Demons in Digital Gold, Part 4
If you have not already done so, please read the introduction to this series.
Reader: I didn’t like Store of value / Vulnerabilities in Store.
Me: What didn’t you like about the post? Style? Too much on KRACK/Spectre?
Reader: No, it was a well-written piece. I didn’t like the conclusion.
Me: OK to disagree with my conclusion! Hopefully it was thought provoking.
Reader: It made me think. I agree with the conclusion. That’s what I didn’t like.
— Feedback from reader left unsettled by DiDG Part 3
Prediction is extremely difficult. Especially when it is about the future.
— Neils Bohr
You need to consider rather than obsess on the unthinkable.
Crazy talk: this post is practical and actionable. Yes, this is a departure from the “big picture sturm und drang” of DiDG parts one, two, and three. This post is about YOUR storage of YOUR cryptocurrencies, a class of vulnerability that you’ve most likely not considered, and what YOU can do by way of mitigation.
The context is your private wallet. That establishes the focus of this post …
- You have a slug of cryptocurrency that you are HODLing, and this slug is significantly valuable to the point that its loss would hurt.
- Security of said cryptocurrency is important to you, and you are not comfortable with the level of security afforded on an exchange.
- You are at peace with “be your own bank” responsibilities, for example: [a] maintaining appropriate OpSec and [b] planning ahead for transfers across the blockchain.
I am working from the assumption that you are familiar with your storage options and their respective pros and cons, as laid out in my earlier series Where can I keep my Bitcoin? (Ether, Litecoin, Dash, Zcash, etcetera).
Real story, real pain
Feel free to skip this section and scroll down to the heading Known unknown: forward compatibility. My pain and suffering are instructive and entertaining, however, so you might want to bear with me and read this section after all.
No better way to demonstrate risks than to make then real, using a story that happened to me — oops! — I mean happened to a colleague of mine. We’ll use “me” in the rest of this story, ya’ know, to protect identities and the like.
I had a slug of Bitcoin safely ensconced in a GREAT wallet called Multibit HD.
Multibit HD ticked EVERY box in Our Bitcoin wallet checklist two years before the exercise of creating that checklist. The Bitcoin I kept in that wallet app was my Store of Value (SoV) BTC as opposed to Spending BTC (seriously, that used to be a thing) or Trading BTC. Therefore, I was NOT using the wallet app on a regular basis.
Along comes the Summer of 2017 Bitcoin Cash hard fork, and I recognize that I have a choice: [a] the manual do-it-yourself route or [b] the transfer BTC to an exchange and let them do it route.
I REALLY wanted to do [a] because from a learning perspective, there is no substitute for getting down to the bare metal. I was self-aware enough to recognize this was a potentially risky route, what with having to export, copy, and import PRIVATE keys and such. So [b] it was for my slug of Bitcoin sitting in Multibit HD: transfer the contents of the wallet to an exchange BEFORE the hard fork. Easy-peasy! Click-click, done-done, kick back and wait to enjoy A Bitcoin Hard Fork is Helicopter Money.
“Hey, Multibit HD is taking it’s own sweet time opening,” I thought, and from there the situation descended quickly to hell. The app would not open. Reboot. It kinda’ opened, but didn’t really open. I reinstalled the app. No joy. Installed the app on a DIFFERENT machine: nada, nix, zilch.
“What about using your ‘wallet words’ to restore to a different wallet app?” students of the aforementioned checklist wonder. Tried that. Didn’t work. Somewhere in my subconscious, I knew there was cheese down that path: Multibit HD was BIP-0032 (hierarchical deterministic wallets) and BIP-0039 (mnemonic dictionary) compliant. Hold. That. Thought.
My step-by-step engineering detective work concluded that Multibit HD was not compatible with Windows Creators Update installed some weeks earlier. Mind you, I waited a full month before installing such a major OS update, because I’m paranoid that way.
‘K, now I faced the unsavory task of rolling back the major OS update. Yeah, that is SUPPOSED to work like a charm. Or it bricks my PC. One or the other, who knows, right? All in all, I was not feeling hella lucky at the time.
Fortunately, my paranoia knows NO BOUNDS when it comes to backups. I perform full-disc-image backups on a monthly basis, and my regimen can recover to a hard drive or … restore directly to a virtual machine (VM).
So, two hours after “Hey, Multibit HD is taking it’s own sweet time opening,” I was staring at a VM window running a PRE-OS-UPGRADE version of my entire system. With Multibit HD running like a champ. Transferred the entire contents of the wallet to an exchange in 15 minutes (seriously, that used to be a thing) with a minimal transaction fee (ditto).
Shortly after the above saga, I read that Multibit is No Longer Supported. Yes, I was intimately familiar with the acquisition, but blissfully unaware that the new owners had neglected to update the codebase for a few months.
Remember “Hold. That. Thought.” above? Multibit HD WAS fully BIP-0032 and BIP-0039 compliant. I chose Electrum as my “rescue wallet” and — fate NOT being on my side at the time — it used a proprietary HD algorithm and its own mnemonic dictionary. Hence the failure using my wallet words to restore to a different wallet app.
Now you will LOVE this: when Multibit was formally put out to pasture, Team Electrum built a friggin’ life raft for Multibit HD survivors and added BIP-0032 and BIP-0039 compliance. While that capability was added after the Bitcoin Cash hard fork, too late for my needs, big kudos to Team Electrum. We have a Bitcoin Wallet, no surprise, is Electrum.
Oh yeah! After the hard fork, I tackled [a] the manual do-it-yourself route with some Spending BTC I had in a separate Bitcoin wallet. I doppelgängered that into BCH in a separate Bitcoin Cash wallet. Woo hoo! Ironically, the “potentially risky route” was completely smooth sailing.
Known unknown: future-proofing
There you have it: “a class of vulnerability that you’ve most likely not considered” in the form of unmaintained code that makes your life hell at some point in the future. This turns out to be a common challenge for corporate IT departments needing to keep legacy applications running … there is no one-size-fits-all solution.
Now let’s be practical: there is no way you are going to adopt my backup regimen, forged by fire in the early 1980s when hard drives regularly crashed (seriously, it was a thing).
We are discussing a known unknown: “things that we know we don’t know.” The key is the KNOWN facet: we can bound the future-proofing problem, despite not knowing how an incompatibility might manifest itself.
What we need is a get-out-of-jail plan.
Sotto voce: I had precisely such a plan with Multibit HD. My wallet words — which can re-create the entire wallet contents thanks to HD — were saved in two very separate and secure locations. My failure was not TESTING the plan in advance of playing the get-out-of-jail card.
That is our future-proofing mitigation in a nutshell:
- A plan to recover from complete software or hardware failure.
- Testing the plan soup-to-nuts, end-to-end, in real life (IRL), periodically.
Wallet app on Mac/PC
If you are using a wallet app, double-check that it is fully BIP-0032 and BIP-0039 compliant. Make sure your wallet words are SAFE AND SECURE, with one copy stored offsite. As you do your securing, keep in mind that a 30-second peek at those wallet words enables someone to steal the entire contents of your wallet at any time in the future. So if you are going to put that index card in a mason jar and bury it in your back yard, make damn certain nobody sees you doing so.
Next, find ANOTHER wallet app from a DIFFERENT source that is also BIP-0032 and BIP-0039 compliant. You don’t need to love everything about this secondary app. For example, you may be a die-hard Mac person and your secondary app may be a Windows app running on your significant other’s PC.
Testing your plan means a REAL test. Download the latest version of the secondary app. Install it, get into ‘recovery’ mode, and enter your actual wallet words. Wait for the app to synchronize and VERIFY that the result (amount of BTC, BCH, ETH, etcetera) exactly matches your primary wallet.
Before cracking open a cold one, you need to COMPLETELY REMOVE all traces of the test. No matter how secure you think it is — maybe you used your primary Mac — that secondary app expanded your “attack surface.” You’ve increased the available avenues to hacking your Bitcoin (et al).
You need to make sure that expanded attack surface is TEMPORARY. Before you uninstall the secondary wallet app, make sure you know exactly where it stored your ‘recovered’ wallet and all associated files. With any luck, everything should be in a single directory that you specified either [a] when you installed the app or [b] when you were in recovery mode.
Uninstall the secondary wallet app, and THEN delete the directory discussed in the previous paragraph. If you want the Cryptography Merit Badge, use a File Shredder app on that directory rather than simply delete it.
Lastly, the often overlooked and always groan inducing part: you need to conduct this soup-to-nuts test of your plan periodically. Monthly is probably overkill and annually is not frequent enough. The importance here is that your plan is vetted — and updated as required — so that you DO NOT find yourself putting the get-out-of-jail plan into action, for example, only to discover that your secondary wallet app doesn’t work (or no longer exists).
Hardware wallet, no worries? Guess again.
Some of you secure your cryptocurrencies in a Hardware Wallet. That is an AWESOME choice, good on you! I am a credentialed hardware guy, so please trust me when I say with a hardware wallet you REALLY need a plan and you REALLY need to test it. A little tutorial to keep everyone in the loop …
A hardware wallet is a small device that stores your private keys AND performs all cryptographic operations that involve private keys. That is to say: your private keys are created INSIDE the hardware wallet and NEVER LEAVE the hardware wallet. Hardware wallets interact with the outside world via USB and a simple user interface.
Technically speaking, a hardware wallet is a tiny embedded computer. They have firmware that is updated from time-to-time, for example, to support a new coin.
