- Easy changes between quorum participants
- Easy changes in hierarchical structures (in the event of 2 quorums or more)
- Scalability – if your business grows, if new policies are implemented for transactions, etc.
Crypto Hacks: The Rise of the Rogue Insider
Blockchain breaches and cryptocurrency heists continue to change in 2019 – from the exchange hacks we know to a new, scary brand of theft from rogue insiders. The latest victim of the rogue insider trend is Bitthumb, which suffered its third hack in two years on Friday – this time, losing $20 million USD in stolen EOS and Ripple (XRP). Exchange hacks are old hat, as the most common form of crypto theft of the $2 billion stolen since 2017. What stands out here, however, is the reason behind it – not just your typical private key mismanagement, but the work of rogue insiders, company officials stated. This is the second major rogue insider scandal to erupt within the past 3 months – the first being QuadrigaCX. Human behavior cannot be predicted – but it can be safeguarded against failures. In a real zero-trust environment, good crypto hygiene and additional security measures (e.g. HSM, Multi-sig, multi-party computation) are a must; whether they can overcome the human element of rogue insider hacks depends on implementation. In this piece, I will explore how the proper MPC deployment provides a safeguard against malicious insiders – starting with a quorum authorization scheme. A Matter of a Mindset Let’s assume that every crypto environment in today’s climate is a real-life zero-trust environment. This is a matter of mindset; it’s the difference between looking at the overall safety of blockchain keys from the macro level (e.g. “Are my keys safe?”) vs. looking at the tactical advantages and disadvantages of that safety method (e.g. “Even if my keys are safe, are they safe in the event of a rogue insider/sudden single-system compromise/other unexpected event?”). The crux of the rogue insider scenario is not how keys are stored, but with whom. Here, the single point of compromise would be the human participant – ergo, the solution is to expand the participant pool so that multiple people are holding the keys – and to decrease the odds that all of them are rogue. Enabling a quorum authorization structure to any cryptocurrency or token management system ensures that no single participant in the transaction, whether human or bot, can steal funds. In layman’s terms, a “quorum” means that at least 2 people out of many are required to authorize a transfer of funds – also known as m-of-n. Putting Theory Into Practice Quorums alone will not prevent fraud; employing them with a trusted third party, and a little creativity, could. Let’s take an epistemic rogue insider example: QuadrigaCX, where cofounder Gerald Cotten is suspected to have stolen BTC, and whose fellow cofounder Michael Patryn was revealed to have a criminal history of fraud. In this real-life zero-trust scenario, a 2-of-3 quorum may not have been enough to prevent fraud – unless a third party was brought in and a multi-tiered quorum was set up to provide an extra safeguard. Theoretically, this would include both co-founders, plus a keyshare representing a third-party organization that, in and of itself, includes multiple stakeholders in that organization (e.g. a custodial service with multiple administrators of the same account). Choosing The Best Quorum Arrangement If you’re choosing to implement quorums, you’ll want the most flexible, secure, and scalable option available that will allow for: