Your Bitcoin, ETH, STEEM, and other Crypto are NOT stored securely.

in #bitcoin6 years ago (edited)

John Locke, one of the most influential political philosophers, claimed that men and women are free in the natural state of the world, but may sacrifice some of their liberty to ensure the security and stability of society.

This means that societies forfeit some of their rights to add a decider of right and wrong: the government. In a perfect world, a democratic government would ensure people exercise their liberty to the fullest without harming others and the society would in turn keep the government in check.

This, in turn, gives governments the ability to limit liberties through the creation of laws that have little to do with people harming others. Over time, as nations have grown and evolved, so have laws; today, societies exist under legal systems that are so dense and convoluted that many people infringe upon laws, on a regular basis, without even realizing it.

In fact, there are 100,000 - 300,000 laws at the federal level in the US that can be criminally charged. Additional laws are regularly added on the state and city level; 40,000 federal laws were added in 2012 alone. It is impossible to know all of these laws and it is therefore impossible to protect oneself from infringing upon them.



With up to 40,000 laws being added in just a single year, it's impossible to never commit a transgression.

This gives governments across the world the ability to litigate any member of society. While such a concept may seem far-fetched, it's the modern-day reality of many countries. The first action taken, when a person is about to get litigated or prosecuted by the federal government, is the freezing of private assets. Thus, when the litigation begins, an individual has limited resources to defend himself/herself.

For this reason, some people opt to store a portion of their wealth in either gold or Bitcoin. The notion driving such purchases is that while government can freeze assets held by custodians—banks, trusted brokers, vaults, etc.—they cannot claim any assets a person holds for himself/herself.

Does the belief that personally held gold and Bitcoin could be the critical stash needed for the stormiest rain hold up?

The Secure Cold Storage Fallacy


While gold and Bitcoin can be secured through personal efforts, they can still be seized, and there are countless examples that prove this. Bitcoin confiscations by federal bureaus have become so common that auction houses are extending their business to host bidding rounds for seized Crypto. These coins are being confiscated from cold wallets.

Buried gold can be seized.

Meanwhile, gold remains an even easier target. Storing gold in an odd location can bring up the risk of strangers stumbling upon the treasure and claiming it. Thus, most people who do not store gold in vaults or banks end up storing their stash somewhere on their property. This gold may be safeguarded from thieves, but at any point during a federal litigation, gold stored on private property can be snooped out by metal detectors. While gold is a trusted store of value, it can be easily seized.

Those who recognize the limitations of gold have opted to hold a portion of their wealth in Bitcoin. Bitcoin evangelists have established the decentralized cryptocurrency as the one and only store of value that cannot be seized as the holder acts as his/her own bank and there is no physical asset to simply take away—or is there?

Limitations of Cold Storage

To many, cold storage is the go-to means to protect Bitcoin. The cause of this is that it is widely (and erroneously) believed that Bitcoin holders only face a threat from cyber theft. While many in the Crypto community recognize that a hot wallet can be breached, they assume that cold wallets are a legitimate refuge for cryptocurrencies. This refuge, however, has several limitations as cold storage can face physical theft.

Most people cannot memorize a 24-word seed, which is why even the manufacturers of cold wallets recommend writing down the sequence. A vast portion of people store their mnemonic code either in safe or vault. If worst comes to be and a federal litigation ensues, the containments of a bank safe would be swiftly confiscated and all house safes would be cracked open. Consequently, cold wallets will be compromised.

Those brave souls that do manage to memorize the 24-word sequence face a problem too.

The Private Key is Stored in the Wallet

The accessibility of written mnemonic codes by third parties is not the root of the problem that limits the security of cold wallets.



The mass media's concern over hot wallet usage often concludes with the tout that cold wallets are the safest means of storage; this is not true.

The problem with cold wallets lies in their very purpose: holding the private key. The government, with near-infinite resources, has tools in forensic labs to extract all private keys on these devices in seconds. And, if a very sophisticated and costly cold storage machine is being used with very high encryption (like an air-gapped computer), while a person may sit in jail, unable to transfer funds, the encryption on the wallet could age in relevance to decryption technology. It is just a matter of time before the government will breach the wallet and access the private keys.

This problem does not just relate to government labs: you face this threat any time that you have the device stolen or lost, and any experienced hacker or engineer can obtain data from a physical storage device; moreover, even your baby sitter can access all your funds if she finds the 24-word seed.

No Private Key? No Problem.

Major hardware giants like IBM are hard at work to deliver the ascent of quantum computers. Computing technology does not remain static. As manufacturers pursue better processing power, quantum computers sit as the next forefront of computing hardware.

The private key held within would be immediately accessible with the use of quantum computers even on the most advanced cold storage machines that cost thousands of dollars. Thus, the entire conundrum of figuring out the proper means to store a mnemonic phrase could soon be meaningless. As long as the private key is ever-present within the cold wallet, the theft of the private key is possible.

Thus, cold wallets should be recognized as an outdated technology that has served the Crypto community well, but may soon be an obsolete solution. New storage solutions are on the rise and the first in line is a novel storage solution called Bitfi.

A Completely Empty Wallet

Wallets do not store any coins. There is no money held on the wallet itself. However, cold wallets store a private key that provides access to coins that sit on the blockchain.

If a cold wallet is breached, the private key is exposed. If a Bitfi is breached, nothing is exposed - it has no private keys. Thus, a Bitfi is the first unseizable wallet. Not literally, as any physical item can be taken, but the device, if breached, will offer nothing. It will be completely empty.

In fact, in the occurence of events of rare probability, like a natural disaster strikes or a housefire, cold wallets and Bitfi (the hardware) would both be destroyed. The problem with the cold wallet would be that the household safe that stores the private key could very likely be destroyed too. However, as your memory would be intact, you would just utilize any other Bitfi and you'll once again have access to your Crypto wealth.

Better Security


A Bitfi is designed to not store private keys, but simply create them when a transaction has to be made. The only means to bring the private key into existence is by entering a custom secret phrase (recommended to be 7 words selected using Dicewire, but can be anything you want). While a 7-word phrase may seem less secure, the probability of successfully discovering it is lower than the 24-word sequence used by the standard cold wallet.

Bitfi’s mnemonic phrase is constructed from a set of over 7,776 words and allows the use of lower case and upper case letter as well as special characters.


If you’re storing Bitcoin in your brain, you might be wondering where it is. The area indicated in yellow (hippocampus) is where your Bitcoins are.

Quantum Computer Resistance


Interestingly, the unique point-of-access of Bitfi also secures it against decryption advancements. While the wallet may be decrypted, there are no keys to find within. Quantum computers, too, may crack open the wallet but would find no keys within. It’s important to recognize that neither Bitfi nor cold wallets hold the coins; the cryptocurrency simply floats on the blockchain.

Cold wallets can be breached to gain access to the private key; their functionality is to store the private key which gives full control over the coins stored on the blockchain. Meanwhile, Bitfi functions as a private key generator to facilitate access; thus, it does not hold the key. Bitfi generates the key at the instantaneous moment when the secret phrase is entered.


Bitfi is not a Crypto storage manufacturing brand. It is an innovative Crypto storage and payments technology.

The key never stays or becomes stored in the wallet as it is kept in the most secure location for a private key: your brain (if you choose to memorize the phrase). This Is a location from which no key can be stolen, found, or cracked open. This is not just for one private key, but this same secret phrase will generate all your private keys for an unlimited number of cryptocurrencies (all of the ones supported by wallet now and ones that will be added to wallet in the future).

The key is memorized as the 7-word mnemonic phrase, which, unlike the 24-word sequence of cold wallets, is memorable yet more secure.

Your brain secures your key; Bitfi becomes a tool to move your money.

Whether it be government seizure or theft, cold wallets can falter if they leave your possession. Once cracked, a cold wallet exposes the private key and that’s the critical flaw with cold wallets. Any device that stores private keys is innately a point-of-attach towards your Crypto wealth. Bitfi is reimagining the purpose of wallets as it delivers a storage device that will never store private keys.


Connect with me:

My Twitter
PM me on Telegram

Crypto News Crypto Airdrops ICO List Blockchain Lawyers



Sort:  

Great article @hatu. Very timely. As we push for adoption, security will be at the forefront. And, given the numerous scams that we hear about daily, most are more security conscious than usual.

Personally I do not believe that the majority of consumers want to be concerned with security. Making crypto adoption even more difficult. That coupled with major corporate bids into the crypto space, which will probably be more centralized, but have a more acceptable or understandable level of security to the general populace, will make security murky.

All this to say that I think you have hit upon a key topic that will define where Bitcoin and cryptocurrencies go from here.

Yeah we can always "encrypt" our paper wallet, like splitting, removing some letters and only memorize those, etc.

That is a solution, and it does work. However, it limits the transaction factor of the currency. Hence, a paper wallet is less a wallet and more a storage.

Without such limited transaction capability, the point of BTC becomes moot as a currency and it becomes a pure store of value.

In a future piece, I can cover how a technology like Bitfi can support Lightning Network to make secure mass transactions of BTC a reality.


You just planted 0.10 tree(s)!


