Bitstamp's wallet breach in January cost its customers nearly 19,000 bitcoins and likely sparked the sharp price decline that followed. Investigators from both the company and law enforcement are stil
Bitstamp's wallet breach in January cost its customers nearly 19,000 bitcoins and likely sparked the sharp price decline that followed. Investigators from both the company and law enforcement are still working the case, with the inquiry expected to drag on for months. Mining Pool spoke with Robert Genito, founder of Wall of Coins, about what occurred and how users might defend their assets better going forward. Wall of Coins operates on a similar platform, so Genito's experience carries particular weight.
The breach's mechanics remained somewhat unclear. Coins disappeared from customer accounts, moving beyond anyone's control. Genito believed attackers penetrated Bitstamp's website, starting through their support forum. He formed this assessment by monitoring his own servers during the attack. His own Bitstamp withdrawal showed "Failed" status, a sign something was wrong. He noticed that "when one market is successfully hacked, the successful action is repeated across many other exchanges, markets, Bitcoin-driven applications." Hackers copy techniques that work.
Wall of Coins' system administrator collected server logs, error logs, and other documentation and sent them to Bitstamp to support their law enforcement investigation. Bitstamp said they'd pass the material along to management.
The fundamental difference between this breach and Mt. Gox's pointed to different vulnerabilities. Mt. Gox's servers were compromised. Bitstamp's wallets were compromised. Both resulted in stolen customer funds.
Genito consulted with Genitrust's head security analyst about which target is harder to breach—wallets or servers. "He basically said it is difficult to answer," Genito reported. His own conclusion was starker. "I believe that it is easier to hack several wallets that are stored on a server that is always online. I truly believe that in the end, the wallet that only exists on a personal workstation is safer."
Cold storage wallets sit offline, where hackers cannot reach them. But this approach assumes several things: the computer generating the wallet was never compromised, whoever created it protected the private keys, and no copy of the wallet contents exists anywhere except on media you control. Paper wallets function this way.
Web wallets hosted by a service work differently. When Coinbase, Circle, or any exchange holds your coins, you accept layered risks. "When you use a website to store your wallet, you are trusting your bitcoin with a company that cannot even trust its own technology," Genito said. The exchange must trust all of its software. It must trust that employees won't steal. Mark Karpeles at Mt. Gox showed how wrong this trust can go. The exchange must accept that hot wallets will be emptied eventually. "This is just too much extra risk," Genito said.
The market's reaction suggested the breach rattled confidence. Bitcoin prices fell. Several factors pushed downward: newer miners liquidating holdings, merchants converting coins to local currency through automated services, traders fleeing into fiat currency. "The losses at BitStamp are indeed a factor along with many other factors," Genito said. This selling pressure carried an ironic benefit: it forced people to use bitcoin rather than hoard it.
Bitstamp said their cold storage was safe but halted deposits to customer wallets. Genito found their language troubling. They stated that "some of BitStamp's operational wallets were compromised, resulting in a loss of less than 19,000 BTC." What did "operational wallets" mean? Were they cold storage or the active website wallets? "BitStamp's verbiage is unclear," he said. Bitstamp almost certainly had procedures for loading hot wallets from cold storage reserves, which likely helped them spot the breach quickly. If they maintained proper separation, perhaps only the operational wallets were drained while cold storage remained untouched.
The numbers supported this reading. Bitcoin traded above $300 when Bitstamp detected the hack. Nearly 19,000 coins at $300 equals approximately $6 million. "Personally, I do not believe that the losses were much greater than 19,000 bitcoin, because I trust that BitStamp is a company with good policies and procedures," Genito said.
Should individuals trust online Bitcoin storage? "For now, absolutely" not, Genito answered. "The industry has a lot of changes to do until online bitcoin storage is a reasonable option." Wall of Coins was pushing for better solutions but needed additional funding.
Wall of Coins and Bitstamp both rely on the Django web framework, Genito noted. Beyond that similarity, everything diverged. "Wall of Coins is safer because it's simple: we use 100% cold storage." Their technical and business processes undergo security review. Staff members use GPG encryption and grasp why it matters. "Not a single one of us possess the ability to steal coins from the system."
Bitstamp's approach was altogether different. Security infrastructure demands spending. Genitrust sells offline workstations for $10,000 each. Bitstamp had raised $10 million in funding—ample for complete cold storage architecture. "Having a cold storage solution, even if you have to hire a team of 50 people, is certainly less expensive than BitStamp's $6 million mistake," Genito said.
Individuals should maintain two wallets. One handles daily or weekly spending on a mobile phone. The other holds savings in paper form or through software like Armory, though both require learning. Genitrust offers a service to generate cold storage wallets securely and review Bitcoin best practices for a fee.
Exchanges must apply this principle at scale. "Anything less than 100% cold storage is inappropriate, unprofessional, and down-right lazy," Genito said. Traditional banks developed security through centuries of dealing with fraud and theft. Bitcoin exchanges should move faster. Eliminate hot wallets on internet-connected servers. Hire teams to manage complete offline storage systems. Wall of Coins demonstrates this works while staying fully transparent—all deposit addresses are publicly listed. "BitStamp's situation should be a lesson to all of us," Genito said.
