Hacker News new | past | comments | ask | show | jobs | submit login

Thanks for this excellent easy to follow summary. The only piece I have difficulty to understand is this:

    The new information here is "VNC." It was previously 
    known that at one instant in time Gox proved its 
    reserves by moving all it's BTC in a single 
    transaction. This could be done in a way consistent 
    with what the community thinks "cold storage" should 
    mean; the VNC bit militates against that understanding.
What would be an example of "cold storage" that allows moving all BTC in a single transaction?

And how does the fact that it is accessible via VNC change anything?




What would be an example of "cold storage" that allows moving all BTC in a single transaction?

Have all the private keys stored on a machine which is airgapped. Sign a transaction on that machine; copy the transaction to a networked machine (could be done via e.g. copying a QR code from the monitor with a smartphone or, in extremis, just typing very carefully); release onto the Bitcoin network.

And how does the fact that it is accessible via VNC change anything?

Management has previously said that Gox's cold storage was based on offline copies of the keys being fixed onto paper and held in 3+ locations, sprinkled with some RAID-esque pixie dust. (I promise -- this is the maximally charitable summary.) If they're all available for management via VNC at any given time, that casts some doubt about whether they are actually striped over a bunch of paper wallets. Although the Bitcoin community is primarily worried about a server compromise followed instantly by a wallet draining, putting them on a machine accessible from the internal network is approximately just as dangerous, since one assumes that an attacker who gets the web server owns the entire internal network with probability approaching 1.


Cold storage is storage of BTC private keys that are not connected to any live computer. Therefore anyone who would hack your live computer systems could not steal the cold storage BTC just by a remote hack. They would have to physically break into whatever location contained the keys, and then circumvent any encryption-in-rest that you had wrapping those private keys.

You can also split up control of the keys with multisig, so multiple keys have to come together to move the BTC.

Since most financial institutions only have small fraction of their balance needed to cover their money inflows and outflows, having most of your BTC in cold storage is a best practice.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: