이번 세미나에서는 11장 Bitcoin Security를 다룹니다. 분량도 적고 어려운 내용도 없으니 쉬워 간다고 생각하고 가벼운 마음으로 본문 내용을 읽습니다.

Security Principles

본문 내용을 빠르게 읽어 낸 후, 아래 인용한 내용과 요약한 내용을 다시 한 번 읽어 봅니다. 강조한 부분은 여러 번 읽어보고 생각을 좀 깊이 해 봅니다.

The core principle in bitcoin is decentralization and it has important implications for security. By comparison, a decentralized system like bitcoin pushes the responsibility and control to the users. Because security of the network is based on Proof-of-Work, not access control, the network can be open and no encryption is required for bitcoin traffic.

A bitcoin transaction authorizes only a specific value to a specific recipient and cannot be forged or modified. It does not reveal any private information, such as the identities of the parties, and cannot be used to authorize additional payments. Therefore, a bitcoin payment network does not need to be encrypted or protected from eavesdropping. In fact, you can broadcast bitcoin transactions over an open public channel, such as unsecured WiFi or Bluetooth, with no loss of security.

Bitcoin’s decentralized security model puts a lot of power in the hands of the users. With that power comes responsibility for maintaining the secrecy of the keys. For most users that is not easy to do, especially on general-purpose computing devices such as internet-connected smartphones or laptops.

The most important principle for bitcoin developers is decentralization. Most developers will be familiar with centralized security models and might be tempted to apply these models to their bitcoin applications, with disastrous results.

Bitcoin’s security relies on decentralized control over keys and on independent transaction validation by miners. If you want to leverage bitcoin’s security, you need to ensure that you remain within the bitcoin security model. In simple terms: don’t take control of keys away from users and don’t take transactions off the blockchain.

보안도 탈중앙화 관점에서 생각해야 합니다.

탈중앙화는 중앙 집중된 권한과 책임을 사용자들에게 넘겨준 것입니다. 키 관리는 사용자의 가장 중요한 책임입니다.

‘키 관리의 어려움’을 블록체인 서비스의 대중화의 걸림돌로 보고, 사용자로 부터 키 관리 책임을 뺏는 것은 탈중앙화에 기본을 무너뜨리는 것입니다.

A bitcoin application without vulnerabilities should be vulnerable only to a compromise of the bitcoin consensus mechanism, meaning that its root of trust is based on the strongest part of the bitcoin security architecture.

비트코인 애플리케이션의 강력한 보안성은 비트코인 시스템이 갖는 보안성 아키텍처에서 비롯됩니다. 성능이나 사용성과 같은 어떠한 이유도 이러한 전제를 포기하도록 해서는 안 됩니다. 블록체인 서비스 개발자들은 이 점을 꼭 명심하고 새겨두어야 합니다.

User Security Best Practices

보유한 비트코인 수량이 얼마 안 될 때는 별 문제가 안 되지만, 보유 수량이 많아지면 키 관리는 가장 중요한 문제가 됩니다.

Humans have used physical security controls for thousands of years. By comparison, our experience with digital security is less than 50 years old. Modern general-purpose operating systems are not very secure and not particularly suited to storing digital money. Our computers are constantly exposed to external threats via always-on internet connections.

Because most users are far more comfortable with physical security than information security, a very effective method for protecting bitcoin is to convert them into physical form.

Keeping bitcoin offline is called cold storage and it is one of the most effective security techniques. A cold storage system is one where the keys are generated on an offline system (one never connected to the internet) and stored offline either on paper or on digital media, such as a USB memory stick.

Unlike a smartphone or desktop computer, a bitcoin hardware wallet has just one purpose: to hold bitcoin securely.

In the effort to secure their bitcoin wallets, users must be very careful not to go too far and end up losing the bitcoin.

Users should spread the risk among multiple and diverse bitcoin wallets.

Whenever a company or individual stores large amounts of bitcoin, they should consider using a multisignature bitcoin address.

One important security consideration that is often overlooked is availability, especially in the context of incapacity or death of the key holder. If you have a lot of bitcoin, you should consider sharing access details with a trusted relative or lawyer. A more complex survivability scheme can be set up with multi-signature access and estate planning through a lawyer specialized as a “digital asset executor.”