Opinion: How to Prevent a QuadrigaCX Incident from Happening AgainBy James Gong
The unexpected passing of QuadrigaCX CEO Gerald Cotten, whose death left more than $100 million worth of cryptocurrencies locked in limbo, has attracted heated discussion both in the crypto world and the financial industry.
Cotten was the co-founder QuadrigaCX, a well-known Canadian crypto exchange, and was the sole holder of the private key to its cold wallet. When Cotten died suddenly while traveling in India, apparently due to complications from Crohn’s disease, the tokens in that wallet became inaccessible.
The cryptocurrency world is rife with fraud, so there was some suspicion about Cotten’s death and its implications. People have questioned everything about the story, including doubting the authenticity of Cotten’s death certificate. But thus far, the official story is holding up. The news has been widely reported by traditional media, and it’s raising public concerns about the security level of crypto asset escrow.
Regardless of how things play out, the accident has cast a shadow over the entire crypto industry. It has certainly harmed crypto’s already-damaged reputation among outsiders, who now know that their money could potentially be lost due to silly human errors and oversights, in addition to the malicious hacks and intentional fraud that have so publicly burned crypto investors in the past.
But the QuadrigaCX story is a good opportunity to talk about how crypto keys are used to manage assets, and to learn a bit more about blockchain and cryptocurrency.
What are keys?
Typical encryption systems use two parts: a public key and a private key. The public key is a bit like a lock on your door -- anyone who’s walking past can see it, and they know that if unlocked, it offers entry into your house. But it can’t be unlocked without a private key, just like the lock on your door won’t open without your personal, cut-to-fit-that-lock key.
Another way to think about it is like an email address and a password. The public key is your email address, everybody can see it. But nobody can actually get inside it without your password, which is like the private key.
Although this sounds relatively straightforward, teaching cryptography concepts is probably not a promising avenue for pushing blockchain adoption onto the general public. Even if people can understand what a private key is, after all, why should they bother? They already understand how their cash and credit cards work, so learning a new and seemingly complex system isn’t that appealing.
For developers, the best solution may be trying to hide encryption keys rather than explain them, so that users can take advantage of the technology without understanding it. Ideally, one would build a system by which the public could use these tools for security without having to understand them, and without fear of losing them.
The conventional solution: the cold wallet
Conventional wisdom says that a cold wallet, or a wallet disconnected from the Internet, is the safest place to store your tokens. This is also a standard method in the financial sector. But bank users do not need keys to decrypt their accounts. Instead, they use usernames and passwords, and sometimes additional authentication like hardware keys or SMS authentication.
Crypto entrepreneurs have attempted to create similar solutions for token holders. The most popular of these is hardware wallets, which make cold token storage easier and safer. But they’re not always conveniently portable, and making them portable, by putting them into smart watches for example, requires highly detailed manufacturing processes. Moreover, those who already have one smartwatch aren’t likely to switch brands or wear two watches. Building a cold storage solution that’s inside a swappable watch wristband might be better.
There are other problems with smartwatches, too. Their operating systems (most use Android) present one potential vector for attack. Their charging ports, which typically also can transfer data, present another. They’re also quite expensive.
In the bigger picture, hardware wallets also don’t really solve the problem. Though they make storage easier and safer, they still require users to write down a group of mnemonic words, their private key, and if those words are forgotten or lost, chances are that the coins are, too. So while hardware wallets are the current best solution, they’re far from perfect.
The tech solution: chopping keys into pieces
How can you get people to use keys without having to know them? One proposal suggests dividing a key into several pieces, which is possible with Shamir’s Secret Sharing algorithm. By doing this, one could divide a key into multiple pieces and send each to different people. To reconstruct the original key, a minimum number of pieces would be required.
This is an example of a typical multi-signature algorithm, and there are quite a few projects adopting this concept already, distributing fragments of the signatures to the social connections of the holder. As long as your main social network exists, you will be able to recover your password.
For example, one such project is Vault 12, a decentralized, encrypted, and distributed storage network formed by the most trusted family and friends of the holders, each of which holds a piece of a user’s key.
