How safe are your bitcoins? How can you improve bitcoin security?
Besides asking what exactly bitcoins are, this is probably one of the most frequent questions that people have regarding the cryptocurrency. And, despite offering heavy security, this is a valid question that users should ask.
For starters, we’ve all read the instances where bitcoin wallets, like inputs.io, were hacked multiple times. There’s also been the Mt Gox bankruptcy where millions of bitcoins disappeared, the “Pony” Botnet infection that stole millions of passwords, and the possibility of 51% attacks that could lead to double spending.
What makes these situations even scarier is that there isn’t someone that you contact to resolve this issue. Unlike traditional institutions where you can send an email or call someone since you’re essentially your bank. Furthermore, once a bitcoin has been lost or stolen, it’s gone for good. So, in most cases, don’t expect to be compensated or refunded if this occurs.
Bitcoin Security 101
Since you can’t necessarily rely on a governing body to protect your bitcoins, it’s up to you to take the initiative and follow these basic security measures.
Choose Online Services Wisely
As with any online service make sure that you do your homework and only use trusted bitcoin exchanges and wallets. Exchanges like Coinbase, Bitfinex, Bitstamp, Cryptsy, and Kraken are all recommended. As for wallets, Coinbase, Hive, Blockchain Wallet, and Electrum are suggested.
Even though the exchanges and wallets are trustworthy, don’t forget to enable two-factor authentication for additional security and have direct control over your bitcoins meaning that you have the private keys.
Encrypt Your Wallet
As Bitcoin.org states, “Encrypting your wallet or your smartphone allows you to set a password for anyone trying to withdraw any funds. This helps protect against thieves though it cannot protect against keylogging hardware or software.”
Backup Your Wallet
Backing up your wallet protects you in the case of computer failure or human error. It also gives you the chance to recover your wallet in case your computer or mobile device is lost or stolen.
Remember to backup your entire wallet frequently and use several secure locations. Bitcoin Security 101 suggests that you use the 3-2-1 strategy: 3 Backups on two different media (e. g. external Hard Drive and USB stick) and 1 of these offsite.
Other Basic Security Measures
Besides implementing the measures listed above, you should also;
- Don’t store all of your bitcoins in one location. Keep only the amount that you need for daily purchases in your wallet.
- Don’t forget your password. And, make sure that it’s strong.
- Have the latest Bitcoin software.
- Keep an offline wallet that is not connected to a server.
- Use multi-signature features to protect against theft.
Improve Security with Bitcoin Vaults
Malte Möser, Ittay Eyal, and Emin Gün Sirer have released a paper that details how you can take the safety of your bitcoins to the next level by implementing bitcoin vaults. Vaults, as described in Hacking, Distributed are “special accounts whose keys can be neutralized if they fall into the hands of attackers.” Essentially these are “Bitcoin’s decentralized version of you calling your bank to report a stolen credit card — it renders the attacker’s transactions null and void.” Even more promising is that “vaults demotivate key theft in the first place.”
“Operationally, the idea is simple. You send your money to a vault address that you yourself create. Every vault address has a vault key and a recovery key. When spending money from the vault address with the corresponding vault key, you must wait for a predefined amount of time (called the unvaulting period) that you established at the time you created the vault — say, 24 hours. When all goes well, your vault funds are unlocked after the unvaulting period and you can move them to a standard address and subsequently spend them in the usual way.”
If a hacker gets ahold of your vault key, you have 24 hours to revert any transaction that the hacker issued. The transaction is “undone” and returned to your account.
To implement vaults, however, the architecture of bitcoins have to be changed through a single simple opcode with nominal overhead. The authors believe that this “should be both minimal and general” and can be accomplished as such through Bitcoin Covenants. A “covenant is a restriction placed on the shape of a future transaction. Because covenants can be recursive, they can self-perpetuate, or they can be limited in time, allowing one to implement a range of rich semantics.”
Vaults “do not affect coin fungibility or the irreversibility of regular transactions in any way.” It’s a “personal defense mechanism” that allows you to “take the money that you want to keep safe and put them in a vault address that you create .” Whenever you want to make funds readily available, you can do so by moving them over to your “hot wallet.”
As the authors conclude, vaults tackle cryptocurrency security concerns by reducing scams, theft and preventing poisonous transactions.
