Securing Your Bitcoins

Throughout my time researching and participating in the cryptocurrency economy, I have seen a lot of hacks and a lot of fraud. Though the old saying “a fool and his money are easily parted” could apply here, I’d like to think that it is not completely the fault of end users. It is also about the tools that are available, and how easy it is for people to use them. Though cryptocurrency is a new technology, there are a growing number of options for you to secure your bitcoins.

Offline “Cold Storage” Wallets

The gold standard in cryptocurrency security, cold storage is the process of keeping private keys offline to make them unreachable to hackers via the internet (private keys allow cryptocurrency to be spent). The solution for this that I recommend to clients is the Bitcoin Armory Wallet – to me, nothing else comes close in terms of features, usability, and support from the development team. They have an excellent step-by-step guide on their website to help you set up the wallet and transfer your investment safely offline. You will need two computers for this, one which is kept permanently disconnected from the internet to keep the private keys safe, and one to keep online for broadcasting signed transactions to the network. The offline machine can be a cheap netbook or Raspberry Pi setup (hint: going the Raspberry Pi route will take some patience and/or technical skills). After creating encrypted wallet backups on multiple forms of media (CD, USB drive, and paper), add full disk encryption to the offline computer. I recommend full disk encryption for your online computer as well.

Encrypted Wallets

For the cryptocurrency that you want to keep readily accessible, it’s important to have the wallet encrypted to prevent unauthorized spending. Reputable client-side Bitcoin wallets such as Bitcoin QT, Electrum, KryptoKit, and blockchain.info all have the option to encrypt the wallet, and this option should be exercised if you want to protect your wallet from wallet-stealing viruses and physical intruders. Blockchain.info is unique in that it is both a client-side wallet and a web wallet; the encryption is performed locally on your computer, but the encrypted wallet file is stored in the cloud for convenient access. While you can’t easily protect encrypted desktop clients from keyloggers yet, it is possible to protect an encrypted blockchain.info wallet by using Two Factor Authentication which requires not only a password to decrypt the wallet, but also another one-time code which is sent via email, SMS, or an app like Google Authenticator. I can’t emphasize this enough: use Two Factor Authentication on every account possible. Not just Bitcoin accounts, but email, social networks, and banking too. Short of encrypting everything client side, there is almost nothing else more you can do to protect your personal and financial data than to secure your accounts with Two Factor Authentication.

Mobile Wallets

Aside from blockchain.info, I am not aware of any Android mobile wallets that offer encryption. However, all of the ones I have used do let you set a PIN to prevent unauthorized spending. The difference between encryption and a PIN is that if there’s just a PIN, an attacker could pull the raw unencrypted wallet.dat file off your phone and steal the funds. The best you can do is to use full disk encryption if your phone offers it, and only keep small amounts of cryptocurrency on your phone – no more value than you keep in your physical wallet. Make a backup of your wallet, encrypt it using an app like Crypt4all, and store the backup somewhere safe. Then, if you lose your phone, you have a chance that someone who finds it won’t be able to access the wallet before the phone dies and you have a backup to restore the wallet and move the funds to a new wallet.

For Android, Bitcoin WalletMycelium, and Airbitz are great options.

For iOS, Breadwallet and Airbitz are great options.

Hardware Wallets

A relatively recent security innovation is the invention of open source hardware wallets. These USB wallets store your private keys in a secure offline environment. Raw transaction messages are sent to the wallet for signing, then the signed transaction is returned to the computer for broadcasting. As public key cryptography becomes more prevalent in every day life, expect to see professionally produced open hardware wallet devices proliferate in the marketplace.

Multisignature Wallets

Though the concept has been around since the early days of Bitcoin, wallets supporting multisignature transactions (multisig, for short) have yet to be widely used. Multisig is a way of providing Two Factor Authentication via the Bitcoin protocol itself; rather than simply requiring one signature from a wallet to spend a Bitcoin transaction, multisig transactions require multiple signatures from different private keys.

