The $5 Wrench Attack And Your Bitcoin Stack

The $5 Wrench Attack And Your Bitcoin Stack
фото показано с : bitcoinmagazine.com

2021-4-1 22:41

A proposed set of solutions to the often-thought-about physical security of bitcoin storage.

Alright, class, let's put our tinfoil hats on for today’s discussion. In today’s lesson, we are going to address surviving the fabled $5 wrench attack with our health and bitcoin stack intact.

First, some background: what is a $5 wrench attack?

I'm glad you asked. It's actually quite simple.

Imagine for a moment that through some sequence of events, crooks or criminals learn that you are the proud owner of a handsome stack of satoshis. Whether through poor operational security on your part, or a customer data breach, or by other means, it doesn't really matter. They know (or assume) that you own and control the private keys to a stash of bitcoin. And now they know where you live. Add in one of Bitcoin's pre-programmed bull cycles, and now, our hypothetical criminals decide it's worth paying you a visit. Upon visiting you, they physically coerce you to hand over your stack. Maybe they make you hand over your seed phrase. Maybe they force you to get out your hardware wallet and transfer your stash. As any bitcoiner who has been in the space for more than a few months knows, there are no take backs on the bitcoin network. No one is coming to save your ass if you’ve already transferred your bitcoin. If it gets to this point and you haven't already thought about what you might do, you've lost.

"But that's not fair," I hear you say. "I've done everything Uncle Jim told me to do: I got a hardware wallet, wrote down my seed phrase, and took custody of my bitcoin." Have you also heard them mention that radical freedom requires radical responsibility? Read that again and internalize it. Read it one more time.

This reminds me of a phrase I've heard Matt Odell use: "Treat your bitcoin like its value is 10 times greater than the present price," because it will be. Do yourself a favor and become familiar with educational resources like Matt and Bitcoin Q+A. They've managed to make seemingly impossibly technical procedures straightforward with actionable, direct instructions. Their material can take you from "YOLO! All my bitcoin is on an exchange!" to the level of custody security we're about to discuss in the span of one bitcoin market cycle (yours truly serves as proof).

So what's the solution to the dilemma?

There are multiple options that can help you in the home invasion scenario. They all have their tradeoffs, and they are not necessarily mutually exclusive. After review, I believe that a geographically distributed multisig wallet is the best solution for secure self-sovereign bitcoin custody. Signing devices from multiple vendors can be used as a strategy resilience cherry on top. Additionally, the sooner this becomes the standard for self-custody in the bitcoin community, the sooner crooks will be disincentivized from attempting these attacks.

OPTION 1: Decoy wallet

A decoy wallet is one that you load with enough bitcoin to satisfy a thief, but not so much that you wouldn't be willing to sacrifice it in an emergency. Most bitcoin plebs have a "hot" wallet for their daily, weekly, and monthly transactions. This is often a mobile wallet that could serve nicely as a decoy wallet. The key factors here are that it contains enough to throw them off the scent but not enough to crush you financially and that the thief doesn't have more specific intel on you or your stash.

If the attacker is a bit more technically savvy and perhaps got their information via a customer data leak from a particular hardware wallet manufacturer, they may be expecting to find said hardware wallet in your home. In this case, the decoy may just be a bonus they weren't expecting.

The ColdCard Mk3 AKA the “Canadian Calculator” has a duress PIN feature that can help in this situation by allowing you to effectively have separate wallets on the same device that are derived from the same BIP 39 seed phrase. One can be the main wallet and one a decoy with no way for the attacker to know without knowing your PINs. The ColdCard also offers an optional “Brick Me PIN” feature that destroys the secure element on the device, removing its key signing capability. However, this does nothing to secure the seed phrase backup in your safe. You do have a safe, right?

Another hole in this strategy might be that the attacker could receive their info from an exchange customer data breach that familiarizes them with the total amount of bitcoin you've purchased. If their info and the decoy don't match, then the decoy’s effectiveness can be limited, and the crooks may go looking for other devices in your home.

OPTION 2: Upgrade your home security

This is a smart option with or without bitcoin in the picture. Lock your doors. Yes, even while you are home. Get rid of the key you have hidden under a rock next to your front door. Every would-be home invader checks, and no, your hiding spot isn't better than everybody else's. Consider surveillance systems. They are worth the money. Lock your windows. These are all sensible and prudent security considerations but can't guarantee that thieves are unable to break into your home. They only make you a more challenging target, but being a more difficult target is always a good idea.

