The	
  Future	
  of	
  Bitcoin	
  
Security	
  
	
  
Will	
  O’Brien,	
  CEO	
  BitGo	
  
TNABC	
  Miami	
  
January	
  18,	
  2015	
  
www.bitgo.com	
  -­‐	
  @BitGo	
  
Copyright	
  ©	
  2014	
  BitGo,	
  Inc	
  	
  1	
  
Who	
  Am	
  I?	
  
•  Will	
  O’Brien	
  
•  CEO	
  &	
  Co-­‐Founder	
  of	
  BitGo	
  
•  FinTech,	
  trading	
  plaQorms	
  and	
  capital	
  markets	
  
•  Startups	
  and	
  mid-­‐size	
  companies	
  in	
  consumer,	
  
payments,	
  video	
  games,	
  and	
  media	
  
•  Computer	
  Science,	
  Harvard;	
  MBA,	
  MIT	
  Sloan	
  
•  Obsessed	
  with	
  Bitcoin	
  since	
  2012	
  
•  will@bitgo.com;	
  @willobrien;	
  @BitGo	
  
Copyright	
  ©	
  2014	
  BitGo,	
  Inc	
  	
  2	
  
About	
  BitGo:	
  Securing	
  the	
  World’s	
  Bitcoin	
  
Leading	
  Bitcoin	
  security	
  pla3orm	
  and	
  pioneer	
  in	
  
mul5-­‐sig	
  technology	
  
Launched	
  the	
  world’s	
  first	
  mul[-­‐sig	
  wallet	
  in	
  August	
  2013	
  
$14m	
  in	
  total	
  funding	
  from	
  veteran	
  investors	
  and	
  finance	
  
luminaries	
  
Copyright	
  ©	
  2014	
  BitGo,	
  Inc	
  	
  
Our	
  products:	
  
•  BitGo	
  Enterprise	
  
•  PlaQorm	
  API/SDK	
  
3	
  
Why	
  Customers	
  Choose	
  BitGo	
  
Family	
  offices	
  
Hedge	
  funds	
  
Bitcoin	
  miners	
  
Marketplaces	
  
Exchanges	
  
•  Secure	
  storage	
  &	
  
transac[ons	
  
•  Corporate	
  treasury	
  
policies	
  
•  Mul[-­‐user	
  wallets	
  
•  Financial	
  repor[ng	
  &	
  
audit	
  capabili[es	
  
•  PlaQorm	
  API	
  
Copyright	
  ©	
  2014	
  BitGo,	
  Inc	
  	
  4	
  
Copyright	
  ©	
  2014	
  BitGo,	
  Inc	
  	
  5	
  
Overcoming	
  Early	
  Concerns	
  About	
  Security	
  
Copyright	
  ©	
  2014	
  BitGo,	
  Inc	
  	
  6	
  
“$1.2M	
  hack	
  shows	
  why	
  you	
  should	
  never	
  store	
  bitcoin	
  on	
  
the	
  internet.”	
  	
  
“From	
  treasure	
  to	
  trash:	
  Man	
  tosses	
  out	
  bitcoin	
  wallet	
  on	
  
hard	
  drive	
  worth	
  $9	
  million.”	
  	
  
“To	
  achieve	
  wider	
  adop[on,	
  bitcoin	
  needs	
  to	
  address	
  
significant	
  issues	
  related	
  to	
  security…Mt.	
  Gox	
  was	
  like	
  a	
  bank	
  
storing	
  valuables	
  in	
  the	
  lobby	
  entrance.”	
  
“Some	
  see	
  the	
  security	
  issues	
  as	
  teething	
  pains,	
  but	
  it	
  is	
  
possible	
  that	
  the	
  security	
  of	
  the	
  core	
  transac[ons	
  technology	
  
will	
  be	
  outweighed	
  by	
  the	
  insecurity	
  around	
  the	
  
core...almost	
  10%	
  of	
  all	
  Bitcoins	
  have	
  been	
  stolen	
  or	
  seized	
  
as	
  part	
  of	
  a	
  criminal	
  venture	
  in	
  the	
  last	
  year.”	
  
