A Rocket Scientist Takes On Bitcoin Security
Alan Reiner, 30, thought he wouldn't find any career more interesting than missile defense simulations, but the self-described nerd left physics recently to work full-time on an ultra-secure Bitcoin wallet, Armory.
Bitcoin, a decentralized virtual currency, "has a lot more benefit to humanity than missile defense does," Reiner says. "There's a richness [in Bitcoin] that hasn't been tapped yet. You know that rumor that you only use 10% of your brain, that's kind of how Bitcoin is; there's so much more it can do."
Reiner, with degrees in math and engineering, had been building large physics simulations at John Hopkins University of Applied Physics Laboratory for the past seven years. For the past two, in his spare time, Reiner has been developing Armory, the free open source digital Bitcoin wallet that most serious Bitcoin investors use.
All Bitcoin transactions are recorded in a commonly accessible ledger that documents the transfer of each bitcoin while keeping their owners virtually anonymous. Individuals can use online or mobile apps called Bitcoin wallets to initiate transactions or verify their balances. Some bitcoin wallets function like mainstream mobile wallets, allowing users to initiate transfers by scanning QR codes, for example.
"The core feature of Armory is that it goes to every great length to establish security even at the expense of convenience," says Reiner.
Armory supports cold storage, which means the user's private keys password-like data used to authenticate ownership of bitcoins are kept on a computer that never touches the Internet. Cold storage has been discussed for digital wallets for a while, but other wallets haven't implemented the feature.
Armory bundles the cold storage and hot storage (Internet-connected) options so everyday users can navigate through the system. Reiner calls this a "holy grail feature."
Cold storage is an important idea, especially since Bitcoin businesses are frequent targets of hackers. Bitfloor, once one of the largest Bitcoin exchanges dealing in U.S. dollars, had 24,000 bitcoins (worth approximately $250,000 at the time) stolen last year. The theft occurred when Bifloor's founder, Roman Shtylman, left the bitcoins in a hot wallet connected to an online server while he was moving funds around.
Another feature that differentiates Armory is its password recovery. One of the biggest risks for consumers using Bitcoin is losing their wallet because they forget their passphrase, Reiner says.
"Everyone is so used to creating a password and when they forget it with the click of a button you can re-retrieve it," he says.
To facilitate password recovery, Armory created printable backups, so it's up to the end user to keep those physical versions safe. The backups are a string of letters and numbers (a seed) that will unlock the different addresses a consumer has used to receive bitcoin payments.
It's considered a best practice to use a different address for every received bitcoin payment, Reiner says, so the wallet becomes a whole list of private keys. With the seed a consumer will be able to recreate all the different addresses used.
Reiner is also working on stronger wallet encryption to resist the practice of using ultra-powerful graphics cards to hack into accounts by testing a wide range of passwords against them.
While Armory wallet might have strong security backing it, mainstream consumers might favor a more convenient wallet, Reiner admits. Wallets such as Electrum, MultiBit and Bitcoin QT, the core Bitcoin client, are all easier to sign up for and start using.
"Right now Armory is filling a niche for users wanting advanced security businesses are using it [and] investors are using it," Reiner says.
Reiner hopes to fix the usability problem with the recent $600,000 his company received from three investors, including James Smith, Kevin Bombino and Bitcoin entrepreneur Trace Mayer. Reiner has quit his job to focus on his company, Armory Technologies Inc., full-time.
Smith is a fund manager at Bedrock Capital. Bombino is an investor and entrepreneur that graduated from Harvard with a degree in computer science. Mayer is well known in the Bitcoin space, serving on the editorial board of Bitcoin Magazine and investing heavily in BitPay, a Bitcoin merchant service provider that recently reached 50,000 merchants.
Armory is critical to convincing businesses to use Bitcoin for large transactions, Reiner says.
In the future, Reiner wants to develop multi-signature transactions within the wallet, so individual users have to authenticate funds transfers from a separate device. This technology could also work for companies using the wallet, where each board member has a set of private keys, then for a transaction to be initiated four of the seven members must approve on their separate devices. It could rely on text messages or email for notifications, he says.