Security Standard Proposed for Bitcoin Exchanges and Wallets
A group composed of developers and security professionals has proposed a set of rules aimed at standardizing security protocols used by companies that handle or store digital currencies for their clients.
The proposal, created by the Cryptocurrency Certification Consortium (C4) and formally unveiled on 11th February during the DevCore bitcoin development conference in Boston, Massachusetts, aims to provide an industry-level standard by which exchanges and wallet providers can operate.
The Cryptocurrency Security Standard (CCSS) draft proposal calls for 10 standardized approaches to key and seed generation, storage and usage, proof-of-reserve and security audits, among other areas. The framework consists of three levels per section, with each grade signifying a higher degree of security based on the proposed guidelines.
C4 offers a bitcoin-focused professional certification test and its board includes Canada-based Bitcoinsultants founder Michael Perklin, Ethereum creator Vitalik Buterin, CryptAcademy founder Russell Verbeeten and Coindroids co-founder Joshua McDougall.
In conversation with CoinDesk, Perklin said that a number of companies in the bitcoin space, including many of those that work with bitcoin security firm BitGo, have expressed active interest in the standards. The proposal was developed in partnership with BitGo, with support provided by wallet service provider Armory.
He said the proposed standard can help set a baseline of security protocols for exchanges at risk of theft or fraud, explaining:
"Up until now, our cryptocurrency industry hasn’t had a similar standard for how to secure cryptocurrencies. Every company has had to sort of 'go it alone' and do what they think is best with respect to securing their funds – and their customers’ funds– which has lead to some good success stories, but also some spectacular failure stories."
An aid for regulators
The release of the proposal comes as governments in countries around the world continue to debate the future of cryptocurrencies.
Perklin said he expects regulators to support standards as they discuss or develop frameworks for cryptocurrencies, particularly among agencies that were prompted to look at the sector after events like the failure of the now-defunct bitcoin exchange Mt Gox.
At the same time, Perklin questioned whether governments are ready to begin regulating bitcoin in the first place, instead advocating for the industry itself to develop solutions that work.
"It’s one thing for government to mandate that the cryptocurrency industry take care when securing the public’s funds," he said. "But frankly they’re still scrambling to learn about cryptocurrencies in the first place."
According to Perklin, the next steps for the CCSS will consist of reviewing and responding to community feedback, which he has described as both positive and constructive.
He cited the response from wallet and exchange service providers as notable, telling CoinDesk:
"We’ve received emails from principals at major exchanges around the world who have reached out to offer their assistance in fine-tuning the draft to make it even stronger and ensure it acts to raise the bar on actual security rather than offer barriers of entry for compliance."
C4 will soon launch a Lighthouse crowdfunding campaign later this month to raise seed capital to support the ongoing development of the standard, Perklin said.
The full text of the CCSS draft proposal can be found below:
Bitcoin Core 0.10 Gives Developers Simplified Access to...
Bitcoin ATM Shutdown Spotlights Regulatory Uncertainty in...