Stolen Bitcoin? Anti-Theft Feature Gets Second Life on Sidechains

At its core, bitcoin is about giving users better control of their money.

Often called "programmable money", bitcoin has scripts that limit how future bitcoin transactions can be spent (and that control variables like who can spend them). One such script ensures the correct person is spending the bitcoin by checking if the correct signature was used before unlocking and sending the funds.

This week, Blockstream core tech developer Russell O'Connor revealed he's been testing a couple of new scripts on an Elements Alpha sidechain (which is pegged to the bitcoin testnet) that could add new functionality.

Called "covenants", the new style of scripts potentially opens up possibilities for how bitcoin users can control, or restrict, spending of their money — possibly for their protection. (This is an idea that was previously explored by researchers Malte Möser, Ittay Eyal, and Emin Gun Sirer).

One use case for these scripts is to help users rein in their coins in the case of a hack (an all too common occurrence in bitcoin).

When asked what he thinks of the new covenant work, Eyal said it was potentially a boon to bitcoin users who may be worried about losing their bitcoins or otherwise having them compromised or stolen.

Eyal told CoinDesk:

The idea is notable as a script that can limit how bitcoins can be spent hasn't been implemented in bitcoin before, a fact noted by Eyal.

In particular, there are two new covenant scripts that Blockstream explored, each of which take parameters and outputs whether the script is valid, or whether or not the transaction is currently spendable based on its restrictions.

It's worth noting that bitcoin’s scripting system is currently quite simple for security's sake. There aren't limitless rules in bitcoin right now because new additions can be potentially dangerous and developers note that they take time to test.

This is where sidechains may come in handy, although they are not yet pinned to the main blockchain.

Bitcoin startup Blockstream has been working on these interoperable blockchains for experimenting with new features that could potentially be added to bitcoin since June of last year, and this is an example of how these new chains can be used to test new features.

These new proposed opcodes may work as the foundations for new functionalities, ones that could even come to help stop bitcoin exchanges and users from losing stolen funds.

But while Blockstream is running with the idea, it began with researchers at Cornell.

In February, researchers Malte Möser, Ittay Eyal and Emin Gun Sirer proposed the idea of bitcoin vaults (implemented with their own version of covenants) where users could pull bitcoin back in the case of a hack. (It then gained new life following the hack on Bitfinex, in which the exchange lost nearly 120,000 BTC).

"If the attacker can't gain control of the money, it takes away the motivation for stealing it in the first place," Eyal explained.

But he noted that these two requirements are often conflicting: if a user creates new keys to avoid losing them, that means it's easier for them to be stolen. Meanwhile, if you create a smaller number of total keys, it's easier to lose them.

While Blockstream tested vaults as a potential use case, there might be other future uses for the covenant scripts, including lending.

The idea seems to have been dormant for a while and developers were debating its viability even just a couple of months ago.

But these sidechain tests might mean a step towards implementation.

And while covenants and vaults had drawn some skepticism before (Peter Todd has questioned whether such a functionality should be built in the infrastructure layer of the code at Scaling Bitcoin), there seems to be optimism that it could work.

When asked if the new scripts were safe, Bitcoin Core developer Greg Maxwell responded:

Disclosure: CoinDesk is a subsidiary of Digital Currency Group, which has an ownership stake in Blockstream.

Electronics image via Shutterstock