Times have been busy in the bitcoin wallet world lately. Two hardware wallets – Trezor and BTChip – have finally shipped, and wallet security continues to mature.
In spite of all this, though, people who should know better are still being robbed because they fail to add more protection to their bitcoin holdings.
To tackle the issue of bitcoin wallet vulnerabilities, it's important to look at the security protections that are currently available for wallets, and to explore what work still needs to be done in the future.
2014 was to be the year of multiple signatures (multisig), according to Gavin Andresen in his 2014 State of Bitcoin speech, and there has been a lot of activity on this front. Multisig allows wallet owners increased security by requiring that a third party sign off on transactions before they're finalized.
This paves the way for third party risk services, said Gary Rowe, CEO of popular bitcoin wallet Multibit:
"If you are buying a £10,000 car or something like that with bitcoin, people might send a text to confirm that transaction."
Multibit is based on Bitcoinj, a Java-based implementation of bitcoin. Bitcoinj now has multisig support built-in, along with pluggable transaction signers. But neither Multibit nor Hive, both of which are based on Bitcoinj, currently support multisig at the time of writing.
Other wallets, such as BitGo and Armory, which are focused more on enterprise users, have built in multisig support.
But we shouldn't pin all of our security hopes on multisig wallets.
"Not everyone will buy into them as being part of the decentralised ethos of bitcoin, so they can't be relied upon as being the only solution to the problem," said Rowe, who added that multisig wallets are also more complex to use than deterministic wallets.
Early bitcoin wallets generated addresses randomly. Bitcoin addresses aren't supposed to be reused, which means that when used properly, there should be many addresses in a single wallet. This makes it difficult to recover those addresses if they are lost.
Deterministic wallets create addresses using a simple multi-word phrase, randomly created by the user. The phrase will also create the same set of addresses.
All of this makes it easier to solve the backup problem, said Aaron Vosine, creator of iOS-based Breadwallet:
"If a wallet is deterministic then your wallet seed is all you need. This seed should be recorded offline as with a long password, or on a secure hardware device locked with an easy to remember pin code."
Now, hierarchical deterministic (HD) wallets are adding another dimension. They create 'trees' of addresses using a seed phrase. Any branch of the tree can be shared with another user, without giving away the whole tree. That makes HD wallets easily exchangeable with others without compromising privacy, and easily replicable.
These are all great developments, but perhaps one of the biggest evolutions this year has been the rise of the hardware wallet. Bitcoinj project leader Mike Hearn lauded the shipment of Trezor:
"It's worth repeating this – there is no more sophisticated financial authenticator device in the world, as far as I'm aware. The standard used by banks in the EU and elsewhere (CAP) isn't as easy to use, and once Trezor integrates support for the payment protocol, it will be more secure than CAP too. US banks don't even get close."
Other wallets are rapidly rolling out support for hardware wallets. Multibit's Trezor integration should be live in a couple of weeks, said Rowe.
Room for improvement
In spite of the strides made this year, there are still significant challenges for wallets.
One of the biggest concerns is malware, said Breadwallet's Vosine. The threat from malware is only likely to increase, and Android has been a hotbed of malware activity.
"I feel strongly that bitcoin-stealing malware is the biggest threat right now, especially for desktop wallets. A not-insignificant portion of the malware being discovered now is bitcoin stealing malware, and yet bitcoin is still very small."
This is another reason to move into hardware wallets, commentators said, but hardware, too, has room for improvement.
Thomas Voegtlin, who created popular bitcoin wallet Electrum, said that he already has support for Trezor, and that BTChip integration is coming soon. The stage is set for the next evolutionary step in hardware wallets, he suggested:
"Hardware wallets are a great advancement over web and desktop wallets, however the current generation still has to trust a host system for block chain data and payment addresses. It will be great once hardware wallets can run SPV verification and payment protocol validation on the secure device."
Nicholas Bacca, creator of BTChip, has created a smartcard wallet which he said cannot be easily recovered by an attacker gaining physical access to the chip.
Bacca said he expects to see virtualisation play a part in the future:
"Look for more hardware wallets implemented in secure elements, and having hardware wallets virtualized into secure environements such as TEEs [Trusted Execution Environments], however I don't believe this virtualization will be available or portable before 2–3 years."
The use of TEEs and the associated Trusted Platform Modules (TPMs) – both of which provide protected hardware areas for the execution of sensitive code – could end up negating the need for hardware wallets, argued Wendell Davis, founder of Hive Wallet:
"I imagine mobile phones will have a kind of TPM at some point, so that could be the nail in the hardware wallet's proverbial coffin."
People also want to carry around fewer devices, rather than more, he asserted, adding that they tend to opt for less secure but more convenient options.
Phone companies are already trying to marry security and convenience, in the form of biometrics; Breadwallet will soon have support for Apple's TouchID, Vosine said.
Multibit's Rowe isn't a big fan of biometrics. He said he worries that fingerprints, voice recognition and even iris scans can be compromised. In any case, the accuracy rate isn't perfect, he warned, which makes it difficult for widespread adoption.
Vosine, on the other hand, is putting a limit pin code on the phone to avoid people copying fingerprints and hacking a phone. Hearn has also considered using an NFC 'badge' that someone can wear in their pocket to help verify the phone that they're using.
As all of these security measures make their way into wallets in one form or another, where does this leave Bitcoin-Qt, the reference wallet created by the core developers? In the past, Bitcoin's lead developer has indicated that Bitcoin-Qt would be spun off from the core project.
It may be significant that recent releases of the bitcoin daemon – the underlying bitcoin code that keeps the network running – can now be compiled without bitcoin functionality at all.
The delta between the reference implementation and other wallets in the field is growing, warned Hearn:
"Bitcoin-Qt still isn't even HD, let alone pluggable multisig HD, so I think we'll see this wallet fall further and further behind."
Atop all of this, we still have the usability problem to contend with. There's always a tradeoff between security and convenience, and the same is true with secure wallets, Hearn warned:
"For instance Bitcoin Authenticator is pretty straightforward, but you still have to scan a QR code from your phone, write down a couple of 12-word wallet seeds, and so on. It can be made simpler but this is an ongoing challenge."
One of the biggest problems, according to Hive Wallet's Davis, is that people still fail to follow even basic security guidelines with wallets.
"We know that an absolutely appalling number of users simply ignore the two lines of instructions about writing down their seed phrase. They just breeze forward and ignore the warning, marked in red," Davis explained.
Bitcoin wallets are more secure than ever before, and in many cases, already far more secure than the banking industry's arcane credit card system, in which you give merchants your name, credit card details, and even your secret code – and often over the Internet.
Nevertheless, there is more work to be done. The tools can be improved, yes – there is always another technical trick to add. But at this point, when technical security is outpacing that in conventional financial industry, it may be user behaviour that needs enhancing.
Bitcoin security image via CoinDesk