čtvrtek 28. prosince 2017

Bitcoin myths: Bitcoin is safe

Stating that Bitcoin is safe is quite misleading.

There are different levels of safety. Bitcoin is safe in a way. The myth about Bitcoins safety comes from the algorithms used to authorize a transaction request. Strong hashing algorithms are used for that, involving long private and public keys. Therefore, it is currently impossible to compute a private key for a public key, so you can't order a transaction without having the private key.

However, the weakest point of existing financial systems never was a weak encryption. Modern banks use 2 factor authentication, which means that besides a password, you have to confirm a login or a transaction with an additional secret passed through an independent channel, typically a cell phone over GSM.

Most often, it is the user who makes the whole system vulnerable.

With Bitcoin, which completely relies on a single point of security (strong private key), once the key is leaked to anyone, your money are immediately unsafe. Even worse: It is impossible to know whether the key has leaked or not. Even worse: The only way to find out that it was leaked is when all Bitcoins are transfered to other address. And the worst: There is no way to get it back - because Bitcoin, by design, has no "revert" option.

Leaking the private key is easy: In a situation when more than half of personal computers are infected with a virus, it's foolish to assume their users will be able to safely operate with Bitcoin key. Even if you keep your disk encrypted and the key in an encrypted file, each time you perform a Bitcoin transaction, the key can be stolen by a malware.

Bitcoin enthusiasts will operate with two options: Hardware wallet, or paper wallet. Both are impractical. Hardware wallet is something you need to carry around whenever you want to perform a transaction. If you loose it, you loose your Bitcoins. To prevent loosing them, you need to have a recovery data. But if you have recovery data which can be stolen - why have a hardware wallet?

If you suspect your private key was leaked (someone has stolen your cell phone, you had a virus, ...), there is no way to revoke it. The only thing you can do is to create a new wallet with a new key and send all the Bitcoins there. But if the old wallet is where you were receiving payments, every place you distributed the old Bitcoin address to would have to get the update - which is impossible: All emails sent, all QR codes printed, all "Donate to" footers in forum posts, all address books of your regular payers.

The cases when someone's wallet was emptied are very common. I suggest you to go to any larger uncensored Bitcoin Facebook group and look for the desperate people seeking advice. The answer is always: You're screwed, all is lost.

That's not how a safe payment system works.

Žádné komentáře:

Okomentovat

Bitcoin propaganda: Bitcoin will displace banks

It's a common motivation for Bitcoin fans, or more generally, crypto fans, that it will displace banks. The idea is that when you have ...