Thursday, December 19, 2013

My folly is another man's opportunity, and we're both better off for it


I wanted to share an experience I had a few months back.  In a move that hardly defies my normal pattern of behavior, I did something very stupid thinking I was doing something sort of smart, and faced some expensive consequences.  Fortunately for me, the ingenuity of members of the Bitcoin community, building off the initial brilliance of the Bitcoin distributed network, bailed me out of the situation.  And fortunately for you, as the reader you can benefit from my cautionary tale without having to go through the stress and worry. Long story short, I encrypted a Bitcoin wallet, and I forgot the password. 

This started when I was sitting in my favorite local coffee-shop on my laptop, reading up on some stories about Bitcoin theft.  I got to pondering the safety of my own Bitcoin holdings.  First, recall that Bitcoin are "stored" in wallet files, but really the Bitcoin all just exist on the network.  Your wallet file is sort of your key to accessing the Bitcoin, they're your way of convincing the network that you're allowed to move ownership of the Bitcoin to another wallet.

I have my Bitcoin stored in a few different wallets.  I have some of my Bitcoin stored on a wallet hosted by the cash-to-Bitcoin exchange I use, campbx.com.  I have one wallet that is hosted on the website blockchain.info, which is synced to the Blockchain app on my phone, allowing me to send and receive Bitcoin by scanning QR codes with my phone.  I have a tiny bit in a Reddit account using the Bitcoin Tip feature.  But the majority of my Bitcoin was held in a "wallet file" stored on my computer, literally a text file stored on my local harddrive allowed me access to what for me was a pretty sizable chunk of coin.

So after reading about a few thefts, I got to considering what might happen if my laptop was stolen, or if a remote attacker gained access to it.  I needed to take precautions to make sure I wouldn't leave myself vulnerable to having my Bitcoin stolen.  After all, this isn't like credit card fraud.  There is no Bitcoin company I can call to complain, the owner of a Bitcoin is whoever possesses the wallet file.

I did a little bit of research, and decided that my best course of action was to encrypt my wallet.  For the technologically challenged, encrypting a file just means that you scramble the file in a specific way, so that file becomes useless until a password or passphrase is used to decrypt it.  I used the encryption feature on the Bitcoin QT client, which allows you to select a passphrase that becomes necessary for decrypting the wallet to send the Bitcoin anywhere else.  But I couldn't risk using the same password as any of my other online accounts, after all if my computer is compromised an attacker could easily have those passwords too.

I looked up and saw 3 paintings on the wall in the coffeeshop.  In a stroke of supposed brilliance, I decided to type up the names of all 3 paintings into one string of text, and I emailed myself that text.  But I couldn't use that exact text, just in case someone who stole my encrypted wallet file also gained access to my email.  So I changed one minor detail in the string, just to add an extra bit of complexity / security (spoiler: terrible idea). 

About a week went by, and I decided to check in on the wallet.  But when I tried to enter in the password to decrypt the wallet, I couldn't remember what change I had made to it!  Queue the mother of all lumps in your throat.  Forgetting a password for an encrypted file is not like forgetting your password to access your bank account.  Again, there is no Bitcoin company, no human being who can temporarily relax the rules of cryptography and mathematics to make your file recoverable.  If you cannot determine your password, the file you encrypted is lost forever.

The one positive in this situation was that time was on my side.  I couldn't access my Bitcoin, but I sure as hell knew no one else could either.  Still it was unsettling to put it mildly.  In desperation, I started perusing forums looking for recourse of any kind.  I came upon a poster on the BitcoinTalk forums who advertised a potential solution.  His claim was two-fold:

  1. He had developed a computer code that could try many variations of a basic password.  Unlike signing in to most accounts online, most encrypted files don't have those Captcha images to type in, and don't lock you out after incorrect attempts, so this is certainly possible with a fast enough computer and a little coding expertise.  This part was straightforward. 
  2. If I were to send him not my entire encrypted wallet, but just a few special parts of it, he could potentially crack my wallet password, but he would not be able to gain access to the entire wallet/my Bitcoin.   

