Bitcoin Forum

Basically it uses 3 private keys.
1 online say like codebase
Your password or on your computer
And a 3rd that you can print out or store offline

You only need 2 to make a transaction

But if coinbase gets hacked, the hacker would need your key so it makes it impossible

Even if they hacked your computer, then they'd need the offline key or codebase key

I suck at explaining it but just go here

https://www.bitgo.com/p2sh_safe_address

Get it independently audited by a security expert, and publish the report :)

I mean that in all seriousness. Every one claims their wallet is super-secure, history proves otherwise in many cases ...

This is excellent advice :-)

I'm the creator of BitGo, so I know I am biased.  For what it is worth, we've already done a full external security audit (expensive!) of the software both client and server side.  The operational engineering that has gone into BitGo is also atypical and has been designed from the ground up for bitcoin security.  We'll be doing another audit in the not-too-distant future.  Peer reviews and security reviews are absolutely essential.

I would never be so foolish as to claim that anything is impervious.  But the concepts that we've pioneered in the BitGo architecture have held up to scrutiny so far.  Hopefully these concepts are just a better starting point for anyone building a new wallet going forward.

We love feedback, we know we're not perfect, and we will take seriously any potential exploits or vulnerabilities.  Don't hesitate to reach out to me personally if you have any issues.

Mike Belshe
---
CTO & CoFounder, BitGo, Inc
mike@belshe.com
mike@bitgo.com

This is an online wallet?

A 2 of 3 wallet is an excellent idea! Kudos Mike! I would suggest using crowd spring or some other design service to spruce up the design and stock images on BitGo. Other than that the theory looks quite sound.

That sounds excellent Mike, great response :)

My only other "advise" is that you should publish any company details about yourself. There are so many "one-man ops" in bitcoinland, some aren't even registered companies. The more you share about yourself, the more trust you engender.

People are still using web wallets really? Did we not learn from instawallet, inputs.io, and blockchain.info. I see a couple problems with this one. How are they generating the 3 keys? If it isn't client side, it isn't safe. If they are holding on to the 3 keys even indirectly they are not safe. It isn't open source, so there is no way to verify or run this services on my own. Also all web wallets will be consider not safe until they implement trezor support.

So again don't use web wallets none of them are safe unless you are using a trezor or hardware option to sign the transaction.

What's wrong with blockchain.info?

Yeah, not being open source is a big turn off.

I don't get it. Only 2 FA is needed for transactions. So if someone hacks in to an account he can withdraw the coins with just 2 passwords, right?

yep and there will always people who do this. you could say it every day and still people would store them online.  ::)

i guess someday there will be an online wallet with high security AND insurance over the funds, maybe then you could store them online (but i wouldnt do that).

What about the people who run the service? This is where things like trezor will solve, and 2FA is a just a false sense of security for that attack.

People still get hacked on blockchain, but they are a lot better than most web wallets, and if they add trezor support like they plan on, they will be the most secure web wallet.

I think blockchain.info will probably be safer for a newb who doesn't really know waht they're doing, as long as they set up all the security features; 2 factor auth and a second password etc.

Same advice as always for me. Keep as little as possible online, and use 2fa. I don't care what security features are promoted with web wallets, most of your coins should be safely offline.

Who did your full audit. I am looking for an auditor myself and it would be nice to grab someone who is now familiar with Bitcoin

is that a new online bitcoin wallet?

Local clients are better for newbies, but lets be honest we need to teach newbies about all forms of security cause many sites use 2FA they should learn it now. What it is and how it helps from hackers but not backend hackers.

backend hackers or site owners that just run off with all the coins ......

I put them in the backend hackers that have access to the machine.

Yeah I got that but the reference might have been a bit subtle for some :)

The blanket answer of "all web wallets are unsafe" is too black-and-white.  And it's just not true that the only safe way to secure bitcoin is with a Trezor.  (I love the Trezor, by the way, and look forward to getting mine).

But BitGo isn't really a web wallet anyway.  Sure you access it from the web, but it requires 3 independent devices to transact.  So unlike a client-side wallet, where compromising a single machine will steal your bitcoin, BitGo requires 3 machines get hacked before your funds can be taken.  If you consider that 30% of home computers are infected already (source: http://www.infoworld.com/t/cyber-crime/malware-infects-30-percent-of-computers-in-us-199598), this is a pretty important point.  As bitcoin grows, the incentive to steal bitcoin keys grows.  Anyone relying on a single system to host the keys to their bitcoin will be vulnerable, and common users aren't security experts enough to keep away the malware.

So to answer your questions, BitGo strongly believes we should never hold the keys to your account.  We're a backup, and a cosigner, but we never see enough keys to transact.  BitGo today allows you to create one in your browser, import one (public key only) from a 3rd source of your choosing (offline, your existing wallet, etc), and one is created on the BitGo service.  If you use this option, you've used 3 independent sources for key generation which means that your wallet starts out in great shape.  To transact on it with BitGo, you'll need to provide one key, and BitGo provides the second key.  On top of that we use 2FA to your phone to protect against any keylogger type attacks.  This bitcoin address creation process is hard to do - its a lot of work, and we're still working on making it simpler - but we will stick to our security principles that we should never hold your keys. So there are options for small bitcoin accounts to create two keys in your browser and send one to paper backup.  This is a tradeoff the user can make.

