There are perhaps more interesting solutions on the horizon as well. Bitcoin’s programmability in particular may allow for novel solutions to prevent or revert thefts even after they have happened.
But the hack also served as another wake-up call. Moving forward, several technical solutions are being proposed to increase security of Bitcoin exchanges, to hopefully prevent similar scenario’s in the future.
That said, as argued by Bitsquare developer Manfred Karrer himself in a recent blog post, “There is probably much room for improvement as long as the community focuses on the right problems to solve.”
Another idea and a solution that would require no changes to the Bitcoin protocol at all is for exchanges to set up payment channels with their customers. Much like a Lightning Network hub, the exchange would merely serve as a routing agent in between all users of the exchange, with no access to customer funds.
(Also see this Development Mailing List thread for more discussion on these types of solutions.)
Instead, all users would retain full control over any bitcoins they “deposited” in the exchange. They would be able to withdraw their balance at any time, even if the exchange is hacked. Trading itself would require users to sign off on transactions, but since it would be off-blockchain transactions, this could happen as swiftly as centralized exchanges allow right now.
It should be noted, however, that this set-up would not improve security from the perspective of the exchange itself — it would arguably even make it worse in some ways. This is because the exchange would have to open payment channels with all customers, meaning they’d need to invest bitcoins in these channels. A security breach, then, may still cost the exchange significant amounts of funds.
Last week’s Bitfinex hack, in which Bitcoin’s leading exchange lost almost 120,000 bitcoins valued some $70 million USD at the time, represented a depressing realization for the Bitcoin community. Where many had hoped that multi-million dollar hacks and loss of customers funds were a thing of the past, it became clear that storing bitcoins on an exchange is still not as secure as it perhaps should be. In an industry first, Bitfinex imposed an Extraordinary Loss Adjustment on all customer funds; re-opening balances this week show a cut of about 36 percent per account.
Bitcoin Vaults in particular could become a native part of the Bitcoin protocol. To explain it in slightly-imprecise-but-easy-to-understand-language, Bitcoin Vaults are special Bitcoin addresses that lock bitcoins up along a two-step security mechanism, with two different keys. Unlocking the bitcoins would require a typical private key, much like any other Bitcoin address. But after the initial lock has been opened, it would take, say, 24 hours before the bitcoins can actually be spent. And within these 24 hours, the transaction can be reverted with a backup key, ensuring a hacker wouldn’t get the money. And if the hacker gains access to both keys, the exchange could still choose to “burn” all funds, thereby ensuring no one gets any money, thus disincentivizing theft in the first place.
This can be accomplished along several, slightly different strategies. Timechains was an early proposal by Matthew Roberts and Elías Snær Einarsson, while Cornell University researchers Malte Möser, Ittay Eyal and Emin Gün Sirer very recently proposed “Bitcoin Vaults”.
As a downside of Bitsquare, its usability is currently not quite as slick as offered by centralized exchanges. The process of making and taking offers is still somewhat clunky, and where bank transfers are used, settlement is slow. Furthermore, in order to prevent fraud, trading limits are lower than typical exchanges: around one or two bitcoins depending on the type of trade. And options for advanced trading strategies — leveraged trading, short selling and the rest — are not available.
Here is a brief overview of some of these possible solutions.
While there have been prior experiments in this domain — like Coinffeine — only one decentralized exchange has gained some level of traction so far: Bitsquare. Bitsquare is still very much a work in progress (the project only launched several months ago), and some aspects are not yet entirely decentralized; like the arbitration process. But it does offer the Bitcoin community a working, usable and useful decentralized exchange — with no company wallet to be hacked into whatsoever.
As a bittersweet gain from the Bitfinex fiasco, Bitcoin exchanges will hopefully not make this mistake again. As pointed out by several prominent exchanges already — including Bitstamp and BitMEX — multisig security can offer benefits. But it must, at the very least, be combined with other stopgaps, such as withdrawal limits and cold storage solutions.
As of yet, it’s not exactly clear what caused the Bitfinex hack. What is clear, is that a multi-signature set-up with BitGo to secure customer funds failed to provide any meaningful security. In theory, both Bitfinex and BitGo’s servers should have needed to be compromised in order to steal any money. But in practice, BitGo seems to have co-signed any and all transactions requested by Bitfinex (or its hacker), offering no added security at all.
Perhaps the most robust solution would be to entirely decentralize exchanges in such a way that no company holds any bitcoins (or fiat currency) at all; ensuring there is no single point of failure.
Analysis: What 2019 Could Bring for Bitcoin
Trading in altcoins was a big part of what made Bitcoin price spike towards the end of 2017. A section of the crypto space argues that while altcoins helped Bitcoin’s market cap swell, they also bro
Bitcoin Cash Going Down as Stellar Warms up
Bitcoin Cash’s market cap has been cut in half since the Nov. 15 hardfork which birthed the Bitcoin ABC and Bitcoin SV chains. Now at a mere $3.5 bln and a unit price of ~$201 as at the time of writ
300k User Data from Chinese Auto Finance Platform Sold For One Bitcoin on Dark Web
It is revealed that 300,000 pieces of user data from a Chinese auto finance platform Jiurong were compromised and priced at one bitcoin on the dark web.
According to the leaked data posted, persona
Heyday of Bitcoin Mining Rigs Business at China’s Huaqiangbei is Over Amid Crypto Market Carnage
Bitcoin price slumped to a 13-month low of about $4,300 on Wednesday, making mining the world’s leading digital currency an unprofitable business. A lot of mall miners, mining rigs dealers and minin
Dialogue with Bitcoin Evangelist in Latin America: RSK Labs CEO Diego on Crypto Industry
Diego Gutierrez is the CEO at Koibanx and president of Bitcoin Argentina NGO. In addition, Diego also serves as the CEO of Rootstock/RSK Labs, a smart contract platform built on top of bitcoin.
China’s Bitcoin Billionaire Zhao Dong : Bitcoin Price to Hit $50,000 in Three Years—Now Is the Time to Buy the Dip
Despite Bitcoin’s latest crash and a real chance that its price will go much lower, Zhao Dong, prominent Chinese OTC trader and founder of Dfund, remains bullish on the the world’s biggest cryptoc
Bitcoin Miners Sold by Kilo in China Amid Cryptocurrency Crash
The leading cryptocurrency bitcoin once fell below $4,300 on the afternoon of November 20 – down more than 17% on a 24-hour basis and hitting a 13-month low since October 2017. Great losses are seen
Xiao Lei: 3 Main Reasons of the “Unreasonable” Bitcoin Price Crash
Cryptocurrency markets experienced a havoc in the past few days. Bitcoin, the uncrowned king in the crypto world, has fell as much as 30% over the past two weeks, while other major tokens are all suff