Fintech, News

The problem with your crypto might actually be your private key

Harry Wise

Marco Rossi, Writer
@uxconnections

Arguably, what made cryptos so successful in the first place is the possibility of having a recognised valuable asset without the hassle of complying with banking and legal regulations.

Today, however, the ‘cryptomarket’ has overcome much of the initial suspicion and is adjusting itself to a newly founded sector of alternative finance, with trading platforms to exchange virtual coins in a regulated manner. 

Big exchanges, such as CoinBase, Binance, or Bitfinex all provide a platform for trading, a private and a public key, and a depository to store your coins, the so-called wallet. After all, one wants to have all the features of a trading platform with the security of blockchain.

Well, it doesn’t actually look like this.

Having a chat with Tim Weiss, CEO of Digital BankVault, I realised that much of what we outsource to exchanges and company-backed platforms – in terms of trust – can be seen through the lenses of entrusting a third-party with sensible data, as the keys to our crypto-wallet.

“The problem here, is that the private key – the most valuable thing you have – is stored on some server a company provides you, not on the device you are using. Therefore, you don’t really have control of your private key! 

“Hacking a device or a server, nowadays, has proved to be possible. It has already happened to many exchanges, including CoinCheck or Mt. Gox, and also many others. With your private key it’s easy to transfer the entire funds to one’s own wallet. This is one of the main reasons hacking has increased in the market.”

After all, even Binance, which is considered to be one of the most secure exchanges couldn’t avoid being hacked

Exchanges are centrally operated systems, meaning that they are run like traditional companies and with a single database that stores all the users information owned by them. 

Such central ledgers might be a good target for experienced hackers, i.e. tracing the traders’ activity or identifying your account information. As Tim was saying, such gigantic infrastructures proved to be wrong, as the Japanese exchanges learned at great cost.

“The problem here, after all, might be exactly what we think secures us the most: the private key,” in the sense that “registering your key is not always as secure as one think, unless you don’t write it on a physical agenda and then consult the agenda every single time you want to transact cryptos.

“However, this might be too much of a hassle. We should move towards more marketable ideas to enhance security in the sector for traders and investors.”

Tim and his team have developed an idea for which the key should not be known by the company providing the service – in this case the access to your wallet.

By means of a key derived from a ‘path trace’ (an everyday habit of yours, for instance) and a specific device to access your account, the central provider of the service (i.e. the company) should know nothing of your data as much as your device should store nothing on it.

“Back in 2016, former President Obama stated how easily the government can enter into a device representing a pocketable Swiss bank. That is what should be tackled: to keep your digital assets safely in a vault.

“The solution might then be a device which is comfortably and  temporarily accessing your account. When you turn off the device all the temporary memory of the hardware is utterly deleted, leaving no trace behind. Every time you need to use your account you log in and then you can safely turn it off again, without fear of being robbed even if you leave your device on on the bus.

“No trace means no leads to your account. It is as simple as that. Moreover, privacy today is a luxury. How good would that be to get rid of third-parties?”

Exchanges provided a great stabilisation for the crypto community and the growth of a possible market of reference. However, we all know the dangers of having someone with full access to our data. 

Privacy might be a luxury, but not an inaccessible good. The crypto world is such a disruptive, developing market that even something perceived as secure as the private key – largely unhackable in the early days – might constitute a problem. 

But that’s also what the crypto world is: a constantly developing and adjusting market, strong in the entrepreneurial spirit of the human kind.

Leave a Reply

Your email address will not be published. Required fields are marked *