It seems that a month can’t go by without another bitcoin hack or theft taking place. Last night, the darknet marketplace Evolution went offline, along with its community forum. An Evolution staff member went to Reddit to announce that this downtime is not due to technical issues or maintenance. The pseudonymous individual, NSWGreat, is claiming “the admins are preparing to exit scam with all the funds.” Although the exact dollar value of all the bitcoins stolen from Evolution users is difficult to calculate at this point, many are estimating that it’s in the millions.
Is anyone surprised?
One of the main issues in the early years of bitcoin has been users trusting other people with their private keys. Whenever a large number of bitcoins are piled up by one centralized entity, that pile becomes a target for hackers and malicious insiders. It’s bad enough when people are trusting known individuals with their bitcoins, but the idea of essentially trusting an online bank run by anonymous individuals not to steal your money is ridiculous. The situation becomes even more unbelievable when you point out that at least one of the administrators of Evolution was also behind the Tor Carding Forum — a private forum that specialized in financial crime.
[Read More: The Dangers of Bitcoin Exchanges and Bitcoin Banks]
How can this be prevented in the future?
Whether you’re talking about bitcoin exchanges or darknet marketplaces, the reality is that users need to understand the amount of trust they’re placing in a third party whenever they hand over their private keys. Removing that third party trust was supposed to be the point of Satoshi Nakamoto’s invention. This point was even made by Satoshi in his first ever public remarks on a cryptography mailing list. The very first sentence of his first email to the list read:
“I’ve been working on a new electronic cash system that’s fully peer-to-peer, with no trusted third party.”
Of course, none of this could have happened on a marketplace with a proper multisig implementation. Some will say that multisig does not offer any help because Evolution actually had a multisig option for escrow. The reality is that many users found Evolution’s multisig implementation to be complicated and decided to do things the old, server-based way. Multisig is also not usually a good idea when you’re trying to protect anonymity, so perhaps it wouldn’t have been the right option in this particular case.
Openbazaar and Bitmarkets
Anyone looking to do some online shopping in an anonymous manner in the future may want to wait until a few different technologies are fully developed and available to everyone. Openbazaar essentially allows anyone to run their own online shop server with a distributed search engine to help users find the goods or services they wish to purchase. Bitmarkets is a platform that takes advantage of Bitmessage for posting sales. Both of these pieces of software are currently in the beta stages, but they could offer a safer solution to darknet shoppers once they’re in the later stages of development and properly reviewed for security holes. Darknet marketplaces have gained a lot of attention for their ability to protect buyers and sellers from law enforcement, but the fact of the matter is the technology is still a bit behind when it comes to protecting users from each others.
Featured image via Daniel Rehn.
You can follow @kyletorpey on Twitter.