When explaining her company’s newest product, cryptocurrency entrepreneur Alena Vranova, director of the Prague-based Satoshi Labs, likes to highlight a fundamental paradox sitting at the very heart of how people around the world use virtual currencies.
“Bitcoin is a very secure protocol,” she insists, “[but] we were using it with very insecure tools.”
Vranova’s assessment makes a lot of sense. Bitcoin, a digital currency, is set up to allow people to transact securely online without the need for an outside financial institution, or any third-party outside of the Bitcoin network itself, to verify that transaction. Yet, at the same time, the currency is dogged by a number of high-profile security scandals, notably the more than half a billion dollars stolen from the now-bankrupt online exchange Mt Gox.
The lesson much of the Bitcoin community took away from the Mt Gox debacle was that storing large amount of virtual currency anywhere online, such as in a dedicated Web-based wallet service or in the wallets operated by online currency exchanges, was akin to asking to have that money vanish into thin air. The problem with the alternative—storing coins offline, on a home computer or dedicated external hard drive—is that the process can not only be intimidatingly complicated and time-consuming, but a single user error can wipe someone’s virtual bank vault from existence.
Vranova’s solution was to find a middle ground between simple, user-friendly online wallet services that don’t require a background in computer programming to operate and the offline “cold storage” systems that actually ensure the highest degree of security. After years of development and frustrating delays, that solution—a small, rectangular computer called a Trezor designed exclusively to store Bitcoins—has finally started shipping earlier this month to people who pre-ordered the product, some having done so as far back as two years ago.
Trezor is a single-use device for storing bitcoins and making secure Bitcoin transactions. Coins that are stored on the Web can be lost if the website managing the coins is hacked. Coins stored on a computer can be lost if malware is secretly installed on that computer. Trezor, on the other hand, doesn’t allow for the installation of any third-party applications, removing the issue of malware, and only connects to the Internet through a computer, through which it can supposedly still transact securely even if that computer’s security is compromised.
Trezor isn’t the first Bitcoin hardware wallet to become commercially available. But its creators insists that it is the first one simple enough to be used by almost anyone. “Before, there was Pi Wallet,” Vranova noted, “but that’s really a gadget for nerds that know a lot about security and don’t mind difficult ways.”
Butterfly Labs, a Kansas-based company primarily known for building extremely specialized computers for cryptocurrency mining, is also developing its own hardware wallet, but those plans have yet to come to fruition.
The process for making transactions with Trezor is relatively simple. Satoshi Labs operates a website just for sending and receiving coins using the device. All one has to do is enter in the address the user wants to send money to, connect their Trezor to the computer, enter a personalized security PIN number, and then hit send.
One advantage that web wallets have over those held on physical devices offline is that while it’s possible to lose a computer or a Trezor, misplacing the entire Internet is considerably more difficult. Satoshi Labs has safeguards in place to ensure that it’st possible to recover all of the bitcoins lost if a Trezor goes missing. The need to enter a PIN on the physical device to unlock any coins adds a layer of security against cryptocurrency-hungry pickpockets.
Trezor’s journey has, thus far, been a long one. The product was initially funded through a Kickstarter campaign last summer. Issues with the company Satoshi Labs contracted to manufacture the device delayed delivery significantly, however. This delay was an issue for people who pre-ordered the product for a price tag of a single bitcoin because, at the time, Bitcoin was only trading for about $100. Today, it is worth nearly six times that amount. In the interim, it hit prices well over $1,000.
“As with every pre-order in the Bitcoin world you’re going to lose a whole lot of money doing it,” bemoaned one Trezor customer in an unboxing video of the product recently uploaded to YouTube. “I think I’d rather just be happier with a Bitcoin.”
At the moment, Trezor doesn’t work with other cryptocurrencies like Dogecoin. The hardware is set up to support altcoins, as non-Bitcoin cryptocurrencies are called, but no software interface has as of yet been developed than can load them on and off the device.
The physical element of Trezor is a key part of its psychological appeal. Part of the difficulty Bitcoin advocates have had selling virtual currencies to the public is that they’re fundamentally intangible—they reside exclusively on a computer. When ones gets to the heart of it, they only really exist on the blockchain, the decentralized public ledger that records every Bitcoin transaction since the currency’s inception. The whole concept is abstracted to the point where it often takes a leap of faith for people to believe there are bitcoins out there that supposedly belong to them and that those bitcoins have real value.
“Most people I know only heard of bitcoins [being] stolen, a lost hard-drive or a crash of a Bitcoin ?bank,’” Vranova explained. “It has something to do with the fact that Bitcoin is something they can’t see or hold, thus understand and trust.”
Trezor, on the other hand, is something tangible. It has weight and volume. Someone can hold the device in his or her hand and know that this is where their money lives.
Moe Adham, co-founder of the Bitcoin ATM manufacturer BitAccess, told the Daily Dot this psychological reassurance is a crucial element in what makes hardware wallets like Trezor attractive.
“I think Trezor emerged with a real problem in mind. Originally, it was really quite difficult to hold onto a lot of coins. It was a really cumbersome and terrifying process,” Adham said. “If you want to see why they’re doing this, take an old laptop, wipe it clean, install a new operating system, install [open-source Bitcoin wallet management platform] Armory and try to do a multi-signuatre transaction. See how difficult it is. See how long it takes.”
At the same time, Adham argues that, in the months since the MtGox meltdown, online wallet services like CoinBase and Blockchain.info have done a good job of tightening up their security to the point where the ease-of-use benefits probably outweigh the risks for most users. Some wallet services, like Coinbase, even offer insurance against stolen coins.
“A lot the new entrants into the cryptocurrency space will likely be using these online services rather than putting their coins in cold storage on air-gapped machines,” he noted. “Products like Trezor are really for people who are extremely concerned about security…[but] still want a degree of convenience.”
Whether Trezor will make significant progress in improving the confidence people have in the security of Bitcoin remains to be seen; but the product has already amassed an impressive collection of endorsements from people like Bitcoin Foundation Chief Scientist Gavin Andresen.
“Trezor has redefined state-of-the-art in financial security,” said Bitcoin core developer Mike Hearn in an endorsement on Trezor’s website. “This project is showing that the Bitcoin community can rise to even the toughest challenges presented by truly decentralised money.”
H/T CoinDesk | Photo Perspecsys Photos/Flickr (CC BY SA 2.0)