An oft-cited example is that of the simple escrow transaction between a merchant, a customer, and an arbitrator. The customer initiates a multisig transaction with the merchant and adds an arbitrator who steps in in cases of a dispute. Instead of having to trust the arbitrator with actually holding the bitcoins in escrow, a multisig transaction makes it so that the arbitrator can only add their signature to the transaction to determine whether the coins are sent to the merchant or back to the customer. This is just one possible use-case of multisig. The other is having two multisig wallets, one on the desktop or in the cloud and one on a smartphone. The user would require two signatures in order to spend bitcoins from them, one from the desktop or web wallet and one from the smartphone. This way even if the desktop is hacked, the attacker would need access to the smartphone in order to take full control of the wallet. This isn’t perfect, but is much better than the current situation.

Multisig wallets are not just great for casual users and investors, they’re great for businesses as well. In addition to the previously mentioned escrow scenario, multisig wallets would help protect businesses that store large amounts of bitcoins from having their inventory stolen by hackers. Businesses could use multisig wallets to protect funds both internally as well as in customer accounts. Exchanges and gateways could use multisig voting pools to boost customer confidence and protect against unauthorized withdrawals.

This technology is still new and in development, but so far there are a few good options for creating multisignature accounts: CoPay and mSIGNA. Bitcoin Armory also supports multisig.

Some Last Minute Advice

Make copies of the backup codes for all of your Two Factor Authentication accounts. Write down your encryption passwords and store them with your wallet and 2FA backups in a safe place – a private vault or home safe will do. It’s also possible to split up your passwords using a cryptographic sharing technique which allows you to share pieces of your password with trusted parties, to be recombined later in case something happens to you. Bitcoin Armory supports this capability natively with the Fragmented Backups feature.

When you first decide to start downloading and using cryptocurrency software, make sure your machine is malware-free, and use up-to-date anti-virus software to prevent future infections. Don’t click on random links from strangers, or friends for that matter (they could be hacked!), and avoid the seedier parts of the internet. Use browser plug-ins like No Script to prevent malicious scripts from executing just in case you accidentally open an infected website, and HTTPS Everywhere to make sure you’re logging into sites securely whenever possible. No Script will temporarily break most of the websites you try to visit; just add an exception for scripts that you trust.

And please, use Two Factor Authentication on your accounts.

TL;DR

  • Store the private keys for your long-term savings wallet offline.
  • Encrypt your wallet files and machines whenever possible.
  • Set a PIN on your mobile wallets.
  • Install good antivirus software and keep it up-to-date
  • Don’t click on random links from strangers or friends.
  • Install No Script and HTTPS Everywhere browser plugins.
  • Use Two Factor Authentication whenever possible.
Advertisements

Bitcoin Consultant John Light Interviewed on the Tony Stiles Show

On August 17th, 2013, I was interviewed by Tony Stiles for his radio show, the Tony Stiles Show. We talked about the basics of Bitcoin and why this technology is so important. Listen to the full interview below:

Everything You Need To Know About Bitcoin In Five Minutes

In June 2013 I gave an interview about the fundamentals of Bitcoin with liberty activist and writer Amanda Billyrock. We discussed how bitcoins are produced, how the network is secured against fraud, how people can start using bitcoins, and why Bitcoin is so important historically, socially, and economically.

Bitcoin Consultant John Light on the Royse University Bitcoin Webinar

On June 11, 2013, I was given the opportunity to participate in a webinar hosted by Roger Royse of the Royce Law Firm. The webinar was organized as part of the Royce University, which offers business, tax and personal finance ideas and information to help founders and executives recognize and grasp new opportunities and make meaningful connections. I was joined by several other very knowledgeable panelists who shared their perspectives on various aspects of the emerging Bitcoin economy, from regulatory issues to technical developments and business opportunities: Andreas Antonopoulos of Root Eleven and Let’s Talk Bitcoin, Dan Held of ZeroBlock and BitAngels, David Johnston of Engine.co and BitAngels, and Constance Choi of Payward. If you’d like to see more Bitcoin-themed webinars from Royse Univesity, feel free to contact them and express your interest.

