or, How I Stopped Worrying and Learned to Love Multi-Signature Bitcoin Security

Will O'Brien
Feb 26, 2014 · 9 min read

Will O’Brien is CEO & Co-Founder of BitGo, a leading security-as-a-service provider for Bitcoin and digital currency. BitGo offers the industry’s first multi-signature wallet to keep Bitcoin secure from theft and loss and provides a suite of services for Bitcoin portfolio management, corporate treasury, and enterprise enablement.

BitGo was co-founded by Will O’Brien and Mike Belshe. Investors include elite Silicon Valley angels and venture capitalists who have backed successful companies like PayPal, Netscape, Twitter, Yammer, and Tesla. The team is comprised of digital currency and online security veterans.

February 25, 2014

Over the past two weeks, the Bitcoin world has again experienced a variety of bad news. For some, these events have been interpreted as the apocalyptic end to a relatively short, highly volatile experiment in unregulated money.

On the contrary, I believe that we are seeing the beginning of a new, more secure and more robust, future for digital currency.

Bitcoin is a 5-year-old idea born out of a whitepaper by Satoshi Nakamoto, a person or group whose identity remains a mystery. For the first few years, Bitcoin was a hobby and passion among a crowd that was predominantly filled with technologists and Libertarian idealists.

And then 2013 put Bitcoin on the mainstream map. Over a 12-month period, this young crypto-currency experienced incredible growth, both in price and adoption, and became a media cover story.

Bitcoin on the cover of the Financial Times in April 2013

At its peak, Bitcoin achieved a market capitalization valued at over $12 billion after a 100x increase in price. Public companies like Overstock.com and Zynga starting accepting Bitcoin as a method of payment. Premier financial institutions such as Fortress Investment Group disclosed plans to build digital currency funds. And seasoned entrepreneurs and venture capitalists turned their focus on Bitcoin like it was the advent of the commercial Internet in 1994.

And yet, the events of the last few weeks have made Bitcoin feel as unstable as ever. The price is down more than 50% from an all-time high in late November. MtGox, a Japan-based Bitcoin exchange that once represented over 80% of Bitcoin trading liquidity, has suddenly gone offline and is rumored insolvent. And there are thefts abundant, from server hacking to malware to inside jobs.

Embattled Bitcoin exchange MtGox takes down its website and deletes its social media feeds on February 25, 2014.

While it feels like things are coming to an end, it’s really just the beginning.

The Evolution of Bitcoin in Four Stages

I like to think about the evolution of Bitcoin in four stages.

The first stage occurred in 2009-11 with the launch of the Bitcoin network and early mining. Mining is a process by which transactions are accepted on the Blockchain and new Bitcoin are released into the economy. In 2009, you could mine bitcoins with your laptop. Then an arms race quickly escalated as miners were forced to use GPUs, FPGAs, and ultimately custom ASIC chips. Today, the biggest comparative advantage in mining can be attained through low electricity costs.

The second stage of Bitcoin was defined by the emergence of early exchanges, liquidity sources, and marketplaces. These platforms were not built by veteran entrepreneurs and experts in scalable software, but rather by hobbyists, hackers, and criminals. That stage has now come to an end as a result of regulatory crackdown on unlawful businesses like Silk Road and by the early platforms literally crumbling beneath their own feet like MtGox.

We are now entering the third stage, in which core financial infrastructure and services will be built by veteran entrepreneurs backed by institutional money, and in accordance with the regulatory framework of the United States and other nations. This stage will end with mainstream adoption of Bitcoin and consolidation of Bitcoin companies as large financial incumbents embrace digital currency.

The fourth stage will begin when Bitcoin becomes a widespread medium of exchange and can be used to revolutionize industries outside of financial services, such as real estate, contracts, supply chain, and machine-to-machine commerce.

The promise of Bitcoin is self-evident. The financial services industry has not seen much innovation over the last 50 years, and digital currency is poised to deliver 50 years worth of innovation in the next 18 months.

The Momentum is on Bitcoin’s Side

Let’s look at where we are now, and what factors will enable growth in the next stage of Bitcoin.

Merchant adoption is well on its way. BitPay, a leading Bitcoin payment processor has stated that it has over 23,000 merchants and is adding 1,000 per week. Meanwhile, newer entrants like Coinbase and GoCoin are carving out their own territories for Bitcoin payment processing.

Venture capital funding is on the rise. All in, over $80 million has been raised with the largest rounds of funding going to companies like Coinbase and Circle. Brock Pierce, a leading angel investor in Bitcoin and veteran venture capitalist, told a packed audience at an industry trade show in Las Vegas this past December to expect more financings in 2014. “Bitcoin will be the biggest sector for venture investing in the world,” said Mr. Pierce.

Regulatory sentiment has been open-minded, if not outwardly positive about the potential of Bitcoin.

In November, Senator Tom Carper presided over hearings with testimony from FinCEN, law enforcement officials, and Bitcoin enterpreneurs. Senator Carper stated that his goal was to find solutions that minimize the bad while maximizing the good. Mythili Raman, Assistant Attorney General for the Criminal Division, stated in her testimony that “virtual currency services in and of themselves are not illegal, so long as they obey laws,” adding that her group recognizes that there are legitimate uses of digital currency services. Jennifer Shasky Calvery, Director of FinCEN, explained in her testimony that “we want to operate in a way that does not hinder innovation,” saying that it is important to strike a balance.

