BitPay's security problems proved what the industry had long suspected: we're not mature and we're not professional. Even the biggest companies cut corners on security. Mt. Gox should have been a rec
BitPay's security problems proved what the industry had long suspected: we're not mature and we're not professional. Even the biggest companies cut corners on security.
Mt. Gox should have been a reckoning. That disaster should have forced everyone to build proper security and show the world that bitcoin could work as real money. Bitcoin itself is secure. But the stream of hacks targeting major services tells a different story to outsiders. And for the average person, bitcoin isn't secure at all.
We tell early adopters—the tech-savvy readers who follow cryptocurrency—to use offline wallets and multisig addresses. But telling someone who thinks "The Big Bang Theory" counts as geek culture to do the same thing is a different proposition. Most people expect their bank or PayPal or Apple to handle security. They have no idea how to do it themselves and no desire to learn. If bitcoin is going to matter, it needs centralized exchanges and simple web wallets. You could run a massive education campaign, convince enough people to stash savings in paper wallets. But if you want them to spend bitcoin and help build an actual economy, asking them to download their own blockchain, manage private keys, keep a hot wallet both safe and usable—that's fantasy.
Coinbase, Circle, BitPay, BitReserve, Bitstamp—all of them are simple enough to use. Any reasonably tech-literate person could figure them out. The problem is that each hack erodes trust in all of them. It's harder for me to recommend any of these services to newcomers than it was a few weeks ago.
BitPay absorbed the loss instead of billing customers for it. That's admirable. But when they sued their insurance company, the lawsuit revealed their security practices in discovery. That damage to their reputation matches or exceeds what the hack itself did. Losing bitcoins to a sophisticated attacker is one thing. A hacker getting them because someone gave access to a compromised email account is another.
Hardware wallets like Trezor from Satoshi Labs offer a path forward. They're not perfect—the cost is steep, especially for people in poorer countries—but they point the right direction. For anyone planning a serious bitcoin investment, a hardware wallet beats any other option.
I spoke with Alena Vranova, head of Satoshi Labs, about what the BitPay situation means for bitcoin's future. Satoshi Labs makes the Trezor, one of the most secure and popular hardware wallets around. Vranova came up in traditional finance and insurance, which gives her a useful angle on recent events. We discussed how these hacks affect the industry and what needs to change.
Ian DeMartino: Bitcoin is supposed to lead in technology. The industry attracts tons of technical talent, yet major companies keep getting hacked. Is bitcoin a bigger target than other industries, or is there something wrong with how people are running these companies?
Alena Vranova: I don't think it's specific to bitcoin. The biggest bank heist in history involved roughly $900 million stolen from over 100 banks across two or three years. The banks have no idea where the money went or how to stop it. Hackers social engineer their way into critical systems, then they just sit there mimicking employee behavior. Nine hundred million dollars vanished and the banks don't know what happened. Bitcoin has this built-in advantage—we can prevent this stuff with multisig.
Multisig gets used wrong today. People use it as second-factor authentication. But it's meant for managing shared funds. Everyone should be using it that way, and they're not. BitPay's CoPay looks great and is easy to use, but uptake has been sparse. If you distribute the risk and have actual bitcoin owners hold coins while they use a service, then move them out, you get somewhere different. No single honeypot for hackers to target.
What scares me is all these bitcoin "banks." Give us your coins, we'll take care of them. That's the pitch. Banks don't show their hacks because they bury the cost in the fees you pay. Bitcoin shows everything. You can track every transaction.
We need decentralization. When hardware wallets didn't exist, there was an excuse for centralized services. Now they do exist. People can secure their own money.
DeMartino: Since Mt. Gox, people have talked about decentralized exchanges as a solution. Some have popped up but they struggle with volume and usability. What would make them work?
Vranova: It depends on what data they store. All the big venture money flows toward services that collect data—lots of personal information. That money comes with a marketing budget that tells everyone "come use us, we're great." Some activities don't have that killer argument for investors. It comes down to communication and explaining why decentralized beats Coinbase. That keeps them niche. They can't fund the marketing campaigns. And adoption isn't accelerating, which doesn't help either.
DeMartino: Besides multisig, what should bitcoin companies do to avoid social engineering attacks? Since centralized operations aren't going anywhere, what's the damage control?
Vranova: They can limit a lot. But it all comes down to personal responsibility. If my partner emails asking me to send 1,000 bitcoin to an address, I pick up the phone and verify. You can't force this, but you can push people toward it through training. We built this into myTrezor. Send more than two bitcoins and you get a prompt: verify this address with your contact through another channel—a call or text. You educate and raise awareness. With a hardware wallet, you're protected against almost every digital theft except phishing. Hackers can try to swap in a fake address. If every wallet put in that notification—go verify—we move forward without huge costs.
