Proposed Bitcoin Vault Feature Could Thwart Malicious Hackers
The feature is still in draft form and would require a soft fork in order to be adopted into Bitcoin Core.
Bitcoin developer James O’ Beirne has been quietly working on a feature that alerts users when someone tries to steal their bitcoin, then thwarts the theft by diverting funds to a more-secure wallet.
The feature is called a vault – a type of Bitcoin smart contract or “covenant” that puts constraints on how a bitcoin can be spent.
Vault users must broadcast two separate transactions in two different blocks before spending their bitcoin (BTC). An alert is issued after the first transaction (which has a time delay), allowing users to either approve the transaction or sweep the coins to an alternative wallet.
The feature requires a soft fork – a backwards-compatible change to the blockchain – and, if adopted, will be represented by the operational code (opcode) “op_vault” in Bitcoin Core, the primary software for connecting to the Bitcoin network.
“The hazard of custodying bitcoin is well-known,” O’Beirne wrote in his draft proposal. “This proposal introduces a mechanism that significantly mitigates the worst-case outcome of key compromise: coin loss.”
What’s different about op_vault?
O’Beirne’s proposal is not the first of its kind. A couple of years ago, Bitcoin developer Jeremy Rubin proposed CheckTemplateVerify (CTV) under Bitcoin improvement proposal (BIP) 119.
Much like op_vault, CTV also uses covenants to create vaults. The key difference is that while O’Beirne’s proposal is designed specifically for vaults, CTV is a more general tool that can be used to create vaults, payment pools and even reduce fees during periods of high transaction volume (a feature Rubin calls “congestion control”).
“CTV is more general than op_vault,” Bitcoin researcher John Light told CoinDesk in an interview. “You can still build a type of vault with CTV, but you can also do other things. You can do congestion control, you can do non-interactive Lightning channel opening. There are a few different applications that Jeremy has experimented with using CTV that aren't vaults.”
Currently, the fate of CTV is unclear. Rubin announced an indefinite hiatus from Bitcoin development last month.
The chatter around op_vault has been steadily increasing, but it’s not clear when the proposal will be merged into Bitcoin Core – if at all. Many proposals are debated and refined for years before being adopted or abandoned.
O’Beirne recommended Speedy Trial – the same process used to activate the 2021 Taproot upgrade – as the preferred method for activating op_vault. Speedy Trial allocates a three-month activation window for the Bitcoin network to reach a threshold of miners who signal support for a proposed upgrade. The upgrade is adopted only if that specific threshold is reached. The use of Speedy Trial isn’t without its detractors, some of whom believe it gives certain groups within the Bitcoin community too much influence.
“Taproot Speedy was a terrible idea,” tweeted Francis Pouliot, CEO of Bitcoin exchange, Bitcoin Bull. “The precedent for soft fork collusion between groups of ‘influential’ devs and miners.”
As to the fate of op_vault over the next few months, Light says “it is too soon to tell.”
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.
Learn more about Consensus 2023, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.