Coinbase, Circle and Overstock.com testify in New York, January 2014

And in January, New York State’s first Superintendent of Financial Services Benjamin M. Lawsky hosted similar hearings where executives from Coinbase, Circle, and Overstock.com, as well as investors including the Winklevoss twins and Fred Wilson provided their testimony. Superintendent Lawsky followed these hearings with an AMA (“ask me anything”) appearance on Reddit, where he expressed a desire to protect the public and support digital currency innovation. “I think Bitcoin or the underlying technology has a lot of potential on numerous levels,” said Lawsky.

Returning again the analogy of the Internet in 1994, Bitcoin is in its infancy and there are many questions that need answers and problems that need solutions. In 1994, there was no Google, no PayPal, no Facebook, and no WhatsApp. Amazon had just been founded as an online bookstore and Netscape was soon to enter the first browser wars with Internet Explorer. Consumers and lawmakers alike either did not understand the Internet or feared it.

And so here we are with Bitcoin. The fear, uncertainty and doubt is permeating every news story and every discussion.

But there are people working on the future of Bitcoin. And I predict that in 15 years, we will all look back on 2014 as the year when Bitcoin escaped its storied and sullied past, and became a vehicle for financial innovation unlike any the world has ever seen.

So what is the biggest threat keeping Bitcoin from this future? The answer is security.

Enhancing Bitcoin Security through Multi-Signature Technologies

The growth in popularity of Bitcoin has also led to a dangerous side effect: increased theft of Bitcoin holdings.

As more people have looked to own Bitcoin and as more exchanges and marketplaces have come online to support the increased demand, hackers now have easier and bigger targets.

Academically, stealing Bitcoin is simply finding a specific piece of digital data, called a private key. If you have my private key, you can spend the Bitcoin in my wallet. And because Bitcoin transactions are irreversible, there is no way to recover stolen Bitcoin.

In the news, it seems like there is a story every week about Bitcoin theft. In November, an Australian company was hacked and 4,100 bitcoins were stolen. In December, a Bloomberg reporter showed his paper wallet on TV and his funds were quickly swiped. Just this month, the recently formed Silk Road 2 was hacked all bitcoins stolen with some users asserting it was an inside job.

Bloomberg TV reporter exposes his paper wallet private key and loses his bitcoins.

And this week, the embattled Bitcoin exchange MtGox took down its website and is rumored to have lost upwards of 744,000 bitcoins in theft due to a bad implementation of their own software and failure to protect from so-called transaction malleability. On the same day, 85 Bitcoin wallets were compromised through a botnet malware attack.

All of these thefts occurred because a single private key is a single point of attack. The next generation of Bitcoin infrastructure will be based on a technological approach called multi-signature wallets and transactions.

How could multi-sig have helped? Multi-sig is like having two missile keys or two signatures at a bank. You eliminate the single point of failure.

My company BitGo is pioneering multi-sig technologies. We operate a security-as-a-service platform based on patent-pending multi-signature technologies. Instead of issuing a single private key, we issue three keys and require at least two to sign any transaction. When we create a wallet or business account, we distribute the keys so that an attacker will not be able to find more than one key on a single device. Even if our servers are hacked, your Bitcoin cannot be stolen. If you get malware on your home computer, your Bitcoin cannot be compromised.

BitGo Secure Wallet has the security of cold storage combined with the ease of an online Bitcoin wallet.

BitGo makes it safe for businesses and consumers to hold and transact in Bitcoin. Our solutions include the world’s first secure multi-signature Bitcoin wallet, comprehensive portfolio management, corporate treasury solutions, and enterprise enablement. We are the second signature and we use server-side risk controls like 2-factor authentication, velocity limits, and fraud risk scoring to determine whether to co-sign a transaction initiated by a user. BitGo customers have this protection out of the box. Users of single-key wallets are always at risk of getting robbed.

In a response to the most recent MtGox collapse and possible losses, published by several leading industry exchanges, the issue of security was front and center.

“This tragic violation of the trust of users of Mt.Gox was the result of one company’s actions and does not reflect the resilience or value of bitcoin and the digital currency industry. There are hundreds of trustworthy and responsible companies involved in bitcoin. These companies will continue to build the future of money by making bitcoin more secure and easy to use for consumers and merchants.”

Even the recently hacked Silk Road 2 operator shared his views on why multi-signature is the future.

“I am now fully convinced that no hosted escrow service is safe. If I cannot trust myself to keep a hosted escrow solution safe, I cannot trust anyone. Multi-signature transactions are the only way this community will be protected long-term. I am aggressively tasking our devs on building out multi-sig support for commonly-used bitcoin clients. Expect a generous bounty if you have the skill to implement this.”

Like many platform-as-a-service companies before us, BitGo will be providing APIs for exchanges, companies, and developers to use our multi-signature technology to create their own innovative and lawful businesses.

The Future is Bright for Bitcoin’s Third Stage

We are at an exciting crossroads for Bitcoin and digital currency. Ultimately, Bitcoin is a foundational technology that will lead to an incredible amount of financial innovation and global empowerment.

The days of the early movers in Bitcoin have now come to an end. MtGox served a purpose of providing liquidity in the second stage of evolutionary growth, and it is now time to hand the baton over to companies and platforms that are built to scale and designed to sustain.

What is truly exciting is that a number of those companies are already funded and operating in the industry, and some of the next generation platforms — like BitGo’s multi-signature wallet and solutions — are already available in the market.

Where does Bitcoin go from here? I firmly believe that there is only one direction this moving train will go, much like its predecessor the Internet itself, and that is along the path of unwavering, inevitable ubiquity.

    Will O'Brien

    Written by

    dad, investor, entrepreneur, and artist

    Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
    Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
    Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade