use by non-experts. For now, bitcoin users can use many of the tips above to enjoy a secure and trouble-free bitcoin experience.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Loading…
Reference in new issue