This article was inspired by an article in Wired titled “A ‘Blockchain Bandit’ is Guessing Private Keys and Scoring Millions”. It’s a fascinating story of how a security consultant uncovered how millions of ether has been transferred out of Ethereum wallets over the years.
An Ethereum private key is a random 78-digit string. That’s an impossibly large number to guess. My favourite analogy relates to the number of grains of sand on earth. Now imagine each grain is another earth with as many grains as ours. That’s on the order of magnitude the number of different combinations that’s possible in the public key cryptography that is used by cryptocurrencies.
A weak key could be generated if there is a fault in the random number generation algorithm and since computers are deterministic, random number generation is a really hard (and interesting!) problem. Another way to generate a weak private key is to use a so called brain wallet. Let me explain, brain wallets are based on a user defined passphrase. The idea here is that with a passphrase that you can remember, you will always have access to your crypto. The passphrase generates the private key in a deterministic way, so instead of the 78 digit randomness, the private key possible combination space has now collapsed down to the length of your passphrase. Humans are not very good at picking a strong passphrase, and if you need to remember the passphrase, which is point with a brain wallet — it gets so much harder to choose a strong passphrase.
In the early days of crypto, bitaddress.org was a popular web site to generate your private keys, your paper wallets and it also provided an easy way to generate a brain wallet. The site is still up and running today:
However looking at the Brain Wallet section there is a now a warning:
“Choosing a strong passphrase is important to avoid brute force attempts to guess your passphrase and steal your bitcoins.”
They also enforce long passphrases, probably a very good idea.
Let’s try a passphrase that’s easy to guess: ‘satoshinakamoto’:
Then plug in the address in our favourite block explorer. Turns out this address has been involved in 8 transactions, this was the first one:
It currently contains no bitcoin — no treasure for us to claim!
The scenario here is that someone has created a very weak, guessable private key (‘satoshinakamoto’), to store bitcoin. A vigilant person or programmed bot has detected the incoming transaction, easily worked out the private key and then sent the bitcoin to their wallet. All this is easily programmed to happen automatically.
This shows the importance of protecting your private keys and generate them in a secure way. There is an army of people and bots out there that will jump at the chance of redeeming your private key, a point the Wired article drives home.
But I think there is broader lesson and understanding here — and that’s what I call the Unwritten Rule of Crypto.
The unwritten rule of crypto is that if you have the private key, you’re the owner. Another popular way to put it is:
Not your keys, not your crypto.
The key in crypto gives the holder the right to change the ledger — that’s the software enforced rule of blockchains.
There is a clear analogy to the DAO hack. The DAO was a very popular decentralised application on Ethereum during its early days. The smart contract code of the DAO contained a vulnerability which meant that funds from the DAO could be moved out.
The software code (or rule) of the DAO said those funds could be moved. Just like having access to a private key gives you the right to update the ledger, the DAO ‘hacker’ had the right to move those funds.
This led the Ethereum community to roll back transactions like they never took place. That decision created a fork of Ethereum and we now have the original blockchain without the rollback, Ethereum Classic and the forked chain, where the ‘bail out’ took place, Ethereum.
Just like transactions are immutable, are exploits in smart contracts fair game? Supporters of Ethereum Classic would say ‘yes it is’ while some elements of the Ethereum community would disagree.
For many of us, ‘code is law’ is our motto. With the help of crypto we can create something that is as trustless as possible. We ask ourselves what’s the point of blockchain if not for being trustless. We are building a new future based on code. That code is the law of the blockchain.
Henrik Andersson is the Chief Investment Officer at Apollo Capital . Based in Melbourne, Australia Apollo Capital invests in the crypto assets that are powering the next generation of computing infrastructure. For more information, please see apollocap.io.