DeMartino: Do these hacks hurt bitcoin's reputation in the broader tech world?
Vranova: Imagine you're new. You go to Coinbase or Circle, get a free wallet on blockchain.info, everything's simple. Then before you even send your first bitcoin, it's gone. Bitcoin needs intuitive, easy security tools. The professionals should be setting the bar—building what we need, not creating disasters.
DeMartino: Can customers spot a sketchy bitcoin company, or do they just have to hope?
Vranova: I'm biased toward Trezor, but I'd tell everyone to make sure a company isn't holding your bitcoin. Or do some homework on Reddit, ask experienced friends. If it's an exchange, buy your coins and move them to a hardware wallet or something you control. Don't depend on anyone. Bitcoin's core strength is that it's your money. You don't have to keep it with Mt. Gox or any bitcoin bank. Yes, it's convenient—we're used to banks babysitting us. I understand why people do it. But the media should explain that people don't have to. It's their money.
I'm concerned about fallout from BitPay. Not just reputation, but regulators will say "we need laws to stop this" and suddenly things get slower, more expensive, data collection goes up. We spiral back to the old system. Some auditor has your information and history shows big companies can't protect it. I hope BitPay doesn't trigger a regulatory frenzy. Events like this threaten bitcoin. I want it to grow without that weight.
DeMartino: Should bitcoiners who want to avoid regulation have a moral duty to stay away from companies that invite crackdowns through failures like this?
Vranova: Most people don't realize that's even relevant. Core bitcoiners do, but newcomers don't understand their impact. I wouldn't call it a moral obligation. I'd say it's in their interest to act responsibly. They have freedom with bitcoin to use it as they see fit without going backward to the old system. That would contradict everything. Bitcoin stands against the current banking structure.
DeMartino: I was surprised BitPay had insurance at all. Does the traditional insurance model work for bitcoin or should the solution come from within the community?
Vranova: I spent 12 years in banking and insurance. You can get coverage for internal fraud and similar incidents. I haven't read BitPay's specific terms, but I think insurance is the wrong framework. Bitcoin has technological solutions that prevent these thefts. Two-of-five multisig, for example. Two people look at a transaction and use common sense. But how do you expect people to use common sense if regulation forces a certain approach? Education beats regulation. The state should invest in teaching people, not piling on rules and data collection.
DeMartino: So technology should be your insurance instead of an insurance company?
Vranova: Yes. I understand why they bought it—good optics, solid marketing angle. They failed on their actual operations and the insurance company said no, that was a voluntary transaction. I can't judge without seeing their coverage details, but insurance typically covers situations where someone has to overcome obstacles. Voluntary payments made through confusion don't fit that standard. Bitcoin doesn't need insurance companies. We have better tools.
DeMartino: What's next for Satoshi Labs? Is Trezor 2.0 happening?
Vranova: (Laughs) Trezor 2.0 is in discussion and design phase, yes, but I'm not making announcements yet. We have other ideas I can't talk about. It's frustrating because I know what we're building but have to wait to discuss it. There's a difference between how US and European companies operate. The US side has an idea, hypes it, seeks investors. European startups prove the concept works and then—(laughs)—here we are.
DeMartino: You see a ton of that in Silicon Valley.
Vranova: Exactly. I was just in San Francisco, LA, and New York a month ago. That was the biggest difference I noticed between how we operate and how you do.
DeMartino: I saw that Slushpool's hash rate jumped. Any idea why? A few competitors exited and you rolled out new incentives.
Vranova: Hash rate climbed when we started the BIP101 vote. A lot of miners joined because of that. We also invested heavily in the interface design. If you've used our website, it's some of the best out there. I haven't seen another pool with that much data and statistics. It looks good, the infrastructure is solid. The voting helped boost hash rate, but miners stuck around because they realized it's a good place to mine. We're one of the few real pools left. We don't operate our own mining farms or rent hash rate. We provide a service. All the hash rate comes from actual miners who choose us. They mine with us because they want to, unlike pools that run their own farms and then lease out hash rate as a side business.
DeMartino: Last thing: you said multisig is being used wrong. How should it work?
Vranova: Multiple parties co-sign transactions. One person uses CoPay, another uses Trezor, a third uses a different wallet, and you require two of five signatures. Two people have to sign off on shared funds. It shouldn't be that I'm using multisig because one signature is from my wallet and another is from the service provider. It's a shame because multisig is elegant. Companies like BitPay invested in it but don't use it properly. We'd like to thank Alena Vranova for her time. You can learn more about Satoshi Labs and their products at their website.