Does	
  This	
  Even	
  Qualify	
  as	
  “Digital”	
  Currency?	
  
Copyright	
  ©	
  2014	
  BitGo,	
  Inc	
  	
  
The Bloomberg reporter opened up his paper
wallet to show the private key, and, not too
surprisingly, the funds were quickly stolen.“
”	
  
7	
  
We	
  Need	
  a	
  Secure	
  Bitcoin	
  Ecosystem	
  
Copyright	
  ©	
  2014	
  BitGo,	
  Inc	
  	
  
Financial	
  
Services	
   Payment	
  
Processing	
  
Wallets	
  &	
  
Vaults	
  
Trading	
  &	
  
Exchanges	
  
Mining	
  
Consumer	
  
Apps	
  
8	
  
Copyright	
  ©	
  2014	
  BitGo,	
  Inc	
  	
  
“This	
  is	
  the	
  year	
  of	
  the	
  mul[-­‐signature	
  wallet.”	
  	
  
-­‐-­‐	
  Gavin	
  Andresen,	
  chief	
  scien[st	
  of	
  the	
  Bitcoin	
  Founda[on,	
  May	
  2014	
  
9	
  
Copyright	
  ©	
  2014	
  BitGo,	
  Inc	
  	
  10	
  
19frDKN7XwWL2wwhz35as7PtRFcL4vCNYG!
335Zc8furTKgD32bWewYwGYGai7sMrtKse!Multi-sig! J!
Not multi-sig L!
2-­‐of-­‐3	
  HD	
  Mul[-­‐Sig	
  Wallet:	
  Key	
  Genera[on	
  
and	
  Distribu[on	
  
Copyright	
  ©	
  2014	
  BitGo,	
  Inc	
  	
  11	
  
BitGo	
  Key	
  
•  Generated	
  and	
  stored	
  by	
  
BitGo	
  
•  Stored	
  in	
  BitGo	
  key	
  server	
  
•  Used	
  to	
  co-­‐sign	
  all	
  
blockchain	
  transac[ons	
  
Customer	
  Key	
  
•  Generated	
  and	
  stored	
  by	
  
customer	
  using	
  BitGo	
  tools	
  
•  Archived	
  with	
  encrypted	
  
keycard	
  
•  Used	
  to	
  ini[ate	
  all	
  
blockchain	
  transac[ons	
  
Backup	
  Key	
  
•  Generated	
  offline	
  using	
  
BitGo	
  secure	
  tools	
  
•  Archived	
  cold	
  
Analogy:	
  Origins	
  of	
  SSL	
  the	
  Standard	
  
Copyright	
  ©	
  2014	
  BitGo,	
  Inc	
  	
  12	
  
Mul[-­‐Sig	
  as	
  an	
  Emerging	
  Standard	
  
•  Based	
  on	
  P2SH	
  (BIP	
  16)	
  
•  Build	
  it	
  internally	
  or	
  use	
  a	
  security	
  plaQorm	
  provider	
  
Key	
  Tenets:	
  
•  Funds	
  held	
  on	
  blockchain	
  in	
  mul[-­‐sig,	
  not	
  in	
  cold	
  pools	
  
•  Maintain	
  independent	
  audi[ng	
  of	
  holdings	
  
•  Enable	
  customer	
  segregated	
  accounts	
  (where	
  appropriate)	
  