Thanks to @ucukertz

We have planted already
7851.89 trees
out of 1,000,000


Let's save and restore Abongphen Highland Forest
in Cameroonian village Kedjom-Keku!
Plant trees with @treeplanter and get paid for it!
My Steem Power = 26099.92
Thanks a lot!
@martin.mikes coordinator of @kedjom-keku
treeplantermessage_ok.png

The problem herein is that people should be concerned with security.

Good thing is that many are yet they opt for cold wallets thinking that they are secure when they often aren't the golden standard.

The reward of this comment goes 100 % to the author guysellars. This is done by setting the beneficiaries of this comment to 100 %.

Interesting product. Though info on quantum computers are misleading. While big corporations continue to work on them were pretty far away from that being a concern in stealing your coins.

The always generate the private key is interesting and creative. Though this seems to have the same flaw as other mnemonic phrase wallets. You still need to remember the string. And as you said people are more likely to write it down opposed to remembering it. Not criticizing but seems like a similar flaw to others. Still, an interesting product. Will keep an eye on it.

The memorability aspect here is that you make the phrase rather than pick a 24-word seed from a predefined set of words. Of course, some would write it down, but unlike a 24-word set of words, a custom phrase won't stand out as a seed.

Great article but how does one access their coins using Bitfi. Could you explain that?

You access it with a phrase that you can choose. Then you must pass a second layer by creating your own salt (password). You create each of these as per your will; this allows you to create something memorable.

The main difference between this technology and a cold wallet is that, without the phrases you have memorized, the key never becomes accessible to anyone that breaches the wallet.

I believe that in big majority of cases is the owner fault for being robbed, not the fault of technology. Even a paper wallet can be highly secured if is done properly. You can always split and encrypt private keys in such manners that you are the only one who knows how to restore them as a full key...

Not quite.
Governments have enough resources to extract the BTC from cold wallets. Hence, so much BTC is auctioned by federal agencies.

As for splitting paper keys, there's added risk exposure of them potentially being lost or discovered by others. The vulnerability against the government and quantum computers would by unhinged.

I still need to wrap my head around the fact of having a wallet without a Private Key inside.

Because everyone is adjusted to thinking cold wallets are the only hardware wallet.

This is a new storage technology. The key is generated only at the instant it is needed for a transaction; the memorizable phrase leads to its momentary generation.

Wallets can be hacked. Hack is this sense means accessing the wallet without knowing the seed. However, when a cold wallet is hacked, the key is exposed; when a Bitfi is hacked, the key is not exposed because only the key leads to its momentary generation.

Hope this clarifies.

You purposely did not answer the question from @dhimmel , Why ???

Can you clarify your relationship to Bitfi? Were you paid by Bitfi or anyone (outside of the in Steem upvote system) to write this piece? Who purchased the bid bots for this post?

This comment is supported by $2.35 @tipU upvote funded by @isacoin :)
@tipU voting service always profitable, instant upvotes | For investors.

Your the man !!!!!!!!! 👍

To Isacoin*

Already responded to you below, but anyways, here goes again:

  • None of the statements about cold wallets are falsified. You're welcome to disprove me. Any cold wallet can be breached and it will expose the key. That's how cold wallets are.

  • Yes, a Bitfi device can be hacked. It means nothing because even if you crack the device, there's no key being exposed. That's the impressive aspect.

  • As for ICO DOG, 99% of the content on it is educational. The only ICO mentioned on it is LTO, which is partnered with IBM and is one of the few projects in Crypto that is not a scam.

to @hatu

None of the statements about cold wallets are falsified. You're welcome to disprove me. Any cold wallet can be breached and it will expose the key. That's how cold wallets are.

either you dont understand how private keys work or you are purposely misleading the public to gain from referrals

First off, click on any of the links and tell me which of them has a referral? There are no referrals on this; Bitfi is a wallet that I personally use.

Listen bud, I think you're missing my point. My statement is that most hardware wallets make private keys vulnerable in the sense that anyone can claim the private key from the hardware wallet. You can breach the wallets (the hardware) and then take the private key that they store. My point is that a hardware wallet that does not store the private key, even if breached (the hardware), won't let the hackers claim anything.

I never stated that the private key is being breached; in fact, I've made this point to you already. I hope this clarifies things.