There is another great advantage to the 2-of-3 system which a single key system can't do.  The server can audit who is requesting a transaction by looking at IP addresses, access patterns, enforcing velocity limits, notifying stakeholders of the pending transaction, etc.   All of these features are made possible by being a "web wallet" with a server assisting.   Single key systems simply can't do this.

Regarding open source - you can find some of our source code out here:  https://github.com/BitGo.  The client software is already open source by its very nature - it runs 100% in your browser.

Anyway, I am not stating that BitGo is perfect by any means, so I hope it doesn't sound that way.  With security, you just constantly need to 'raise the bar', and I hope that this solution materially raises it.

If you do see any specific flaws or want to audit our code, I welcome that very much!

Best,
Mike

Incorrect.  2FA is required both for login and transactions.

Mike

When you start looking around for security auditors, you'll find they make you sign agreements that you can't disclose their name.  This is because if you are ever hacked, they don't want to tarnish their own brand.  Ironic, right?  But I assure you, this is industry standard for these types of things.

But if you are looking for a known and trusted auditor, starting with Matasano (http://www.matasano.com/) is a good start.  It is not cheap.

Mike

mbelshe: Can I generate three private keys for 2of3 multisig on a secure offline computer and then import only 1 priv key to BitGo server?
Can I import this private key pre-encrypted? So it's impossible to see it serverside and it's only decypted on client side on demand?

I hope BitGo doesn't generate all three the private keys on their servers because then the security of all this service is very low.

You could always try reading...

BitGo is currently my favorite online wallet provider and it doesn't even have to function like that.  In an encrypted folder on a linux box I can issue transactions from my own two keys.  Amazing stuff.  If only the system worked by hierarchical wallets with mnemonic seeds as what is split up instead of a single address combination.   

BitGo is a great proof of concept. I'm almost certain that multisig wallets like this is how the majority of people will use bitcoin for day to day transactions in the future (the only alternative to multisig+3rd party being multisig+hardware wallet)

Though I second ADgordo that it badly needs to support deterministic wallets. Full on HD wallet support (BIP32) would be awesome. Having single-address wallets in 2014 is a big turn off  :(

just stick to offline wallets...

Offline wallets are not convenient and can't offer you 2FA.

If you want something multisig, bip0032, 2of2 (with nLockTime unfreezing the fund) https://bitcointalk.org/index.php?topic=521988.0 (https://bitcointalk.org/index.php?topic=521988.0)

Before you dismiss it, our Chrome App client it's uniminified/inspectionable, open source,  it has independent blockchain data verification via the electrum network and even if we disappear your btc can be unlocked by you.

Sounds like what I'm looking for: both secure and easy enough. Have my coins on an exchange now which doesn't feel to secure considering what's happened lately. Clever with the 3-fa. If computer craches, gets hacked, gets stolen, i retrieve my coins with offline pw and bitgo. If bitgo get hacked, seized, seize to exist, no worries, I use browser pw and offline pw. Do I understand it correctly? Bitgo doesn't even need to exist for me to retrieve my bitcoins with help of browser pw and offline pw? That last part is quite important...

Correct.  I have an instance of sx (a bitcoin tool suite) that allows me to execute transactions from the address bitgo creates without bitgo by keeping my private keys in an encrypted folder.

Anyone know why the BitGo site is empty?  Just the title pages work for me no content.

Signing up now...

Did anyone recognize this?
https://coinreport.net/bitgo-announces-hd-wallets-novel-solution-transaction-anonymity/

What surprises me is that you think your desktop wallet is safer.  It's absolutely not.  Did we not learn anything from the growth of malware over the past 10 years?  30% of home computers are running malware already, and the numbers are growing, not shrinking.  Every desktop wallet, from Armory to Bitcoin-QT, etc, is vulnerable to these attacks while BitGo is not.  Any single-signature wallet is even more vulnerable.

So perhaps all of us should stop thinking of wallets as either "desktop" or "web".  BitGo is both.  BitGo is a desktop wallet (use the chrome app) with a web service component (the BitGo service).  The two together are called a "multi-signature wallet", and as we all know, this has been declared the "year of multi-sig" for a reason:  because it is safer than desktop or web wallets.

But to answer your questions:  the keys are provisioned on machines other than the service with the user's full control, and are never known to the service.  Hardware signing is coming too.

Mike

BitGo has been full HD for at least 6 months :-)

Mike

It definitely should not be the case!  Feel free to send me or support@bitgo.com email and we'll get this sorted out.

Thanks
Mike

I have heard about people getting hacked on blockchain.info when not using 2FA, but I haven't heard of a single hack from a person that uses 2FA.  I consider it extremely safe.

As far as Bitgo is concerned.  I use it too and like it as a service.  I feel more confident that a webwallet isn't going to run off with my money when it was designed from the ground up to be impossible to do that.  Now maybe that is or isn't the case in reality and we don't always know what a sneaky hacker will do.  Still.... I have used Bitgo and feel confident with it.

And always use 2FA when possible!