Want to invest in bitcoin but don’t want to trust the security of your coins to a third party? You need to set up your own personal bitcoin vault! Follow the steps in this guide to get started. If you … Continue reading
I was recently invited to speak that the Coins in the Kingdom conference in Orlando, FL on the topic of “Basic Bitcoin Security.” Here is a link to the slides I used for the presentation:
I’ll post a video of the presentation here once it is uploaded to the internet.
[EDIT: video added below]
This article was originally posted on the Let’s Talk Bitcoin blog.
In a March 2012 article written for the MIT Technology Review, Jessica Leber shared an anecdote from leaked State Department cables describing the shock of Afghani policemen when they received their first paycheck via the mobile phone payment system M-Paisa. The amount they received was around 30% more than they were receiving previously, prompting them to believe they’d received a raise. After some investigation, it was discovered that they hadn’t received a raise, but rather that their superiors had been skimming that “extra” 30% off the top and were now unable to do so with payments going directly to their subordinate’s phones. So deep was the corruption that after paychecks went digital some superiors even took to confiscating their subordinate’s phones in an attempt to cash the M-Paisa credits themselves.
The lesson here, aside from the importance of using encryption on one’s mobile devices, is that digital currencies offer unique ways to combat corruption that aren’t possible with traditional payment systems. Bitcoin compounds this effect by decentralizing control and adding features such as programmatic smart contracts, wallet backups, and file encryption to create a resilient, censorship-resistant payment network. And one more thing: the whole transaction history is completely public.
When I first learned about the radical transparency of the Bitcoin block chain, the history of all transactions which have ever been confirmed by the Bitcoin network, I was simultaneously attracted and repelled by it. My approach was cautious – here was a payment and monetary system which has full accountability for the honesty of every account balance mathematically hard-coded into the software, but with full accountability came full traceability of every satoshi back to the coinbase transaction from which it originated. It seemed a devil’s bargain: you can monitor the network, but the network can also monitor you.
Despite this fact, the pseudonymous nature of every Bitcoin address and the advent of “mixers” which bundle Bitcoin transactions together to conceal the sender and intended recipient from block chain investigators has led technologically-savvy privacy advocates to promote Bitcoin as a way to protect personal information when paying for goods and services.
While Bitcoin does have the ability to provide privacy, speed, and security for the financial transactions of private citizens and organizations, there are also opportunities for using the public ledger technology that Bitcoin pioneered to provide transparency and accountability for public figures and institutions.
Using an open public ledger system like Bitcoin, the entire funds flow from banks and public treasuries to government agencies and their contractors can be tracked to provide accountability for every unit of value received and spent. Government agencies and public officials could be associated with a specific payment address so that auditors and citizen watchdog groups can monitor the accounts for suspicious activity.
The huge amounts of waste, fraud, and “lost” money that recently occurred during the Iraq and Afghanistan occupations could have been prevented if public ledger technology had been used to provide full accountability for the funds. Government employees and citizens who are routinely victimized by corrupt officials could protect wages and savings from theft by using encrypted wallets and multisignature accounts.
Hyperinflation, capital controls, bank account “haircuts,” wage skimming by superiors, civil forfeiture, and other forms of kleptocratic government corruption and overreach are all made completely irrelevant by Bitcoin, which turns over control of the currency supply to a mathematical algorithm and control of the currency accounts to the individuals controlling the private keys that allow funds to be spent.
In the future, public institutions of all kinds, whether governments, NGOs, or even for-profit corporations, could see their accounting become fully transparent as stakeholders demand the use of public ledger technology to provide more accountability. Corrupt officials may find it more difficult to extract money from subordinates and citizens as more people use cryptocurrency to transfer funds peer-to-peer and store funds behind layers of encryption.
The technological breakthrough that cryptocurrency represents is likely to be a welcome arrow in the quiver of justice advocates around the world who desperately need such tools to combat serious cases of theft, fraud, and abuse. The good news is that the tools are available today – it’s now up to the people of the world to choose how, and if, they want to use them.
