A Long-Secret Bitcoin Key Is About to Finally Be Revealed
A long-held bitcoin secret is about to be revealed.
No, it’s not the identity of Satoshi Nakamoto, it’s a private key the cryptocurrency’s creator entrusted to several bitcoin developers that activates the protocol’s so-called “alert system,” once used to flash a text warning to those running the software in case something happened that could impact the security of their funds.
If you didn’t know bitcoin had a warning system like this, that’s because it was retired in 2016 due to security concerns and frequent confusion about its use.
“The alert system was a frequent source of misunderstanding about the security model and ‘effective governance,'” well-known Bitcoin Core contributor Greg Maxwell wrote in a public email from September 2016.
In short, some in the bitcoin community thought it could be used to change that network rules that unite users, which isn’t really the case. For example, a BitcoinJ developer once wanted to use the key to control fees, while a Bloq staffer pressed for Bitcoin Core developers to use the key to change the network’s mining difficulty.
Plus, developers were worried that if the wrong person got ahold of the key, they could broadcast false messages or potentially cause panic.
As such, to some, the reveal – being undertaken by Bitcoin Core contributor Bryan Bishop – is a long time coming.
“Folks, it’s going to be an interesting show,” Bishop tweeted, followed by a string of tweets cryptographically proving he’s in possession of the secret key, without fully revealing it quite yet.
The reveal is the final step to destroying the system. After Bitcoin Core developers released new code in 2016 without the alert system, in January 2017, a “final alert message” was broadcast, which – by law of the code – made that message unable to be overridden by any other messages in the future.
Still, the private key needs to be displayed publicly so there’s no possibility of reputation attacks against those developers that hold it.
Bishop told CoinDesk he plans to release it soon, though he’s not sure about the exact date, adding:
“It’s time. I’m thinking about releasing the private key early July at Building on Bitcoin, though it’s not finalized yet.”
Danger for altcoins
Still, it isn’t as easy as it sounds.
Revealing the key is potentially dangerous for any cryptocurrencies that used an older version of bitcoin’s code to create their cryptocurrency and have not disabled the alert key mechanism in their own code.
“If the copycats have not disabled the alert system, nor changed the alert key [public key], and if they have not sent what’s known as a final alert message, then once the [bitcoin] keys are released, anyone will be able to send alerts on those [other] networks,” Bishop told CoinDesk.
It’s happened before actually. Litecoin creator Charlie Lee recounted on Twitter just last week how the lesser-known Feathercoin protocol (which copied litecoin’s code) received litecoin’s alert about upgrading to the latest litecoin client.
And while that isn’t a particularly nefarious example, Bishop said, controlling what alert messages are sent on various networks “sounds dangerous.”
As such, in Maxwell’s 2016 email, he said he had spent and would continue spending some time searching through other cryptocurrency codebases. If they were found to contain the alert key code from bitcoin, he vowed to notify those projects to remove that code.
“At some point after that, I would then plan to disclose this private key in public, eliminating any further potential of reputation attacks and diminishing the risk of misunderstanding the key as some special trusted source of authority.”
Reputation on the line
But, two years later, neither Maxwell – nor any other Bitcoin Core developer – has revealed the key.
“It’s something we have wanted to release for a few years. Nobody took any action, though,” Bishop said.
But by now, the projects susceptible to this vulnerability have had time to remove the code and upgrade. Although, some of those projects might not have developers anymore, even though users and still trading and using the cryptocurrencies, which could mean there’s been no update.
That said, Bishop’s giving these projects one last chance by sending messages on Twitter and through other channels.
Adding pressure that could prioritize the reveal, though, is that Bishop and others are worried about attacks on their reputation. For instance, if the private key was compromised and used to sign a message with bad intentions, it could be blamed on one of the Bitcoin Core developers who’s known to have the key.
