Adverse Environments Create Bigger Opportunities
Bitcoin and other digital currencies make very rudimentary security assumptions. In a decentralised network we need to protect ourselves from sybil attack (someone taking over the majority of the network). In order to have proper user autonomy and governance of funds we require an infrastructure that can be run by a single person alone. In essence, it is creating a plug and play infrastructure that anyone can talk to without compromising the security of the network. These assumptions are clearly about resilience rather than efficiency. Some of the mechanisms that provide protection against malicious actors are stronger than others. Companies focussed on securing the Bitcoin network may also find other systems that could be secured in a similar way and open up larger markets than the Bitcoin market specifically.
I think it is unlikely that we will see proof of work blockchains cross over into securing distributed databases in government or financial services. Although this is really the topic of tomorrow’s post, the proof of work is designed to be permissionless in Bitcoin and usually in other settings we ideally want tiers of permissions. However, one place that I anticipate some spillovers is in the hardware space and the related field of multi-signature transactions.
Underpinning Bitcoin’s settlement network are the security and accessibility of private keys. Bitcoin is far from the first private key based security protocol but it is used by many more members of the public with the real possibility of loss of funds. Private keys are digital identities and are ubiquitous in software security and have been used in the public domain by technologists and cypherpunks for years, encrypting messages and files when sending emails. However, the tools used by this user group were not suited for the mass market. In Bitcoin, security and accessibility has to be designed for a new class of user and this user is a customer of many different services that could employ similar types of technology, if the right user experience is granted.
Private keys should not be confused with passwords. Keys are identities that can be used to sign challenges and prove that possession of a particular digital identity is held by the signatory. This permits the user to demonstrate intent in signing digital transactions or files in a secure manner. A good example of this working under the hood is Apple Pay. Apple pay uses a secure piece of hardware that has an embedded digital identity and uses a signed biometric data challenge to verify that the owner of the phone wishes to issue a digital financial instruction. This is powerful and is a major advance from signing bits of paper with ballpoint pen. However, it does not go far enough from securing really important things.
There are some elements missing from Apple pay and Bitcoin companies have potentially much more at stake. In order to keep things secure, we require that the most sensitive data and processes are insulated from the internet. Typically this requires a single purpose operating system that is not connected to the operating system that is connected to the internet. Companies like Rivetz and Ledger are developing such a solution that relies on a secure computing element that is currently in 400 million devices worldwide. The android wallet passes an unsigned transaction to the secure computing environment. The user can verify that only the trusted element is running and issue a command to sign the transaction. While the signing of the transaction takes place the Android operating system is not running. Other devices that are external to devices that are connected to the internet and do not accept incoming requests are another approach to securing private keys.
Many issues remained unresolved. The recovery of private keys also needs to be a securely managed process. CryptoLabs seems to have the best approach to this problem. Their external hardware device uses multi-signature technology to allow for a 3rd party to hold a recovery key that can be used in conjunction with either the device or the encrypted key on the CryptoLabs’ servers in order to recover any funds. Ledger currently use a mneumonic that can be imported to many wallet providers to recover keys if the device is lost or stolen.
At the core of the infrastructure in Bitcoin, we have a system that is agnostic about the real world. The possession of private keys determines the permissions inside the system. This model, if secure for the public, unlocks many new markets and opportunities beyond just currency such as digital rights management, personal information management, fraud prevention etc. It is exciting that this small industry could be making much bigger waves.
I thank Melanie Shapiro (CryptoLabs), Michael Sprague (Rivetz) and Thomas France (Ledger)