Bitcoin Is Probably Less Secure Than You Thought


The article you are about to read highlights the security of Bitcoin’s infrastructure and provides an in-depth analysis of Bitcoin as compared to commonplace fiat currencies.

The general perception of Bitcoin is that it is a highly secure, decentralized type of currency bolstered by strong, military-grade cryptographic algorithms. Furthermore, the holder of “digital cash” doesn’t have to disclose any personally identifiable information when transacting, as opposed to providing a credit card number and security code in a regular payment scenario.

It is also generally believed that although Bitcoin-related services have been breached a few times, threat actors never compromised the underlying protocol.

But is it all so black and white?

It is reasonable to split the discussion of Bitcoin security into the following two levels:

This separation makes sense because many things reside beyond the blockchain. The objective of the core system is to simply issue coins and register transactions after issuance. It doesn’t even perform the function of registering ownership, structure, or even both of these layers.

The integrity and security of the blockchain, the distributed ledger system behind Bitcoin, is reliably protected by cryptography. In addition to safeguarding cryptocurrency transactions, it is intended to thwart double spending and other issues. Based on these hallmarks of the blockchain, there are two main security challenges to tackle:

If the above challenges are met, there is almost no room for doubt regarding the validity of transactions being registered in the blockchain. That is because those transactions cohere with unspent outputs, reside on the longest blockchain, and were signed properly.

Is it within the realm of possibility to compromise this type of security?

In fact, there are plenty of applicable attack vectors. For instance, a perpetrator can guess private keys and sign fraudulent transactions where Bitcoin theft takes place. Another trick is to initiate transactions that appear to be valid and confirmed, but where the sender is duped into thinking these transactions were invalid and coins were not spent. One more technique is to try and overwhelm the network with substantial computing power. High-profile attackers may also discover yet unknown vulnerabilities and leverage them to compromise the blockchain infrastructure.

In fact, threat actors have had some success using some of the above methods. Moreover, the scenarios below might pose serious risks to Bitcoin security:

Users rarely interact with the blockchain directly. Instead, they deal with payment services residing on top of it. These include wallets, exchange services, and other systems.

Wallets are applications that keep private keys for your cryptocurrency. Their security boils down to using commonplace authentication using passcodes, biometric features, hardware tokens, and the like.

Bitcoin exchanges often hold funds (both crypto and fiat). They may leverage exchange wallets of their own in order to facilitate the buying and selling of Bitcoin. Another noteworthy hallmark of exchanges is that they have regular bank accounts propping up their business.

Payment systems allow customers to purchase goods and services with cryptocurrency. These systems resemble widespread non-Bitcoin payment services like PayPal. They hold coins in the form of tokens residing in internal wallets. These tokens are exchanged for currency when a customer purchases something.

Unfortunately, none of the above systems are secure. In fact, they are all just as safe as services processing regular digital payments, such as banks and PayPal. They use the blockchain to simply keep track of transactions and are therefore susceptible to the exact same security risks as a garden-variety financial organization is.

Yes and no. On the one hand, associated third-party payment systems make Bitcoin equally vulnerable. On the other hand, a fusion of properties intrinsic to Bitcoin makes it safer. These include the following characteristics:

Those three things mean that:

All in all, Bitcoin is not nearly as safe as most people think it is. Traditional currency bodes much better in terms of security.

As the number of miners and generated transactions increases, the system may respond with a larger block size limit. Technically, this will create a fork of the Bitcoin network, such as Bitcoin Cash which appeared in early August of this year. As a result, users who held Bitcoin at the time of this split automatically received an equal amount of Bitcoin Cash. However, people who purchased Bitcoin afterwards only got Bitcoin proper.

The security challenge here is that the newly-forked blockchain may be declared not genuine over time. This predicament can be compared to discovering someday that some of your hard-earned fiat money is counterfeit.

Based on the facts outlined above, it does not take a genius to understand that Bitcoin is a questionably secure form of digital currency. Its biggest risks lie in the architectural characteristics of the blockchain. In particular, there is no option to stop, reverse or censor transactions. To top it off, no insurance scheme is in place.

The takeaway is that proper security and the use of Bitcoin simply do not work in tandem. Some people will probably disagree with such a conclusion, arguing that a paper Bitcoin wallet and the use of dubious sites instead of exchange services which are known to be vulnerable will do the security trick. Well, that is like reinventing the wheel in the era of Tesla.

You may also like