Storage vaults for Bitcoin?

by on March 14, 2014 at 10:01 am in Economics | Permalink

…a raft of bitcoin thefts at exchanges like Mt. Gox is raising the question of whether the sophisticated currency still needs the same sort of physical security infrastructure—impenetrable steel vaults, armed security guards, and even paper ledgers—as cash and gold.

A Silicon Valley startup called Xapo is among a handful of young companies trying to become the Fort Knox of bitcoin, building secret bank vaults deep in the earth that would safely store millions of dollars worth of bitcoin code on computer drives. And if modern bank robbers still manage to pry open the vault? Xapo promises to fully insure all deposits.

On Wednesday, Xapo said it raised $20 million in funding led by venture-capital firm Benchmark, to support a network of underground vaults that the company says are in mountainous regions on multiple continents.

There is more here.  I think of this as a lesson in how bid-ask spreads tend to reemerge, one way or another, no matter how hard we try to abolish them.  One key question about Bitcoin is whether it has found a better place to “put” the bid-ask spread.

1 Alex Godofosky March 14, 2014 at 10:10 am

Or you could just store your bitcoins at home…

2 dan1111 March 14, 2014 at 10:13 am

You can also store dollars in your mattress. But your house could be robbed or burn down.

3 Alex Godofsky March 14, 2014 at 10:30 am

You can’t send the dollars from your mattress to some other person without physically transporting them yourself or entrusting them to a third party. You can do so with bitcoins stored at home.

4 david March 14, 2014 at 10:39 am

Dollars in a mattress are harder to 0day than your internet-connected home computer, so it’s really swapping one attack vector for another.

5 Alex Godofsky March 14, 2014 at 10:43 am

If you really think your personal computer is that insecure then I hope you don’t use a bank that has a website!

6 david March 14, 2014 at 10:46 am

Oh, I expect my bank to provide two-factor authentication for online banking, and to further freeze my account if any suspicious transactions are going on. So, yes, I don’t entirely trust my home PC.

7 Dan Weber March 14, 2014 at 10:56 am

Even if your home PC is compromised, the bank is legally required to make you whole for any transfers that you did not authorize. (If you are an individual — if you are a small business, watch out!)

Bank fraud has a big bottleneck in that there are only a small number of pipes where transactions are not reversible, like ATM withdrawals. The fraudsters try to get stool pigeons to do things like “write checks from home” so those stool pigeons get stuck with the bill.

8 dan1111 March 14, 2014 at 11:30 am

I don’t have any direct experience, but I doubt millions of dollar transactions can be authorized solely from a home PC. Anyway, this is not really equivalent. Bank transactions happen on a secure server with far more security than a personal computer. Your PC is only the point of connection. Hacking into your PC doesn’t really get someone into the bank’s server. With Bitcoin, all of your money is actually on your computer, so an attacker only needs to get into your PC itself.

Home PCs are hacked fairly rarely only because the reward for the effort isn’t that high. If someone suspected you had millions of dollars on your computer, I don’t think getting at it would be a very hard job. There are lots of potential avenues of attack.

Also, it really isn’t swapping attack vectors, but adding a new one. Just like money in the mattress, someone could break in and physically steal your PC.

9 dan1111 March 14, 2014 at 10:45 am

The risk with Bitcoin isn’t the transactions; it’s the storage. I think that has been clearly demonstrated.

10 Adrian Ratnapala March 14, 2014 at 1:45 pm

Storing bitcoins on the cloud never made any more sense at all. If you trust internet-guys then just use PayPal.. If I ever get enough bitcoins to bother protecting I will use a bank safety deposit box to protect *something*. Either a bitcoin wallet, or a key that encrypts important info including bitcoin wallets.

In a way the physical storage problem is already “solved” — because cryptocoins can be stored safely like any other document. But more realistically we lack a conveniently secure way to distill such documents into physical form for storage. The world needs a hardware encryption device in a USB “key” where we can store your important documents, passwords, private keys and crypto-coins. Then you can protect it like an other valuable artefact.

11 Bob March 14, 2014 at 2:44 pm

You’d still have to back up your artifact, because no media lasts forever, especially rewritable media. Gets even worse when losing a few bits means losing the whole thing. And then there’s synchronizing cold storage and warm storage, because you might want to spend money.

The problem isn’t trivial.

12 Dan Weber March 14, 2014 at 2:53 pm

There are paper wallets: OCR keys that last for decades.

