The cryptocurrency community is extremely used to hacks and security incidents. However, this does not mean these incidents aren’t a cause for concern.
June 2021 was an especially bad month for security. Two high-profile security events took place. Both were completely different problems but are contributors to the total estimated amount hacked from blockchains. This estimate currently sits at $20.32 billion.
By far, the biggest of the two was the Africrypt scandal. It resulted in estimated losses of $3.6 billion. The incident, which bears all the hallmarks of an exit scam, began in April.
This was when the Africrypt exchange reported a hack. However, the two brothers who ran the exchange, Ameer and Raees Cajee, vanished after selling a swathe of luxury goods in the weeks beforehand.
In particular, local trading platforms seem to lend themselves to this type of exploitation. In April, the CEO of Turkish cryptocurrency exchange Thodex disappeared along with over $2 billion in customer funds.
Not to mention the notorious case of Canadian exchange Quadriga CX. It emerged in early 2019 that founder Gerald Cotten had died, taking $145 million of customer funds to the grave with him. That story is still under investigation to this day.
Unpacking the Fireblocks incident
Alongside Africrypt, there was another incident in June which was slightly less scandalous. Nevertheless, it illustrates some critical lessons around private key security that are worth noting. Particularly for institutions and those relying on custodial services for their digital assets.
It emerged at the end of June that StakeHound, a crypto company involved in staking, had filed a lawsuit against custody provider Fireblocks. The suit alleges Fireblocks lost around $75 million worth of ethereum, for which it was responsible. However, digging deeper, there’s a lot more going on under the surface.
Fireblocks told Forbes that it was contracted to StakeHound for two services. The first was its standard cryptocurrency custodial offering. The other was a one-off arrangement where Fireblocks supported StakeHound in writing a program to generate signatures to verify the authenticity of a staking agreement.
StakeHound generated a key using the program and then used the key to send 38,178 ETH to the Ethereum 2.0 staking contract.
Here’s where things appear to have broken down. Fireblocks states that StakeHound wanted it to custody half of the private key for security purposes, which it agreed to verbally.
StakeHound sent its share of the key to Coincover as a backup, but Fireblocks didn’t. Since this arrangement was a one-off and the signatures weren’t part of Fireblocks’ usual backup procedures. When one of the company’s systems went down, it lost the key. In addition, there was no backup.
Now, StakeHound cannot access any of the 38,178 ETH locked in the staking contract. In addition, the funds are likely lost forever.
HSMs vs MPC
There’s no way of knowing who said what or which way the lawsuit will go. For the record, it’s also worth highlighting that Fireblocks has stated that its customers have no reason to be concerned as this incident was outside of its normal procedures.
The company has also said that StakeHound still uses Fireblocks for everyday crypto custody services. However, it’s worth examining the incident. It highlights a fundamental security flaw of relying on multiparty computation or multi-signature wallets for security.
At this point in the evolution of digital asset security, multi-signature wallets offer fairly weak security. After all, there’s no way of knowing who has access to the private keys meaning they aren’t inherently any more secure than a single-signature wallet.
Currently, custodians use two main forms of security to protect private keys and, thus, digital assets. They are hardware security modules, or HSMs, and multiparty computation, or MPC.
HSMs are physical hardware devices that comply with several globally recognized standards verifying the secure creation and storage of private keys. HSMs are in use in the public and private sectors. This includes military and banking use cases.
MPC involves splitting the private key into parts and storing each part separately on different devices or cloud storage servers, as StakeHound and Fireblocks agreed to do. The idea is that if a hacker breaches one, the attacker doesn’t have access to enough information to assemble the entire private key.
A proven backup solution
The critical difference between the two is that HSMs have integrated backup mechanisms for keys that ensure users never lose access to their funds.
Typically, HSM users are equipped with physical backup cards stored securely in multiple locations. Users can deploy the backup cards to recover a backup key generated each time a new key is requested.
MPC solutions have no built-in mechanism for generating backup keys. Furthermore, it’s inherently quite complex to generate backups for MPC keys. This is because the process involves multiple parties. For this reason, there are concerns about the usability of any backup solution.
So far in the evolution of cryptocurrency security, HSMs have proven to be the only way organizations can securely back up their private keys. It ensures that in the event of a loss, they can still access their cryptocurrencies.
In this sense, they remain the most robust form of security against attacks. At the same time, MPC remains an exciting new branch of cryptography. It offers significant promise to the field of cybersecurity. It also provides more comfort to users in tested and proven methods to secure their funds against attackers.