This was originally published on the Let’s Talk Bitcoin blog.
One topic I am often asked about by clients is investing in Bitcoin. Not just bitcoins the currency, but Bitcoin, the network and technology ecosystem. The conversation usually starts like, “I have X amount of money to invest in Bitcoin, how should I invest it?” After giving the disclaimer that I am not a licensed financial advisor and this is strictly my personal opinion, this is what I tell them:
Diversify your assets.
It is tried and true investment advice, and this is no different in the Bitcoin ecosystem. Putting all your eggs in one basket can be risky, for if something goes wrong with that basket, you stand to lose everything you’ve worked so hard for. While each investor’s risk tolerance is different, this advice is practical and proven for investors of all types of risk tolerance, from the conservative to the daredevil. If you have an investment portfolio which constitutes 100% of your personal investment income, I would consider a conservative investment in Bitcoin (or cryptocurrency more broadly) as being between 1-5% of this portfolio, a moderate risk tolerance being between 5-10%, and more aggressive being 10%+.
What I recommend to my clients is, first, after doing basic research into the fundamentals of the Bitcoin technology, invest in the bitcoin currency itself. Buy a small amount of bitcoins locally or from an exchange, spend some at a merchant you trust, send some to friends and family, practice storing some securely offline and bringing it back online, really get a feel for what you’re investing in so you can understand for yourself why this technology is gaining popularity and confidence in smart circles. If you come away believing in the long term viability of cryptocurrency as a technology and an asset class, put between a third and half of what you were planning on investing in Bitcoin into the currency itself.
After gaining some experience using the technology, explore the startup ecosystem. In the past few years, many innovative companies* have sprung up to serve the burgeoning cryptocurrency markets. There may even be one based near you, giving you an opportunity to meet the founding team and understand what motivates them to take what seems like a big risk on a new technology. After getting to know the space, begin your due diligence on the most promising companies. You can choose your investments based on your own criteria, whether its a service you personally want to exist, a service you see the market clamoring for, or something truly innovative that you can imagine being used for many purposes in the future. You might even just like the founders, and want to support them for personal and financial reasons. Maybe you even have a startup idea of your own that you want to invest time and money into. Whatever your criteria, another third to half of your allocated investment capital should be put into Bitcoin startups. That way, even if the price of bitcoin drops or Bitcoin itself fails, the company is still likely to survive, either because their business model isn’t wholly dependent on the price of Bitcoin or because they can adapt and adopt the next best cryptocurrency technology. Just keep in mind that startup investments are illiquid, long-term, and very risky commitments, and therefore aren’t appropriate for everyone.
This leaves some investment capital left over. When I ask my clients what they would invest the remainder in, the first choice is usually Bitcoin mining hardware. It seems like a sure bet; after all, it’s practically like owning a money-printing press, right? Well, not quite. When the Bitcoin network was first started, mining was very easy. Any computer with a CPU chip could do it, and early miners earned most of the coins that have ever been produced. As the bitcoin currency gained a monetary exchange value, there was more of an incentive to mine and innovate, which led to GPU mining and, more recently, ASIC mining. While GPUs are more commonplace (they power the graphics that computers produce on your screen), ASICs are not – this acronym stands for “application specific integrated circuit,” which is a technical way of saying that these chips are designed for one purpose and one purpose only: efficiently performing the computations necessary for Bitcoin mining (they can also be used for mining altcoins that use the same SHA-256 hashing algorithm). While mining has become more specialized, it’s also become increasingly competitive.