OPTION 3: Geographical separation

This one is a fundamental aspect of the optimal solution towards which we're working, but it leaves a bit too much to chance if you value your bitcoin at 10 times its present market value. So, you set up your hardware wallet and back up the BIP 39 seed phrase. If neither of these are in your home, then you can't be coerced during a home invasion to sign a transaction handing your bitcoin over to an attacker, and they can't get their hands on your seed phrase to send your satoshis to their wallet. This introduces significant friction to spending your bitcoin but doesn't get in the way of saving satoshis in cold storage. Your cold storage isn't for spending, so that friction is more of a feature than a bug.

I hear you, though: "But Teach, what if they force you into a car and make you direct them to your backups/key signing device?"

Well, reader, we've considered this potential situation and placed security checkpoints between us and access to our backups/key signing devices. These can take many forms. Maybe you have a bank safety deposit box. Maybe you have your hardware wallet stashed in your office that employs 24/7 security. Perhaps you have a family member who is always home. Each of these options offer a checkpoint you must cross, where you may be able to express your duress and receive assistance in addressing the situation. This is critical if the thief is motivated. If they are willing to make the trip, the inconvenience is no longer a detriment. In this situation, the checkpoints become the key to foiling your attacker. Unfortunately, this strategy requires a certain level of trust that is frowned upon in the Bitcoin space. If your secrets are stored in a bank safety deposit box, you're more than likely not going to be compromised; however, there is no guarantee. There is only a promise that your safety deposit box is "sacred," but such promises aren't worth anything. Say that your secrets are stashed in your office. There is no guarantee that the evening cleaning crew won't just happen upon your backups, and if they recognize that they’ve found a bitcoin BIP 39 seed phrase, you may be out of luck. The same goes for any guest your “always-home” family member invites into their house, where you've decided to store your secrets. Tamper-evident bags can help to discourage snooping but are totally worthless for stopping a thief once breached. So, how do we surmount these shortcomings?

OPTION 4: Multisig wallets (geographically distributed)

Imagine that you have three seed phrases/key signing devices. You can take these three key signing devices and hide one at each of the three different locations mentioned in Option 3. These three key signing devices can all be linked to one multisignature wallet scheme. In this scenario, it is necessary to collect at least two of the three devices to sign any bitcoin transaction that will spend any of the "managed" unspent transaction outputs. With the "m of n" multisig standard, you are required to sign with a quorum of the signing devices to move any of your cold storage funds. With this strategy, you introduce a level of friction that shouldn't be too much of an issue for true cold storage funds but introduces significant complications for a $5 wrench attacker. You can even keep one of the key signing devices in your home because it still requires a trip through at least one of your checkpoints. Additionally, if one of your hidden secrets/devices is compromised, there is no cause for concern, and you can still maintain full control of your bitcoin by collecting your other two devices. Tamper-evident bags are a prudent and economical addition to this scheme.

This is all well and good in theory. Unfortunately, at present, the tools available for technically limited Bitcoin users put a hard cap on the number of people who can pull this strategy off. Let me be the first person to dissuade you from pursuing this type of scheme until you are ready. The key being: until you are ready. You need to learn to walk before you run! This type of security is presently aspirational for most bitcoin users but is absolutely critical to a healthy future when Bitcoin is the primary store of value, method of exchange, and unit of account. If the available tools improve to the point where every bitcoin pleb, with their satoshis stored outside of exchanges, can adopt a multisig "savings account," then the motivation to attack any one bitcoin hodler decreases because the likelihood of success is significantly diminished.

Some credit where credit is due: Sparrow Wallet and Unchained Capital’s Caravan standard empower users to implement the strategy discussed here. Check them out and start experimenting! If you think you can improve the tools in this space of the bitcoin ecosystem, I encourage you to get to work! A multisig-as-standard future is crucial to making Bitcoin a viable global standard in terms of personal wallet security.

