[Cryptography] Bitcoin theft and the future of cryptocurrencies

iang iang at iang.org
Thu Jan 4 15:30:30 EST 2018



On 13/12/2017 11:21, Georgi Guninski wrote:
> If your bitcoin wallet is compromised, all your bitcoins are gone
> forever. With a credit card, you have some chance of only minor
> damage. If your computer is owned, your wallet is at risk.

Yes.

> This appears major problem for the widespread adoption of bitcoin
> IMHO.

One would think, modulo hype.

> Fixing it appears to contradict decentralization, which opens another
> can of "worms".
>
> Potential approach is to use "trusted wallet proxy", but this may not
> work in practice.
>
> Are these concerns taken seriously?

The Bitcoin community has bought into what might be called the "security 
of the chain" fallacy - that the security of the chain is more important 
than the security of the users.  To an extent this aligns with price 
increases, use cases and the like.

Part of the flaw inherent in the approach is what we grey hairs used to 
call WYTM - who are you threatened by, how, why?  If you are threatened 
by the state, then that's one thing.  If you are going to be robbed by 
your spouse in a legally sponsored attack called divorce, that's another 
thing.  Cryptocurrency are mostly worried about one set of risks that 
could be said to be lower risk than average John Doe cares about.

> Any technical attempts at mitigating cryptocurrency theft?

Since early days, hardware wallets, cold storage and multisig have been 
proposed.  But these are hard to use.

I am working on a hybrid model where cold storage is issued to a 
(governable, reversable) derivative issue that is managed by a TTP that 
is "us".

It's complex of course to get the mix right.  Part of the problem is 
whatever design you come up with, there needs to be some reversibility 
built in at some point.  Which kinda flies in the face of raw 
blockchain.  So blockchain needs to compromise, as do the people.

iang


More information about the cryptography mailing list