QuadrigaCX Case: A Cryptocurrency Continuity Problem and How to Avoid That by Threshold Signature Scheme
QuadrigaCX, once Canada’s largest and most popular BTC-focused exchange, has been facing the freezing of million-dollar customer funds since January 2018.
As reported by NewsBTC[1] last year, $28 million was frozen, leaving hundreds of the platform’s customers grounded and penniless. Then, in early-2019, Jennifer Robertson, the wife of exchange founder Gerald Cotten, revealed that her 30-year-old partner allegedly died in India.
Per legal documents and the press release, with the supposed death of Cotten, Quadriga’s remaining staff have effectively lost access to 26,500 BTC, 11,000 Bitcoin Cash, 11,000 Bitcoin SV, 35,000 Bitcoin Gold, 200,000 Litecoin, and 430,000 Ethereum. All this amounts to a nominal fiat value of 150 million U.S. dollars.
Yet, a leading crypto researcher claims that the cryptocurrency exchange never had access to such a pool of funds. Through the use of in-depth Blockchain analysis, CryptoMedication determined that there are no identifiable cold wallet reserves for QuadrigaCX, it never lost access to its Bitcoin holdings, along with the fact that the BTC sum cited in the affidavit likely isn’t accurate.[2]
Although QuadrigaCX case might be a lie, the news once again raise the question about the users taking responsibility for storing their own digital assets securely.
CryptoMedication determined that there are no identifiable cold wallet reserves for QuadrigaCX, it never lost access to its Bitcoin holdings, along with the fact that the BTC sum cited in the affidavit likely isn’t accurate.
Bitcoin and other digital assets have the potential to grant great freedom to the entire planet. However, such freedom comes with responsibility — the first of which is ensuring that you and you alone know the private key to your chosen crypto storage solution.
For someone who is not familiar with crypto terminology, even the word “private key” sounds threatening. Fortunately, crypto exchange sites provide users access to cryptocurrency world without requiring technical background. For that reason, a lot of people tend to use exchange sites rather than personal wallets which falls apart if you lose your private key. So the exchange sites should feel much safer, right?
As far as we know, the QuadrigaCX example is the first of a trading platform simply losing access to its own cold storage solution. Much more common is exchanges being hacked — according to cybersecurity company Carbon Black, roughly $1.1 billion worth of cryptocurrency was stolen in the first half of 2018.[3] Recent examples include South Korea’s Coinrail[4] and Japan’s Zaif[5].
Some Solutions
For instance, some users prefer to keep a reserve of their digital assets offline, better known as personal cold wallets, but actually, it comes along with some difficulty of use, in addition, this is another single point of failure (SPOF) system: when the whole control over the assets relies on one server or one person, you’ll completely and irretrievably lose those assets if this single person or server is hacked or as in the QuadrigaCX case, if he or she dies. Systems with a potential risk posed by a flaw in the design, implementation or configuration of a circuit in which one fault or malfunction causes an entire system to stop operating are called SPOF.[6]
So, there is a solution on this matter called Multisignature but it lacks on certain regards. We shall briefly discuss it before talking about our new scheme called Threshold Signature Scheme.
Multisignature means requiring more than one key to authorize a Bitcoin transaction in order to divide up responsibility for possession of bitcoins.[7]
Multisignatures work by creating a multisignature address and, when you create it, you specify what keys are associated with that address and how many of them are needed to sign a transaction.
This is really good, but there are some critical limitations.
First of which is privacy: it reveals the identities of individual signers which is a disadvantage for some businesses that need greater anonymity.
Second one is that there are some limits on how many keys can be used. And the security policy is fixed once the multisignature address is created. So, it’s not possible to change your mind after some time and say, “Now I want to have 5-out-of-6 policy instead of 2-out-of-3” since it requires creating a new multisignature address with a new security policy, and transferring all the funds there.
Multisignature mechanisms depend on multiple parties having separate keys of their own that they sign a transaction with. Hence when the verifier wants to verify a transaction, he or she needs to check every single signature separately.
A Better Solution: Threshold Signature Scheme
For threshold signature scheme, it’s a bit different because you only have one public key, one private key, and only one signature. Each signer has the same public key and a unique share of the secret key.
Threshold signature schemes enable sharing signing power amongst n parties such that any subset of t+1 can jointly sign, but any smaller subset cannot.[8] For instance, in the case of defining a signer group as 8 signers with threshold 4, when any 5 signers come together, they can sign a transaction and your cryptocurrency is sent to your wallet address. Furthermore, to perform a malicious activity on a cryptocurrency transaction, attacker must take control of at least 5 of these 8 signers.
Signers cooperate using a special communication protocol that does not expose the secret key in order to produce a signature and there’s only one signature that is produced. In other words, the verifier has to check only one signature in order to say if the transaction is correct or not.
Threshold signature scheme also offers better flexibility. First of all, there is no bound in number of signers. And secondly, it is possible to modify the security policy in a way you want after some time.[9]
Considering QuadrigaCX’s case, if they would have used threshold signature scheme and the security of the cryptocurrency exchange wouldn’t have been based on only one person (single point of failure), nearly 150 million U.S. dollars wouldn’t be lost today.
The only consideration would be as follows: this mechanism is not much familiar to the society and the tooling doesn’t exist. However, for the first time in Turkey, Bitmatrix solved this issue by its more than secure crypto asset trading platform.
By Threshold signature scheme, Bitmatrix enhances the resilience and robustness of the system while preserving the distributed nature of the Blockchain. We hope you enjoy this new and secure trading experience. This is just the first step in making Bitmatrix one of the most advanced exchanges in the industry with further R & D developments intended for the best Blockchain based practical and rational products and projects.