Even things that are 99.99% effective are still scary, though, to hold any serious amount of money.

13 Bob March 14, 2014 at 2:41 pm

But you can also just lose them to a faulty drive, or a house fire. You also might want them unplugged most of the time. Having hot wallets and cold wallets interact with real security and without high risks of failure is a PITA. It’s like corporate backups, times a hundred.

14 LG March 14, 2014 at 3:56 pm

I keep my cash in an FDIC insured bank account. I can transfer it to a third party without leaving my couch and if it gets hack the bank takes the fraud risk. Oh, and they pay me interest.

15 rationalist March 14, 2014 at 5:07 pm

I bet you I could hide a small piece of paper somewhere round the house where no criminal would find it.

And houses rarely burn down. Also can’t you get fireproof safes? Print the btc onto something durable and put it in one of those. Or trust a traditional safety deposit box at a bank. Maybe there is a market opportunity making a cheap printer which prints numbers onto something fireproof and waterproof…

16 dan1111 March 14, 2014 at 10:11 am

It turns out you still have to trust somebody. Why trust Xapo more than a bank? Mood affiliation?

17 Timothy March 14, 2014 at 10:48 am

Cryptographic blind proof of reserve, potentially. Bitcoin depositories and eventually banks will be able to publicly verify their total reserves, and provide you a code that verifies your individual reserves are accounted for in that total.

18 dan1111 March 14, 2014 at 10:56 am

That would solve certain kinds of problems, but not the basic one: if they hold your money, you have to trust them, because they have the power to not give it back.

The whole point of a vault with security guards is to prevent non-trusted people from getting inside. But whoever owns the vault can get inside.

19 Dan Weber March 14, 2014 at 11:01 am

And if someone leaves the vault unlocked for 3 seconds, the entire contents of the vault is not instantly and irreversibly transported into a thief’s house.

20 Timothy March 14, 2014 at 11:11 am

Reputable large-scale BTC depositories store 95%+ of funds on offline paper/USB storage “cold wallets” which cannot be hacked barring serious disruptions to math. Coinbase was recently audited as 98% in cold storage.

Even Mt. Gox had that bit right – the problem was that Gox took funds from the cold wallets with no accounting or auditing. Seriously, as if bank tellers refilled ATMs with the care and auditing given gumball machines.

21 dan1111 March 14, 2014 at 11:21 am

But the whole point, Timothy, is you have to trust the depository–with Mt. Gox proving precisely that point.

Bitcoin does not create a monetary system that eliminates the need for trust. It just shifts the party that you have to trust. This only makes sense if you are irrationally paranoid about mainstream monetary institutions and thus trust them less than you would a bleeding edge Bitcoin startup.

22 Sir Barken Hyena March 14, 2014 at 12:29 pm

The claim was never that Bitcoin eliminated the need for all trust in human relations, only for the task of maintaining an authentic ledger that is distributed. Not the same thing but it’s enough, more than enough.

23 Dan Weber March 14, 2014 at 12:44 pm

Flexcoin had over 90% of their coins in cold storage, it didn’t stop them from going out of business when they got robbed.

If you ever make the slightest mistake with your cold storage it is game over. You can be totally fine one second and wiped out the next second.

24 dan1111 March 14, 2014 at 1:52 pm

@SirBarkenHyena: “Much of the trust in Bitcoin comes from the fact that it requires no trust at all.”

It took me 2 seconds to find that on the Bitcoin Foundation website.

25 Sir Barken Hyena March 15, 2014 at 12:54 am

And that means what? Anyways, yawn.

26 eddie March 14, 2014 at 10:19 am


27 Paul McGuane March 14, 2014 at 10:42 am
28 Anti-ummm March 14, 2014 at 10:48 am

This is beyond ridiculous already. Bunkers for fake money? Reminds me of how Second Life was supposed to surpass real life. These tech valley folks are chock full of intelligence but the lack of wisdom is staggering.

29 Dan Weber March 14, 2014 at 11:10 am

They got a sucker to pay them $20 million so there’s some kind of wisdom there.

This whole concept reeks of bullshit, and you can quote me on that.

30 Dan Weber March 14, 2014 at 10:50 am

I didn’t come up with the analogy, but every Bitcoin enterprise is running an extremely high-pressure system, where the slightest error results in complete and irrevocable loss of all funds immediately available.

Some try to deal with this by having “cold wallets” and “hot wallets” and only having the latter be in play, but those still get compromised and destroy companies.

