The security of cryptocurrency wallets has recently come under security with increased number of hacking reports. Researchers have shown that even hardware wallets — which are designed for extra security — are prone to hacking.
As such, Ethereum co-founder Vitalik Buterin thinks there’s a need to better secure cryptocurrency wallets for regular users — and the Ethereum Foundation is willing to invest in any project working towards that goal.
The foundation had earlier announced a grant for projects that help improve the scalability, usefulness, or security of the Ethereum network.
One thing that needs to be a major priority of the crypto community is increasing usability and security of self-sovereign authentication models.
That is, we need to work much harder to design wallets that are secure for regular users without introducing centralized keyholders.
— Vitalik "Not giving away ETH" Buterin (@VitalikButerin) April 17, 2018
Buterin noted that the security flaws he had pointed out in an article back in 2013 continue to persist today.
The young entrepreneur noted that it is unrealistic to count on regular users to secure their own wallets. Instead, he thinks, the technology has to improve.
It does not seem particularly realistic to ask the average non-technical user, or even the average technical user, to never make a mistake,” Buterin further said. “Thus, what we really need in wallet security, from both users and developers, is a change in paradigm.”
He also added that:
Rather than trying to continually patch up our digital walls in an effort to make them unbreakable, what need to recognize that any particular strategy used to secure one’s funds can always potentially be circumvented by a mistake on the user’s part, and a mistake is guaranteed to happen eventually. From that viewpoint, the only viable strategy is obvious: defense in depth, using multiple layers of security and granularity to ensure that no single attack can cause all of our funds to get stolen – or lost.
This was the time when USB hardware wallets were just getting out — fast forward to today, Buterin feels that security of cryptocurrency wallets is still not being taken seriously.
He gave the examples of Mt. Gox, Coincheck, Equifax and Ashley Madison to remind everyone why centralization “sucks”. He also pointed to the Cambridge Analytica fiasco to remind why poor user experience is still a problem.
Buterin then added that existing security measures are inadequate because of:
- Lack of available options
- Lack of oracle providers for the semi-centralized options
- Lack of standardized support across wallets
- Lack of good first-class-citizen support for multi-signature in Ethereum
With this in mind, Buterin said that Ethereum will be happy to fund any projects working towards solving these challenges.
The ethereum foundation grant program is absolutely willing to fund projects that try to tackle these problems.
— Vitalik “Not giving away ETH” Buterin (@VitalikButerin) April 17, 2018
Buterin further said that cryptcurrency can act as an ideal ‘trial-by-fire’ zone to test new security technology.
If a technology can survive the intense crypto environment which is extremely vulnerable to anonymous attacks, then they are definitely good enough to be rolled out in more mainstream contexts.