Bitcoin Consultant John Light Interviewed By Forbes Journalist Kashmir Hill

When I first heard about Forbes journalist Kashmir Hill‘s week-long experiment to live a strictly Bitcoin lifestyle, I had a feeling that she was going to encounter some difficulties, being so new to the currency. After reading her day 1 article, I was proven correct. I reached out to her by email and offered to answer any questions she may have, in hopes of making the rest of her journey more enjoyable. She replied saying that her main concern at the time was paying rent, and after giving her some suggestions I was pleasantly surprised to receive not only a mention but a link-back as well in her Day 3 article (thanks Kash!). After her week was over, Kashmir organized a Bitcoin meetup through the SF Bitcoin Social meetup group at Sake Zone, a sushi restaurant in San Francisco that accepts Bitcoin. Knowing this would be a great opportunity to meet her in person and find out how the rest of her week went, I made sure to be there. Both her and her camerawoman were present, mingling with the crowd while also getting interviews for a Forbes feature video. Here is the end-result, featuring yours truly. This was a really fun night – big thanks to everyone who helped make it happen!

Donating Bitcoin to GGLR at New Living Expo

I attended the New Living Expo from April 28-30 to educate exhibitors and attendees about the benefits of Bitcoin. I was lucky to share a large booth with the San Francisco Tesla Society, the Seasteading Institute, and the Golden Gate Liberty Revolution meetup group, which was attracting a lot of foot traffic. Many people were exposed to Bitcoin for the first time ever that day, and left with my brochure in hand.

While I was at the Expo, I took the opportunity to make a video with GGLR Treasurer Jun Dam showing how easy it is for an organization to begin accepting Bitcoin donations using only an Android smart phone with the Bitcoin Spinner app installed. Watch the video below to see how easy it can be for anyone with an Android smartphone to begin using Bitcoin in less than two minutes.

Bitcoin: What Has Changed?

This post was originally published on April 17, 2013 here @ p2pconnects.us

Since my last post about Bitcoin, the price of one bitcoin has plunged from highs of around $240.00USD to $69.98 at the time I am writing this on April 16, 2013. The day that the panic-selling began was April 10, 2013. While the price has obviously changed drastically, what about Bitcoin itself? Surely this massive sell-off must have been caused by eroding confidence in the strength of one or more of the four fundamental factors that help determine the price of a bitcoin? To further examine these questions, let’s reexamine the market fundamentals:

  1. The number of bitcoins available
  2. The number of people in the market buying and selling bitcoins
  3. The security of the Bitcoin network
  4. The market’s understanding of the above factors and how they affect the price

Changes in any of these fundamentals can greatly effect the others, and will cause the price of bitcoins to go up or down.

I said in my last Bitcoin post that I believed the fundamentals affecting the rising price of bitcoins were much stronger this time around than during the crash of 2011. It has been nearly 2 years since that crash, plenty of time for potential market participants to read up on Bitcoin and understand its utility and determine whether or not it was valuable to them. The mainstream media has been running stories about Bitcoin almost daily, and educationally/technically speaking they have been improving as more journalists “get it.” I posited that as long as the security of the Bitcoin network itself – I called it the “foundational fundamental” – remained sound, people would not lose confidence in Bitcoin and the number of people in the market would therefore continue to grow with the increasing interest in Bitcoin. While my confidence in Bitcoin itself remains unshaken, my confidence in the major exchanges that facilitate trade is shaken. Mt. Gox, the largest Bitcoin exchange, pulled itself offline for 12 hours, accelerating the drop in price, and a truly reliable and liquid trading platform has yet to be created. I still believe that the security of the network is the foundational fundamental which gives Bitcoin utility and value – after all, breaking the security would make it virtually worthless overnight – but I would also like to reiterate that it is the fourth fundamental which has the most drastic effect on the actual price of Bitcoin. The psychological aspect of the Bitcoin market is what sets the price, not simply the utility of Bitcoin. After all, the Bitcoin protocol has remained more-or-less the same since the program was first released, yet we have seen the exchange rate go from 10,000 bitcoins for a couple pizzas to $240 for a single bitcoin in less than 3 years. What has changed since then is only people’s perception of Bitcoin’s intrinsic (and actual) utility; whether or not a digitally scarce medium of exchange that is part of a distributed, decentralized payment protocol which offers irreversible, pseudonymous, near-instant global trade is valuable to them.