“Nobody knows the full list of people that have access to the private key. A message could be signed by the private key, and the secrecy is a liability because some of the people who have the key are known in public to have the key,” Bishop said, pointing to the fact that those with the key that are unknown could blame people who are known to hold the key for nefarious messages.
Bishop recently used the alert key (without revealing it) to sign a simple text message that he then tweeted out, displaying how it could be used to trick users or cause confusion within the community.
Plus, he told CoinDesk, there are other long-standing vulnerabilities within the alert key setup that he plans to disclose when he reveals the key to the public.
As such, Bishop concluded:
“It would be better if the key was released.”
Antique keys image via Shutterstock
Abandoned Intel Manufacturing Complex Bought for $13M to Mine Bitcoin
New 85,000 Square Feet Mining Operation
3G Venture II, a California-based company, has paid $13 million for a big chuck of an abandoned Intel chip manufacturing complex at Garden of the Gods Road in Colorado. The owner of the company, John Chen from Los Angeles, reportedly plans to use the facility to mine bitcoin. The deal includes 30 acres and over 700,000 square feet in several buildings, with bitcoin mining planned for three buildings, totaling about 85,000 square feet, and the rest planned to be leased to others.
Michael Palmer, a broker with Quantum Commercial Group who marketed the real estate, revealed that the electricity network installed for Intel’s needs was especially alluring for the miner. The complex includes an on-site substation, two separate power feeds, and the new owner also asked Colorado Springs Utilities to increase capacity to the site, he said. Besides that, the location’s cheap energy prices have long attracted companies to enter the area, including for establishing data centers by Progressive Insurance, FedEx and Walmart, according to the Colorado Springs Gazette.
One Mining Farm Is Enough?
Earlier this month we reported about a town in New York that welcomed a new giant mining facility at a former aluminum smelting plant. The main reason for that was the promise of over 150 jobs that were estimated to be added to the local economy as a result of the opening of the facility. However, it appears that there is less enthusiasm about the new industry in Colorado Springs as they don’t expect it to create many jobs.
Dirk Draper, president and CEO of the Colorado Springs Chamber of Commerce & EDC, said the group didn’t seek out the miner, and instead just cooperated with him after he showed interest in the Intel complex. Moreover, the Chamber & EDC doesn’t plan to attract more such companies, he said. “While it is beneficial for some segments of the community to have the large base power users, and we understand that and are supportive of it, our focus is more on the employment side,” Draper explained.
Written by Bitcoin.com
Andreessen Horowitz Has Launched a $300 Million Crypto Fund
Silicon Valley investment powerhouse Andreessen Horowitz (a16z) has launched a new $300 million fund focused on cryptocurrencies.
The fund, as explained in a blog post published Monday, will be named “a16z” and will notably feature former federal prosecutor and Assistant U.S. Attorney Kathryn Haun as one of its co-leads. Haun has also been named as the firm’s latest general partner.
That the investment firm would move to vastly expand the scope of its activities in the industry is unsurprising, given the millions it has poured into projects and protocols built around a range of use cases. Andreessen Horowitz has also invested in a number of notable startups, including crypto exchange Coinbase.
General partner Chris Dixon indicated in the post that the crypto-fund would take a decidedly long-term tack in its investments.
“We’ve been investing in crypto assets for 5+ years,” he wrote. “We’ve never sold any of those investments, and don’t plan to any time soon. We structured the a16z crypto fund to be able to hold investments for 10+ years.”
Dixon went on to add:
“We plan to invest consistently over time, regardless of market conditions. If there is another ‘crypto winter,’ we’ll keep investing aggressively.”
In another hint at the fund’s overall thesis, Dixon said that a16z would focus its efforts on projects with a “non-speculative use case.”
“We want services powered by crypto protocols to be used by hundreds of millions and eventually billions of people,” Dixon wrote. “Crypto tokens are the native asset class of digital networks, but their value is driven by the underlying, practical uses cases.”
Image via Shutterstock
Written by Coindesk.com