Claim 2 was worrying.  After all, if he was lying, I could easily be handing over control of a bunch of my Bitcoin to some stranger on the internet.  After doing a little bit of research, I finally worked up the courage to take a chance on it.

I sent an email to the owner of Wallet Recovery Services.  To understand what I included, I need to explain a little bit more about Bitcoin wallets.

Every Bitcoin wallet contains a list of many different Bitcoin receiving addresses.  It is sort of like buying a thousand PO Boxes at the Post Office, except that the same "key" (your wallet) opens up all the boxes.  Well, a couple of those addresses in my wallet contained Bitcoin, but the vast majority of them contained none.  Fortunately, even when the encryption scrambles certain parts of your wallet, these receiving addresses stay intact.

As per the site's instructions, my email included the parts of my password that I had written down, one section of the wallet that is responsible for authenticating the password, and two of these dormant receiving addresses.  To continue our analogy, I sent the guy a mangled key to all of my Bitcoin PO Boxes, and the locations of two of the PO boxes that I knew were empty.  He could try to fix the key, and test it on those two PO boxes.  Once he knew he could get those open, he would then send me back the key. At this point though, I was at least partially trusting that things would actually play out the way my analogy described it.

The next couple weeks were painful.  Walletrecoveryservices@gmail.com communicated with me pretty well, but the whole time I had the lingering fear that I had just willingly handed over my wallet.  Until at last I received a positive response.

The email claimed that my password had been recovered.  They had supposedly managed to find my password after trying a ton of variations.  Now came the time for the fee.  The email explained that they generally ask for 10% of the wallet's holdings as a fee.  Because I did not send the full wallet file, or the active receiving addresses (the PO Boxes that actually contained Bitcoin), walletrecoveryservices had no idea what 10% was, so I was on my honor to provide the truthful amount.

Here's the really cool part: in order to send them the fee, I was instructed to send Bitcoin from another wallet to one of the receiving addresses I had supplied in my first email (empty PO Box).  The only way he could get to those Bitcoin is if he had succeeded in fixing my key.  After the funds had been received, he would send me the passphrase. 

10% was a pittance compared to losing all of my Bitcoin, so I happily and truthfully obliged his request.  Shortly thereafter, I saw on the blockchain that the funds were transferred away from that address, and I received an email with my correct password.  The change that I had made to my written down passphrase was obnoxiously simple, but probably one I wouldn't have remembered on my own, so I was really just happy to have recovered 90% of my Bitcoin in that wallet.  

The most amazing thing about this experience was the trust I needed to place in the schema of the distributed network.  I had to trust the posters on Bitcointalk who supposedly vetted WalletRecoveryServices (though not without reservation), I had to trust my own limited knowledge of how Bitcoin works, and I had to trust a complete stranger on the internet with partial access to a large sum of money.

One of the criticisms most often levied at Bitcoin is that it is too complicated for the average person to use.  For this, innovators in the Bitcoin community are the single greatest necessity for the currency's long-term success. They make the storm of complexity navigable to us technological novices.  I made a mistake, but using a system founded on basic cryptographic principles, I was able to complete a transaction with a stranger to get myself out of it, and at least in retrospect, incurred very little risk doing so.  

Takeaways: 
  1. Bitcoin can be tricky, and if you're going to take steps to secure your wallet (which I recommend doing), BE CAREFUL.  Take your time, do your research, and don't try to get fancy on your own.  There are plenty of well-documented ways to keep your Bitcoin safe.  Brain WalletsPaper Wallets, and Offline Wallets are other options for keeping your Bitcoin safe from hackers, but again each of these carry their own risks.  
  2. The beauty of a distributed network is that every problem it creates is an opportunity.  The folks at Wallet Recovery Services found a way that they could add value to Bitcoin users, and earned some coin in the process.  There is a lot of talk about whether Bitcoin is undervalued or overvalued right now.  I believe that speculators have driven up the price of Bitcoin hire than it's practical usage at present.  But the Bitcoin I own gain practical value with each new innovation that brilliant people all around the world take the time to develop.  This is Network Effects at their finest, and I think we've only seen the faintest glimpse of the genius waiting to spring forth from the community.