Another example is Tenzorum. It has developed a decentralized key management system to support users with accounts of different decentralized networks. In Tenzorum, a key is divided to fragments via Shamir’s algorithm and encrypted based on the network topology of the Web of Trust. If necessary, users can collect a minimum number of fragments to reconstruct the key and regain access to their assets using the Web of Trust.
Clearly, the idea of saving fragments of keys throughout people’s social networks has some appeal, and ensures that people can recover their assets as long as their social network remains intact.
But a social network isn’t necessarily required. Projects like PlanON turn to Secure Multi-Party Computation (SMPC) to enable multiple parties to keep a key together without mutual trust or understanding. Multi-Party Computation is an important branch in cryptography, the aim of which is to carry out a computing task collaboratively between untrusted parties while protecting their privacy. It is conducted by multiple parties without disclosing the original data to any of them.
In this way, even if the original keys are lost, as they were in the QuadrigaCX incident, it would still be possible to recover them via the pieces distributed in the founder’s network. But despite the work that’s being done on this tech, there is no available, commercially feasible solution in this area so far. Maybe in the future some of today’s attempts can be implemented successfully.
The risky solution: physical cryptocurrency
The idea of physical digital money might seem like an oxymoron, but in theory, tokens could be stored with a “private key” that’s embedded in a special chip. Since the key is needed to access the coins, carrying that chip would be essentially like carrying a physical Bitcoin.
Back when Bitcoin was less well understood, many people unfamiliar with it took the commemorative coins on eBay or Taobao to be real, physical Bitcoins. And in 2015, BTCC actually tried to produce and sell real physical Bitcoins. But back then, the technology was far from mature, and the result was highly insecure. Manufacturers simply printed the private key on one side of a coin and covered it with a sticker. Anyone who saw the private key could easily transfer and steal all the Bitcoins associated with the physical coin, without the holder even knowing. Consequently, the promotion of physical Bitcoin faded from the public’s sight after a brief hype.
But with more and more attention being paid to investment in Bitcoin and other cryptocurrencies, some higher-tech physical Bitcoins are ready to enter the stage. Actually, new-generation physical cryptocurrencies like Tangem and eNotes have already made impressive debuts.
The most common approach is to store a private key in a built-in encrypted chip. While built-in currency can be exported, the private key is permanently unexportable. To confirm the true value of a physical coin, users can use devices like mobile phone to read the number of cryptocurrencies in the coin. It is impossible to fake the number, as it is stored on a blockchain.
The pros and cons of physical cryptocurrencies are quite similar to those of cash. When you lose a physical cryptocurrency, it is irretrievable. On the other hand, it can also be easily guarded in a safe without requirements for any knowledge about computing or cryptography.
In terms of crypto adoption, physical Bitcoin could play a significant role in reducing the barriers to entry, as it allows any average person to purchase, trade, and keep cryptocurrencies in the same way in which they deal with cash. This could greatly expand the number of people involved in the market. The importance of making Bitcoin easier to understand and use cannot be overstated. It will never go mainstream if the public needs to learn cryptography to use it safely.
Using the approach described above, virtually any coin or token can be made physical. This would even be possible for fiat-pegged coins like USDT. Imagine a sum of stablecoins of hundreds of millions of dollars, stored in one small physical coin that is easily transferable! This could be very alluring for some investors, or even of great help in countries whose own legal currencies are extremely unstable.
It’s also worth mentioning that in Satoshi Nakamoto’s white paper “Bitcoin: A Peer-to-Peer Electronic Cash System,” anonymity was described as one of the natural attributes of Bitcoin. In the years since, we have seen that Bitcoin is not as anonymous as it was supposed to be. Physical Bitcoin could serve as the last step to perfect the anonymity of Bitcoin, vesting it with all the advantages of real cash, since there would be no trackable, on-chain data about the offline transactions made with physical Bitcoins.
To facilitate mass adoption of blockchain technology and cryptocurrencies, cryptocurrency must become easier to use and understand. Currently, the common practice is to educate people via cryptocurrency marketing and promotion. But this will not be enough to convert those who are accustomed to traditional financial markets. A better approach would be to de-emphasize the role of keys, and find ways to simplify the experience for end users.