What occurred during the crash last week was a massive sell-off caused not by a glitch in the system or an unpopular change in the Bitcoin protocol, but rather a very simple market reaction to steadily climbing prices. Speculators who were increasingly interested by the prices which seemed to have no ceiling – $35 in early March, $50 by mid-March, $100 by April 1st, $150 by April 7th, up to $240 overnight on April 8th – were doing what all speculators try to do: buy low and sell high. Some have a set formula, others go off of feeling, but during such a meteoric rise many probably set their sell threshold low – a 20% – 50% rise in price was all that was needed to signal it was time to sell. While the media had been putting out about one major Bitcoin story every few days in mid-March following the quick rise from $30 to $50 to $80+ caused by anxiety about the situation in Cyprus, the attention grew into a media frenzy when the price hit $100 on April 1st. This leads me to believe that many of the speculators were people who already had approved accounts on the major exchanges, and capitalized on the frenzy by attempting to drive the price upward. It worked, drawing even more attention to Bitcoin, and bitcoins very quickly passed the $200 mark. A switch went off in the speculators’ heads as their price threshold was reached, and they quickly began selling. They continuously sold under the market price in order to make a quick sale, thus setting off a dramatic race to the bottom.

While “true” Bitcoiners hung on to their coins (or perhaps sold just enough to cash out their initial investment while they still could in the short term), the speculators all but left the market entirely, returning the price to a more sustainable level as seen before the “$100-per-bitcoin / billion dollar market cap” media frenzy. The price has yet to find equilibrium between supply and demand – it has risen almost $5 to $74.47 since I began writing this post – and because the market is still small compared to other asset classes, this volatility is not likely to go away until a strong growth in the number of market participants occurs. Mt. Gox said in a blog post shortly after the price drop that they were receiving 20,000 new account applications PER DAY. Whether or not this is still the case, I do not know, but I have to wonder what those new account-holders will do once they’re cleared to trade. Will they abandon interest in Bitcoin, or be glad that they have a chance to buy low? Only time will tell, but I remain confident that we are still at the beginning of a Bitcoin boom.

More people are aware of its existence now than at any previous time in Bitcoin’s history, and this will lead to more becoming true believers in its potential to change the world for the better. The price has definitely “crashed” from its high of $240, but relative to the price before the dramatic rise, we have still seen incredible growth: it is trading up over 100% of its price just two months ago. That’s quite impressive for any asset class, and once those “20,000 new accounts per day” are approved on Mt. Gox, we may see a large influx of traders and long-term investors. The Bitcoin protocol is still sound – there will still only ever be 21 million in existence, and it will take about 130 years to mine the remaining half of the supply – which makes bitcoins a scarce commodity, and thus valuable to those who, at the very least, find value in its utility as a pseudonymous, irreversible medium of exchange.

As the market forges through its growing pains, creative methods of decentralized trade will be devised to route around the central points of failure in the current major exchanges. Already, OTC (over-the-counter) markets like Bitcoin-OTC and localbitcoins offer p2p methods of trading bitcoins. Ripple, Open Transactions, and Vendor Relationship Management technologies have a lot of potential for increasing the number of decentralized exchange platforms, and one Redditor “enki23” recently announced that he/she is working on an open source exchange platform dubbed “Buttercoin” in order to increase the number of exchanges available, further distributing the trade network. Solutions are on the horizon, and the markets will quickly decide which work and which do not. The bottlenecks which have occurred in the major exchanges are proving that the current, centralized way of doing things isn’t working for this market. I can appreciate the amount of trade volume and liquidity that the major exchanges facilitate when they’re working well, but when they fail, they fail spectacularly. This is a hallmark of centralized systems, and is why Bitcoin itself was designed as a distributed payment protocol in the first place. Decentralized, free market currency deserves decentralized, free market exchanges.

