The Coincheck Hack and Future of Blockchain Security

The loss in January of more than $500 million worth of digital coins from Coincheck, a Japanese cryptocurrency exchange, is raising questions about the security of virtual currencies.

The ease with which hackers stole the digital currency shows that basic security measures were not in place, according to MIT Technology Review. For example, the stolen currency was stored in an internet-connected “hot” wallet, while many exchanges already hold most users’ funds offline. “Going forward, this will presumably become standard practice,” MIT Technology Review reported.

Another issue is the security of the private cryptographic keys that are associated with every public cryptocurrency address. Someone managed to acquire a private key in the Coincheck heist.

One possible answer is a multisignature address, which requires more than one cryptographic key to execute a transaction. The system is similar to the multi-factor authentication process used to access email or bank accounts. Business partners can use the technology, for example, to create a wallet that requires each of them to sign off on transactions. The system is not perfect, however, because hackers defeated a multisignature system in 2016 to steal $65 million from Bitfinex.

A broader discussion about blockchain security is just beginning, says MIT Technology Review. “Some say blockchains can revolutionize how we track a host of assets beyond just money, like land titles. Such a system might look different from the blockchain networks running today’s cryptocurrencies, but it would still rely on cryptographic keys that could fall into the wrong hands. The techniques and processes we adopt for securing them will be crucial for keeping hackers from running off with land that isn’t theirs.”