As noted, a hardware wallet does not operate in complete isolation. That would be fantastically secure, but damn cumbersome when it came time to perform transactions. Hence the USB connection to a host device with Internet access.
That last sentence above is our focus. We need a plan in case something goes awry in the link between your hardware wallet and the ‘stub’ app and driver running on you Mac/PC/mobile. Hardware wallets usually interface to the outside world via a browser plug-in. And if there is anything dodgier than a Mac/PC app, it is a browser plug-in.
Every flavor of browser on every platform get updated at least once a month. New versions of every flavor of browser are released at a clip that puts new OS versions to shame. All of this patching and updating and versioning ROUTINELY breaks browser plug-ins.
At the time of writing, Tezor and Ledger hardware wallets are fabulously well supported. Let’s hope they stay that way, but you need to PLAN otherwise. Ledger and Tezor wallets are fully BIP-0032 and BIP-0039 compliant. Yup, make sure your wallet words are SAFE AND SECURE, with one copy stored offsite. Given that you’ve made the leap to hardware, consider storing one copy of your wallet words on one of these bad boys.
Hardware wallets provide fabulous security. If you have significant (losing it would hurt) amounts of cryptocurrency that you are HODLing, you should seriously consider a Ledger or Tezor device. And you definitely need a get-of-jail plan, in case sometime down the road:
- Your hardware wallet (the device itself) fails.
- The manufacturer goes out of business (these are startup companies).
- Some strange interaction along the device-browser-OS-host system breaks the operation of your hardware wallet, and there is no ready fix.
- Other shit happens.
I strongly suggest a plan OTHER THAN “I’ll replace my hardware wallet device with a new one.” Even if eBay comes to your rescue in supplying a deprecated device, probabilities are that will not get you all the way home. Along the same lines, “I’ll secure a duplicate backup device” is not viable.
In fact, your secondary wallet should not be a hardware wallet of any flavor. Should an “unknown unknown” manifest itself along the USB link, for example, you could find yourself up a creek. In my humble opinion, your secondary wallet needs to be a wallet app running on a Mac or PC.
With my preferred get-out-of-jail mitigation, you follow all of the same steps above starting with:
- A plan to recover from complete software or hardware failure.
- Testing the plan soup-to-nuts, end-to-end, IRL, periodically.
A do-it-yourself option
For those willing to tackle a modest bit of DIY, consider a “build your own hardware wallet” solution …
- Purchase an inexpensive brand-new laptop PC. Anything that purports to run Windows is fine: you need a minimum or CPU horsepower, memory, and hard drive. You may be amazed what you can get for under $300.
- Wipe out the entire hard drive and install the latest release of Ubuntu LTS (long-term support). Get Ubuntu on your network, but do NOTHING else.
- Install and configure the Electum app (or other trustworthy wallet app).
- OF COURSE, you need to make sure your wallet words are SAFE AND SECURE, with one copy stored offsite.
The important distinction here: this must be a single-purpose machine, and that myopia means that it runs Electrum and NOTHING ELSE. Literally, do not open the web browser, ever. No email, no other apps. Period. These are all potential avenues for malware, and no matter how careful you are with your OpSec, hackers are better attackers than you are defender.
Use a DEDICATED brand-new USB thumb drive as a “go between”: install Ubuntu and Electrum at the onset, and transfer PUBLIC keys back-and-forth as needed for transactions. The USB device DOES present an attack surface, but so long as the thumb drive is dedicated to its go between role, this beats the hell out of the alternatives.
Enhance the security of your Ubuntu laptop with common sense. During installation, encrypt the entire hard drive. Use a strong account passphrase. Store the laptop in a secure manner. Most important of all, only turn on the laptop to run Electrum.
Why go through the DIY effort effectively to build your own hardware wallet? You are taking advantage of the ubiquity and stability of the PC hardware platform. Future-proofing example: a 2018-vintage PC can still boot and run 1984 DOS programs. Sure, there may be unknown unknown flies in this ointment at some point … meanwhile it is stability incarnate.
Your DIY hardware wallet has an important capability beyond any Trezor or Ledger device: it is a COMPLETE solution with Internet connectivity. There is no additional host Mac or PC, and in this simplification we’ve removed TONS of interactions that could go haywire someday.
You ought to keep Ubuntu patched, say, quarterly. There an argument for NEVER patching, though IMHO up-to-date security wins out. Ubuntu LTS releases are supported for five years from initial version, so you likely have a lot of runway before you need to consider updating the OS.
At the risk of stating the obvious, you still need a get-out-of-jail plan. And you need to test that plan IRL periodically. See steps above. The DIY route leaves you with a unique TERTIARY disaster recovery option, thanks to the ubiquity and stability of the PC platform.
Next in the series …
Follow me @Pressed250 on Twitter
Copyright © 2018 Bruce Kleinman. All Rights Reserved.