•  Set	
  corporate	
  treasury	
  policies	
  and	
  protec[ons	
  
•  Leverage	
  security	
  of	
  mul[-­‐ins[tu[onal	
  key	
  distribu[on	
  
–  Use	
  a	
  3rd	
  party	
  co-­‐signer	
  on	
  transac[ons	
  
–  Store	
  backup	
  key	
  with	
  a	
  custodian	
  
Copyright	
  ©	
  2014	
  BitGo,	
  Inc	
  	
  13	
  
Copyright	
  ©	
  2014	
  BitGo,	
  Inc	
  	
  14	
  
The	
  Emergence	
  of	
  Mul[-­‐Sig	
  Exchanges	
  
Bitcoin	
  Wallets	
  Adopt	
  Mul[-­‐Sig	
  
Trac[on	
  in	
  Mul[-­‐Sig	
  in	
  2014	
  
Copyright	
  ©	
  2014	
  BitGo,	
  Inc	
  	
  15	
  
Source:	
  p2sh.info	
  
The	
  Future	
  of	
  Bitcoin	
  Security	
  
Copyright	
  ©	
  2014	
  BitGo,	
  Inc	
  	
  16	
  
Read	
  more….	
  
•  hrps://medium.com/@willobrien/its-­‐[me-­‐to-­‐end-­‐the-­‐cold-­‐storage-­‐ice-­‐age-­‐and-­‐
adopt-­‐mul[-­‐sig-­‐8589733c9fd6	
  
•  hrp://www.coindesk.com/2014-­‐became-­‐year-­‐mul[sig/	
  
Thank	
  you.	
  
Copyright	
  ©	
  2014	
  BitGo,	
  Inc	
  	
  
Contact	
  us:	
  
will@bitgo.com	
  	
  
sales@bitgo.com	
  
www.bitgo.com	
  
17	
  

The Future of Bitcoin Security Will O'Brien BitGo Presentation at TNABC #btcmiami

