<img width="700" height="300" src="http://i0.wp.com/about.bitwa.la/wp-content/uploads/2016/08/Bitwala-Wallet-BitGo-4.jpg?resize=700%2C300" class="attachment-post wp-post-image" alt="Bitwala Bitcoin Wallet Bitgo" />
<blockquote>You're moving to Ghana?</blockquote>
Ebola had reached its peak and the whole world was freaking out.
I'd just accepted a volunteering job teaching code in Accra and to the average news-reader, moving to West-Africa was dangerous.
Guess what? Ebola never made it to Ghana.
<a href="http://about.bitwa.la/wp-content/uploads/2016/08/ebola_-_Explore_-_Google_Trends.jpg"><img class="wp-image-2356 size-medium" src="http://about.bitwa.la/wp-content/uploads/2016/08/ebola_-_Explore_-_Google_Trends-300x95.jpg" alt="ebola_-_Explore_-_Google_Trends" width="300" height="95" /></a>
<a href="http://about.bitwa.la/wp-content/uploads/2016/08/bitgo_-_Explore_-_Google_Trends.jpg"><img class="wp-image-2357 size-medium" src="http://about.bitwa.la/wp-content/uploads/2016/08/bitgo_-_Explore_-_Google_Trends-300x95.jpg" alt="bitgo_-_Explore_-_Google_Trends" width="300" height="95" /></a>
<h2>BitGo was not hacked</h2>
Just like with Ebola, my peers were shocked that we choose to launch a wallet services using a provider that was recently "hacked".
BitGo was the wallet software used by Bitfinex who <a href="http://www.coindesk.com/bitfinex-most-user-funds-offline/">lost $60m of its customers' funds</a>.
The bitcoins were stolen from a BitGo wallet, so it's their fault, right? Wrong.
The problem arose not from the BitGo software, but how it was implemented.
<h2>Multisig wallets can still be hot wallets</h2>
<a href="https://en.bitcoin.it/wiki/Multisignature">Multisignature wallets</a> are great for bitcoin businesses. It refers to a setup where more than one private key is needed to move bitcoin.
Jan, Jörg and I are 3 co-founders. If we ever need to manage bitcoin for our customers, we'd probably set up a cold wallet requiring 2-of-3 keys to access the funds. This means that if one of us goes rogue, or is about to be sexually assaulted by a group of skinheads (watch Mr. Robot), it still wouldn't be enough.
Before multisig, we probably would have each had a copy of the same key, meaning that only one of us has to be compromised to steal user funds.
<a href="http://about.bitwa.la/wp-content/uploads/2016/08/581_19__Bitfinex_-_Bitcoin__Litecoin__and_Ethereum_Exchange_and_Margin_Trading_Platform.jpg"><img class="wp-image-2343 size-medium" src="http://about.bitwa.la/wp-content/uploads/2016/08/581_19__Bitfinex_-_Bitcoin__Litecoin__and_Ethereum_Exchange_and_Margin_Trading_Platform-248x300.jpg" alt="This is still on Bitfinex's frontpage" width="248" height="300" /></a>
The Bitfinex setup allowed the attackers to gain access to at least two keys. If two-of-three keys were on the server or stored in a database, an attacker would have everything they need.
<h2>Ok, it's a little more complicated</h2>
BitGo offers an <a href="https://www.bitgo.com/api/">API</a> to create multi-sig wallets. For each wallet, there are 3 keys:
<h3>The user key</h3>
<ul>
<li>Generated on the user's machine</li>
<li>Encrypted with a password on the user's machine</li>
<li>Sent to BitGo.</li>
</ul>
<h3>The backup key</h3>
<ul>
<li>Generated on the user's machine</li>
<li>Encrypted with a password on the user's machine</li>
</ul>
<h3>BitGo key</h3>
<ul>
<li>This is generated and stored by BitGo</li>
<li>BitGo will co-sign any transaction sent to it via an authenticated API request</li>
</ul>
<h2>Let's ask some questions</h2>
<b>BitGo has two keys? Can't they steal my bitcoins?</b>
Yes. No. They do have two keys, (user and BitGo keys) but the user key is encrypted, and without the password they can't use it to access your Bitcoins.