The traditional banks spend a lot of money securing things and they live in a reversible world. You have to get your Bitcoin stuff exactly right or else instant and complete loss of all funds will result.

And Bitcoin start-ups select for people who think they are much better than they actually are (the MtGox guy built his own SSH server in PHP and used it in production) so they are more likely to be doomed.

This “underground vault” nonsense is just that, nonsense.

31 A Berman March 14, 2014 at 11:43 am

Or, you could print out your bitcoin wallet codes on a piece of paper (shorter than this response) and store them in your favorite safe deposit box.

32 Nylund March 14, 2014 at 12:29 pm

So rather than having to actually steal the paper money, all someone has to do is photograph these codes if they want to steal it? How exactly does this work?

33 Craig March 14, 2014 at 1:17 pm

The play is to capture your keystrokes when you type them back into your computer, and whisk the coins away before you can hit “enter.”

34 A Berman March 14, 2014 at 1:27 pm

Yes. The codes are your public and private ‘keys’. Knowing the private key gives you the ability to prove that you own the bitcoins. Simplistically private key ~ password to the right to manipulate those bitcoins. That’s all there is to it.

35 Raphfrk March 14, 2014 at 5:46 pm

There is a method to split a key into pieces. You could backup your key as a 5 of 9 share. That means that you need 5 of the 9 shares to re-constitute the key.

You could store the 9 shares in various locations. Someone would have to find 5 of them to get your private key.

Some people use raspberry pis (or just a cheap/old laptop) as an “offline” computer that has their key stored (protected by a long passphrase). If they forget the passphrase (or the computer hard drive crashes), they can recreate the wallet using 5 of their 9 shares.

That computer is never connected to the internet once it is setup. Unless you download compromised code on day one, the computer is safe.

Unsigned transactions can be passed to the computer for signing. There is a risk with auto-run on the usb.

36 collin March 14, 2014 at 11:55 am

Great now we have the idea for the next James Bond movie, Bitfinger! Bitfinger is going to bring down all the Western, Chinese and drug lord economies by hacking into Xapo and contaminating all the Bitcoins with computer viruses.

He loves the 1s and 0s!

37 Yancey Ward March 14, 2014 at 12:27 pm


38 Tom March 14, 2014 at 12:43 pm

Very good commentary on Bitcoin devotees here:

39 Craig March 14, 2014 at 1:12 pm

Ayuh. I’ve been saying this for years. We want banks to protect us against theft and fraud. The only way Bitcoin can work is if someone builds a theft-and-fraud protection layer on top of it, and–surprise!–they’ll charge you for that. So there goes the crap “Bitcoin does away with the middlemen” argument.

(Yeah, cultists: banks get robbed all the time. And my concern? Zero. You want to look up “Deposit Insurance.” That’s part of the protection.)

40 Dan Weber March 14, 2014 at 2:58 pm

To nitpick: the FDIC deposit insurance doesn’t protect you against bank robbery. Bank robbery is handled through plain old regular business insurance bought on the private market.

41 Craig March 15, 2014 at 12:25 pm

I had always thought that FDIC/NCUA insurance backstopped even the Riddler and Two-Face stealing the vault…thanks for better informing me.

42 rationalist March 14, 2014 at 4:57 pm

Fir smallish amounts, just write or print the private key on a small piece of paper and store it at home. If you are talking about larger amounts, say millions, put the paper in an opaque tamper proof envelope in a safety deposit box. If you are worried about losing the key, have two copies: one at home under the mattress and one hidden in the garage printed on waterproof plastic. I am sure people can think of creative places to hide thus stuff. Or for larger amounts, two separate safety deposit boxes. Why does this have to be hard? Are people retarded or is it just not obvious that large amounts of bitcoin should be stored offline?

43 Craig March 15, 2014 at 12:28 pm

Again: malware. You’re locking the barn after the cows are gone. I use two malware protection products, keep them up to date, and yet, once or twice in my life, something bad’s gotten through. Heck of a way to lose your life’s savings…

Everyone keeps fortifying the strong points. The WEAK points are where the attackers come for you.

44 Thomas Sewell March 14, 2014 at 5:18 pm

How about this for a lesson…. don’t trust your money, in any form, bitcoin or otherwise, on deposit in any institution that isn’t insured by someone with enough assets to make all their depositors whole if required by events… then you can just rely on the insurance underwriter to keep them up with decent security practices and you only have to make sure the underwriter still has assets to cover.

Comments on this entry are closed.

Previous post:

Next post: