Storage vaults for Bitcoin?

…a raft of bitcoin thefts at exchanges like Mt. Gox is raising the question of whether the sophisticated currency still needs the same sort of physical security infrastructure—impenetrable steel vaults, armed security guards, and even paper ledgers—as cash and gold.

A Silicon Valley startup called Xapo is among a handful of young companies trying to become the Fort Knox of bitcoin, building secret bank vaults deep in the earth that would safely store millions of dollars worth of bitcoin code on computer drives. And if modern bank robbers still manage to pry open the vault? Xapo promises to fully insure all deposits.

On Wednesday, Xapo said it raised $20 million in funding led by venture-capital firm Benchmark, to support a network of underground vaults that the company says are in mountainous regions on multiple continents.

There is more here.  I think of this as a lesson in how bid-ask spreads tend to reemerge, one way or another, no matter how hard we try to abolish them.  One key question about Bitcoin is whether it has found a better place to “put” the bid-ask spread.

Comments

Or you could just store your bitcoins at home...

You can also store dollars in your mattress. But your house could be robbed or burn down.

You can't send the dollars from your mattress to some other person without physically transporting them yourself or entrusting them to a third party. You can do so with bitcoins stored at home.

Dollars in a mattress are harder to 0day than your internet-connected home computer, so it's really swapping one attack vector for another.

If you really think your personal computer is that insecure then I hope you don't use a bank that has a website!

Comments for this post are closed

Oh, I expect my bank to provide two-factor authentication for online banking, and to further freeze my account if any suspicious transactions are going on. So, yes, I don't entirely trust my home PC.

Comments for this post are closed

Even if your home PC is compromised, the bank is legally required to make you whole for any transfers that you did not authorize. (If you are an individual -- if you are a small business, watch out!)

Bank fraud has a big bottleneck in that there are only a small number of pipes where transactions are not reversible, like ATM withdrawals. The fraudsters try to get stool pigeons to do things like "write checks from home" so those stool pigeons get stuck with the bill.

Comments for this post are closed

I don't have any direct experience, but I doubt millions of dollar transactions can be authorized solely from a home PC. Anyway, this is not really equivalent. Bank transactions happen on a secure server with far more security than a personal computer. Your PC is only the point of connection. Hacking into your PC doesn't really get someone into the bank's server. With Bitcoin, all of your money is actually on your computer, so an attacker only needs to get into your PC itself.

Home PCs are hacked fairly rarely only because the reward for the effort isn't that high. If someone suspected you had millions of dollars on your computer, I don't think getting at it would be a very hard job. There are lots of potential avenues of attack.

Also, it really isn't swapping attack vectors, but adding a new one. Just like money in the mattress, someone could break in and physically steal your PC.

Comments for this post are closed

Comments for this post are closed

The risk with Bitcoin isn't the transactions; it's the storage. I think that has been clearly demonstrated.

Storing bitcoins on the cloud never made any more sense at all. If you trust internet-guys then just use PayPal.. If I ever get enough bitcoins to bother protecting I will use a bank safety deposit box to protect *something*. Either a bitcoin wallet, or a key that encrypts important info including bitcoin wallets.

In a way the physical storage problem is already "solved" -- because cryptocoins can be stored safely like any other document. But more realistically we lack a conveniently secure way to distill such documents into physical form for storage. The world needs a hardware encryption device in a USB "key" where we can store your important documents, passwords, private keys and crypto-coins. Then you can protect it like an other valuable artefact.

Comments for this post are closed

You'd still have to back up your artifact, because no media lasts forever, especially rewritable media. Gets even worse when losing a few bits means losing the whole thing. And then there's synchronizing cold storage and warm storage, because you might want to spend money.

The problem isn't trivial.

Comments for this post are closed

There are paper wallets: OCR keys that last for decades.

Even things that are 99.99% effective are still scary, though, to hold any serious amount of money.

