Tag: digital wallet

Lost Bitcoins Were Not Meant To Be Easily Recovered

There have been stories of people losing their digital asset, Bitcoin (BTC), for careless reasons. There is the story of a Welsh man who “accidentally” (we don’t know for sure) threw a hard drive away that contains approximately $80-$100M+ worth of BTC. The price actually will be worth plenty more or even less based on market value. The most common incident involves holders of BTC losing their private key to their digital wallet. Now think of it like losing your apartment key. It is different though because if you don’t have a duplicate you can always go to the apartment manager for a master key to open the door. In Bitcoin, unfortunately, there is no master key that unlocks all digital wallets. Other instances of unrecoverable BTC happens when the holder of a digital wallet dies and no one else has access to it. Unless there is a next of kin to claim the inheritance, it is as good as gone unless the private key can be provided to recover the coins.

You can still recover your BTC even if the private key is lost, provided you took the required measures. You must have the seed phrase generated during wallet creation. The problem is if you don’t have both then your BTC will not be recoverable based on the blockchain’s inherent design. That is because all private keys and wallets are unique, and since the blockchain is decentralized there is no master key or main administrator to support users. Incidents that involve hacking would not be considered lost BTC because the hackers will most likely send the stolen coins to another wallet and then try to lose anyone tracking the BTC by using various digital exchanges. In other words, that BTC would be considered stolen rather than lost, and it could end up back in circulation if it were sold to an exchange. This is why it is important to make backups of both the private key and seed phrase, but store it in a secure location and not just some random cloud drive. Consider using hardware wallets, removable hard drives, thumb drives and other storage devices that can be locked up in a vault (you get the idea).

Is it easy to lose your private key? The answer is yes, when considering the circumstances. If you store your private key on your local hard drive without a backup copy, if that hard drive should fail then it could mean game over. Your savior would be the seed phrase of the digital wallet or what is called the recovery phrase. This is provided to the user during the creation of the digital wallet, when the private key was generated. This contains 12 words in Bitcoin (also called the mnemonic) that must be provided when recovering the private key. Another way a user loses a private key is if it was stored online and never exported to an offline location. If the online service were to fail with no backup system, the private key will be gone as well.

Whatever the story is, lost BTC lead to less of the supply of the cryptocurrency. According to Chainalysis, an estimated $35,000,000,000 (price is volatile so this is not a fixed value) in Bitcoin (BTC) is likely to never be recovered. This was based on their report that 20% of Bitcoin’s total supply of 21M BTC has not moved for five years or longer. According to the report, that would be 3.72M BTC based on a market valuation of $9,408.60 (as of the market value when report was published). It is also assumed that 4M BTC in total, including the BTC in the report, may never ever be recovered unless there is protocol which will allow the lost coins to be released back into circulation. That is not likely unless the Bitcoin community in general come to a majority consensus. The Bitcoin blockchain does not support releasing lost BTC as of Bitcoin Core 0.20.0 (Released in 6/3/2020). When we deduct the 4M BTC, that means there will be only 17M BTC.

Holding a digital asset like BTC requires plenty of responsibility in return for financial independence. The question then is why would anyone even want to own Bitcoin if it cannot be easily recovered, has no customer support like a bank and no master key to unlock it if the private key is lost? That should make it all the more obvious why it is important to own Bitcoin. Only you can have control of your BTC. The government cannot freeze it and prevent you from storing value on the blockchain. You have freedom from bank policies which regulate finances (e.g. withdrawals, remittances, loans, etc.). The only thing a person must do to have this benefit is to secure their private key and seed phrase. Humans are not perfect and very prone to mistakes, so is it even possible to have a system like this?

We have to go back to the fundamentals of Bitcoin and why it was designed that way. Remember, its founder Satoshi Nakamoto developed a system of direct peer-to-peer payments without relying on a trusted third party. It is also decentralized so that it cannot be manipulated and controlled by a single entity. The way to do this is give full control of money to the users and establish a platform that is permissionless and trustless for exchanging value. The blockchain provides a cryptographically secure platform of trust among strangers who want to transact because it doesn’t require them to know each other or trust an arbiter to exchange value. Instead they use a private key to authorize transactions under their digital signature and verify that they are indeed the holder of the BTC. The reason lost BTC cannot be recovered is because it will require the unique private key that belongs to its owner. If that was lost, the BTC can still be recovered using the seed phrase. Until there is a chance at recovering BTC, users must be responsible for their digital assets. All it requires is keeping a digital wallet with a private key, in a safe and secure manner.

How 2FA Can Secure Your Cryptocurrency Assets

In the Crypto-economy, we need to implement security to safeguard our digital assets. Wallets are primarily just an interface to access the blockchain where the assets are stored. The wallet just provides the balance to the user, as well as allow users to send and receive tokens. It does not actually store the cryptocurrency. Instead, the wallet stores the private key which is what proves the user’s ownership of the assets. This must definitely be kept secured because if someone else were to gain access to the private key they can take ownership of your assets. This is why wallets, whether online or offline, use various authentication schemes.

Passwords are the most common way to access a wallet. The problem with this is that once a password is guessed or cracked, there is no other layer of security. This is why users are recommended to store their private key in hardware wallets e.g. Ledger Nano or Trezor. This stores the private key offline so only the user will have physical access. It cannot be hacked from the Internet or anywhere else since the hardware wallet uses cold offline storage. For everybody else, how can security be increased or improved?

A solution to this is called MFA or Multi-Factor Authentication. MFA uses multiple types of authentication to verify a user. In MFA you can use 3 methods to secure your authentication.

  1. What You Know – This involves the password, the most common form of authentication. Only the user should know this. The problem here is password sharing among users. Some family members openly share their password and that can lead others to learn this thru eavesdropping and more nefarious ways like password cracking.
  2. What You Own – Most users have a smartphone, and this can be included for verification. In this method an app is installed on the smartphone that generates a code that syncs with a server over the network. It will only work from this smartphone and not any other device.
  3. Who You Are – Your biometric information, like fingerprints, retina scan or face can be used to further confirm your identity for verification. This is something that physically verifies who you are. This is actually a very effective method that Apple uses for authentication on iPhones using Face ID. The possibility of 2 or more people having the same exact biometric traits is zero to extremely rare.

2FA or Two-Factor Authentication is one of the most common implementations of MFA using just 2 of the 3 methods mentioned. In the cryptocurrency world, digital exchanges implement 2FA to gain access to your cryptocurrency portfolio. Coinbase, Binance and Blockchain.Info require 2FA as a stronger authentication method compared to a simple password. 2FA can be enabled on many apps. Just check to make sure that the app login you are using allows 2FA support. If it is available, enable it to give you more security.

One example of using 2FA is when you login to your Binance account. Binance uses a combination of password and security codes. You create your password during the account creation process. With 2FA enabled, you now need to add a security code to further authenticate your access to your account. By installing Google Authenticator, you can add this additional security layer. With Google Authenticator, you scan the QR code from Binance when enabling 2FA. Once that code is scanned, Google Authenticator creates a profile for you. The next time you login to Binance, you will now need to check Google Authenticator app which is installed on your smartphone. Binance will request the code in order to continue your login.

2FA and other MFA implementations help to increase security, which allows you to better protect your cryptocurrency assets. Even if a hacker is able to intercept your password, if they don’t have what you own (e.g. smartphone) or what you are (e.g. face or fingerprint), they will be denied from the system.