by Avivah Litan | February 5, 2019 | Comments Off on QuadrigaCX: Don’t confuse suspect exchanges with blockchain technology
The incident at QuadrigaCX reminds us that no matter how secure a technology is, the weakest security link is almost always the people who interface with the system. QuadrigaCX is a major cryptocurrency exchange in Canada, and the alleged death of its founder — the only person reportedly to have possession of the password to their crypto funds – resulted in the inability of 115,000 clients to retrieve some $190M in holdings. See After founder’s sudden death, cryptocurrency exchange can’t access $190 million in holdings
The lawyers and the courts will inevitably figure out what happened, but in the meantime, this incident should remind enterprises that they:
- Should only do business with ‘more reputable’ (i.e. regulated) exchanges whenever possible. QuadrigaCX was not regulated, according to this article QuadrigaCX Review: Complete Beginners Guide, which also ominously pointed out that “As a result, it’s difficult to know exactly how long the exchange has been in operation or who the individuals behind QuadrigaCX are. The exchange is not transparent and the exact background of the company remains something of a mystery.”
- Need to zealously protect and secure private keys that give users access to their cryptocurrency funds, including when those funds are kept in cold storage with more complex and secure access management processes.
In our recently published research note How to Prevent or Mitigate Ransomware Attacks That Demand Payment in Blockchain Cryptocurrency we presented best practices for organizations who wanted to set up cryptocurrency accounts and wallets in the event that they want to make ransomware payments to the hackers (only after the victims consult with their legal department and other business executives). We accordingly recommended only doing business with ‘reputable’ exchanges, and securing private keys using sensible and strong security practices.
In that note we defined reputable exchanges as follows:
What Is a Reputable Cryptocurrency Exchange?
In the world of finance, “reputable” means regulated by government when it comes to the legal protection of consumers from loss of money due to fraud.
Around the world, regulation of cryptocurrency exchanges is very patchy…..
….. In the U.S., the Securities and Exchange Commission (SEC) requires that platforms trading digital assets that meet the definition of a security must register with the agency as exchanges, according to a statement issued on 7 March 2018. Cryptocurrency exchanges would therefore be governed by the same rules as traditional exchanges…
Regarding security, we recommended backup key management when we wrote about hardware wallets and how to best secure them (see below):
Hardware Wallets that Enable “Cold Storage”
The most secure type of cryptocurrency wallet — but also the most technically complex — secures the wallet, containing the user’s private key, in an offline mode. Offline storage of keys (offline wallets), enable what is known as “cold storage,” which is most commonly implemented using a hardware wallet or dedicated device, such as those made by Trezor and Ledger. (Cold storage wallets can also be implemented on paper or a separate USB device, for example.)
Hardware wallets are designed to protect a user’s private keys from online and offline risks, so the keys are kept off the internet and transactions are confirmed in the device. Transactions and security handshakes occur over an internet connection on a browser running in a connected endpoint, but the encrypted transactions cannot, theoretically, be read or manipulated by any process running on the infected computer. This means that transactions using a hardware wallet connected to an infected computer will not be impacted by the infected computer.
Access to a hardware wallet can be further secured by multifactor authentication. Transactions made using hardware wallets can be further secured with multisignature features, depending on the specific wallet features.
Three aspects of these wallets make them difficult for the average organization or user to use:
- Method of key recovery when hardware wallets are lost: If users lose their hardware wallet devices, they lose access to their cryptocurrency funds, unless they can recover the keys. Hardware wallet manufacturers give users complex and secure methods to recover keys — for example, by knowing the values of 24 different word codes. These word codes must be written on hard paper (never stored electronically) and stored in a safe place that only authorized users can access.
- In this example, different people should possess different sections of the 24 word codes. These sections must be securely stored in different physical locations, based on the number of persons who possess parts of the key recovery code words.
Blaming blockchain or cryptocurrency for the failings of an exchange is akin to blaming the fiat money transfer system for losses that occur when a corrupt bank launders stolen money through it. The technology is not corrupt nor is it broken – it’s usually the people who interface with it that cause the problems and the losses.
Blockchain is no different. There’s no decentralized blockchain consensus around who is entitled to run an exchange. Maybe there should be…
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.