Comments for this post are closed

Comments for this post are closed

But you can also just lose them to a faulty drive, or a house fire. You also might want them unplugged most of the time. Having hot wallets and cold wallets interact with real security and without high risks of failure is a PITA. It's like corporate backups, times a hundred.

Comments for this post are closed

I keep my cash in an FDIC insured bank account. I can transfer it to a third party without leaving my couch and if it gets hack the bank takes the fraud risk. Oh, and they pay me interest.

Comments for this post are closed

Comments for this post are closed

I bet you I could hide a small piece of paper somewhere round the house where no criminal would find it.

And houses rarely burn down. Also can't you get fireproof safes? Print the btc onto something durable and put it in one of those. Or trust a traditional safety deposit box at a bank. Maybe there is a market opportunity making a cheap printer which prints numbers onto something fireproof and waterproof...

Comments for this post are closed

Comments for this post are closed

Comments for this post are closed

It turns out you still have to trust somebody. Why trust Xapo more than a bank? Mood affiliation?

Cryptographic blind proof of reserve, potentially. Bitcoin depositories and eventually banks will be able to publicly verify their total reserves, and provide you a code that verifies your individual reserves are accounted for in that total.

That would solve certain kinds of problems, but not the basic one: if they hold your money, you have to trust them, because they have the power to not give it back.

The whole point of a vault with security guards is to prevent non-trusted people from getting inside. But whoever owns the vault can get inside.

And if someone leaves the vault unlocked for 3 seconds, the entire contents of the vault is not instantly and irreversibly transported into a thief's house.

Reputable large-scale BTC depositories store 95%+ of funds on offline paper/USB storage "cold wallets" which cannot be hacked barring serious disruptions to math. Coinbase was recently audited as 98% in cold storage.

Even Mt. Gox had that bit right - the problem was that Gox took funds from the cold wallets with no accounting or auditing. Seriously, as if bank tellers refilled ATMs with the care and auditing given gumball machines.

Comments for this post are closed

But the whole point, Timothy, is you have to trust the depository--with Mt. Gox proving precisely that point.

Bitcoin does not create a monetary system that eliminates the need for trust. It just shifts the party that you have to trust. This only makes sense if you are irrationally paranoid about mainstream monetary institutions and thus trust them less than you would a bleeding edge Bitcoin startup.

Comments for this post are closed

The claim was never that Bitcoin eliminated the need for all trust in human relations, only for the task of maintaining an authentic ledger that is distributed. Not the same thing but it's enough, more than enough.

Comments for this post are closed

Flexcoin had over 90% of their coins in cold storage, it didn't stop them from going out of business when they got robbed.

If you ever make the slightest mistake with your cold storage it is game over. You can be totally fine one second and wiped out the next second.

Comments for this post are closed

@SirBarkenHyena: "Much of the trust in Bitcoin comes from the fact that it requires no trust at all."

It took me 2 seconds to find that on the Bitcoin Foundation website.

Comments for this post are closed

And that means what? Anyways, yawn.

Comments for this post are closed

Comments for this post are closed

Comments for this post are closed

Comments for this post are closed

Comments for this post are closed

wat

Comments for this post are closed

Sounds like Cryptonomicon.

http://en.wikipedia.org/wiki/Cryptonomicon#1990s_storyline

Comments for this post are closed

This is beyond ridiculous already. Bunkers for fake money? Reminds me of how Second Life was supposed to surpass real life. These tech valley folks are chock full of intelligence but the lack of wisdom is staggering.

They got a sucker to pay them $20 million so there's some kind of wisdom there.

This whole concept reeks of bullshit, and you can quote me on that.

Comments for this post are closed

Comments for this post are closed

I didn't come up with the analogy, but every Bitcoin enterprise is running an extremely high-pressure system, where the slightest error results in complete and irrevocable loss of all funds immediately available.

Some try to deal with this by having "cold wallets" and "hot wallets" and only having the latter be in play, but those still get compromised and destroy companies.

The traditional banks spend a lot of money securing things and they live in a reversible world. You have to get your Bitcoin stuff exactly right or else instant and complete loss of all funds will result.

