Source: Liu Jiaolian
BTC rebounded to 98k overnight. This is also near the height of the 30-day moving average. The market divergence is still obvious. Those who are bearish see the market downturn, and those who are bullish directly cut the boat to seek the sword. There is no way, the current height, the current time node, and the current cycle process are the moments of divergence.
Recently, I saw someone lose coins again. The work computer is used to operate the hot wallet to make on-chain income, and it is also used for meetings and office work. As a result, the conference software with a Trojan horse was accidentally upgraded, and the wallet assets were looted.
Hot wallets are absolutely not advisable.
Even for Bitcoin veterans who are proficient in encryption technology, they think they are proficient in the technology of encryption wallets, and they carelessly put the encrypted private key files on the networked machines. They are also targeted and stolen, and lose 200 BTC. According to the estimate of 100,000 US dollars, it is worth 20 million US dollars, which is equivalent to about 1.5 small goals at the exchange rate of 7.3.
He is Bitcoin core developer Luke Dashjr. Jiaolian has introduced his main deeds and contributions.
These 200 BTC are all his wealth. One careless move, and it all disappeared.
He said that he had encrypted the private key of BTC with PGP. However, the PGP key used for encryption is actually the same PGP key he uses in his daily work to sign the Bitcoin Knots software package. This is too careless.
The risk of exposure is very high for keys that are used frequently. Every use means a possible exposure. How can the same key be used to encrypt a private key? If the encryption key is exposed, then the private key encrypted with the key will naturally be unsafe.
As for the encrypted private key file, he should have put it on his laptop. The FBI suspects that when he was carrying his laptop to a meeting, someone approached the computer and stole the encrypted private key file. And this person may have already obtained the PGP encryption key. In this way, with the file and the key, it is easy to decrypt the private key and steal all the BTC.
What if the guy in the meeting used a hardware wallet and separated the private key from the work computer?
What if Luke Dashjr used a cold wallet to store BTC?
Maybe they would not lose their coins and empty their wealth.
Some netizens also think that cold wallets separate private keys from cyberspace and digital environments, but they face the risk of illegal infringement in the physical world, such as the risk of burglary or robbery. For example:
You copied the private key mnemonic on paper and put it at home. It was seen by a visitor and the coins were lost.
You copied multiple backups and put them in different places. Now each copy has become an exposed risk point. If any copy is seen, the coins will be lost.
You are afraid that the paper will be damaged, so you take a photo with your mobile phone and put it in the album, and the coins will be lost.
You are afraid that the paper will be easily damaged, so you carve it on a steel plate and put it at home. It was robbed and the coins were lost.
You added a password to the mnemonic, but wrote the password and the mnemonic on the same piece of paper, and leaked them at the same time, and the coins were lost.
And so on.
However, Jiaolian believes that most of the thefts are carried out in an online environment. If you live in a relatively safe area, then a cold wallet is definitely much safer than an online hot wallet.
Some people suggest using multi-signature. Keep the several private keys of the multi-signature separately.
Or split the private key mnemonic into several parts, multiple shards, and keep each shard in a different place.
It seems that this can keep the assets safe even if one place is exposed. This avoids a single point of failure (theft).
However, in addition to not being able to prevent thieves, there is another situation in which you can also prevent yourself.
In history, there have been many cases where the hard disk storing the private key was thrown away as garbage, or the person could not remember the key to decrypt the private key, etc., which caused BTC to be completely locked and no one could move it.
This is also a kind of coin loss.
As for the situation where you voluntarily hand over your private key or control rights, such as storing the coins on an exchange for a long time, or placing them on a robot platform controlled by the platform, which may be embezzled at any time, we are not discussing it.
We are discussing self-custody, which means being the owner of your own assets.
It can be seen that the loss of coins in the context of self-custody is either letting others steal the control rights or losing the control rights.
The left side is letting others steal the control rights, and the right side is losing the control rights. The security we hope to achieve is neither left nor right, but staying in the middle, that is, we have the control rights, and others cannot have them.
Therefore, the so-called single point of failure has two meanings, and both are very important.
One is multiple backups and single point theft. If any backup is stolen, control will be stolen. But the advantage is that as long as there is one backup that is not damaged, I can get these coins back and it is not easy to lose control.
The other is multiple shards and single point damage. If any shard is damaged, it will make it impossible to recover the private key, thus losing control. But the advantage is that only when all shards are stolen will property loss occur.
You can't basically have your cake and eat it too.