Whether or not mining is profitable can depend on a variety of factors, including the cost and reliability of the mining equipment, the accuracy of the manufacturer’s production schedule, the price of bitcoins, the mining difficulty, the cost of electricity where the equipment will be located while it is mining, and the time it takes for you to maintain these systems. If you have a reliable source of mining equipment and cheap electricity, it could be worth the investment. If not, you’re probably better off investing elsewhere. Some companies enable customers to offload a lot of these concerns to hosted mining operations that manage the equipment and maintenance costs (for a fee of course). The services of these companies often cost many times more than the cost of buying the hardware itself, making an already uncertain investment even more uncertain. I’ve had clients who profited from an innovative business model which allows you to trade mining capacity in real time similar to any other commodity exchange, but this is not quite the same as profiting from the mining itself and was likely due to sheer luck more than anything else. The short answer for mining: caveat emptor.
A final category that I would be remiss for leaving out is alternative cryptocurrencies, better known as “altcoins.” I’ve mentioned them a few times already, but they’re worth going into a bit more detail here. Altcoins are cryptocurrencies that people have created for fun, profit, or experimental/ academic reasons (often these motivations overlap). Many are “forks” or modified copies of the Bitcoin code, with several core parameters changed, such as the amount of coins that will ever be produced, the production schedule, difficulty retargeting, and/or the proof-of-work function. Others are more innovative, coding their own system from scratch, creating decentralized autonomous organizations, or even building application protocol layers directly on top of Bitcoin itself. Whatever the differences, these altcoins have been gaining increasing amounts of attention as people learn about Bitcoin and then discover that there’s a whole other ecosystem of over 100 altcoins. It’s worth investing at least 5-10% of what you’re allocating to cryptocurrencies in your investment portfolio into altcoins directly. No particular coin, use your best judgement with an altcoin as you would for any investment. Look at the community, the development team, traction in the market, features etc. Or maybe have a broad strategy where you put a little bit into everything, some a little more than others. Either way, many investors have made incredible gains in the altcoin market so it’s worth exploring.
As with all investments, cryptocurrency investing is risky. Because this sector is so new, it can be even riskier than others. Disruption can occur at a moments notice, and technological advancements mean things are constantly changing, at a seemingly faster pace than ever. But with great risk comes great potential reward, so if you’re excited about change, ready to shake up the status quo, and looking to capitalize on innovative new technology, cryptocurrency just might be the right investment for you.
Shameless plug, this is my Bitcoin startup. Learn more about us in this episode of Let’s Talk Bitcoin.
Throughout my time researching and participating in the cryptocurrency economy, I have seen a lot of hacks and a lot of fraud. Though the old saying “a fool and his money are easily parted” could apply here, I’d like to think that it is not completely the fault of end users. It is also about the tools that are available, and how easy it is for people to use them. Though cryptocurrency is a new technology, there are a growing number of options for you to secure your bitcoins.
Offline “Cold Storage” Wallets
The gold standard in cryptocurrency security, cold storage is the process of keeping private keys offline to make them unreachable to hackers via the internet (private keys allow cryptocurrency to be spent). The solution for this that I recommend to clients is the Bitcoin Armory Wallet – to me, nothing else comes close in terms of features, usability, and support from the development team. They have an excellent step-by-step guide on their website to help you set up the wallet and transfer your investment safely offline. You will need two computers for this, one which is kept permanently disconnected from the internet to keep the private keys safe, and one to keep online for broadcasting signed transactions to the network. The offline machine can be a cheap netbook or Raspberry Pi setup (hint: going the Raspberry Pi route will take some patience and/or technical skills). After creating encrypted wallet backups on multiple forms of media (CD, USB drive, and paper), add full disk encryption to the offline computer. I recommend full disk encryption for your online computer as well.
