As Bitcoin keeps evolving and making mainstream media headlines, either in a positive or negative manner, developers need to come up with new ways to make the digital currency world more secure. After all, we are dealing with people’s finances here, and the current security measures such as hot wallets versus cold storage have proven to be insufficient. So what will the next evolutionary step be for Bitcoin wallet security?
One of the main proposals being tossed around is the implementation of multisignature Bitcoin wallets for any type of funds storage. Multisignature wallets means that no one entity can access all the funds, as at least two people will need to agree on spending funds from a certain wallet. For example, if I and my co-owner were to set up a multisignature Bitcoin wallet, and pay our expenses with the funds, we would both have to agree and “sign off” on executing the transaction before it will take place.
Multisignature security is not limited to just two people though. It is in fact possible to have multiple (as in more than two) parties create a multisignature wallet together. In order to execute a transaction, a majority would have to agree on doing so. For example, with a two-of-three multisignature wallet, at least two out of 3 parties need to sign off on a transaction.
Hierarchical Deterministic Wallet
With the recent surge of new Bitcoin hardware wallets being developed, a lot of people have been introduced to hierarchical deterministic wallets. In fact, we have seen this type of security being implemented in a variety of apps built on top of the Bitcoin block chain, such as the recently released client for GetGems messenger, where users are presented with a 12 word mnemonic.
Technical explanation :
This 12 word mnemonic (which usually consists of common English words, depending on how the developers have chosen to implement it) represents a random 128 bit value, called a “seed”. Why is this so important? It protects weak user-chosen strings such as hello123 as a password for a service or wallet, by slowing down attacks made against the password (such as brute forcing). This “seed” is used after 100,000 rounds of SHA256.
Practical explanation :
A deterministic wallet can be backed up once, and it will stay backed up forever. You can also strip down a deterministic wallet to a small size which could be backed up on paper (with a QR code for example). This also improves to “user friendliness” of backing up your Bitcoin wallet, as it is far less technical compared to more traditional means.
A lot more information on Hierarchical Deterministic Wallets can be found here :
Many people will have encountered an online service where they sign up or sign in by using their social media accounts, such as Facebook, Twitter, or even their google account. While this is a convenient and time-saving solution for the everyday user, it is far from secure as these kind of “authentications” access a lot more of your information than you might think.
BitID wants to solve that problem by offering a Bitcoin address authentication protocol. While BitID will only be “useful” for Bitcoin-related websites for the time being, it offers some interesting possibilities for other platforms as well. No longer will you need to use a username and password, registration can be done with “one-click”, the server you are authenticating with only knows the user’s public Bitcoin address, et cetera.
Signing in/up to an online service can be done by either scanning a QR code with your mobile device or the wallet running on your computer; or by entering the address manually. Once the user chooses his/her Bitcoin address, they will “sign” the full BitID URL with that address’ private key. The signature and public key are then POSTed to the service’s callback URL.
Note from the author : Manual input means users enter their Bitcoin address, sign their address in the Bitcoin wallet on their computer, and then copy the signed challenge on to the website’s form. This requires a bit more work, and will most likely not be used that often. However, it is good to have both options available.
To find out more about BitID : https://github.com/bitid/bitid/blob/master/BIP_draft.md
As mentioned before, there are several alternate Bitcoin clients out there, all offering something that Bitcoin Core does/did not. Bither is a simple and secure Bitcoin wallet, and is available for desktop , iOS and Android users. The main advantage of using Bither is the fact it combines both a hot wallet (for monitoring assets and keeping a small amount of Bitcoins around for spending purposes) and a cold wallet (perfect for saving the bulk of your Bitcoins in an offline capability).
Switching from the hot wallet to the cold wallet in Bither is very easy, as it just takes the scanning of a QR code. A new update on Bither will be coming out in the coming week; which is actually combining all of the above (multisignature, hierarchical deterministic wallet, BitID) and many more features in order to protect users’ bitcoins.
Note from the author : We will do a full review of the current Bither client over the next few days.
The Total Bitcoin Wallet Security Package
Hierarchical Deterministic Multisignature Bitcoin wallets seem to be next evolutionary step for Bitcoin users around the globe. Not only do they combine the best security features to date, but it also randomizes seeds for Hierarchical Deterministic wallets. On top of that, it becomes far more user friendly compared to more “traditional” wallets by making the backup process a lot easier. And by integration BitID technology, developers can access the Bither server API.
Brief overview of the included features :
two-of-three multisignature (as referenced to above)
3 keys (cold wallet, hot wallet, Server access) which are all based on Hierarchical Deterministic technology
The Hierarchical Deterministic seed will be randomized (XRandom)
Access Bither’s API via bitID technology
The convenience of Hierarchical Deterministic wallets (backup) combined with the safety and security of multisignature
Easy to backup your Bither wallet (only one Hierarchical Deterministic Multisig seed)
Bither’s Cold/Hot wallet modes with XRandom integrate seamlessly with Hierarchical Deterministic Multisignature technology
Transactions are signed based on RFC6979 for increased security
Parent public keys of each Hierarchical Deterministic chain (Hot/Cold:Server) will not leave its own device and can therefor not be leaked.
BIP16, BIP32, BIP39, BIP44, BitID, RFC6979, XRandom & Bither (Cold/Hot wallet) make up the compl
ete Bitcoin wallet security package.