What we are most familiar with encryption assets is the encrypted currency. But is it safe to use it as an encrypted currency? As a matter of fact, since the advent of the first cryptocurrency bitcoin, there have been many digital currency theft incidents, and some even the entire exchange has been attacked. Encrypted currencies have all disappeared overnight.
Although mainstream financial service companies, such as fidelity, have launched institutional platforms for hosting and trading BTC and ETH to promote the rapid maturity of the industry, however, it seems that there is still a long way to protect the security of encrypted assets. The following are the four main factors that make it difficult to host cryptocurrency assets:
1,Private Key is an asset
For encrypted assets, the private key is the asset itself. This is very different from traditional systems. In traditional systems, the encrypted private key is only the asset pass, not the asset itself. When an online banking application or hardware card is used for transfer, the private key contained is used to sign the transaction-however, the funds themselves are not stored on a mobile device or card, therefore, the user will not directly suffer losses due to the theft of the private key.
Generally, the Private Key itself is very small. For example, in Bitcoin, it is only 32 bytes long. Sometimes, you may wonder how much value is stored in such a string of bytes. In fact, some bitcoin addresses contain hundreds of millions of dollars, but only a 32-byte private key is used to declare ownership of the asset.
The fraudster can take full control of the balance under an address after stealing the private key; in addition, the loss of the private key is also bad-someone threw away a hard disk, the private key in the hard disk can extract Bitcoin worth more than $80 million.
2,The account is cleared after an accidental use.
In fact, the situation is much worse. Fraudsters do not even need to obtain the private key for fraudulent transactions. To submit such a transaction, you only need to sign the transaction with the private key. Clearing an encrypted asset in an address on a ledger requires such a signature-whether the address contains $40 or $0.1 billion.
This situation cannot be ignored. Although there have been a variety of methods for protecting the security of encryption keys over the past few decades, all of these methods-including the most powerful hardware security module (HSM ), protection focuses on preventing private keys from being attacked or stolen. This is good enough for many cryptographic cases because the occasional abuse of private keys is not disastrous. However, encryption assets are not the case. A user's carelessness may mean that the game is over: So even if the private key is stored in HSM, attackers may also target a much less secure link, such as the HSM used to sign the transaction system.
3,The encrypted asset does not exist from the beginning
From the fraud perspective, one of the most profitable aspects of cryptocurrency is the irrevocable nature of transactions. Once a transaction is written to the blockchain, it cannot be undone. This is very different from the current situation in the financial system. In the current financial system, fraudulent behavior can be canceled (at least partially.
4,Easy to withdraw
In traditional online financial frauds, how to withdraw money is the most difficult problem for fraudsters; that is why Bank Trojan Horse operators need to call a large amount of money to cover up the traces of funds. The fraudster uses the anonymity of the encrypted asset, which allows the fraudster to cash in without being noticed after stealing the encrypted asset.
In general, the theft of so many encrypted assets is not surprising. Inherent vulnerabilities and vulnerabilities stem from the fact that secure key management is a very difficult task, and fraudsters also have a lot of motivation to exploit these vulnerabilities.
Apatheticco
Link: https://www.kg.com/article/505285509275324416
Which of the following are the main factors that make it difficult to host encrypted currency assets?