For the cryptocurrency that you want to keep readily accessible, it’s important to have the wallet encrypted to prevent unauthorized spending. Reputable client-side Bitcoin wallets such as Bitcoin QT, Electrum, KryptoKit, and blockchain.info all have the option to encrypt the wallet, and this option should be exercised if you want to protect your wallet from wallet-stealing viruses and physical intruders. Blockchain.info is unique in that it is both a client-side wallet and a web wallet; the encryption is performed locally on your computer, but the encrypted wallet file is stored in the cloud for convenient access. While you can’t easily protect encrypted desktop clients from keyloggers yet, it is possible to protect an encrypted blockchain.info wallet by using Two Factor Authentication which requires not only a password to decrypt the wallet, but also another one-time code which is sent via email, SMS, or an app like Google Authenticator. I can’t emphasize this enough: use Two Factor Authentication on every account possible. Not just Bitcoin accounts, but email, social networks, and banking too. Short of encrypting everything client side, there is almost nothing else more you can do to protect your personal and financial data than to secure your accounts with Two Factor Authentication.
Aside from blockchain.info, I am not aware of any Android mobile wallets that offer encryption. However, all of the ones I have used do let you set a PIN to prevent unauthorized spending. The difference between encryption and a PIN is that if there’s just a PIN, an attacker could pull the raw unencrypted wallet.dat file off your phone and steal the funds. The best you can do is to use full disk encryption if your phone offers it, and only keep small amounts of cryptocurrency on your phone – no more value than you keep in your physical wallet. Make a backup of your wallet, encrypt it using an app like Crypt4all, and store the backup somewhere safe. Then, if you lose your phone, you have a chance that someone who finds it won’t be able to access the wallet before the phone dies and you have a backup to restore the wallet and move the funds to a new wallet.
A relatively recent security innovation is the invention of open source hardware wallets. These USB wallets store your private keys in a secure offline environment. Raw transaction messages are sent to the wallet for signing, then the signed transaction is returned to the computer for broadcasting. As public key cryptography becomes more prevalent in every day life, expect to see professionally produced open hardware wallet devices proliferate in the marketplace.
Though the concept has been around since the early days of Bitcoin, wallets supporting multisignature transactions (multisig, for short) have yet to be widely used. Multisig is a way of providing Two Factor Authentication via the Bitcoin protocol itself; rather than simply requiring one signature from a wallet to spend a Bitcoin transaction, multisig transactions require multiple signatures from different private keys.
An oft-cited example is that of the simple escrow transaction between a merchant, a customer, and an arbitrator. The customer initiates a multisig transaction with the merchant and adds an arbitrator who steps in in cases of a dispute. Instead of having to trust the arbitrator with actually holding the bitcoins in escrow, a multisig transaction makes it so that the arbitrator can only add their signature to the transaction to determine whether the coins are sent to the merchant or back to the customer. This is just one possible use-case of multisig. The other is having two multisig wallets, one on the desktop or in the cloud and one on a smartphone. The user would require two signatures in order to spend bitcoins from them, one from the desktop or web wallet and one from the smartphone. This way even if the desktop is hacked, the attacker would need access to the smartphone in order to take full control of the wallet. This isn’t perfect, but is much better than the current situation.
Multisig wallets are not just great for casual users and investors, they’re great for businesses as well. In addition to the previously mentioned escrow scenario, multisig wallets would help protect businesses that store large amounts of bitcoins from having their inventory stolen by hackers. Businesses could use multisig wallets to protect funds both internally as well as in customer accounts. Exchanges and gateways could use multisig voting pools to boost customer confidence and protect against unauthorized withdrawals.
Some Last Minute Advice
Make copies of the backup codes for all of your Two Factor Authentication accounts. Write down your encryption passwords and store them with your wallet and 2FA backups in a safe place – a private vault or home safe will do. It’s also possible to split up your passwords using a cryptographic sharing technique which allows you to share pieces of your password with trusted parties, to be recombined later in case something happens to you. Bitcoin Armory supports this capability natively with the Fragmented Backups feature.
When you first decide to start downloading and using cryptocurrency software, make sure your machine is malware-free, and use up-to-date anti-virus software to prevent future infections. Don’t click on random links from strangers, or friends for that matter (they could be hacked!), and avoid the seedier parts of the internet. Use browser plug-ins like No Script to prevent malicious scripts from executing just in case you accidentally open an infected website, and HTTPS Everywhere to make sure you’re logging into sites securely whenever possible. No Script will temporarily break most of the websites you try to visit; just add an exception for scripts that you trust.