Similar to Notcoin - Blum - Airdrops In 2024

origin »

Bitcoin (BTC) на Currencies.ru

$ 71051.35 (+0.20%)
Объем 24H $52.987b
Изменеия 24h: 5.12 %, 7d: -1.78 %
Cегодня L: $69039.59 - H: $71289.12
Капитализация $1405.272b Rank 1
Цена в час новости $ 59222.61 (19.97%)

bitcoin solutions often-thought-about storage security physical proposed

bitcoin solutions → Результатов: 126


Фото:

Blockchain Might Not Be the Appropriate Answer to Iot Security

Blockchain has been pointed out as the technology capable of providing security to the Industrial IoT (IIoT), but contrary to this belief, IoT project owners, chipmakers and OEMs may be better suited with security solutions capable of addressing low-level, device and data-centered hardware as the emerging technology may be an expensive solution that might notRead MoreRead More.

2019-2-19 12:00


Фото:

Blockchain Might Not Be the Appropriate Answer to IIot Security

Blockchain has been pointed out as the technology capable of providing security to the Industrial IoT (IIoT), but contrary to this belief, IoT project owners, chipmakers and OEMs may be better suited with security solutions capable of addressing low-level, device and data-centered hardware as the emerging technology may be an expensive solution that might notRead MoreRead More.

2019-2-18 12:00


Report: Payment Processor Netpay to Integrate Blockchain Technology

Major international payment solutions company Netpay has reportedly partnered up with an Israeli-based firm to integrate blockchain-based technology in its services. Netpay to Integrate Blockchain Tool Netpay, an international payment processing company, has partnered up with BNC LedgerTech to provide blockchain-based services to its broad user base, according to a report from Finance Magnets.

2019-2-15 21:00


Фото:

On.Live Is Pleased to Announce That ONL Token Holders Can Now Use Bitgo’s Industry-Leading Wallet and Custodial Offerings

BitGo is the market leader in digital asset financial services providing security, compliance, custodial, liquidity solutions for institutional investors. BitGo is the world’s largest processor of on-chain bitcoin transactions, processing 15% of global Bitcoin transactions and $15 billion per month across all cryptocurrencies.

2019-2-15 14:13


Фото:

General Motors’ Financial Arm Inks Partnership Deal with Blockchain Firm

GM Financials, an arm of General Motors which provides auto loan financing through auto dealers in the U. S. and Canada, has joined forces with Spring Labs,  a distributed ledger technology (DLT) startup, to enable the latter to develop blockchain solutions aimed at enhancing the processes of GM Financials, including verification of sensitive customer information, reportsRead MoreRead More.

2019-2-13 02:00


Bitcoin and Crypto Has Introduced Millennials to Investing in Markets, Despite Fears

The digital asset strategist and director at VanEck subsidiary MV Index Solutions believes that Bitcoin and other crypto have introduced investing in markets to a “new generation of investors. ” While the executive didn’t explicitly call out millennials in his comments, data shows that millennials have gravitated more to crypto markets while showing a strong reluctance.

2019-1-31 23:00


Фото:

ConsenSys, Harvard, and Levi Strauss to Build Blockchain-Based Factory Safety Solutions

According to a press release published on January 24, 2019, a think tank comprising of Harvard University’s public health graduate school, New America, Levi Strauss Foundation, and blockchain startup ConsenSys have been awarded a federal grant worth $800,000 to develop DLT-powered solutions to track health and well-being records of factory workers.

2019-1-27 14:00


Фото:

Hyperledger Launches Framework to Help Developers Deliver Blockchain-Based Supply Chain Solutions 

Hyperledger, a collaborative project focused on advancing cross-industry blockchain technologies, has announced the creation of Grid, a framework aimed at enhancing the development and delivery of distributed ledger technology (DLT)  powered solutions for the supply chain ecosystem, according to a press release on January 22, 2019.

2019-1-24 10:00


Фото:

Why Cryptocurrency Custody Solutions Are on the Rise

The last six months has witnessed significant growth in the number of businesses and banks launching cryptocurrency custodial services. These solutions give institutional investors peace of mind that their assets are secure, insured, and under the care of a trusted third party, freeing them from responsibility for safeguarding their cryptocurrency.

2019-1-22 19:47


Crypto Pundits Skeptical Of “Better Bitcoin” Plan From MIT, Stanford

Since Bitcoin began to pick up steam in 2016, the network, coupled with its core developers, has been criticized by cynics en-masse for its inability to scale. And while evident strides are being made, with solutions like the Lightning Network and Segregated Witness seeing rapid adoption, innovators have still sought to one-up the world’s first.

2019-1-18 16:06