Feature Interview: KeepKey CEO Darin Stanchfield on Bitcoin Security
Darin Stanchfield has long had a passion for tinkering with new things. Now as the 35-year-old CEO of the bitcoin hardware wallet KeepKey, he’s hoping to address the needs of bitcoin neophytes seeking a secure, simple offline repository for their digital currency. The key here says Stanchfield, no pun intended, is overcoming all too common lingo like hot and cold wallets that creates confusion and discourages everyday adoption among consumers.
KeepKey’s repute is build on the stealth level of security and user friendliness that it offers. In short, it works synchronistically with a computer-based bitcoin wallet, assuming management of private key generation and storage as well as transaction signing. It’s hardware black box is rectangular in shape, similar to legacy external USB drives. Security risks are mitigated through a combination of a PIN-code and complex password phrase. The side of the box also features a special confirmation button that is depressed whenever the user is seeking to send bitcoins. Another key feature of the KeepKey interface is that it displays information on an easy-to-read screen, so that users can easily confirm that they are using the correct address or codes.
BTCMANAGER recently had the opportunity to briefly talk with Stanchfield about the emergence of hardware solutions like KeepKey that keep bitcoins safe and secure from nefarious actors. He also shares a few of his perspectives on what the broader landscape of bitcoin security portends for the future.
Why a hardware solution for keeping bitcoins free from hackers and thieves?
Using a hardware solution gives people complete control over their bitcoins while providing the best level of security. A hardware wallet like KeepKey is secure because it generates the private seed offline and guarantees that it remains offline. Also, hardware wallets do not have an operating system that malware and viruses can infect.
Can you share more about what makes this such an attractive solution for bitcoin enthusiasts?
Great question. Clearly bitcoin users need to think about using solutions that appropriately protect the value of the coins they’ve stored. If you are protecting a stash of hundreds of bitcoins, it probably isn’t a good idea to carry them around in a mobile wallet. Similarly, we carry only enough cash to do our daily transactions. We want to make it convenient to walk around with one or fewer bitcoins in a wallet that makes them easy to spend. Most people would probably agree that it’s much safer that way.
So what do you believe is the biggest myth regarding bitcoin security?
One thing I hear a lot is that paper wallets are the most secure way to hold bitcoin. This is not so much a myth as it is a misleading statement. Paper wallets are only as secure as the method used to generate the wallet and how funds are spent from the wallet. Paper wallets should be generated offline (and offline doesn’t just mean disabling your wifi), and transactions should be signed offline. Unfortunately, through the use of these methods, there are so many ways for new users to make mistakes. This is why a hardware wallets like KeepKey are useful — they make these sorts of wrong moves difficult.
Another myth is that a wallet on a general purpose device can be truly secure. Sure, a few mobile and desktop wallet vendors do a really good job of securing their wallets with the assumption that the device itself remains secure. The problem is that general purpose devices like a computer or mobile phone can be compromised in myriad ways. Even if the private key is always encrypted when written to a storage device, it has to be decrypted in memory at some point in time. Sometimes, these wallets can be tricked into exposing their secrets by malware that lies to them. Or, a simple keylogger can provide easy access for a thief. Bottom line — if the wallet software is executing on a general purpose device, it is safest to assume that it has been compromised.
We hear so much these days about “Multi-Sig” and “Cold Storage” security technologies. In your estimation, what are their strengths and limitations?
When it comes to online web wallets, multi-sig is the only way to go. It maintains the convenience of web wallets while maximizing the user’s ability to control their funds. Multi-sig web wallets do have some pitfalls. Most implementations with a 2-of-3 key arrangement have 2 of the keys generated on the same machine. That machine, again, needs to be offline. If not, you may have exposed the keys on day one. You could be years into using the key, thinking you are safe because of multi-sig, only to discover that a thief is waiting for you to accumulate funds in anticipation of a heist.
But are there any dangers in terms of making these security measures too complex for the end user?
We hear again and again that having one key for your wallet introduces a single point of failure. I think this belief came from the rise of multi-sig’s power to protect web wallets. But this belief is very flawed. Part of good security is making sure that you, the owner of the wallet, can still access your funds. Anytime a new key is introduced, there’s the opportunity for an additional key to be misplaced or mishandled. With one key, it is very straightforward and easier for new users to understand. At KeepKey, we don’t believe more keys equals more security. Instead, we think about the features a multi-sig relationship can provide to a wallet. It should be very similar to how a manager currently signs off on an escrow or other form transaction.
What do you see as the next major milestone for bitcoin security in 12-18 months?
Things are happening very fast! I think that eventually, bitcoin security becomes standardized and we see some sort of certification process for wallets. We have already seen some initiatives on this.
I also think, at least from the things we are working on at KeepKey, that good bitcoin security becomes something we just take for granted. Users and organizations need to be guided to do the right thing. We shouldn’t be talking to users about the intricacies of managing private keys. Instead, we should provide them solutions that ensure that they know what to do, For these users, it should “just work”, and they should never have to think about it.