First off, click on any of the links and tell me which of them has a referral? There are no referrals on this; Bitfi is a wallet that I personally use.

does not have to have a referral link to be a paid promotion
and you said it yourself in response when questioned on your connection only to delete an hour later

question.JPG
https://steemworld.org/block/30982941/8d1463749fd6a4adda856529b7e8cd6540abea67


https://steemworld.org/block/30983844/9b4fa9e7180ec76c269db322efa6c91fb4a5049a

Listen bud, I think you're missing my point. My statement is that most hardware wallets make private keys vulnerable in the sense that anyone can claim the private key from the hardware wallet. You can breach the wallets (the hardware) and then take the private key that they store. My point is that a hardware wallet that does not store the private key, even if breached (the hardware), won't let the hackers claim anything.

this is complete bullshit to break a cold storage wallet(private address /key) you would need to break the private key which is impossible, so far in history anyways hence the value gained and held by bitcoin

what you refer to is the chance at "hardware" being broken

sounds like you dont even understand how wallets work.

its clear you lie at every turn to try and paint a different picture

Perhaps if you'd lodge aside personal attacks and had a look at facts, you'd be able to have a more meaningful discussion. I think you either don't understand how hardware wallets work or just are hell-bent on arguing. You're consistently thinking that the claim here is of a Bitcoin key being breached (when it's not); the point, again, is the hardware can be breached to expose the key.

They can be breached:

I suppose the disagreement stems from my use of the umbrella term cold storage rather than hardware wallet, which are just one type of cold storage.

And I already told you, you're welcome to find the referral on this page; there are none. I made an error in thinking if I'd say something you want to hear, you'd move on; that was a severe error on my part.

you dont differentiate anywhere between hardware wallets and true cold storage

you state multiple times all wallets are secure except for the one you are promoting

and here is the shortened link on this post to track your referrals

Fair point. I'll clarify now: this article, excluding the comments, is about only one type of cold storage: hardware wallets.

I appreciate your effort to ensure I clarify the distinction.

In the future, I'll be sure to specifically state hardware wallets when referring to only this type of cold storage, but I may possibly make a comparison with paper wallets too, and will specifically refer to them as paper wallets.

Also, you may open any of the Bitly links through this site: http://www.getlinkinfo.com. They direct to the website without any referral.

it was himself obviously lol

and i fully believe he doesn't care about the facts on anything he promotes so long as he gets referrals

there are multiple false statements said on the security of cold storage etc when bitfi is proven to have one of the worst track records for misleading users and not providing transparency when found out creating multiple false "bug bountys" 1 of which had a few thousand dollar entry few to attempt and another that had such ambiguous requirements that programmers stated was not possible to achieve

look at his other account @icodog shameless promotion of multiple scams

@hatu is a real piece of shit

Not sure what your problem is, but I suppose it'd be odd to make a meaningful post on crypto security without some one spinning it into something else.

Not sure what your problem is

I read your post . I do not have a problem with it or anything else you stated. I do not know enough about the world of crypto.

Full disclosure is important. it's about honesty
whether you are benefiting from Bitfi or not I don't care. If you are hiding it well then that's a different story and one that I have to consider as a consumer.

The fact that you flagged me for asking a question, also speaks volumes

This was not a response to you, but to isacoin.

This was not a response to you, but to isacoin.

That has to do with me because ?????????????
It is a response to me. a flag a big hurtful 100% flag from a 74 rep account with a large vest. so don't act like it is nothing

I read your post because I wanted to find out about the wallet. had a question about representation and Bitfi is flagging me.

Giving 100% support to your last 4 posts should more than make up for it.

And you're right, a flag to you would be unfair; revoked it.


dont worry i fixed


(´・ω・`)

Lol a profanity. Dude...

Why cheetah downvote you? There's too much downvoting on this thread, I'm going to run away

Because I'm on their black list, likely as a known plagiarist, spammer or ID thief. Please be cautious with my posts.

That makes no sense. and I am not interested in squablies. I am also no longer interested in Bitfi as a wallet

The only means to bring the private key into existence is by entering a custom secret phrase

How is this different than adding a password on top of recovery phrase for existing hardware wallets? Ledger and Trezor both support adding a passphrase.

This article seem a bit biased and overly supportive of Bitfi. Can you clarify your relationship to Bitfi? Were you paid by Bitfi or anyone (outside of the in Steem upvote system) to write this piece? Who purchased the bid bots for this post?

That's not the main point of difference.

The comparison is of how cold storages retain the private key forever while Bitfi only generates the key for the instant it is needed. Entities with sufficient resources can breach the devices, but while a cold storage would end up providing access to the key, Bitfi wouldn't as there's nothing held within.

Developers should push more when it comes to security. Online wallets can be dangerous when keys are exposed to the public.. No matter how secured an exchange is, like Binance and KuCoin even with their upgrade, Bittrex and others. I really like this product and how its functionality is working now.

Because of your article I bave decided to get a BitFi wallet.

Posted using Partiko Android

“The good we secure for ourselves is precarious and uncertain until it is secured for all of us and incorporated into our common life.”
― Jane Addams