I look forward to the day when I can push an order out into a decentralized, p2p order book and receive responses from trusted people all throughout the network and have coins deposited to my account within minutes. This day is not far off – just check out the projects I linked to above. Yes, the future is bright for the Bitcoin ecosystem. We as a community just have to support the projects that are creating the services we want and continue to innovate so that Bitcoin is accessible to the masses. I said it at the end of my last post and I’ll say it again because I still believe in Bitcoin, and know we’re just at the beginning of a steep adoption curve: Welcome to the Bitcoin boom of 2013!

Disclosure: author is long bitcoins

Bitcoin: Bubble or Boom?

This post was originally published on April 8, 2013 here @ p2pconnects.us

Lately, I’ve been receiving phone calls, text messages, and emails from friends, family, and clients who have been watching the price of the peer-to-peer currency Bitcoin skyrocket over the past few weeks. They’re asking if they should buy-in, and whether or not I think the “bubble” will burst soon. While I have no crystal ball which can predict the future actions of the billions of people on this planet, I do have reason to believe that we are not experiencing a bubble at all, but rather a quite sustainable boom.

To explain how I distinguish between a “bubble” and a “boom,” let me first define how I am using these terms:

Bubble: a period of unsustainable growth which will inevitably cause prices to “pop” and come crashing down to a more “natural” or “sustainable” level i.e. prices that market fundamentals can support long-term.

Boom: a period of rapid growth associated with a bull (buying) market, which can either level off to become the “new normal” or take on the characteristics of a bubble if the market fundamentals cannot support the higher prices.

In the Bitcoin market, the fundamentals are as follows:

  1. The number of bitcoins available
  2. The number of people in the market buying and selling bitcoins
  3. The security of the Bitcoin network
  4. The market’s understanding of the above factors and how they affect the price

Changes in either of these fundamentals will cause the price to go up and down.

1. The number of bitcoins available is *kind of* predictable. We know that the number of bitcoins that will ever be released by the software is hard-coded at 21 million (making it a scarce good that takes work to create, like gold), that around 11,008,375 are in circulation at the time this is being written, and that 25 coins are released every ten minutes as a reward for securing the network via a process called “mining.” This reward number halves every four years, and the last bitcoin is predicted to be mined around 2140. However, as solid as these numbers sound, they do not actually tell us how many bitcoins are being made available in the marketplace. Miners could keep the coins they have earned, and there is nothing forcing people who already have bitcoins to sell them. So in times like this, when the price is going up and up with no end in sight, many are holding on to their coins for dear life, in hopes that they will be worth more in the future. This could put a pinch in the market called a “liquidity shortage,” or more sensationally, a “liquidity crisis,” that must be resolved by an upward price correction.

2. The number of people in the bitcoin market is probably the most elastic of the fundamental factors, because people may enter and exit the Bitcoin market at any time and for any reason. The market size has gone from a small group of several hundred or thousand people when the software was first released to potentially millions of people now. Since every Bitcoin user can own multiple addresses and wallets, it’s impossible to be certain the exact number. However, we can use trade volume as a guide to show that, indeed, the market is growing and trade has been increasing greatly in tandem with the price.

3. The Bitcoin network itself is accepted by virtually all cryptography experts to be very secure, and unlikely to be broken any time soon. Even if methods for cracking the encryption that secures the Bitcoin network are discovered, developers could modify the Open Source software and push an update which fixes the problem. So consider the security of Bitcoin the “foundational fundamental” which ensures that bitcoins will always be worth something in the future, since a breach of the security will cause bitcoins to no longer be a scarce good and, correspondingly, worthless.

4. The market’s understanding of the above fundamental factors is the hardest to measure, but perhaps the most important factor when determining the price since the price is simply an expression of the market’s desire (demand) for a scarce good (supply). If the market does not understand why a product is valuable, then it is quite easy to convince some market actors that it is indeed not valuable. “Because the price is going up” is not a valid reason for why something is valuable, since the price could just as easily go down. A sell-off by one uncertain party may cause a panic as others begin to ask “why is this person selling for below market price? What do they know that I do not?”

