In a WhatsApp chat the discussion turned to how secure your Bitcoin is (ok, so there was a bet involved in there somewhere) and Miroslav Vegh of Diligio chipped in and I thought, who better to give us an overview on this subject.
Hi Miroslav, thanks for spending some time with me on this. I think that this is a very important subject, especially as new people enter the market. When even those who do know a bit about the technology can be a little confused, it can be daunting for first timers. Here are some of the questions I get asked and it would be to confirm that the answers I’ve given are right!
Russell: When you have a Bitcoin wallet you pretty much publish your public key to the World, doesn’t that put you at risk of someone taking your Bitcoin?
Miroslav: BTC cannot be transferred or taken knowing only public key.
Russell: One of the things about bitcoin is that only my public key is known to the BlockChain. Does that mean my transactions are secret?
Miroslav: No, it can be tracked and through some techniques it is possible to find the person that is doing transactions.
Russell: So the BlockChain stores identifying data?
Miroslav: BTC is not storing your IP on Blockchain or elsewhere but every action on internet leaves digital trail and some of those trails can be tracked down to the physical machine or actual live person.
Russell: Is there a way for someone to get hold of my Private Key, as I don’t think a brute force attack would be successful?
Miroslav: If there is a PRIVATE KEY existing for a Bitcoin address/wallet (not lost or forgotten) there are also techniques how to get it. Most of them are NOT LEGAL but criminals are using it successfully.
Russell: How could I move some Bitcoin to an address I controlled?
Miroslav: To be able to move BTC you would either need to control the private key of the address or undertake a 51% attack2. That would require immense amount of processing power.
Russell: Has this ever been achieved?
Miroslav: this did happen back in 20141. At one point CEX.IO had more than 51% of the Bitcoin processing power so could have done this. But as soon as they realised this they gave it back.
Russell: So lucky that it was one of the good guys then. So to summarise?
Miroslav: as much as you think your BTC is safe, it is not. If you have your private key very well protected you might be few levels up in the security food chain but you can always be hacked. Knowing just a public key is not enough to move your Bitcoin around but is damn good entry point to start a search and see your transaction habits. Maybe an exchange, maybe a retailer accepting BTC will make a mistake and will open the door to your vulnerability.
Russell: Miroslav, many thanks for taking the time to share your knowledge with us.
1 Links for CEX.IO 51%
Diligio – Bringing trust and transparency into blockchain world!
take a look at their Bitcoin Sniffer, their free Bitcoin tracking tool. You can use BTC Sniffer to track the flow of Bitcoin from any Bitcoin address to the list of exchanges/exchange addresses we are updating regularly.
Miroslav’s twitter: @vegizinho
UrbanCohort’s twitter: @UrbanCohort