Crypto wallet manufacturer Bitfi has previously introduced a bounty program offering a grand prize of $250,000 to crypto enthusiasts who were invited to hack the wallet and access the cryptocurrency within it. The team claims, that although there were successful attempts to break in and implant faulty code, none of the hackers managed to access the funds in the wallet, and this was done to demonstrate the efficacy of a new approach to securing crypto assets.
You Can’t Hack What You Can’t Attack
Bitfi claims that their wallet is fundamentally different from others. All wallets are storage devices, they use memory to store users’ private keys. Cold storage refers to a method of storing private keys offline. A potential flaw of cold storage happens when your holdings become vulnerable to many different kinds of offline attacks. If an ordinary hardware wallet is stolen, the attacker can extract private keys because they are stored on the device.
The wallet from Bitfi aims to improve upon cold storage by eliminating storage completely. All private keys are not stored on any physical medium. All the funds are stored in your brain if you choose to memorize your secret phrase that gives you access to the Bitfi wallet. When typing in the secret phrase, the Bitfi device uses a deterministic algorithm to calculate a user’s private key.
Following this step, the private key comes into existence only during a transaction. As soon as you put down your device, there is absolutely no data on it. The result is an advantage over cold storage methods. According to the team, there is nothing that anyone can do with a stolen Bitfi to extract private keys because they are not on the device. Bitfi claims that the wallet is “government proof” since and given that it has no private keys, not even an attacker with unlimited resources can obtain data that’s not there.
How is This Different from Brain Wallets?
Since users have the option to memorize their secret phrase, one might think that Bitfi works a lot like a brain wallet. The main difference is that any brain wallet requires a software that works online or downloaded from the internet to turn your phrase back into a private key. Bitfi is completely isolated from the computer environment. Unlike other hardware wallets, Bitfi is never connected to a computer with a cable.
The second most obvious difference is that unlike brain wallets, with Bitfi, a single secret phrase will generate private keys for all the assets stored in the wallet. You could be storing 50 different currencies and tokens and each one of these assets would be controlled by one secret phrase which would calculate the appropriate private key for that transaction (instead of having to memorize 50 different phrases with a brain wallet).
Another aspect of Bitfi technology is how entropy is being used to insure user set pass-phrasess are secure. The team says, while it is one of the most technically advanced wallets, Bitfi also benefits from simplicity and an intuitive interface. Unlike with other hardware wallets the user never needs to install or download anything. This eliminates a lot of the anxiety that comes with operating hardware wallets.