Bitcoin has never been hacked… oh really?

“Oh really?”… this is the response I usually get when I say this to someone who is new to the space. And honestly, who can blame them?

We’ve seen numerous media headlines and read countless pieces on the millions of dollars in equivalent value that have been lost from exchange hacks, wallet hacks etc. These are the sorts of things that immediately come to mind when we think of that hacking question.

Source: Quartz Media

But to misconstrue this with the thing itself being compromised, with bitcoin as a system, is to do a great misservice to understanding the real value that this technology brings.

Explaining why this is at a technical level is beyond the understanding (and quite frankly, interest) of most. And justifiably so.

The simplest way then to get this point across is by analogy with a system we’re all familiar with: The US Dollar Cash System.

The United States Banknote

The United States banknote as an artefact first came into being in 1914 as a form of “lawful money” by the Federal Reserve. It was first backed by gold, and has now evolved to being backed by the full faith of the United States government.

As an artefact, few can dispute the success that these banknotes have had as a form of currency. All demonimations of USD bills are generally accepted as currency around the world, and there is general faith that a bill accepted can be further passed on to someone else for the equivalent value without having to worry about whether the integrity of the thing will be questioned.

(Important to note here is that the point being made is specifically about the physical cash bills and not about the wider value of the US Dollar, it’s associated monetary/fiscal policy or the US Dollar’s role in global economics/geopolitics.)

The notes themselves have a number of anti-counterfeit measures built in and these act as strong security mechanisms to help ensure the integrity of these bills.

The $100 bill’s security features illustrated

“I Lost My Wallet 😱”

Now that we’ve established the security and integrity of the US banknote system, let’s look at a hypothetical scenario.

It’s a Wednesday afternoon and I’m strolling down the streets of New York City. I’ve just withdrawn US$1,000 from my bank’s ATM and am on my way to place my deposit on a brand new apartment rental. I get to my prospective landlord’s offices and am about to hand over the cash. I reach for my back pocket when to my horror I realise that I’ve been pickpocketed and my wallet is no longer there!
“NOOO!”, I scream as I proceed to decry the entire US dollar banknote system as a sham!

As you can probably well imagine, that reaction described is a gross over-exaggeration and not one any normal person would have in this sort of situation. My losing my wallet is in no way an indictment on the US Dollar banknote system, and the system continues to function just fine even in the face of such instances.

Rather, the fault in this sort of scenario is in my poor handling of the US Dollar notes that were in my possession.

Coming Back To Those Hacks

In much the same way as money can be stolen from a wallet via pickpocketing, digital money can be stolen from a poorly managed exchange wallet via digital hacking.

Bitcoin exchanges are giant honeypots of bitcoin that sit on the internet as targets for all manner of hackers and cyber-criminals. The draw for them is that digital assets like bitcoin are bearer assets, which means that there is no bank or authority one can go to to “reverse the transaction”.

What this means is that the bitcoin hacks we hear so much about in the media are not so much hacks of bitcoin, but rather hacks of wallets holding bitcoin that persons have “left lying around”.

Managing Those Funds

At this point, it may be wise to allay some fears too that the entire industry is just a giant, poorly run wallet service.

For the most part, the majority of exchanges do use good practices when treating with customer funds. The industry has come a long way since it first started and in proportion to the number of exchanges there are globally and the volumes of funds that flow through them, exchange hacks are now few and far between.

There are a variety of techniques exchanges can use to mitigate these sorts of threats (e.g. use of multisig policies, a strongly managed cold storage policy etc.) and we have seen the industry improving significantly as time goes by.

At a personal level as well, systems like Bitcoin are designed so that individuals can have full control of their money. They are designed specifically so that persons do not have to trust centralised third-party solutions and so do not contribute to the creation of these giant honeypots.

This is where that popular adage, “not your keys, not your coin” comes from.

Mobile wallets serve as very decent storage solutions for conservative amounts of tokens given the relative security of OS’s like Android and iOS. For larger amounts, hardware wallets offer an extremely hardened way of securing funds that for all practical purposes are almost impossible to compromise.

I myself have been managing bitcoin and a few other tokens both in personal and professional capacities for the last almost 3 years and am happy to say that I’ve never lost a single token that was held in keys under my control. 
(*immediately knocks on wood and states explicitly that this is not a challenge for folks reading this who may be system-breach-minded*)

So really, Bitcoin has never been hacked

Coming back full circle, much like in the event where someone’s wallet is stolen we don’t say the Federal Reserve Banknote system is broken, in much the same way exchange and digital wallet hacks do not in any way implicate the superior security and hardness of the Bitcoin system itself.

At the protocol level Bitcoin has never been broken, and it is actually this strong system of security that has given rise to the entire new “Blockchain technology” field that we hear so much about today.

This is an important distinction that has very strong technological implications, and it is one I sincerely hope the reader appreciates, if even just a little bit better after reading this short piece.