<strong>What if BitGo gets hacked?</strong>
No problem. When you created a wallet, you downloaded your backup card and made a note of your password to allow for <a href="http://about.bitwa.la/knowledgebase/recovering-your-bitcoin-wallet/">recovery of funds</a>.
<strong>What if Bitwala goes bankrupt or just wants to have a really expensive party?</strong>
We appreciate your faith in us. See previous answer ^^.
<strong>Could what happen to Bitfinex happen to Bitwala?</strong>
To the best of our knowledge, this is impossible. Bitfinex is an exchange which needs to be able to move its users funds around without them authorising every transaction. We offer a wallet and don't need to make transactions on your behalf.
We don't have access to your Bitcoins. Your private keys are generated and encrypted in your browser. The information needed to access your bitcoins is never stored in our database or passes through our servers.
<h2>Is BitGo completely innocent?</h2>
BitGo have had a real rough time and their reputation will never fully recover, but do they deserve this?
They received signed transactions and properly authorised requests. They were simply 'following orders'.
As someone who's implemented their software, they could've done a few things better:
<h3>They should've noticed something was going on</h3>
BitGo lets you set <a href="https://www.bitgo.com/api/#set-policy-rule">wallet policies</a>, but regardless of whether Bitfinex implemented this or not, there should've been some kind of alarm with such abnormal behaviour.
<h3>Their API documentation points you to an insecure implementation</h3>
tl;dr It's way easier and faster to do things insecurely and the API seems to encourage this.
<a href="http://about.bitwa.la/wp-content/uploads/2016/08/BitGo_API_Reference1.jpg"><img class="wp-image-2347 size-full" src="http://about.bitwa.la/wp-content/uploads/2016/08/BitGo_API_Reference1.jpg" alt="BitGo_API_Reference" width="926" height="268" /></a>
The BitGo documentation encourages you to use the simpler methods to create a wallet.
To be allowed to communicate with BitGo's API, you need to authenticate yourself. You can either:
<ul>
<li><strong>Wallet per BitGo User</strong> - Have users create their own account via the BitGo website (one wallet per BitGo user)</li>
<li><strong>Segregated wallets </strong>- Create an authentication token (one BitGo user with many wallets)</li>
</ul>
The first option is a complete no-go for startups. We want users to stay on our page and feel connected with our brand. How unsexy is it to ask users to go visit another site and come back when they've created a wallet?
Therefore, the authentication token is the only way to go. It's less secure, as you can use that single token to authenticate all of the wallets for the user.
If you want to ensure that you never store or have access to the data needed to access your customers' bitcoin, it's actually quite complicated. This is what we do:
CLIENT
<ul>
<li>Generate user key</li>
<li>Generate backup key</li>
<li>Encrypt both keys with password</li>
</ul>
SERVER
<ul>
<li>Request BitGo create a new key</li>
<li>Send public key to client</li>
</ul>
CLIENT
<ul>
<li>Put the three public keys together</li>
</ul>
SERVER
<ul>
<li>Use 3 public keys to create a wallet</li>
</ul>
All these steps can be replaced by one line of code <a href="https://www.bitgo.com/api/#create-wallet-with-keychains">create wallet with keychain</a>. This method should be run on the client, but this is impossible unless you authenticate in (inappropriate for nearly all companies) <strong>Wallet per BitGo User</strong> model, as otherwise authentication has to be done on the server.
<h2>Are they the right choice for Bitwala?</h2>
Yes. BitGo is an extremely convenient and secure system when properly implemented.
What do you think of BitGo and multisignature wallets? Let us know in the comments.
<p style="text-align: center;"><a class="cta" title="Create your wallet" href="http://my.bitwa.la/bitcoin" target="_blank">Create your wallet</a></p>
hiveblocks