What do these fundamentals reveal about the current rise in price for bitcoins, and do they answer the question of whether or not we are experiencing a bubble?

June 2011 saw a rise in the price of bitcoins from under $10 to over $30 in a matter of days, partially (if not entirely) fueld by a Gawker story entitled “The Underground Website Where You Can Buy Any Drug Imaginable.” Despite the focus of the article being the Silk Road website, the real star of the show was the means to purchase items from this mysterious market: a little-known cryptocurrency called Bitcoin. Fear soon set in as the market became uncertain about the sustainability of this rise, and prices fell within minutes to around $15, where they hovered for about a week. Then, major Bitcoin exchange Mt. Gox announced that they had been hacked, which caused a huge selloff, pushing the price down to near-$0.

What happened in June 2011 was a shaking of the 2nd and 4th fundamental. People who did not understand why Bitcoin was valuable panicked when the unexpected happened (a dramatic rise in price, followed by a large exchange being hacked), causing a sell-off which pushed the price down. These people were originally speculators who were intrigued by all of the press surrounding Bitcoin at the time, hoping they could cash in on the buying frenzy. They almost certainly did not understand the fundamentals that make up the price of Bitcoin, or they wouldn’t have been so quick to sell.

People who do understand Bitcoin’s fundamentals are therefore fundamentally different: they understand that Bitcoin as a payment protocol is extremely secure, which ensures that bitcoins will remain a scarce, valuable good. Even if the State cracks down on regulated merchants and exchanges, as long as people can buy illegal products, gamble, and trade stocks (but I repeat myself) with relative anonymity using bitcoins, they will still have value. Add to this utility the fact that bitcoins remain a decentralized, peer-to-peer currency which is very difficult to steal or counterfeit when proper security protocols are followed, and you have the makings of a robust global payment system that is here to stay.

After laying out the fundamentals and examining the causes of the previous Bitcoin bubble, we can now make an educated guess as to whether the current market is a “boom” or a “bubble.”

I believe that the fundamentals are much stronger this time around. The huge amount of news stories about Bitcoin, including the hit pieces, are more accurately describing how Bitcoin works and what makes bitcoins valuable. This is leading to an increased understanding of the fundamentals that make-up the price of bitcoins, which leads to people being more likely to hang on to their coins.

But wait – if people are hanging on to their coins as the price keeps going up, how will more people enter the market when no one is selling?

These questions lead to the point I made earlier about an “upward price correction.” Everyone has a selling price. Everyone. And if the Bitcoin market reaches deadlock, that price will be found. Because bitcoins are currently divisible to 8 digits past the decimal point i.e. to .0000001BTC (and this is an easy change in the source code of the Bitcoin software if need be), there are plenty of “satoshis” to go around for everyone. Even if the price of one bitcoin goes up to $1,000,000, commerce will continue, except we’ll be paying with micromillibitcents, or some other creative denomination, rather than whole bitcoins. The growing Bitcoin market will lead to less price volatility, as market movements will be less able to move the price very drastically. Instead of fluctuating several dollars per day, the price will eventually only fluctuate by fractions of a penny per day unless an early adopter with a massive store of coins performs a huge below-market sell-off. Even this would only cause a temporary fall in price, and the market would soon stabilize as people trade on the newly available store of coins.

In conclusion, as long as the “foundational fundamental” of Bitcoin – the security of the network – remains the same, the number of bitcoins in circulation continues to drop as more people buy and save, and the number of people entering the Bitcoin market continues to grow with the increasingly viral interest being generated by the aforementioned “huge amount of news stories,” I can say for absolute certain that the price of bitcoins will continue to go up.

Welcome to the 2013 Bitcoin Boom!

Disclosure: author is long bitcoins

**Erik Vorhees, head of marketing and communication for BitInstant, published a similar post on Reddit this morning entitled “An insider’s opinion on the crazy Bitcoin market” which prompted me to finally put my responses to my family and friends in a format more appropriate for this blog. Thanks for the push, Erik!