And please, use Two Factor Authentication on your accounts.
- Store the private keys for your long-term savings wallet offline.
- Encrypt your wallet files and machines whenever possible.
- Set a PIN on your mobile wallets.
- Install good antivirus software and keep it up-to-date
- Don’t click on random links from strangers or friends.
- Install No Script and HTTPS Everywhere browser plugins.
- Use Two Factor Authentication whenever possible.
In November 2013, I was interviewed by China Radio International for their program “People In The Know.” We discussed the basics of the Bitcoin technology, the history of Bitcoin, as well as future innovations that could be implemented using the Bitcoin protocol. Listen to the full interview below:
In June 2013 I gave an interview about the fundamentals of Bitcoin with liberty activist and writer Amanda Billyrock. We discussed how bitcoins are produced, how the network is secured against fraud, how people can start using bitcoins, and why Bitcoin is so important historically, socially, and economically.
Originally posted on PokerListings.com
Cypto-currency Bitcoin remains an intriguing option for online poker players.
We investigated the subject earlier this year in a Bitcoin feature we did on SealsWithClubs founder Brian Micon.
We’re going one step farther today with a special Q&A by Nadia Hanna with Bitcoin experts John Light and Adam Sah.
John Light is an entrepreneur with a professional background in business operations and online marketing. He discovered Bitcoin when researching alternative currencies and eventually decided to move to Silicon Valley to start a Bitcoin consulting business where individuals and companies can learn about the digital currency.
Adam Sah opened an artisan food store, Buyers Best Friend, in 2012 and experienced the pain of handling cash, processing credit cards, costs and fees. They company designed their own Point of Sale (POS) system for processing bitcoins.
1. PokerListings: Why do you think the Government want to regulate Bitcoin? And who do you think is behind the drive to over-regulate it?
Adam Sah: It’s not true that the government wants to regulate “everything”– but in practice, the minute there are disputes or risks to large numbers of people, they have to step in.
In fact, I don’t see much evidence that anybody is materially trying to “overregulate” Bitcoin, and I’ve been pleasantly surprised at the sophisticated approach of the Obama administration, where they’re saying that regulation will come, without committing to the details.
Meanwhile, they took the obvious steps are restricting anonymity, which removes the egregious uses of Bitcoin for illegal purposes such as money laundering.
John Light: Less than a year ago, people didn’t think bitcoins were money anymore than arcade tokens or Linden Dollars, but now a serious discussion is being had. It’s incredibly positive in terms of measuring Bitcoin’s impact on the way people think about money and currency.
2. PL: What do you think is the future of BitCoin and can it bring increased financial freedom?
John Light: I think either Bitcoin or something like it – another cryptocurrency – will become very common, if not dominant, in the currency market.
People are realizing the benefits of this technology more every day, whether it’s the ability to transact with almost the same level of privacy as cash over the internet, or the ability to prevent wealth from being taken by privileged and powerful people, as is occurring all over the world.
Wealth confiscation en masse is very difficult, if not impossible, with Bitcoin. So yes, I think Bitcoin and other cryptocurrencies can bring increased financial freedom when implemented and used properly.
Adam Sah: More merchants need to accept it, which means easier processing and integrations with commercial POS and accounting systems. Bitcoin needs to find its way into mainstream use– everyday people have little reason to carry it.
BtC brings freedom to the extent that any new currency or capability brings freedom– you’re travelling internationally and currency exchange is a pain, now you can use Bitcoin.
3. PL: Will an international currency like BitCoin reduce the power of other significant currencies like the USD /GBP/EURO?
Adam Sah: By definition, yes. But the major reserve currencies already face “competition” from other reserve currencies and I doubt BitCoin will materially affect that.
