‘Covenants’ Mean You Can Burn Stolen Bitcoins

‘Covenants’ Mean You Can Burn Stolen Bitcoins

6351
5
SHARE

Cornell computer science professor Emin Gün Sirer thinks a bitcoin wallet model called ‘Covenants’ would disincentivize hackers by allowing the victim to ‘burn’ the compromised bitcoin after the hack; that is, destroy the bitcoin.

Also Read: How to Choose the Right Bitcoin Wallet for Your Needs

Bitcoin Bounty

'Covenants' Mean You Can Burn Stolen Bitcoins

Because bitcoin transactions are final, there is a major bug bounty on bitcoin wallets. This has led to high profile hacks of exchanges, wallet services and individual users.

“People compromise a system, find a bitcoin key, then steal the funds,” Dr. Sirer explains. “There’s no recourse. As soon as they get the funds, there is no filing a claim that you’re the rightful owner, as the rightful owner is ‘he who has the key.’”

The Cornell professor suggests modern computer systems remain “nowhere near” secure enough to hold high value digital assets, like bitcoin.

“We need to deal with the fact that bitcoin keys are going to be stolen and we want to be able to somehow stem this,” Dr. Sirer says.

OMG, Someone Took All My Bitcoin

'Covenants' Mean You Can Burn Stolen Bitcoins

In the best case scenario, once your ‘covenant’ has been hacked, then you go to a new machine and use the master key as a recovery key. The worst case scenario, which may end in burning the coins, is when you’ve lost both your regular key and master key to the hacker.

“If all keys are compromised, there’s no way to recover your coins,” Dr. Sirer says. “But, the covenant vault construction allows you to burn the coins. You cannot get them back, you cannot prove they are yours, but at least you can disallow the hacker from getting away with it.” Suddenly, the hacker’s expected gain is zero.

“Even if he gets your master key, you can burn your coins,” Dr. Sirer notes. “There is no point into hacking the system in the first place. The second masterkey takes away the motivation of the hacker to compromise bitcoin hosts.”

The Bitcoin development community has hitherto seen the issue as a hardware and software issue. “After so many decades of computer science, general security hardening might not happen,” Dr. Sirer said. “While operating systems improve, they grow more complex, and this creates a constant stream of compromises.”

Covenants are a “construction” that functions as a “special box” in which a bitcoin holder could store digital currency.

“Only you can open that box, which has two keys in the simplest scenario,” Dr. Sirer describes. “You place the coins into the special box and use the regular key to unlock it and take the coin out to use. There is a second key, then, to spend. If someone steals the first key, starts imitating you, the second key can be used to signal the hacker is not the real you since you have the master key, which overrides the regular key. You can take the money back with the master key, as well.”

Covenants do not affect bitcoin fungibility. “Bitcoin payments are as final as they ever were, since only payments from the box to yourself can be reversed,” Dr. Sirer assures. “Covenant deploying wallets simply have the ability to vault their coin, and vaulting entails an extra layer of protection.”

Recursive Constraints

EminGunSirer

Covenants use recursive constraints, a new technique in securing bitcoins and cryptocurrencies. “They are essentially a restriction on how coins can be used when you vault the bitcoin,” the Cornell professor explains. “You are doing the same thing you do with bitcoin, but attaching a little rider which says ‘this money is mine, and for the allotted amount of time it can be recovered with the ‘masterkey.’” This, in essence, is a covenant.

“Hackers cannot get rid of the covenant,” Dr. Sirer clarifies. “They are inherited, and no matter if the hacker tries to mix the coins, he can’t rid of the recursive nature of the covenant. With covenant, holders can kill the hacker’s satisfaction of having stolen the bitcoins.”

Donating Stolen Coins

There were more than 26 bitcoins reported ‘burned’ in 2016. “Lost coins only make everyone else’s coins worth slightly more,” Bitcoin founder Satoshi Nakamoto wrote on the forum BitcoinTalk in the digital currency’s incipience. “Think of it as a slight donation to everyone.”

Mr. Sirer agrees. “It’s akin to a social donation,” he says. “You’re increasing the value of everyone’s bitcoins. In the very worst case scenario, bitcoins which would have remained in circulation, but belonged to a hacker, are now out of circulation.”

He concludes: “They’ve remained your bitcoin until the end. You simply chose to kill your bitcoins.”

Continue the conversation in the comments! Tell us what you think of minimizing bitcoin hacks. 


Images courtesy of Shutterstock, Twitter 


Whether you’re a beginner or a long-time bitcoin player, there’s always something interesting going on in the bitcoin.com Forums. We are proud free speech advocates, and no matter what your opinion on bitcoin we guarantee it’ll be seen and heard here. We don’t censor.

  • BitCoinBums

    What you are describing is enabling chargebacks, and I respectfully disagree that is a good thing, or that would discourage hacks. There are plenty of approaches that the offending party could take to persuade the offended party to allow them keep some (or likely most) of the transferred coins. And yes, ‘transferred’ is a more accurate term to use here vs. ‘hacked’ because one is indistinguishable from the other, i.e. they look – technically – exactly the same. You have to trust the someone that cries ‘hack’ is telling the truth, right? Hmmm….

  • Comte de Monte-Crypto

    It is so radical like most bitcoiners …like do or die…will we get in an area where people will make ceremony and burn some bitcoins (destroying kill some bitcoin ) to make the rest of bitcoin available more of value and make more profits?
    I would’nt be suprised like with those evangelist all around preaching and telling you what to do…”burn your bitcoin burn…” The kamikaze bitcoin for japan …the suicide bomber bitcoin for middle east …and then what? ho you gonna hang your self or suck the barrel because you been hack and you cant enjoy life cause your precious le bitcoin is gone and your life mean nothin anymore… and you so jealous of the person who got your bitcoin…it is more then child play it is sick i think…but hey who m i another sucker down the pyramid talkin to is best friend the chinese cookie and the chinese cookie is always right …die bitcoin die …lol

  • Dog

    Maybe I am missing something here, but if a hacker gets access to the 2nd master key then he can remove the covenant? So what is the point here?

    If I were a hacker, I would just take out 50% of the BTC, and leave 50% (or maybe just 10%)… because the original owner knows that he has a chance to at least get something back.

  • Bit Koin

    This article needs to provide a link to more details of the proposal described by Dr. Sirer. Without a detailed understanding of how it works any discussions about the proposal are aimless. Reporters please include links to support your articles.

  • Andreas H

    Seems like a form of blacklisting. When bitcoin starts to enable blacklisting, it will be quite a disaster for the currency; it will then fall prey to overzealous authorities. It was another article on how Europol want to go after mixers, and would play right in to the hands of that if you enable to ‘burn’ coins, or blacklist them.