  • 1.
    The  Future  of  Bitcoin   Security     Will  O’Brien,  CEO  BitGo   TNABC  Miami   January  18,  2015   www.bitgo.com  -­‐  @BitGo   Copyright  ©  2014  BitGo,  Inc    1  
  • 2.
    Who  Am  I?   •  Will  O’Brien   •  CEO  &  Co-­‐Founder  of  BitGo   •  FinTech,  trading  plaQorms  and  capital  markets   •  Startups  and  mid-­‐size  companies  in  consumer,   payments,  video  games,  and  media   •  Computer  Science,  Harvard;  MBA,  MIT  Sloan   •  Obsessed  with  Bitcoin  since  2012   •  will@bitgo.com;  @willobrien;  @BitGo   Copyright  ©  2014  BitGo,  Inc    2  
  • 3.
    About  BitGo:  Securing  the  World’s  Bitcoin   Leading  Bitcoin  security  pla3orm  and  pioneer  in   mul5-­‐sig  technology   Launched  the  world’s  first  mul[-­‐sig  wallet  in  August  2013   $14m  in  total  funding  from  veteran  investors  and  finance   luminaries   Copyright  ©  2014  BitGo,  Inc     Our  products:   •  BitGo  Enterprise   •  PlaQorm  API/SDK   3  
  • 4.
    Why  Customers  Choose  BitGo   Family  offices   Hedge  funds   Bitcoin  miners   Marketplaces   Exchanges   •  Secure  storage  &   transac[ons   •  Corporate  treasury   policies   •  Mul[-­‐user  wallets   •  Financial  repor[ng  &   audit  capabili[es   •  PlaQorm  API   Copyright  ©  2014  BitGo,  Inc    4  
  • 5.
    Copyright  ©  2014  BitGo,  Inc    5  
  • 6.
    Overcoming  Early  Concerns  About  Security   Copyright  ©  2014  BitGo,  Inc    6   “$1.2M  hack  shows  why  you  should  never  store  bitcoin  on   the  internet.”     “From  treasure  to  trash:  Man  tosses  out  bitcoin  wallet  on   hard  drive  worth  $9  million.”     “To  achieve  wider  adop[on,  bitcoin  needs  to  address   significant  issues  related  to  security…Mt.  Gox  was  like  a  bank   storing  valuables  in  the  lobby  entrance.”   “Some  see  the  security  issues  as  teething  pains,  but  it  is   possible  that  the  security  of  the  core  transac[ons  technology   will  be  outweighed  by  the  insecurity  around  the   core...almost  10%  of  all  Bitcoins  have  been  stolen  or  seized   as  part  of  a  criminal  venture  in  the  last  year.”  
  • 7.
    Does  This  Even  Qualify  as  “Digital”  Currency?   Copyright  ©  2014  BitGo,  Inc     The Bloomberg reporter opened up his paper wallet to show the private key, and, not too surprisingly, the funds were quickly stolen.“ ”   7  
  • 8.
    We  Need  a  Secure  Bitcoin  Ecosystem   Copyright  ©  2014  BitGo,  Inc     Financial   Services   Payment   Processing   Wallets  &   Vaults   Trading  &   Exchanges   Mining   Consumer   Apps   8  
  • 9.
    Copyright  ©  2014  BitGo,  Inc     “This  is  the  year  of  the  mul[-­‐signature  wallet.”     -­‐-­‐  Gavin  Andresen,  chief  scien[st  of  the  Bitcoin  Founda[on,  May  2014   9  
  • 10.
    Copyright  ©  2014  BitGo,  Inc    10   19frDKN7XwWL2wwhz35as7PtRFcL4vCNYG! 335Zc8furTKgD32bWewYwGYGai7sMrtKse!Multi-sig! J! Not multi-sig L!
  • 11.
    2-­‐of-­‐3  HD  Mul[-­‐Sig  Wallet:  Key  Genera[on   and  Distribu[on   Copyright  ©  2014  BitGo,  Inc    11   BitGo  Key   •  Generated  and  stored  by   BitGo   •  Stored  in  BitGo  key  server   •  Used  to  co-­‐sign  all   blockchain  transac[ons   Customer  Key   •  Generated  and  stored  by   customer  using  BitGo  tools   •  Archived  with  encrypted   keycard   •  Used  to  ini[ate  all   blockchain  transac[ons   Backup  Key   •  Generated  offline  using   BitGo  secure  tools   •  Archived  cold  
  • 12.
    Analogy:  Origins  of  SSL  the  Standard   Copyright  ©  2014  BitGo,  Inc    12  
  • 13.
    Mul[-­‐Sig  as  an  Emerging  Standard   •  Based  on  P2SH  (BIP  16)   •  Build  it  internally  or  use  a  security  plaQorm  provider   Key  Tenets:   •  Funds  held  on  blockchain  in  mul[-­‐sig,  not  in  cold  pools   •  Maintain  independent  audi[ng  of  holdings   •  Enable  customer  segregated  accounts  (where  appropriate)   •  Set  corporate  treasury  policies  and  protec[ons   •  Leverage  security  of  mul[-­‐ins[tu[onal  key  distribu[on   –  Use  a  3rd  party  co-­‐signer  on  transac[ons   –  Store  backup  key  with  a  custodian   Copyright  ©  2014  BitGo,  Inc    13  
  • 14.
    Copyright  ©  2014  BitGo,  Inc    14   The  Emergence  of  Mul[-­‐Sig  Exchanges   Bitcoin  Wallets  Adopt  Mul[-­‐Sig  
  • 15.
    Trac[on  in  Mul[-­‐Sig  in  2014   Copyright  ©  2014  BitGo,  Inc    15   Source:  p2sh.info  
  • 16.
    The  Future  of  Bitcoin  Security   Copyright  ©  2014  BitGo,  Inc    16   Read  more….   •  hrps://medium.com/@willobrien/its-­‐[me-­‐to-­‐end-­‐the-­‐cold-­‐storage-­‐ice-­‐age-­‐and-­‐ adopt-­‐mul[-­‐sig-­‐8589733c9fd6   •  hrp://www.coindesk.com/2014-­‐became-­‐year-­‐mul[sig/  
  • 17.
    Thank  you.   Copyright  ©  2014  BitGo,  Inc     Contact  us:   will@bitgo.com     sales@bitgo.com   www.bitgo.com   17