Bitcoin Hacked or Bitfinex Hacked?

Following the recent news of the seizure of 94,000 Bitcoin out of the 120,000 stolen in the 2016 Bitfinex hack, people have been left wondering how secure Bitcoin is despite it being termed as hackproof. Just one simple question is being asked now, if Bitcoin can’t be hacked, then why the Bitfinex incident, which saw 120k Bitcoin getting stolen? So I decided to write a brief article to enlighten most of those who are confused.

What we know from the Bitfinex Hack of 2016

The hack was carried on the Bitfinex exchange, draining it of nearly 120,000 Bitcoin, making it the largest loss of Bitcoin since the most infamous Mt Gox of Japan, which lost 744,408 in early 2014. The hackers exploited a vulnerability coming from how Bitfinex structures its accounts and its use of the BitGo Bitcoin wallet provider to provide an additional layer of security to customer transactions. In 2015, Bitfinex and BitGo created a system where multi-signature wallets, whose keys were divided among the owners to manage risks, would be provided to each customer. Each Bitfinex user would own a set of keys created using 2 of 3 key arrangements whereby Bitfnex held 2 of the keys(including offline) and Bitgo would use the 3rd to co-sign the transactions. This left the exchange responsible for guarding the keys, meaning that an attack to the exchange could affect even the users with their own security keys and added security features such as two-factor authentication, which is what exactly happened after the attack as users reported to have lost their Bitcoin holding.

In a nutshell…

In a nutshell, the attack was carried out on the Bitfinex exchange, just like any attack would be carried out on other exchanges. In this case, think of Bitfinex as the bank to your Bitcoins, and if the Bank is hacked, just like the normal way where fiat will be lost, Bitcoin definitely will be lost. However, Bitcoin’s network itself can’t be hacked.

From Bitcoin’s whitepaper released by Bitcoin inventor Satoshi Nakamoto, the network uses the proof-of-work consensus method to validate transactions. PoW uses the longest chain coming from the largest pool of CPU power to validate the existence of the transaction. This chain is immutable and can’t be altered without going back in history to alter the proof of work over the period of transactions, making it almost impossible.

As long as a majority of CPU power is controlled by nodes that are not cooperating to attack the network, they’ll generate the longest chain and outpace attackers. For an attacker to successfully cripple the network, he needs to obtain 51% of the CPU pool power. In every block validated, it is appended to the chain, leading to a very long chain and this diminishes the possibility of an attack exponentially as subsequent blocks are added.

How to safeguard your Bitcoin

In cryptocurrency such as Bitcoin, the only surest way to safeguard your crypto is to move them to a wallet where you only have the keys to access the wallet. The keys should be safely stored where hackers can’t get hold of them. There is the saying “Not your keys, not your coins”, meaning that as long as your crypto is held on exchange wallets, they are not safe there until you move them to a secure wallet you only have the keys to access. Any hack on the exchange platforms like the one carried on Bitfinex can make you lose your crypto.

I write about Crypto, Blockchain, NFTs, Web 3.0 and DeFi. Follow me to never miss out on my articles. You can always email me for a cup of coffee!