In these days, the most trending topic is definitely the Bitfitnex hack. What naturally comes to everybody’s mind, as a comparison, is the crash of MtGox. These are both unquestionably important incidents that need to be talked about, but what is generally remembered are their negative effects. What is being forgotten are the positive side effects. Let’s go down in history a bit to see that good things can come up from unpleasant experiences.

State of bitcoin ecosystem

One of such hacking attacks with quite an interesting impact on the Bitcoin community occurred on Thursday, 1st of March 2012. It was an early era of CPU/GPU mining, and the total hash rate of the network peaked around 11 TH/s, which in comparison with today's 1 500 000 TH/s seems quite funny. There were no hierarchical deterministic wallets that would allow safe and convenient storage, and the best way for a “Bitcoin Hodler” to secure his coins was to use inconvenient and messy paper wallets. Yes, just a few years ago the Bitcoin ecosystem was this underdeveloped. Hard to believe, right?

What happened

It all started when the infrastructure of the cloud provider Linode was hacked. Linode failed to secure the access to a hot wallet address of the very first Bitcoin mining pool — Slush Pool. At that time, Slush Pool has been operating for more than 2 years and had quite a nice 13% of the mining market share. Security breach led to a loss of 3094 BTC from the pool funds. Since dividing the loss among the miners was not even an option, Slush decided to cover the loss from his personal savings. Other members of the community, such as Gavin Andersen and Bitcoinica — well known Bitcoin trading platform, were also affected, and the total loss grew up to 46,703 BTC — or 0.5% of total BTC supply mined at the time.

What was the response

However, none of the respected community members proposed a hard-fork as a solution to this situation. Bitcoin ecosystem responded in a self-improving manner instead. One of the responses was the implementation of p2sh scripting which was introduced by Gavin Andresen as a part of Bitcoin Improvement Proposal 16 (BIP 16), and became a part of the protocol in April 2012.

Another response came from Marek Palatinus, Slush Pool operator, who decided to take slightly different approach. Instead of orchestrating a hard-fork and trying to change the protocol, he tried to improve the protection on an individual level. Quite a successful result of his effort is now known as the TREZOR — the first hardware wallet. The device has quickly found its way to the customers, because it combines the security of a paper-wallet and convenience of on-line payments at the same time.

Current situation & future

Are we going to see other successful hacking attacks in the near future? For sure. But nowadays, each attack always results in an increased demand for hardware wallets. People are fast learners when it comes to their money, and the whole Bitcoin community is becoming more hack-resistant as a result. Unfortunately, for obvious reasons, this is not the kind of headlines which attracts attention and therefore remain unseen.

How does Slush Pool protect the customer funds nowadays? Recently mined Bitcoins are stored in a hot wallet, as they are quickly transferred to the miners in the pool. Everything else is deposited in the TREZOR.

Author: Martin Jurco

Sources:

http://arstechnica.com/business/2012/03/bitcoins-worth-228000-stolen-from-customers-of-hacked-webhost/

Slush’s statement:

https://bitcointalk.org/index.php?topic=66916.