John Light: Bitcoin has the potential to do so, especially if the organizations who control these currencies continue to devalue them with endless inflation, which benefits first recipients of new money in the short-term and punishes savers in the long-term.
4. What advice would you give to Bitcoin users in this regard?
John Light: Learn how to use encrypted offline cold storage solutions to keep your coins safe from theft, and try to always buy twice as many bitcoins as you plan to save or spend so that you can save half and spend the other half.
This keeps the economy liquid while also allowing you to build up your savings.
Bitcoin has gone from being completely worthless 4 years ago to over $100 per coin today; we’re still right at the beginning of a steep adoption curve of Bitcoin or Bitcoin-like technology, which will only continue to push the value higher (the law of supply and demand dictates this).
That said, long-term, Bitcoin is still a speculative investment, but if you believe in the potential for good that this technology has then it’s a bet worth making if you have some spare change to invest.
Adam Sah: I don’t have advice per se– we keep a limited amount of BtC on hand and don’t speculate on its value, instead focusing on our core business, which is bringing artisan food to the masses.
5. PL: Bitcoin is becoming an important option in the online poker world for players concerned about Gov. oversight/seizures/regulation – have you ever tried playing online poker, do you see it as a viable solution?
John Light: I have never played online poker myself, but know several people who make a living playing poker online. They’ve had to move out of the U.S. in order to continue making their living due to the laws here.
Bitcoin would be a great solution for the online/ mobile gaming industry for several reasons:
1) Bitcoin transactions are irreversible. Site operators do not have to worry about chargeback fraud.
2) Bitcoin offers instant gratification. When a customer wants to withdraw their funds, it takes a matter of minutes to receive the bitcoins, not hours or days as with bank transfers.
3) Bitcoin has built-in privacy for customers. People can gamble without having to expose their personal or financial information as is the case when using other payment methods.
4) Bitcoin has extremely low transfer fees. The standard network fee is .0005 bitcoins, which is a little over 5 cents USD right now. This fee is only paid by the sender of coins, not the receiver.
FOR IMMEDIATE RELEASE
Contact: John Light
Announcement Blog Post: https://bitcoinconsultant.me/2013/07/01/buttonwood-sf-p2p-cryptocurrency-trading/
“Buttonwood SF” Brings Digital Currency Trading to the Real World in San Francisco
Bitcoin consultant and entrepreneur John Light has organized a weekly Meetup group called “Buttonwood SF – P2P Cryptocurrency Trading” for the purpose of making cryptocurrencies such as Bitcoin easily available to the people of San Francisco. Until recently, the only options for acquiring bitcoins were registering on often difficult-to-access online exchanges, or attempting to find someone nearby who had bitcoins and was willing to sell them. Buttonwood SF bridges these gaps by providing a group setting for trading in a public space, allowing for liquidity, convenience, and strength in numbers. Inspired by the Satoshi Square meetups in New York and Los Angeles, Mr. Light hopes that by providing a convenient place for people to learn about and trade cryptocurrencies, their use will also become more widespread.
“San Francisco is a city of immigrants and transients, and I’m sure a lot of them send money to their homeland and get hit with ridiculous fees. Cryptocurrencies could fill a real need here, and having a safe and easy way to buy and sell them could be a godsend for low-income people who are sending a couple hundreds bucks back home every month,” he said in a recent email update to the Meetup group. In addition to providing a low-cost way for people to send money overseas, cryptocurrencies offer businesses an easy way to accept payments from anyone anywhere in the world with less fees than credit and debit card networks and zero risk of charge-back fraud.
San Franciscans and others in the Bay Area who are interested in learning about and trading cryptocurrencies should meet at the Northwest corner of Jackson Field in the Potrero Hill neighborhood this Thursday between 7:00-9:00 PM PST. Everyone is welcome, so those who are interested in attending are encouraged to bring friends and family so they too can see the benefits that cryptocurrencies have to offer.
For more information please contact John Light through his website at www.bitcoinconsultant.me