And Bitcoin start-ups select for people who think they are much better than they actually are (the MtGox guy built his own SSH server in PHP and used it in production) so they are more likely to be doomed.

This "underground vault" nonsense is just that, nonsense.

Comments for this post are closed

Or, you could print out your bitcoin wallet codes on a piece of paper (shorter than this response) and store them in your favorite safe deposit box.

So rather than having to actually steal the paper money, all someone has to do is photograph these codes if they want to steal it? How exactly does this work?

The play is to capture your keystrokes when you type them back into your computer, and whisk the coins away before you can hit "enter."

Comments for this post are closed

Yes. The codes are your public and private 'keys'. Knowing the private key gives you the ability to prove that you own the bitcoins. Simplistically private key ~ password to the right to manipulate those bitcoins. That's all there is to it.

Comments for this post are closed

There is a method to split a key into pieces. You could backup your key as a 5 of 9 share. That means that you need 5 of the 9 shares to re-constitute the key.

You could store the 9 shares in various locations. Someone would have to find 5 of them to get your private key.

Some people use raspberry pis (or just a cheap/old laptop) as an "offline" computer that has their key stored (protected by a long passphrase). If they forget the passphrase (or the computer hard drive crashes), they can recreate the wallet using 5 of their 9 shares.

That computer is never connected to the internet once it is setup. Unless you download compromised code on day one, the computer is safe.

Unsigned transactions can be passed to the computer for signing. There is a risk with auto-run on the usb.

Comments for this post are closed

Comments for this post are closed

Comments for this post are closed

Great now we have the idea for the next James Bond movie, Bitfinger! Bitfinger is going to bring down all the Western, Chinese and drug lord economies by hacking into Xapo and contaminating all the Bitcoins with computer viruses.

He loves the 1s and 0s!

LMAO!

Comments for this post are closed

Comments for this post are closed

Very good commentary on Bitcoin devotees here: http://www.ritholtz.com/blog/2014/03/shit-bitcoin-fanatics-say/

Comments for this post are closed

Ayuh. I've been saying this for years. We want banks to protect us against theft and fraud. The only way Bitcoin can work is if someone builds a theft-and-fraud protection layer on top of it, and--surprise!--they'll charge you for that. So there goes the crap "Bitcoin does away with the middlemen" argument.

(Yeah, cultists: banks get robbed all the time. And my concern? Zero. You want to look up "Deposit Insurance." That's part of the protection.)

To nitpick: the FDIC deposit insurance doesn't protect you against bank robbery. Bank robbery is handled through plain old regular business insurance bought on the private market.

I had always thought that FDIC/NCUA insurance backstopped even the Riddler and Two-Face stealing the vault...thanks for better informing me.

Comments for this post are closed

Comments for this post are closed

Comments for this post are closed

Fir smallish amounts, just write or print the private key on a small piece of paper and store it at home. If you are talking about larger amounts, say millions, put the paper in an opaque tamper proof envelope in a safety deposit box. If you are worried about losing the key, have two copies: one at home under the mattress and one hidden in the garage printed on waterproof plastic. I am sure people can think of creative places to hide thus stuff. Or for larger amounts, two separate safety deposit boxes. Why does this have to be hard? Are people retarded or is it just not obvious that large amounts of bitcoin should be stored offline?

Again: malware. You're locking the barn after the cows are gone. I use two malware protection products, keep them up to date, and yet, once or twice in my life, something bad's gotten through. Heck of a way to lose your life's savings...

Everyone keeps fortifying the strong points. The WEAK points are where the attackers come for you.

Comments for this post are closed

Comments for this post are closed

How about this for a lesson.... don't trust your money, in any form, bitcoin or otherwise, on deposit in any institution that isn't insured by someone with enough assets to make all their depositors whole if required by events... then you can just rely on the insurance underwriter to keep them up with decent security practices and you only have to make sure the underwriter still has assets to cover.

Comments for this post are closed

Comments for this post are closed